Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
file.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_file.exe_bcb8debaf6c6e3eea7b81188b2bf0e7b56e59ac_910c98a4_d3d94960-ed1e-43ed-9c25-2307c05e8a8c\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7D23.tmp.dmp
|
Mini DuMP crash report, 14 streams, Tue Jul 2 10:23:57 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7DE0.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7E1F.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RegAsm.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 6760 -s 304
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
77.105.135.107:3445
|
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Text
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/sct
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/sc/dk
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
http://tempuri.org/Entity/Id14ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id23ResponseD
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#HexBinary
|
unknown
|
||
|
http://tempuri.org/Entity/Id12Response
|
unknown
|
||
|
http://tempuri.org/
|
unknown
|
||
|
http://tempuri.org/Entity/Id2Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/dk/p_sha1
|
unknown
|
||
|
http://tempuri.org/Entity/Id21Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/2005/02/trust/spnego#GSS_Wrap
|
unknown
|
||
|
http://tempuri.org/Entity/Id9
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID
|
unknown
|
||
|
http://tempuri.org/Entity/Id8
|
unknown
|
||
|
http://tempuri.org/Entity/Id6ResponseD
|
unknown
|
||
|
http://ns.adob
|
unknown
|
||
|
http://tempuri.org/Entity/Id5
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Prepare
|
unknown
|
||
|
http://tempuri.org/Entity/Id4
|
unknown
|
||
|
http://tempuri.org/Entity/Id7
|
unknown
|
||
|
http://purl.oen
|
unknown
|
||
|
http://tempuri.org/Entity/Id6
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust#BinarySecret
|
unknown
|
||
|
http://tempuri.org/Entity/Id19Response
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-rel-token-profile-1.0.pdf#license
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Aborted
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/TerminateSequence
|
unknown
|
||
|
http://tempuri.org/Entity/Id13ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/fault
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey
|
unknown
|
||
|
http://tempuri.org/Entity/Id15Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id5ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Renew
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/Register
|
unknown
|
||
|
http://tempuri.org/Entity/Id6Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/SymmetricKey
|
unknown
|
||
|
https://api.ip.sb/ip
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/sc
|
unknown
|
||
|
http://tempuri.org/Entity/Id1ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Volatile2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id9Response
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://tempuri.org/Entity/Id20
|
unknown
|
||
|
http://tempuri.org/Entity/Id21
|
unknown
|
||
|
http://tempuri.org/Entity/Id22
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#Kerberosv5APREQSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id23
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/CK/PSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id24
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/Issue
|
unknown
|
||
|
http://tempuri.org/Entity/Id24Response
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
http://tempuri.org/Entity/Id1Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/AckRequested
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/ReadOnly
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Replay
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Durable2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/SymmetricKey
|
unknown
|
||
|
http://tempuri.org/Entity/Id21ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Completion
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust
|
unknown
|
||
|
http://tempuri.org/Entity/Id10
|
unknown
|
||
|
http://tempuri.org/Entity/Id11
|
unknown
|
||
|
