Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
s8Z4L8DY65.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\www.kernal.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\www.kernal.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\www.kernal.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Tue Jul 2 13:29:12
2024, mtime=Tue Jul 2 13:29:12 2024, atime=Tue Jul 2 13:29:12 2024, length=83456, window=hide
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\s8Z4L8DY65.exe
|
"C:\Users\user\Desktop\s8Z4L8DY65.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /create /f /RL HIGHEST /sc minute /mo 1 /tn "www.kernal" /tr "C:\ProgramData\www.kernal.exe"
|
|
|
|
C:\ProgramData\www.kernal.exe
|
C:\ProgramData\www.kernal.exe
|
|
|
|
C:\ProgramData\www.kernal.exe
|
"C:\ProgramData\www.kernal.exe"
|
|
|
|
C:\ProgramData\www.kernal.exe
|
"C:\ProgramData\www.kernal.exe"
|
|
|
|
C:\ProgramData\www.kernal.exe
|
C:\ProgramData\www.kernal.exe
|
|
|
|
C:\ProgramData\www.kernal.exe
|
C:\ProgramData\www.kernal.exe
|
|
|
|
C:\ProgramData\www.kernal.exe
|
C:\ProgramData\www.kernal.exe
|
|
|
|
C:\ProgramData\www.kernal.exe
|
C:\ProgramData\www.kernal.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://pastebin.com
|
unknown
|
|
|
|
https://pastebin.com/raw/cs6P4mHQ
|
104.20.3.235
|
|
|
|
https://pastebin.coml
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://pastebin.com
|
unknown
|
||
|
http://pastebin.coml
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
pastebin.com
|
104.20.3.235
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.20.3.235
|
pastebin.com
|
United States
|
|
|
|
104.20.4.235
|
unknown
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
www.kernal
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\s8Z4L8DY65_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\s8Z4L8DY65_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\s8Z4L8DY65_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\s8Z4L8DY65_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\s8Z4L8DY65_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\s8Z4L8DY65_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\s8Z4L8DY65_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\s8Z4L8DY65_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\s8Z4L8DY65_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\s8Z4L8DY65_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\s8Z4L8DY65_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\s8Z4L8DY65_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\s8Z4L8DY65_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\s8Z4L8DY65_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
242C000
|
trusted library allocation
|
page read and write
|
|
|
|
102000
|
unkown
|
page readonly
|
|
|
|
7FFD34552000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34550000
|
trusted library allocation
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
A1C000
|
heap
|
page read and write
|
||
|
2855000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34700000
|
trusted library allocation
|
page execute and read and write
|
||
|
1299000
|
heap
|
page read and write
|
||
|
9BC000
|
heap
|
page read and write
|
||
|
62C000
|
heap
|
page read and write
|
||
|
27CD000
|
trusted library allocation
|
page read and write
|
||
|
2778000
|
trusted library allocation
|
page read and write
|
||
|
25D0000
|
heap
|
page read and write
|
||
|
5E9000
|
heap
|
page read and write
|
||
|
1ADF0000
|
heap
|
page execute and read and write
|
||
|
227F000
|
trusted library allocation
|
page read and write
|
||
|
1B5DD000
|
stack
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
67A000
|
heap
|
page read and write
|
||
|
1ACE0000
|
heap
|
page read and write
|
||
|
2872000
|
trusted library allocation
|
page read and write
|
||
|
2841000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3457D000
|
trusted library allocation
|
page execute and read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
2A99000
|
trusted library allocation
|
page read and write
|
||
|
1B0F0000
|
heap
|
page read and write
|
||
|
