Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
okmnji.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\okmnji.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\okmnji.exe
|
"C:\Users\user\Desktop\okmnji.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://account.dyn.com/
|
unknown
|
||
|
http://r11.o.lencr.org0#
|
unknown
|
||
|
http://x1.c.lencr.org/0
|
unknown
|
||
|
http://x1.i.lencr.org/0
|
unknown
|
||
|
https://csp.withgoogle.com/csp/gws/other-hp
|
unknown
|
||
|
http://ip-api.com/line/?fields=hostingCY
|
unknown
|
||
|
http://mail.kannides.com
|
unknown
|
||
|
http://ip-api.com
|
unknown
|
||
|
http://www.google.com
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://r11.i.lencr.org/0
|
unknown
|
||
|
http://www.google.com/
|
216.58.212.164
|
||
|
http://ip-api.com/line/?fields=hosting
|
208.95.112.1
|
||
|
http://purl.oen
|
unknown
|
There are 4 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ip-api.com
|
208.95.112.1
|
|
|
|
mail.kannides.com
|
74.220.215.245
|
|
|
|
www.google.com
|
216.58.212.164
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
208.95.112.1
|
ip-api.com
|
United States
|
|
|
|
74.220.215.245
|
mail.kannides.com
|
United States
|
|
|
|
216.58.212.164
|
www.google.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\okmnji_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\okmnji_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\okmnji_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\okmnji_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\okmnji_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\okmnji_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\okmnji_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\okmnji_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\okmnji_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\okmnji_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\okmnji_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\okmnji_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\okmnji_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\okmnji_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstallUtil_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstallUtil_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstallUtil_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstallUtil_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstallUtil_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstallUtil_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstallUtil_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstallUtil_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstallUtil_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstallUtil_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstallUtil_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstallUtil_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstallUtil_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstallUtil_RASMANCS
|
FileDirectory
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2C1E000
|
trusted library allocation
|
page read and write
|
|
|
|
2EA1000
|
trusted library allocation
|
page read and write
|
|
|
|
3BF1000
|
trusted library allocation
|
page read and write
|
|
|
|
2E51000
|
trusted library allocation
|
page read and write
|
|
|
|
3CD9000
|
trusted library allocation
|
page read and write
|
|
|
|
2E7E000
|
trusted library allocation
|
page read and write
|
|
|
|
3DC8000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
6500000
|
trusted library section
|
page read and write
|
|
|
|
6940000
|
trusted library allocation
|
page read and write
|
||
|
2F4E000
|
trusted library allocation
|
page read and write
|
||
|
2B7D000
|
trusted library allocation
|
page read and write
|
||
|
310B000
|
trusted library allocation
|
page read and write
|
||
|
2FF6000
|
trusted library allocation
|
page read and write
|
||
|
6B6E000
|
stack
|
page read and write
|
||
|
300B000
|
trusted library allocation
|
page read and write
|
||
|
1302000
|
trusted library allocation
|
page read and write
|
||
|
30DF000
|