http://tempuri.org/Entity/Id10ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id12
|
unknown
|
||
|
http://tempuri.org/Entity/Id16Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContextResponse
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id13
|
unknown
|
||
|
http://tempuri.org/Entity/Id14
|
unknown
|
||
|
http://tempuri.org/Entity/Id15
|
unknown
|
||
|
http://tempuri.org/Entity/Id16
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Nonce
|
unknown
|
||
|
http://tempuri.org/Entity/Id17
|
unknown
|
||
|
http://tempuri.org/Entity/Id18
|
unknown
|
||
|
http://tempuri.org/Entity/Id5Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id19
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dns
|
unknown
|
||
|
http://tempuri.org/Entity/Id15ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id10Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Renew
|
unknown
|
||
|
http://tempuri.org/Entity/Id11ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id8Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/PublicKey
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/SCT
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2006/02/addressingidentity
|
unknown
|
There are 90 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
77.105.135.107
|
unknown
|
Russian Federation
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{f20bbc47-696d-0779-58e7-ab827e68c23d}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
ProgramId
|
|
|
|
\REGISTRY\A\{f20bbc47-696d-0779-58e7-ab827e68c23d}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
FileId
|
|
|
|
\REGISTRY\A\{f20bbc47-696d-0779-58e7-ab827e68c23d}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
LowerCaseLongPath
|
|
|
|
\REGISTRY\A\{f20bbc47-696d-0779-58e7-ab827e68c23d}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
LongPathHash
|
|
|
|
\REGISTRY\A\{f20bbc47-696d-0779-58e7-ab827e68c23d}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
Name
|
|
|
|
\REGISTRY\A\{f20bbc47-696d-0779-58e7-ab827e68c23d}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
OriginalFileName
|
|
|
|
\REGISTRY\A\{f20bbc47-696d-0779-58e7-ab827e68c23d}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
Publisher
|
|
|
|
\REGISTRY\A\{f20bbc47-696d-0779-58e7-ab827e68c23d}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
Version
|
|
|
|
\REGISTRY\A\{f20bbc47-696d-0779-58e7-ab827e68c23d}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
BinFileVersion
|
|
|
|
\REGISTRY\A\{f20bbc47-696d-0779-58e7-ab827e68c23d}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
BinaryType
|
|
|
|
\REGISTRY\A\{f20bbc47-696d-0779-58e7-ab827e68c23d}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
ProductName
|
|
|
|
\REGISTRY\A\{f20bbc47-696d-0779-58e7-ab827e68c23d}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
ProductVersion
|
|
|
|
\REGISTRY\A\{f20bbc47-696d-0779-58e7-ab827e68c23d}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
LinkDate
|
|
|
|
\REGISTRY\A\{f20bbc47-696d-0779-58e7-ab827e68c23d}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
BinProductVersion
|
|
|
|
\REGISTRY\A\{f20bbc47-696d-0779-58e7-ab827e68c23d}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
AppxPackageFullName
|
|
|
|
\REGISTRY\A\{f20bbc47-696d-0779-58e7-ab827e68c23d}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
AppxPackageRelativeId
|
|
|
|
\REGISTRY\A\{f20bbc47-696d-0779-58e7-ab827e68c23d}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
Size
|
|
|
|
\REGISTRY\A\{f20bbc47-696d-0779-58e7-ab827e68c23d}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
Language
|
|
|
|
\REGISTRY\A\{f20bbc47-696d-0779-58e7-ab827e68c23d}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
Usn
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
There are 14 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2D21000
|
trusted library allocation
|
page read and write
|
|
|
|
BBA000
|
unkown
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2DB5000
|
trusted library allocation
|
page read and write
|
|
|
|
5221000
|
trusted library allocation
|
page read and write
|
||
|
77DE000
|
stack
|
page read and write
|
||
|
5204000
|
trusted library allocation
|
page read and write
|
||
|
58E9000
|
heap
|
page read and write
|
||
|
2EB8000
|