29F4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34560000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3455D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34543000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34570000
|
trusted library allocation
|
page read and write
|
||
|
D9F000
|
stack
|
page read and write
|
||
|
28839CE000
|
stack
|
page read and write
|
||
|
1AFCE000
|
stack
|
page read and write
|
||
|
2801000
|
trusted library allocation
|
page read and write
|
||
|
1B24E000
|
stack
|
page read and write
|
||
|
1ADAE000
|
heap
|
page read and write
|
||
|
272E000
|
trusted library allocation
|
page read and write
|
||
|
5D6000
|
heap
|
page read and write
|
||
|
2831000
|
trusted library allocation
|
page read and write
|
||
|
2360000
|
heap
|
page execute and read and write
|
||
|
2390000
|
heap
|
page execute and read and write
|
||
|
3C0000
|
heap
|
page read and write
|
||
|
1B2FF000
|
stack
|
page read and write
|
||
|
1AE8E000
|
stack
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
27FD000
|
trusted library allocation
|
page read and write
|
||
|
A03000
|
heap
|
page read and write
|
||
|
2241000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34670000
|
trusted library allocation
|
page execute and read and write
|
||
|
655000
|
heap
|
page read and write
|
||
|
12243000
|
trusted library allocation
|
page read and write
|
||
|
2EFE000
|
trusted library allocation
|
page read and write
|
||
|
7FFD345CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
2859000
|
trusted library allocation
|
page read and write
|
||
|
1C4000
|
stack
|
page read and write
|
||
|
7FFD34582000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34560000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34660000
|
trusted library allocation
|
page execute and read and write
|
||
|
932000
|
heap
|
page read and write
|
||
|
7FFD3454D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B040000
|
heap
|
page execute and read and write
|
||
|
12278000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34584000
|
trusted library allocation
|
page read and write
|
||
|
14F56FD0000
|
heap
|
page read and write
|
||
|
14F56F00000
|
heap
|
page read and write
|
||
|
5AC000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
7FFD34573000
|
trusted library allocation
|
page execute and read and write
|
||
|
2340000
|
heap
|
page read and write
|
||
|
7FFD34636000
|
trusted library allocation
|
page execute and read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
7FFD3458D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD3457D000
|
trusted library allocation
|
page execute and read and write
|
||
|
16E0000
|
heap
|
page read and write
|
||
|
7FFD3455D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34573000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C82000
|
trusted library allocation
|
page read and write
|
||
|
4F5000
|
heap
|
page read and write
|
||
|
7FFD346F0000
|
trusted library allocation
|
page read and write
|
||
|
1B34E000
|
stack
|
page read and write
|
||
|
14E5000
|
heap
|
page read and write
|
||
|
632000
|
heap
|
page read and write
|
||
|
A09000
|
heap
|
page read and write
|
||
|
7FFD34560000
|
trusted library allocation
|
page read and write
|
||
|
1BC9B000
|
heap
|
page read and write
|
||
|
2809000
|
trusted library allocation
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
304F000
|
trusted library allocation
|
page read and write
|
||
|
127F3000
|
trusted library allocation
|
page read and write
|
||
|
2F1B000
|
trusted library allocation
|
page read and write
|
||
|
1B3FE000
|
stack
|
page read and write
|
||
|
1B80F000
|
stack
|
page read and write
|
||
|
7FFD345AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BA2F000
|
stack
|
page read and write
|
||
|
2886000
|
trusted library allocation
|
page read and write
|
||
|
285D000
|
trusted library allocation
|
page read and write
|
||
|
27E5000
|
trusted library allocation
|
page read and write
|
||
|
262F000
|
trusted library allocation
|
page read and write
|
||
|
2845000
|
trusted library allocation
|
page read and write
|
||
|
265F000
|
trusted library allocation
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
1B90D000
|
stack
|
page read and write
|
||
|
618000
|
heap
|
page read and write
|
||
|
24BE000
|