trusted library allocation
|
page read and write
|
||
|
3169000
|
trusted library allocation
|
page read and write
|
||
|
2DEE000
|
trusted library allocation
|
page read and write
|
||
|
6158000
|
heap
|
page read and write
|
||
|
65C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
13C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E79000
|
trusted library allocation
|
page read and write
|
||
|
3005000
|
trusted library allocation
|
page read and write
|
||
|
3229000
|
trusted library allocation
|
page read and write
|
||
|
2DE6000
|
trusted library allocation
|
page read and write
|
||
|
DDFD000
|
stack
|
page read and write
|
||
|
69C5000
|
heap
|
page read and write
|
||
|
69B4000
|
heap
|
page read and write
|
||
|
2DB2000
|
trusted library allocation
|
page read and write
|
||
|
C5E000
|
unkown
|
page execute read
|
||
|
2D76000
|
trusted library allocation
|
page read and write
|
||
|
2D80000
|
trusted library allocation
|
page read and write
|
||
|
31D1000
|
trusted library allocation
|
page read and write
|
||
|
30DD000
|
trusted library allocation
|
page read and write
|
||
|
AF7000
|
stack
|
page read and write
|
||
|
2D39000
|
trusted library allocation
|
page read and write
|
||
|
130A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5373000
|
heap
|
page read and write
|
||
|
2E84000
|
trusted library allocation
|
page read and write
|
||
|
1138000
|
heap
|
page read and write
|
||
|
66D0000
|
heap
|
page read and write
|
||
|
10E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F2F000
|
trusted library allocation
|
page read and write
|
||
|
1184000
|
heap
|
page read and write
|
||
|
3E49000
|
trusted library allocation
|
page read and write
|
||
|
3155000
|
trusted library allocation
|
page read and write
|
||
|
2E5E000
|
trusted library allocation
|
page read and write
|
||
|
2FCF000
|
trusted library allocation
|
page read and write
|
||
|
2F14000
|
trusted library allocation
|
page read and write
|
||
|
E2E000
|
stack
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
5160000
|
trusted library allocation
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
8067000
|
trusted library allocation
|
page read and write
|
||
|
614E000
|
stack
|
page read and write
|
||
|
63FE000
|
stack
|
page read and write
|
||
|
2E64000
|
trusted library allocation
|
page read and write
|
||
|
3242000
|
trusted library allocation
|
page read and write
|
||
|
3182000
|
trusted library allocation
|
page read and write
|
||
|
322F000
|
trusted library allocation
|
page read and write
|
||
|
31FD000
|
trusted library allocation
|
page read and write
|
||
|
6800000
|
trusted library allocation
|
page read and write
|
||
|
12AF000
|
stack
|
page read and write
|
||
|
2E83000
|
trusted library allocation
|
page read and write
|
||
|
2DA4000
|
trusted library allocation
|
page read and write
|
||
|
31FB000
|
trusted library allocation
|
page read and write
|
||
|
3212000
|
trusted library allocation
|
page read and write
|
||
|
2DAE000
|
trusted library allocation
|
page read and write
|
||
|
2BA0000
|
trusted library allocation
|
page read and write
|
||
|
1306000
|
trusted library allocation
|
page execute and read and write
|
||
|
3197000
|
trusted library allocation
|
page read and write
|
||
|
31F5000
|
trusted library allocation
|
page read and write
|
||
|
2F67000
|
trusted library allocation
|
page read and write
|
||
|
63A1000
|
heap
|
page read and write
|
||
|
2F33000
|
trusted library allocation
|
page read and write
|
||
|
3092000
|
trusted library allocation
|
page read and write
|
||
|
2D6E000
|
trusted library allocation
|
page read and write
|
||
|
10F0000
|
trusted library allocation
|
page read and write
|
||
|
2FC1000
|
trusted library allocation
|
page read and write
|
||
|
2D37000
|
trusted library allocation
|
page read and write
|
||
|
CA4000
|
unkown
|
page readonly
|
||
|
EF9000
|
stack
|
page read and write
|
||
|
2E8E000
|
trusted library allocation
|
page read and write
|
||
|
2EA1000
|
trusted library allocation
|
page read and write
|
||
|
2CFB000
|
trusted library allocation
|