trusted library allocation
|
page read and write
|
||
|
2B3E000
|
stack
|
page read and write
|
||
|
102F000
|
stack
|
page read and write
|
||
|
414A000
|
trusted library allocation
|
page read and write
|
||
|
54FA000
|
trusted library allocation
|
page read and write
|
||
|
5630000
|
trusted library allocation
|
page read and write
|
||
|
2D10000
|
heap
|
page execute and read and write
|
||
|
54A0000
|
trusted library allocation
|
page read and write
|
||
|
FAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
586C000
|
heap
|
page read and write
|
||
|
71AF000
|
trusted library allocation
|
page read and write
|
||
|
403C000
|
trusted library allocation
|
page read and write
|
||
|
EEF000
|
stack
|
page read and write
|
||
|
58A2000
|
heap
|
page read and write
|
||
|
338A000
|
trusted library allocation
|
page read and write
|
||
|
C1E000
|
heap
|
page read and write
|
||
|
332C000
|
trusted library allocation
|
page read and write
|
||
|
2F71000
|
trusted library allocation
|
page read and write
|
||
|
5530000
|
trusted library allocation
|
page read and write
|
||
|
589F000
|
heap
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
3D63000
|
trusted library allocation
|
page read and write
|
||
|
3F23000
|
trusted library allocation
|
page read and write
|
||
|
80C6000
|
heap
|
page read and write
|
||
|
6C4D000
|
heap
|
page read and write
|
||
|
4D28000
|
trusted library allocation
|
page read and write
|
||
|
6E80000
|
trusted library allocation
|
page execute and read and write
|
||
|
5501000
|
trusted library allocation
|
page read and write
|
||
|
4076000
|
trusted library allocation
|
page read and write
|
||
|
3F4D000
|
trusted library allocation
|
page read and write
|
||
|
2EA0000
|
trusted library allocation
|
page read and write
|
||
|
521E000
|
trusted library allocation
|
page read and write
|
||
|
312F000
|
trusted library allocation
|
page read and write
|
||
|
765E000
|
stack
|
page read and write
|
||
|
3EA7000
|
trusted library allocation
|
page read and write
|
||
|
419C000
|
trusted library allocation
|
page read and write
|
||
|
795E000
|
stack
|
page read and write
|
||
|
41BF000
|
trusted library allocation
|
page read and write
|
||
|
3F2B000
|
trusted library allocation
|
page read and write
|
||
|
80A0000
|
trusted library allocation
|
page read and write
|
||
|
5FFF000
|
stack
|
page read and write
|
||
|
5808000
|
heap
|
page read and write
|
||
|
5620000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D05000
|
trusted library allocation
|
page read and write
|
||
|
522D000
|
trusted library allocation
|
page read and write
|
||
|
80B0000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
3DA5000
|
trusted library allocation
|
page read and write
|
||
|
4187000
|
trusted library allocation
|
page read and write
|
||
|
58B8000
|
heap
|
page read and write
|
||
|
7F080000
|
trusted library allocation
|
page execute and read and write
|
||
|
C09000
|
unkown
|
page readonly
|
||
|
54D1000
|
trusted library allocation
|
page read and write
|
||
|
2CE0000
|
trusted library allocation
|
page read and write
|
||
|
52B2000
|
trusted library allocation
|
page read and write
|
||
|
3EB4000
|
trusted library allocation
|
page read and write
|
||
|
2F0C000
|
trusted library allocation
|
page read and write
|
||
|
707B000
|
stack
|
page read and write
|
||
|
72BC000
|
trusted library allocation
|
page read and write
|
||
|
7320000
|
trusted library allocation
|
page execute and read and write
|
||
|
6280000
|
trusted library allocation
|
page execute and read and write
|
||
|
52A0000
|
heap
|
page read and write
|
||
|
71B5000
|
trusted library allocation
|
page read and write
|
||
|
2CFE000
|
trusted library allocation
|
page read and write
|
||
|
580C000
|
heap
|
page read and write
|
||
|
6CD5000
|
heap
|
page read and write
|
||
|
3F1D000
|
trusted library allocation
|
page read and write
|
||
|
3F66000
|
trusted library allocation
|
page read and write
|
||
|
4182000
|
trusted library allocation
|
page read and write
|
||
|
3D21000
|
trusted library allocation
|
page read and write
|
||
|
5640000
|
trusted library allocation
|
page read and write
|
||
|
332A000
|
trusted library allocation
|
page read and write
|
||
|
6C86000
|
heap