trusted library allocation
|
page read and write
|
||
|
12A1000
|
heap
|
page read and write
|
||
|
12D48000
|
trusted library allocation
|
page read and write
|
||
|
2591000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34656000
|
trusted library allocation
|
page execute and read and write
|
||
|
5C0000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
7F5000
|
heap
|
page read and write
|
||
|
988000
|
heap
|
page read and write
|
||
|
A6F000
|
stack
|
page read and write
|
||
|
7FFD34554000
|
trusted library allocation
|
page read and write
|
||
|
1B1FE000
|
stack
|
page read and write
|
||
|
7FFD3457D000
|
trusted library allocation
|
page execute and read and write
|
||
|
259C000
|
trusted library allocation
|
page read and write
|
||
|
13051000
|
trusted library allocation
|
page read and write
|
||
|
1B3FF000
|
stack
|
page read and write
|
||
|
2410000
|
heap
|
page read and write
|
||
|
7FFD34656000
|
trusted library allocation
|
page execute and read and write
|
||
|
2835000
|
trusted library allocation
|
page read and write
|
||
|
1B92E000
|
stack
|
page read and write
|
||
|
1AF0F000
|
stack
|
page read and write
|
||
|
5A6000
|
heap
|
page read and write
|
||
|
2647000
|
trusted library allocation
|
page read and write
|
||
|
2651000
|
trusted library allocation
|
page read and write
|
||
|
611000
|
heap
|
page read and write
|
||
|
2633000
|
trusted library allocation
|
page read and write
|
||
|
1ADDD000
|
heap
|
page read and write
|
||
|
7FFD34610000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E9000
|
stack
|
page read and write
|
||
|
7FF466440000
|
trusted library allocation
|
page execute and read and write
|
||
|
5E1000
|
heap
|
page read and write
|
||
|
254E000
|
trusted library allocation
|
page read and write
|
||
|
260B000
|
trusted library allocation
|
page read and write
|
||
|
14F56F10000
|
heap
|
page read and write
|
||
|
14F57260000
|
heap
|
page read and write
|
||
|
7FFD345AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
8F4000
|
stack
|
page read and write
|
||
|
1ACDE000
|
stack
|
page read and write
|
||
|
2EA9000
|
trusted library allocation
|
page read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
27E9000
|
trusted library allocation
|
page read and write
|
||
|
5CC000
|
heap
|
page read and write
|
||
|
7FFD346F0000
|
trusted library allocation
|
page read and write
|
||
|
226E000
|
stack
|
page read and write
|
||
|
1B1F0000
|
heap
|
page execute and read and write
|
||
|
1BC50000
|
heap
|
page read and write
|
||
|
7FFD3457B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34560000
|
trusted library allocation
|
page read and write
|
||
|
3061000
|
trusted library allocation
|
page read and write
|
||
|
250B000
|
trusted library allocation
|
page read and write
|
||
|
1BAE0000
|
heap
|
page execute and read and write
|
||
|
1BC5E000
|
heap
|
page read and write
|
||
|
2F16000
|
trusted library allocation
|
page read and write
|
||
|
A47000
|
heap
|
page read and write
|
||
|
256E000
|
trusted library allocation
|
page read and write
|
||
|
12598000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34543000
|
trusted library allocation
|
page execute and read and write
|
||
|
12AA000
|
heap
|
page read and write
|
||
|
2851000
|
trusted library allocation
|
page read and write
|
||
|
2627000
|
trusted library allocation
|
page read and write
|
||
|
280D000
|
trusted library allocation
|
page read and write
|
||
|
256A000
|
trusted library allocation
|
page read and write
|
||
|
2862000
|
trusted library allocation
|
page read and write
|
||
|
12273000
|
trusted library allocation
|
page read and write
|
||
|
2623000
|
trusted library allocation
|
page read and write
|
||
|
1A7CE000
|
stack
|
page read and write
|
||
|
12423000
|
trusted library allocation
|
page read and write
|
||
|
2720000
|
trusted library allocation
|
page read and write
|
||
|
1A0000
|
heap
|
page read and write
|
||
|
CDF000
|
stack
|
page read and write
|
||
|
8CF000
|
stack
|
page read and write
|
||
|
1ADEE000
|
stack
|
page read and write
|
||
|
7FFD34600000
|
trusted library allocation
|
page execute and read and write
|
||
|
14E0000
|
heap
|
page read and write
|
||
|