page read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
7C60000
|
trusted library allocation
|
page execute and read and write
|
||
|
325D000
|
trusted library allocation
|
page read and write
|
||
|
2DF5000
|
trusted library allocation
|
page read and write
|
||
|
2EE0000
|
trusted library allocation
|
page read and write
|
||
|
4C2E000
|
stack
|
page read and write
|
||
|
2DB9000
|
trusted library allocation
|
page read and write
|
||
|
2D1A000
|
trusted library allocation
|
page read and write
|
||
|
2FF4000
|
trusted library allocation
|
page read and write
|
||
|
5470000
|
heap
|
page execute and read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
65A0000
|
trusted library allocation
|
page read and write
|
||
|
624F000
|
stack
|
page read and write
|
||
|
2D9B000
|
trusted library allocation
|
page read and write
|
||
|
E8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
324A000
|
trusted library allocation
|
page read and write
|
||
|
69BF000
|
heap
|
page read and write
|
||
|
2CFD000
|
trusted library allocation
|
page read and write
|
||
|
5850000
|
heap
|
page read and write
|
||
|
2F29000
|
trusted library allocation
|
page read and write
|
||
|
584E000
|
stack
|
page read and write
|
||
|
300F000
|
trusted library allocation
|
page read and write
|
||
|
2DC5000
|
trusted library allocation
|
page read and write
|
||
|
2E49000
|
trusted library allocation
|
page read and write
|
||
|
2B50000
|
trusted library allocation
|
page read and write
|
||
|
3113000
|
trusted library allocation
|
page read and write
|
||
|
578E000
|
stack
|
page read and write
|
||
|
2DB0000
|
heap
|
page execute and read and write
|
||
|
2D8F000
|
trusted library allocation
|
page read and write
|
||
|
11A6000
|
heap
|
page read and write
|
||
|
2EB7000
|
trusted library allocation
|
page read and write
|
||
|
2F25000
|
trusted library allocation
|
page read and write
|
||
|
111E000
|
heap
|
page read and write
|
||
|
2E7A000
|
trusted library allocation
|
page read and write
|
||
|
658B000
|
trusted library allocation
|
page read and write
|
||
|
6332000
|
heap
|
page read and write
|
||
|
D1B000
|
heap
|
page read and write
|
||
|
11DF000
|
heap
|
page read and write
|
||
|
1190000
|
trusted library allocation
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
2BE0000
|
heap
|
page read and write
|
||
|
2EDC000
|
trusted library allocation
|
page read and write
|
||
|
2DA0000
|
trusted library allocation
|
page read and write
|
||
|
31B6000
|
trusted library allocation
|
page read and write
|
||
|
30D5000
|
trusted library allocation
|
page read and write
|
||
|
2EE2000
|
trusted library allocation
|
page read and write
|
||
|
C6F000
|
unkown
|
page execute read
|
||
|
DE4E000
|
stack
|
page read and write
|
||
|
30D7000
|
trusted library allocation
|
page read and write
|
||
|
534C000
|
stack
|
page read and write
|
||
|
659E000
|
stack
|
page read and write
|
||
|
2E94000
|
trusted library allocation
|
page read and write
|
||
|
3148000
|
trusted library allocation
|
page read and write
|
||
|
2DDA000
|
trusted library allocation
|
page read and write
|
||
|
2FB4000
|
trusted library allocation
|
page read and write
|
||
|
2DC9000
|
trusted library allocation
|
page read and write
|
||
|
31F7000
|
trusted library allocation
|
page read and write
|
||
|
325F000
|
trusted library allocation
|
page read and write
|
||
|
C6A000
|
unkown
|
page execute read
|
||
|
3218000
|
trusted library allocation
|
page read and write
|
||
|
655E000
|
stack
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
2E81000
|
trusted library allocation
|
page read and write
|
||
|
DCF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
43E000
|
remote allocation
|
page execute and read and write
|
||
|
62F2000
|
heap
|
page read and write
|
||
|
5F0E000
|
stack
|
page read and write
|
||
|
1310000
|
trusted library allocation
|
page read and write
|
||
|
2D7E000
|
trusted library allocation
|
page read and write
|
||
|
2F9B000
|
trusted library allocation
|
page read and write
|
||
|
30A9000
|
trusted library allocation
|
page read and write
|
||
|
2EFD000