|
page read and write
|
||
|
3F1A000
|
trusted library allocation
|
page read and write
|
||
|
311B000
|
trusted library allocation
|
page read and write
|
||
|
4117000
|
trusted library allocation
|
page read and write
|
||
|
1221000
|
heap
|
page read and write
|
||
|
3336000
|
trusted library allocation
|
page read and write
|
||
|
4126000
|
trusted library allocation
|
page read and write
|
||
|
4157000
|
trusted library allocation
|
page read and write
|
||
|
56E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4032000
|
trusted library allocation
|
page read and write
|
||
|
3F36000
|
trusted library allocation
|
page read and write
|
||
|
4098000
|
trusted library allocation
|
page read and write
|
||
|
761E000
|
stack
|
page read and write
|
||
|
304D000
|
trusted library allocation
|
page read and write
|
||
|
6CB9000
|
heap
|
page read and write
|
||
|
33AA000
|
trusted library allocation
|
page read and write
|
||
|
342D000
|
trusted library allocation
|
page read and write
|
||
|
4051000
|
trusted library allocation
|
page read and write
|
||
|
3F31000
|
trusted library allocation
|
page read and write
|
||
|
54B3000
|
heap
|
page execute and read and write
|
||
|
102B000
|
trusted library allocation
|
page execute and read and write
|
||
|
71BA000
|
trusted library allocation
|
page read and write
|
||
|
FA3000
|
trusted library allocation
|
page execute and read and write
|
||
|
3ECE000
|
trusted library allocation
|
page read and write
|
||
|
1036000
|
heap
|
page read and write
|
||
|
315E000
|
trusted library allocation
|
page read and write
|
||
|
613E000
|
stack
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
3269000
|
trusted library allocation
|
page read and write
|
||
|
4119000
|
trusted library allocation
|
page read and write
|
||
|
5891000
|
heap
|
page read and write
|
||
|
411C000
|
trusted library allocation
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
3F7A000
|
trusted library allocation
|
page read and write
|
||
|
3F0D000
|
trusted library allocation
|
page read and write
|
||
|
41BC000
|
trusted library allocation
|
page read and write
|
||
|
2FC9000
|
trusted library allocation
|
page read and write
|
||
|
3FAC000
|
trusted library allocation
|
page read and write
|
||
|
40ED000
|
trusted library allocation
|
page read and write
|
||
|
1025000
|
trusted library allocation
|
page execute and read and write
|
||
|
4074000
|
trusted library allocation
|
page read and write
|
||
|
2EE4000
|
trusted library allocation
|
page read and write
|
||
|
779E000
|
stack
|
page read and write
|
||
|
551B000
|
trusted library allocation
|
page read and write
|
||
|
80C1000
|
heap
|
page read and write
|
||
|
7680000
|
trusted library allocation
|
page read and write
|
||
|
4104000
|
trusted library allocation
|
page read and write
|
||
|
6FDD000
|
stack
|
page read and write
|
||
|
52B0000
|
trusted library allocation
|
page read and write
|
||
|
3D2F000
|
trusted library allocation
|
page read and write
|
||
|
312D000
|
trusted library allocation
|
page read and write
|
||
|
29B0000
|
heap
|
page read and write
|
||
|
2E96000
|
trusted library allocation
|
page read and write
|
||
|
2FE4000
|
trusted library allocation
|
page read and write
|
||
|
342B000
|
trusted library allocation
|
page read and write
|
||
|
6C55000
|
heap
|
page read and write
|
||
|
C09000
|
unkown
|
page readonly
|
||
|
3F8C000
|
trusted library allocation
|
page read and write
|
||
|
3F06000
|
trusted library allocation
|
page read and write
|
||
|
54E2000
|
trusted library allocation
|
page read and write
|
||
|
769B000
|
trusted library allocation
|
page read and write
|
||
|
C1A000
|
heap
|
page read and write
|
||
|
3328000
|
trusted library allocation
|
page read and write
|
||
|
1020000
|
trusted library allocation
|
page read and write
|
||
|
3FBF000
|
trusted library allocation
|
page read and write
|
||
|
3331000
|
trusted library allocation
|
page read and write
|
||
|
60FF000
|
stack
|
page read and write
|
||
|
339F000
|
trusted library allocation
|
page read and write
|
||
|
41CC000
|
trusted library allocation
|
page read and write
|
||
|
BA8000
|
unkown
|
page readonly
|
||
|
52D8000
|
trusted library allocation
|
page read and write
|
||
|