2805000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34660000
|
trusted library allocation
|
page execute and read and write
|
||
|
573000
|
trusted library allocation
|
page read and write
|
||
|
1AD00000
|
heap
|
page read and write
|
||
|
265F000
|
trusted library allocation
|
page read and write
|
||
|
10F4000
|
stack
|
page read and write
|
||
|
7FFD34550000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34564000
|
trusted library allocation
|
page read and write
|
||
|
DB0000
|
trusted library allocation
|
page read and write
|
||
|
1278000
|
heap
|
page read and write
|
||
|
540000
|
trusted library allocation
|
page read and write
|
||
|
227C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34670000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D4C000
|
trusted library allocation
|
page read and write
|
||
|
1A450000
|
trusted library allocation
|
page read and write
|
||
|
E82000
|
heap
|
page read and write
|
||
|
2271000
|
trusted library allocation
|
page read and write
|
||
|
3075000
|
trusted library allocation
|
page read and write
|
||
|
1B1BE000
|
stack
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
7FFD345F0000
|
trusted library allocation
|
page read and write
|
||
|
2507000
|
trusted library allocation
|
page read and write
|
||
|
1BB0D000
|
stack
|
page read and write
|
||
|
1296000
|
heap
|
page read and write
|
||
|
1BCEE000
|
stack
|
page read and write
|
||
|
1ABDD000
|
stack
|
page read and write
|
||
|
7AF000
|
stack
|
page read and write
|
||
|
915000
|
heap
|
page read and write
|
||
|
E87000
|
heap
|
page read and write
|
||
|
266B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34562000
|
trusted library allocation
|
page read and write
|
||
|
613000
|
heap
|
page read and write
|
||
|
12651000
|
trusted library allocation
|
page read and write
|
||
|
878000
|
heap
|
page read and write
|
||
|
24FC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3458D000
|
trusted library allocation
|
page execute and read and write
|
||
|
260F000
|
trusted library allocation
|
page read and write
|
||
|
3040000
|
heap
|
page execute and read and write
|
||
|
7FFD34710000
|
trusted library allocation
|
page execute and read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
7FFD34554000
|
trusted library allocation
|
page read and write
|
||
|
63F000
|
heap
|
page read and write
|
||
|
7FFD34574000
|
trusted library allocation
|
page read and write
|
||
|
60C000
|
heap
|
page read and write
|
||
|
1B0000
|
heap
|
page read and write
|
||
|
7FFD34584000
|
trusted library allocation
|
page read and write
|
||
|
1BBEF000
|
stack
|
page read and write
|
||
|
1BC4E000
|
stack
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
258F000
|
stack
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
2C30000
|
heap
|
page read and write
|
||
|
12593000
|
trusted library allocation
|
page read and write
|
||
|
1ACF8000
|
heap
|
page read and write
|
||
|
8A1000
|
heap
|
page read and write
|
||
|
27C0000
|
trusted library allocation
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
7FFD34690000
|
trusted library allocation
|
page execute and read and write
|
||
|
279E000
|
stack
|
page read and write
|
||
|
7FFD34656000
|
trusted library allocation
|
page execute and read and write
|
||
|
24E0000
|
heap
|
page read and write
|
||
|
24CC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34564000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34562000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34606000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3459C000
|
trusted library allocation
|
page execute and read and write
|
||
|
20A0000
|
heap
|
page read and write
|
||
|
899000
|
heap
|
page read and write
|
||
|
5D6000
|
heap
|
page read and write
|
||
|
7FFD34584000
|
trusted library allocation
|
page read and write
|
||
|
265C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3455D000
|
trusted library allocation
|
page execute and read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
565000
|
heap
|
page read and write
|
||
|
263B000
|
trusted library allocation
|
page read and write
|
||
|
540000
|
trusted library allocation
|
page read and write
|
||
|
262B000
|
trusted library allocation