|
trusted library allocation
|
page read and write
|
||
|
3D86000
|
trusted library allocation
|
page read and write
|
||
|
30FA000
|
trusted library allocation
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
600E000
|
stack
|
page read and write
|
||
|
2F27000
|
trusted library allocation
|
page read and write
|
||
|
2E7C000
|
trusted library allocation
|
page read and write
|
||
|
2F9D000
|
trusted library allocation
|
page read and write
|
||
|
2FEA000
|
trusted library allocation
|
page read and write
|
||
|
3022000
|
trusted library allocation
|
page read and write
|
||
|
31BA000
|
trusted library allocation
|
page read and write
|
||
|
321C000
|
trusted library allocation
|
page read and write
|
||
|
618A000
|
heap
|
page read and write
|
||
|
B8A000
|
stack
|
page read and write
|
||
|
6930000
|
heap
|
page read and write
|
||
|
2E6B000
|
trusted library allocation
|
page read and write
|
||
|
30A7000
|
trusted library allocation
|
page read and write
|
||
|
2F44000
|
trusted library allocation
|
page read and write
|
||
|
524D000
|
stack
|
page read and write
|
||
|
2E77000
|
trusted library allocation
|
page read and write
|
||
|
80D0000
|
heap
|
page read and write
|
||
|
510E000
|
stack
|
page read and write
|
||
|
2DFD000
|
trusted library allocation
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
2FBC000
|
trusted library allocation
|
page read and write
|
||
|
3111000
|
trusted library allocation
|
page read and write
|
||
|
2F5F000
|
trusted library allocation
|
page read and write
|
||
|
3E21000
|
trusted library allocation
|
page read and write
|
||
|
3186000
|
trusted library allocation
|
page read and write
|
||
|
67F7000
|
trusted library allocation
|
page read and write
|
||
|
7F1D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DD1000
|
trusted library allocation
|
page read and write
|
||
|
62C0000
|
heap
|
page read and write
|
||
|
2DFB000
|
trusted library allocation
|
page read and write
|
||
|
2E6F000
|
trusted library allocation
|
page read and write
|
||
|
2D9D000
|
trusted library allocation
|
page read and write
|
||
|
69A0000
|
heap
|
page read and write
|
||
|
6980000
|
heap
|
page read and write
|
||
|
7C00000
|
trusted library allocation
|
page execute and read and write
|
||
|
3244000
|
trusted library allocation
|
page read and write
|
||
|
6710000
|
trusted library allocation
|
page execute and read and write
|
||
|
10ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
CBA000
|
heap
|
page read and write
|
||
|
C75000
|
unkown
|
page execute read
|
||
|
2E60000
|
trusted library allocation
|
page read and write
|
||
|
2DA0000
|
trusted library allocation
|
page read and write
|
||
|
E6E000
|
stack
|
page read and write
|
||
|
320E000
|
trusted library allocation
|
page read and write
|
||
|
2D05000
|
trusted library allocation
|
page read and write
|
||
|
6CB0000
|
trusted library allocation
|
page read and write
|
||
|
2DCB000
|
trusted library allocation
|
page read and write
|
||
|
C91000
|
unkown
|
page execute read
|
||
|
4E28000
|
trusted library allocation
|
page read and write
|
||
|
645D000
|
stack
|
page read and write
|
||
|
85E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
310F000
|
trusted library allocation
|
page read and write
|
||
|
11A9000
|
heap
|
page read and write
|
||
|
2FA3000
|
trusted library allocation
|
page read and write
|
||
|
587E000
|
stack
|
page read and write
|
||
|
2FF2000
|
trusted library allocation
|
page read and write
|
||
|
2F48000
|
trusted library allocation
|
page read and write
|
||
|
2CEC000
|
trusted library allocation
|
page read and write
|
||
|
3246000
|
trusted library allocation
|
page read and write
|
||
|
2D84000
|
trusted library allocation
|
page read and write
|
||
|
2E75000
|
trusted library allocation
|
page read and write
|
||
|
2CF0000
|
trusted library allocation
|
page read and write
|
||
|
30F2000
|
trusted library allocation
|
page read and write
|
||
|
611F000
|
heap
|
page read and write
|
||
|
3047000
|
trusted library allocation
|
page read and write
|
||
|
3210000
|
trusted library allocation
|