294D000
|
stack
|
page read and write
|
||
|
3EEC000
|
trusted library allocation
|
page read and write
|
||
|
2F01000
|
trusted library allocation
|
page read and write
|
||
|
4EBC000
|
stack
|
page read and write
|
||
|
1000000
|
trusted library allocation
|
page read and write
|
||
|
4037000
|
trusted library allocation
|
page read and write
|
||
|
FFE000
|
stack
|
page read and write
|
||
|
5680000
|
trusted library allocation
|
page execute and read and write
|
||
|
124D000
|
heap
|
page read and write
|
||
|
1010000
|
trusted library allocation
|
page read and write
|
||
|
40FD000
|
trusted library allocation
|
page read and write
|
||
|
40F7000
|
trusted library allocation
|
page read and write
|
||
|
113E000
|
stack
|
page read and write
|
||
|
54F1000
|
trusted library allocation
|
page read and write
|
||
|
58BC000
|
heap
|
page read and write
|
||
|
1159000
|
heap
|
page read and write
|
||
|
40D0000
|
trusted library allocation
|
page read and write
|
||
|
325B000
|
trusted library allocation
|
page read and write
|
||
|
71C4000
|
trusted library allocation
|
page read and write
|
||
|
551E000
|
trusted library allocation
|
page read and write
|
||
|
407C000
|
trusted library allocation
|
page read and write
|
||
|
3FCC000
|
trusted library allocation
|
page read and write
|
||
|
2ED9000
|
trusted library allocation
|
page read and write
|
||
|
280E000
|
stack
|
page read and write
|
||
|
5240000
|
trusted library allocation
|
page read and write
|
||
|
5260000
|
trusted library allocation
|
page read and write
|
||
|
40DD000
|
trusted library allocation
|
page read and write
|
||
|
B20000
|
unkown
|
page readonly
|
||
|
63DE000
|
stack
|
page read and write
|
||
|
41B0000
|
trusted library allocation
|
page read and write
|
||
|
1027000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EAC000
|
trusted library allocation
|
page read and write
|
||
|
2DFD000
|
trusted library allocation
|
page read and write
|
||
|
3D5B000
|
trusted library allocation
|
page read and write
|
||
|
2DF5000
|
trusted library allocation
|
page read and write
|
||
|
5660000
|
trusted library allocation
|
page read and write
|
||
|
40BE000
|
trusted library allocation
|
page read and write
|
||
|
71D2000
|
trusted library allocation
|
page read and write
|
||
|
52DA000
|
trusted library allocation
|
page read and write
|
||
|
402B000
|
trusted library allocation
|
page read and write
|
||
|
41C1000
|
trusted library allocation
|
page read and write
|
||
|
B21000
|
unkown
|
page execute read
|
||
|
71D5000
|
trusted library allocation
|
page read and write
|
||
|
118E000
|
heap
|
page read and write
|
||
|
2CC0000
|
trusted library allocation
|
page read and write
|
||
|
5515000
|
trusted library allocation
|
page read and write
|
||
|
302A000
|
trusted library allocation
|
page read and write
|
||
|
40B1000
|
trusted library allocation
|
page read and write
|
||
|
2FAA000
|
trusted library allocation
|
page read and write
|
||
|
3FEB000
|
trusted library allocation
|
page read and write
|
||
|
2CD0000
|
trusted library allocation
|
page read and write
|
||
|
4D20000
|
trusted library allocation
|
page read and write
|
||
|
627C000
|
stack
|
page read and write
|
||
|
2B80000
|
heap
|
page read and write
|
||
|
4065000
|
trusted library allocation
|
page read and write
|
||
|
6514000
|
trusted library allocation
|
page read and write
|
||
|
3F73000
|
trusted library allocation
|
page read and write
|
||
|
6D02000
|
heap
|
page read and write
|
||
|
3FC3000
|
trusted library allocation
|
page read and write
|
||
|
4081000
|
trusted library allocation
|
page read and write
|
||
|
2EC5000
|
trusted library allocation
|
page read and write
|
||
|
2F84000
|
trusted library allocation
|
page read and write
|
||
|
520B000
|
trusted library allocation
|
page read and write
|
||
|
72B0000
|
trusted library allocation
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
33A8000
|
trusted library allocation
|
page read and write
|
||
|
40A4000
|
trusted library allocation
|
page read and write
|
||
|
3FB9000
|
trusted library allocation
|
page read and write
|
||
|
6C40000
|
heap
|
page read and write
|
||
|
3EE0000
|
trusted library allocation
|
page read and write
|
||
|
2AEE000
|
stack