|
page read and write
|
||
|
2657000
|
trusted library allocation
|
page read and write
|
||
|
7FFD345CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
2552000
|
trusted library allocation
|
page read and write
|
||
|
27D1000
|
trusted library allocation
|
page read and write
|
||
|
25A1000
|
trusted library allocation
|
page read and write
|
||
|
1AD7C000
|
stack
|
page read and write
|
||
|
594000
|
stack
|
page read and write
|
||
|
970000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34580000
|
trusted library allocation
|
page read and write
|
||
|
2653000
|
trusted library allocation
|
page read and write
|
||
|
1BB4E000
|
stack
|
page read and write
|
||
|
7FFD3456D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
1B2CD000
|
stack
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
14F56F30000
|
heap
|
page read and write
|
||
|
1AEC0000
|
heap
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
12CE000
|
stack
|
page read and write
|
||
|
2661000
|
trusted library allocation
|
page read and write
|
||
|
12E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34553000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D3E000
|
stack
|
page read and write
|
||
|
27E1000
|
trusted library allocation
|
page read and write
|
||
|
1B9E0000
|
heap
|
page read and write
|
||
|
27BC000
|
trusted library allocation
|
page read and write
|
||
|
616000
|
heap
|
page read and write
|
||
|
27FF000
|
trusted library allocation
|
page read and write
|
||
|
69E000
|
heap
|
page read and write
|
||
|
21D0000
|
heap
|
page execute and read and write
|
||
|
7FFD34580000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34670000
|
trusted library allocation
|
page execute and read and write
|
||
|
2421000
|
trusted library allocation
|
page read and write
|
||
|
8F5000
|
heap
|
page read and write
|
||
|
7FFD34710000
|
trusted library allocation
|
page read and write
|
||
|
27F9000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34626000
|
trusted library allocation
|
page execute and read and write
|
||
|
1ADE5000
|
heap
|
page read and write
|
||
|
2F12000
|
trusted library allocation
|
page read and write
|
||
|
1ABD0000
|
heap
|
page execute and read and write
|
||
|
2667000
|
trusted library allocation
|
page read and write
|
||
|
2801000
|
trusted library allocation
|
page read and write
|
||
|
264F000
|
trusted library allocation
|
page read and write
|
||
|
14F57265000
|
heap
|
page read and write
|
||
|
7FFD34554000
|
trusted library allocation
|
page read and write
|
||
|
12B1000
|
heap
|
page read and write
|
||
|
BDE000
|
stack
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
2839000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34600000
|
trusted library allocation
|
page read and write
|
||
|
1230000
|
trusted library allocation
|
page read and write
|
||
|
5A0000
|
trusted library allocation
|
page read and write
|
||
|
27F1000
|
trusted library allocation
|
page read and write
|
||
|
2815000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3459C000
|
trusted library allocation
|
page execute and read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
286E000
|
trusted library allocation
|
page read and write
|
||
|
2281000
|
trusted library allocation
|
page read and write
|
||
|
1AD37000
|
heap
|
page read and write
|
||
|
3D0000
|
heap
|
page read and write
|
||
|
127F8000
|
trusted library allocation
|
page read and write
|
||
|
12D8000
|
heap
|
page read and write
|
||
|
27FC000
|
trusted library allocation
|
page read and write
|
||
|
288394F000
|
unkown
|
page read and write
|
||
|
261B000
|
trusted library allocation
|
page read and write
|
||
|
305C000
|
trusted library allocation
|
page read and write
|
||
|
1A9AD000
|
stack
|
page read and write
|
||
|
2876000
|
trusted library allocation
|
page read and write
|
||
|
1ACF0000
|
heap
|
page read and write
|
||
|
2643000
|
trusted library allocation
|
page read and write
|
||
|
A75000
|
heap
|
page read and write
|
||
|
27F1000
|
trusted library allocation
|
page read and write
|
||
|
1AFEE000
|
stack
|
page read and write
|
||
|
1A7AC000
|
heap
|
page read and write
|
||
|
12248000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34690000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD3456D000
|
trusted library allocation
|
page execute and read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
7FFD34553000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD345AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AF5F000
|
stack
|
page read and write
|
||
|
287A000
|
trusted library allocation
|
page read and write
|
||
|
2690000
|
heap
|
page read and write
|
||
|
1B0000
|
heap
|
page read and write
|
||
|
7FFD34636000
|
trusted library allocation
|
page execute and read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
2F5E000
|
trusted library allocation
|
page read and write
|
||
|
2BD0000
|
heap
|
page execute and read and write
|
||
|
C4F000
|
stack
|
page read and write
|
||
|
7CF000
|
stack
|
page read and write
|
||
|
2F0E000
|
trusted library allocation
|
page read and write
|
||
|
1BA0F000
|
stack
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
8D8000
|
heap
|
page read and write
|
||
|
7FFD34630000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BDEE000
|
stack
|
page read and write
|
||
|
305F000
|
trusted library allocation
|
page read and write
|
||
|
545000
|
heap
|
page read and write
|
||
|
9A6000
|
heap
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
2F23000
|
trusted library allocation
|
page read and write
|
||
|
27F5000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34690000
|
trusted library allocation
|
page execute and read and write
|
||
|
27ED000
|
trusted library allocation
|
page read and write
|
||
|
692000
|
heap
|
page read and write
|
||
|
7FFD3455D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2310000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34582000
|
trusted library allocation
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
259F000
|
trusted library allocation
|
page read and write
|
||
|
1B70B000
|
stack
|
page read and write
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
264B000
|
trusted library allocation
|
page read and write
|
||
|
F2C000
|
heap
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
7FFD345CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34636000
|
trusted library allocation
|
page execute and read and write
|
||
|
6AC000
|
heap
|
page read and write
|
||
|
12D41000
|
trusted library allocation
|
page read and write
|
||
|
606000
|
heap
|
page read and write
|
||
|
224C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34626000
|
trusted library allocation
|
page execute and read and write
|
||
|
1ABF0000
|
heap
|
page execute and read and write
|
||
|
805000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
12421000
|
trusted library allocation
|
page read and write
|
||
|
1BC7D000
|
heap
|
page read and write
|
||
|
63D000
|
heap
|
page read and write
|
||
|
16E5000
|
heap
|
page read and write
|
||
|
2866000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34610000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AB1D000
|
stack
|
page read and write
|
||
|
7FFD34573000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34570000
|
trusted library allocation
|
page read and write
|
||
|
265B000
|
trusted library allocation
|
page read and write
|
||
|
146F000
|
stack
|
page read and write
|
||
|
2617000
|
trusted library allocation
|
page read and write
|
||
|
8AC000
|
heap
|
page read and write
|
||
|
255A000
|
trusted library allocation
|
page read and write
|
||
|
6F4000
|
stack
|
page read and write
|
||
|
9E8000
|
heap
|
page read and write
|
||
|
3034000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3455D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD3456D000
|
trusted library allocation
|
page execute and read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
2EF6000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
heap
|
page read and write
|
||
|
2F06000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34710000
|
trusted library allocation
|
page read and write
|
||
|
EC8000
|
heap
|
page read and write
|
||
|
5FC000
|
heap
|
page read and write
|
||
|
B6F000
|
stack
|
page read and write
|
||
|
7FFD34544000
|
trusted library allocation
|
page read and write
|
||
|
27DD000
|
trusted library allocation