|
page read and write
|
||
|
3FCE000
|
trusted library allocation
|
page read and write
|
||
|
312A000
|
trusted library allocation
|
page read and write
|
||
|
5590000
|
trusted library allocation
|
page execute and read and write
|
||
|
3250000
|
trusted library allocation
|
page read and write
|
||
|
4192000
|
trusted library allocation
|
page read and write
|
||
|
2CF0000
|
trusted library allocation
|
page read and write
|
||
|
4013000
|
trusted library allocation
|
page read and write
|
||
|
40E1000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
trusted library allocation
|
page read and write
|
||
|
5650000
|
trusted library allocation
|
page execute and read and write
|
||
|
41A9000
|
trusted library allocation
|
page read and write
|
||
|
410A000
|
trusted library allocation
|
page read and write
|
||
|
58CC000
|
heap
|
page read and write
|
||
|
623F000
|
stack
|
page read and write
|
||
|
71A8000
|
trusted library allocation
|
page read and write
|
||
|
52C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3EC1000
|
trusted library allocation
|
page read and write
|
||
|
2E60000
|
trusted library allocation
|
page read and write
|
||
|
2EF1000
|
trusted library allocation
|
page read and write
|
||
|
3F29000
|
trusted library allocation
|
page read and write
|
||
|
F2E000
|
stack
|
page read and write
|
||
|
58B0000
|
heap
|
page read and write
|
||
|
4164000
|
trusted library allocation
|
page read and write
|
||
|
7698000
|
trusted library allocation
|
page read and write
|
||
|
55A0000
|
trusted library allocation
|
page read and write
|
||
|
3FC8000
|
trusted library allocation
|
page read and write
|
||
|
3FA2000
|
trusted library allocation
|
page read and write
|
||
|
2FC3000
|
trusted library allocation
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
56DE000
|
stack
|
page read and write
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
55D0000
|
heap
|
page read and write
|
||
|
7192000
|
trusted library allocation
|
page read and write
|
||
|
730E000
|
stack
|
page read and write
|
||
|
3308000
|
trusted library allocation
|
page read and write
|
||
|
7190000
|
trusted library allocation
|
page read and write
|
||
|
7030000
|
heap
|
page read and write
|
||
|
4176000
|
trusted library allocation
|
page read and write
|
||
|
4113000
|
trusted library allocation
|
page read and write
|
||
|
64DC000
|
stack
|
page read and write
|
||
|
FA4000
|
trusted library allocation
|
page read and write
|
||
|
416B000
|
trusted library allocation
|
page read and write
|
||
|
2BB0000
|
heap
|
page read and write
|
||
|
2FCE000
|
trusted library allocation
|
page read and write
|
||
|
5550000
|
trusted library allocation
|
page read and write
|
||
|
BA8000
|
unkown
|
page readonly
|
||
|
405E000
|
trusted library allocation
|
page read and write
|
||
|
4058000
|
trusted library allocation
|
page read and write
|
||
|
2AF0000
|
trusted library allocation
|
page read and write
|
||
|
327A000
|
trusted library allocation
|
page read and write
|
||
|
C2D000
|
heap
|
page read and write
|
||
|
5867000
|
heap
|
page read and write
|
||
|
6510000
|
trusted library allocation
|
page read and write
|
||
|
2F90000
|
trusted library allocation
|
page read and write
|
||
|
2EF5000
|
trusted library allocation
|
page read and write
|
||
|
5540000
|
trusted library allocation
|
page read and write
|
||
|
3274000
|
trusted library allocation
|
page read and write
|
||
|
33B1000
|
trusted library allocation
|
page read and write
|
||
|
72C0000
|
trusted library allocation
|
page read and write
|
||
|
4068000
|
trusted library allocation
|
page read and write
|
||
|
71D0000
|
trusted library allocation
|
page read and write
|
||
|
7199000
|
trusted library allocation
|
page read and write
|
||
|
3F85000
|
trusted library allocation
|
page read and write
|
||
|
3312000
|
trusted library allocation
|
page read and write
|
||
|
593E000
|
stack
|
page read and write
|
||
|
341B000
|
trusted library allocation
|
page read and write
|
||
|
40D7000
|
trusted library allocation
|
page read and write
|
||
|
417D000
|
trusted library allocation
|
page read and write
|
||
|
58C4000
|
heap
|
page read and write
|
||
|
B21000
|
unkown
|
page execute read
|
||
|
101A000
|