|
page read and write
|
||
|
2F8E000
|
stack
|
page read and write
|
||
|
1E5000
|
heap
|
page read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
284D000
|
trusted library allocation
|
page read and write
|
||
|
14F56FD9000
|
heap
|
page read and write
|
||
|
28A1000
|
trusted library allocation
|
page read and write
|
||
|
570000
|
trusted library allocation
|
page read and write
|
||
|
2230000
|
heap
|
page read and write
|
||
|
A45000
|
heap
|
page read and write
|
||
|
1B820000
|
heap
|
page execute and read and write
|
||
|
2640000
|
heap
|
page execute and read and write
|
||
|
7FFD346F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34710000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34590000
|
trusted library allocation
|
page read and write
|
||
|
E9C000
|
heap
|
page read and write
|
||
|
99B000
|
heap
|
page read and write
|
||
|
560000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3454D000
|
trusted library allocation
|
page execute and read and write
|
||
|
E9A000
|
heap
|
page read and write
|
||
|
70000
|
unkown
|
page readonly
|
||
|
1385000
|
heap
|
page read and write
|
||
|
2572000
|
trusted library allocation
|
page read and write
|
||
|
86D000
|
stack
|
page read and write
|
||
|
27C4000
|
trusted library allocation
|
page read and write
|
||
|
9B9000
|
heap
|
page read and write
|
||
|
282D000
|
trusted library allocation
|
page read and write
|
||
|
2821000
|
trusted library allocation
|
page read and write
|
||
|
1AEEE000
|
stack
|
page read and write
|
||
|
261F000
|
trusted library allocation
|
page read and write
|
||
|
100000
|
unkown
|
page readonly
|
||
|
13058000
|
trusted library allocation
|
page read and write
|
||
|
EC6000
|
heap
|
page read and write
|
||
|
8D6000
|
heap
|
page read and write
|
||
|
12271000
|
trusted library allocation
|
page read and write
|
||
|
1B700000
|
heap
|
page read and write
|
||
|
2480000
|
heap
|
page read and write
|
||
|
28838C9000
|
stack
|
page read and write
|
||
|
12D43000
|
trusted library allocation
|
page read and write
|
||
|
9E6000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
12DA000
|
heap
|
page read and write
|
||
|
11CE000
|
stack
|
page read and write
|
||
|
10C5000
|
heap
|
page read and write
|
||
|
C80000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34562000
|
trusted library allocation
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
2566000
|
trusted library allocation
|
page read and write
|
||
|
2613000
|
trusted library allocation
|
page read and write
|
||
|
27C9000
|
trusted library allocation
|
page read and write
|
||
|
A1A000
|
heap
|
page read and write
|
||
|
F07000
|
heap
|
page read and write
|
||
|
281D000
|
trusted library allocation
|
page read and write
|
||
|
25EF000
|
stack
|
page read and write
|
||
|
12658000
|
trusted library allocation
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
2576000
|
trusted library allocation
|
page read and write
|
||
|
2EFA000
|
trusted library allocation
|
page read and write
|
||
|
1B2FE000
|
stack
|
page read and write
|
||
|
7FFD34552000
|
trusted library allocation
|
page read and write
|
||
|
2160000
|
heap
|
page execute and read and write
|
||
|
255E000
|
trusted library allocation
|
page read and write
|
||
|
2F27000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34582000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34600000
|
trusted library allocation
|
page read and write
|
||
|
2D51000
|
trusted library allocation
|
page read and write
|
||
|
263F000
|
trusted library allocation
|
page read and write
|
||
|
850000
|
trusted library allocation
|
page read and write
|
||
|
2829000
|
trusted library allocation
|
page read and write
|
||
|
2562000
|
trusted library allocation
|
page read and write
|
||
|
309C000
|
trusted library allocation
|
page read and write
|
||
|
2849000
|
trusted library allocation
|
page read and write
|
||
|
9E8000
|
heap
|
page read and write
|
||
|
164000
|
stack
|
page read and write
|
||
|
BF4000
|
stack
|
page read and write
|
||
|
1210000
|
trusted library allocation
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
DF5000
|
heap
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
929000