trusted library allocation
|
page execute and read and write
|
||
|
54D6000
|
trusted library allocation
|
page read and write
|
||
|
3118000
|
trusted library allocation
|
page read and write
|
||
|
103E000
|
heap
|
page read and write
|
||
|
3097000
|
trusted library allocation
|
page read and write
|
||
|
6CAF000
|
heap
|
page read and write
|
||
|
2ABD000
|
stack
|
page read and write
|
||
|
717D000
|
stack
|
page read and write
|
||
|
3123000
|
trusted library allocation
|
page read and write
|
||
|
58D1000
|
heap
|
page read and write
|
||
|
3F13000
|
trusted library allocation
|
page read and write
|
||
|
72A0000
|
trusted library allocation
|
page read and write
|
||
|
406E000
|
trusted library allocation
|
page read and write
|
||
|
3139000
|
trusted library allocation
|
page read and write
|
||
|
3421000
|
trusted library allocation
|
page read and write
|
||
|
3EFC000
|
trusted library allocation
|
page read and write
|
||
|
7CE000
|
stack
|
page read and write
|
||
|
785D000
|
stack
|
page read and write
|
||
|
3431000
|
trusted library allocation
|
page read and write
|
||
|
3FD6000
|
trusted library allocation
|
page read and write
|
||
|
6E7E000
|
stack
|
page read and write
|
||
|
3ED5000
|
trusted library allocation
|
page read and write
|
||
|
7E0000
|
direct allocation
|
page execute and read and write
|
||
|
769E000
|
trusted library allocation
|
page read and write
|
||
|
41C7000
|
trusted library allocation
|
page read and write
|
||
|
AAA000
|
stack
|
page read and write
|
||
|
7195000
|
trusted library allocation
|
page read and write
|
||
|
122C000
|
heap
|
page read and write
|
||
|
580A000
|
heap
|
page read and write
|
||
|
55C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3FD1000
|
trusted library allocation
|
page read and write
|
||
|
71C000
|
stack
|
page read and write
|
||
|
33A1000
|
trusted library allocation
|
page read and write
|
||
|
3413000
|
trusted library allocation
|
page read and write
|
||
|
5510000
|
trusted library allocation
|
page read and write
|
||
|
444000
|
remote allocation
|
page execute and read and write
|
||
|
6C50000
|
heap
|
page read and write
|
||
|
33D3000
|
trusted library allocation
|
page read and write
|
||
|
2EEB000
|
trusted library allocation
|
page read and write
|
||
|
BA7000
|
stack
|
page read and write
|
||
|
3EB6000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
5226000
|
trusted library allocation
|
page read and write
|
||
|
4047000
|
trusted library allocation
|
page read and write
|
||
|
3F91000
|
trusted library allocation
|
page read and write
|
||
|
58E5000
|
heap
|
page read and write
|
||
|
41B9000
|
trusted library allocation
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
2F82000
|
trusted library allocation
|
page read and write
|
||
|
3153000
|
trusted library allocation
|
page read and write
|
||
|
2CBF000
|
stack
|
page read and write
|
||
|
341F000
|
trusted library allocation
|
page read and write
|
||
|
6C9A000
|
heap
|
page read and write
|
||
|
5393000
|
heap
|
page read and write
|
||
|
6B40000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
64F0000
|
heap
|
page read and write
|
||
|
58EE000
|
heap
|
page read and write
|
||
|
413E000
|
trusted library allocation
|
page read and write
|
||
|
5520000
|
trusted library allocation
|
page read and write
|
||
|
2FD9000
|
trusted library allocation
|
page read and write
|
||
|
3F96000
|
trusted library allocation
|
page read and write
|
||
|
5670000
|
trusted library allocation
|
page read and write
|
||
|
52D5000
|
trusted library allocation
|
page read and write
|
||
|
58AA000
|
heap
|
page read and write
|
||
|
3FB2000
|
trusted library allocation
|
page read and write
|
||
|
3164000
|
trusted library allocation
|
page read and write
|
||
|
3393000
|
trusted library allocation
|
page read and write
|
||
|
1184000
|
heap
|
page read and write
|
||
|
6C6E000
|
heap
|
page read and write
|
||
|
52D0000
|
trusted library allocation
|
page read and write
|
||
|
3F59000
|
trusted library allocation
|
page read and write
|
||
|
5232000
|
trusted library allocation
|
page read and write
|
||
|
54CB000
|
trusted library allocation
|
page read and write
|
||
|
71C0000
|
trusted library allocation
|
page read and write
|
||
|
4071000
|
trusted library allocation
|
page read and write
|
||
|
BFC000
|
unkown
|
page read and write
|
||
|
5390000
|
heap
|
page read and write
|
||
|
3D41000
|
trusted library allocation
|
page read and write
|
||
|
2F3A000
|
trusted library allocation
|
page read and write
|
||
|
40C5000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
71E0000
|
trusted library allocation
|
page read and write
|
||
|
54B0000
|
heap
|
page execute and read and write
|
||
|
4121000
|
trusted library allocation
|
page read and write
|
||
|
724D000
|
stack
|
page read and write
|
||
|
3F26000
|
trusted library allocation
|
page read and write
|
||
|
100D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3436000
|
trusted library allocation
|
page read and write
|
||
|
5862000
|
heap
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
3321000
|
trusted library allocation
|
page read and write
|
||
|
2B7B000
|
stack
|
page read and write
|
||
|
7690000
|
trusted library allocation
|
page read and write
|
||
|
1022000
|
trusted library allocation
|
page read and write
|
||
|
41B3000
|
trusted library allocation
|
page read and write
|
||
|
B20000
|
unkown
|
page readonly
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
58F4000
|
heap
|
page read and write
|
||
|
5490000
|
trusted library allocation
|
page read and write
|
||
|
638C000
|
stack
|
page read and write
|
||
|
54C0000
|
trusted library allocation
|
page read and write
|
||
|
290E000
|
stack
|
page read and write
|
||
|
3144000
|
trusted library allocation
|
page read and write
|
||
|
71BF000
|
trusted library allocation
|
page read and write
|
||
|
F90000
|
trusted library allocation
|
page read and write
|
||
|
2F9D000
|
trusted library allocation
|
page read and write
|
||
|
6CE4000
|
heap
|
page read and write
|
||
|
2FBC000
|
trusted library allocation
|
page read and write
|
||
|
5690000
|
heap
|
page execute and read and write
|
||
|
781E000
|
stack
|
page read and write
|
||
|
7250000
|
trusted library allocation
|
page execute and read and write
|
||
|
6C61000
|
heap
|
page read and write
|
||
|
430000
|
remote allocation
|
page execute and read and write
|
||
|
2ED2000
|
trusted library allocation
|
page read and write
|
||
|
FB5000
|
heap
|
page read and write
|
||
|
331F000
|
trusted library allocation
|
page read and write
|
||
|
2BA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
331B000
|
trusted library allocation
|
page read and write
|
||
|
1012000
|
trusted library allocation
|
page read and write
|
||
|
7180000
|
trusted library allocation
|
page read and write
|
||
|
729F000
|
stack
|
page read and write
|
||
|
F5E000
|
stack
|
page read and write
|
||
|
2EAA000
|
trusted library allocation
|
page read and write
|
||
|
5580000
|
trusted library allocation
|
page read and write
|
||
|
54EE000
|
trusted library allocation
|
page read and write
|
||
|
2FB1000
|
trusted library allocation
|
page read and write
|
||
|
3428000
|
trusted library allocation
|
page read and write
|
||
|
71AA000
|
trusted library allocation
|
page read and write
|
||
|
2F7B000
|
trusted library allocation
|
page read and write
|
||
|
33B6000
|
trusted library allocation
|
page read and write
|
||
|
410E000
|
trusted library allocation
|
page read and write
|
||
|
435000
|
remote allocation
|
page execute and read and write
|
||
|
340A000
|
trusted library allocation
|
page read and write
|
||
|
3EF1000
|
trusted library allocation
|
page read and write
|
||
|
41A3000
|
trusted library allocation
|
page read and write
|
||
|
339B000
|
trusted library allocation
|
page read and write
|
||
|
1016000
|
trusted library allocation
|
page execute and read and write
|
||
|
5200000
|
trusted library allocation
|
page read and write
|
||
|
BBA000
|
unkown
|
page write copy
|
||
|
7310000
|
trusted library allocation
|
page execute and read and write
|
||
|
64E0000
|
trusted library allocation
|
page read and write
|
||
|
3126000
|
trusted library allocation
|
page read and write
|
||
|
3EE7000
|
trusted library allocation
|
page read and write
|
||
|
3353000
|
trusted library allocation
|
page read and write
|
||
|
AFD000
|
stack
|
page read and write
|
There are 430 hidden memdumps, click here to show them.