|
heap
|
page read and write
|
||
|
287E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34553000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD3460C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2556000
|
trusted library allocation
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
2811000
|
trusted library allocation
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
C95000
|
heap
|
page read and write
|
||
|
24BB000
|
trusted library allocation
|
page read and write
|
||
|
410000
|
heap
|
page read and write
|
||
|
2F0A000
|
trusted library allocation
|
page read and write
|
||
|
2819000
|
trusted library allocation
|
page read and write
|
||
|
64B000
|
heap
|
page read and write
|
||
|
8AE000
|
stack
|
page read and write
|
||
|
1AE0F000
|
stack
|
page read and write
|
||
|
27D5000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34620000
|
trusted library allocation
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
7FFD34580000
|
trusted library allocation
|
page read and write
|
||
|
7FFD346E0000
|
trusted library allocation
|
page read and write
|
||
|
1AE2F000
|
stack
|
page read and write
|
||
|
5DC000
|
heap
|
page read and write
|
||
|
7FFD3457D000
|
trusted library allocation
|
page execute and read and write
|
||
|
E91000
|
heap
|
page read and write
|
||
|
2F02000
|
trusted library allocation
|
page read and write
|
||
|
642000
|
heap
|
page read and write
|
||
|
27D9000
|
trusted library allocation
|
page read and write
|
||
|
10B0000
|
trusted library allocation
|
page read and write
|
||
|
12591000
|
trusted library allocation
|
page read and write
|
||
|
12428000
|
trusted library allocation
|
page read and write
|
||
|
2D41000
|
trusted library allocation
|
page read and write
|
||
|
5E2000
|
heap
|
page read and write
|
||
|
5B8000
|
heap
|
page read and write
|
||
|
1ADB0000
|
heap
|
page read and write
|
||
|
2A29000
|
trusted library allocation
|
page read and write
|
||
|
2663000
|
trusted library allocation
|
page read and write
|
||
|
250F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34574000
|
trusted library allocation
|
page read and write
|
||
|
15EE000
|
stack
|
page read and write
|
||
|
1B80E000
|
stack
|
page read and write
|
||
|
A11000
|
heap
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
1BCAF000
|
heap
|
page read and write
|
||
|
27E0000
|
heap
|
page execute and read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
2D4F000
|
trusted library allocation
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
7FFD346E0000
|
trusted library allocation
|
page read and write
|
||
|
12AD000
|
heap
|
page read and write
|
||
|
A7C000
|
heap
|
page read and write
|
||
|
5D9000
|
heap
|
page read and write
|
||
|
216E000
|
stack
|
page read and write
|
||
|
2F1F000
|
trusted library allocation
|
page read and write
|
||
|
12653000
|
trusted library allocation
|
page read and write
|
||
|
283D000
|
trusted library allocation
|
page read and write
|
||
|
2637000
|
trusted library allocation
|
page read and write
|
||
|
286A000
|
trusted library allocation
|
page read and write
|
||
|
1ACFE000
|
stack
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
12241000
|
trusted library allocation
|
page read and write
|
||
|
E7E000
|
heap
|
page read and write
|
||
|
7FFD34554000
|
trusted library allocation
|
page read and write
|
||
|
3051000
|
trusted library allocation
|
page read and write
|
||
|
1A7FC000
|
stack
|
page read and write
|
||
|
E68000
|
heap
|
page read and write
|
||
|
7FFD3458D000
|
trusted library allocation
|
page execute and read and write
|
||
|
127F1000
|
trusted library allocation
|
page read and write
|
||
|
13053000
|
trusted library allocation
|
page read and write
|
||
|
5EC000
|
heap
|
page read and write
|
||
|
2825000
|
trusted library allocation
|
page read and write
|
||
|
1B000000
|
heap
|
page execute and read and write
|
||
|
1B14F000
|
stack
|
page read and write
|
||
|
560000
|
trusted library allocation
|
page read and write
|
||
|
990000
|
trusted library allocation
|
page read and write
|
||
|
5CA000
|
heap
|
page read and write
|
||
|
231E000
|
stack
|
page read and write
|
There are 568 hidden memdumps, click here to show them.