page read and write
|
||
|
2EDA000
|
trusted library allocation
|
page read and write
|
||
|
7BB5000
|
heap
|
page read and write
|
||
|
E9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DCD000
|
trusted library allocation
|
page read and write
|
||
|
2F16000
|
trusted library allocation
|
page read and write
|
||
|
4D8D000
|
stack
|
page read and write
|
||
|
C80000
|
unkown
|
page execute read
|
||
|
2F46000
|
trusted library allocation
|
page read and write
|
||
|
2E2C000
|
trusted library allocation
|
page read and write
|
||
|
C47000
|
unkown
|
page execute read
|
||
|
2FD8000
|
trusted library allocation
|
page read and write
|
||
|
8202000
|
trusted library allocation
|
page read and write
|
||
|
2E01000
|
trusted library allocation
|
page read and write
|
||
|
1100000
|
heap
|
page execute and read and write
|
||
|
118B000
|
stack
|
page read and write
|
||
|
2EE6000
|
trusted library allocation
|
page read and write
|
||
|
2DC0000
|
trusted library allocation
|
page read and write
|
||
|
3E89000
|
trusted library allocation
|
page read and write
|
||
|
3115000
|
trusted library allocation
|
page read and write
|
||
|
2EAF000
|
trusted library allocation
|
page read and write
|
||
|
2D91000
|
trusted library allocation
|
page read and write
|
||
|
558F000
|
stack
|
page read and write
|
||
|
3263000
|
trusted library allocation
|
page read and write
|
||
|
300D000
|
trusted library allocation
|
page read and write
|
||
|
30BE000
|
trusted library allocation
|
page read and write
|
||
|
2FF9000
|
trusted library allocation
|
page read and write
|
||
|
31CF000
|
trusted library allocation
|
page read and write
|
||
|
2FEC000
|
trusted library allocation
|
page read and write
|
||
|
2E4B000
|
trusted library allocation
|
page read and write
|
||
|
E7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D80000
|
trusted library allocation
|
page read and write
|
||
|
C4D000
|
unkown
|
page execute read
|
||
|
6990000
|
heap
|
page read and write
|
||
|
114E000
|
stack
|
page read and write
|
||
|
6951000
|
trusted library allocation
|
page read and write
|
||
|
669E000
|
stack
|
page read and write
|
||
|
30FE000
|
trusted library allocation
|
page read and write
|
||
|
2DC6000
|
trusted library allocation
|
page read and write
|
||
|
2B71000
|
trusted library allocation
|
page read and write
|
||
|
2DC7000
|
trusted library allocation
|
page read and write
|
||
|
2BC0000
|
trusted library allocation
|
page read and write
|
||
|
2F9F000
|
trusted library allocation
|
page read and write
|
||
|
3020000
|
trusted library allocation
|
page read and write
|
||
|
4C40000
|
trusted library allocation
|
page read and write
|
||
|
567C000
|
stack
|
page read and write
|
||
|
2EFF000
|
trusted library allocation
|
page read and write
|
||
|
57CE000
|
stack
|
page read and write
|
||
|
1300000
|
trusted library allocation
|
page read and write
|
||
|
2E24000
|
trusted library allocation
|
page read and write
|
||
|
7B0E000
|
heap
|
page read and write
|
||
|
2E45000
|
trusted library allocation
|
page read and write
|
||
|
2E50000
|
trusted library allocation
|
page read and write
|
||
|
2FD5000
|
trusted library allocation
|
page read and write
|
||
|
31CD000
|
trusted library allocation
|
page read and write
|
||
|
30D9000
|
trusted library allocation
|
page read and write
|
||
|
53FE000
|
stack
|
page read and write
|
||
|
10B0000
|
trusted library allocation
|
page read and write
|
||
|
2E8F000
|
trusted library allocation
|
page read and write
|
||
|
31F9000
|
trusted library allocation
|
page read and write
|
||
|
2D29000
|
trusted library allocation
|
page read and write
|
||
|
2E28000
|
trusted library allocation
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
131B000
|
trusted library allocation
|
page execute and read and write
|
||
|
310D000
|
trusted library allocation
|
page read and write
|
||
|
2D7A000
|
trusted library allocation
|
page read and write
|
||
|
304B000
|
trusted library allocation
|
page read and write
|
||
|
308C000
|
trusted library allocation
|
page read and write
|
||
|
2F53000
|
trusted library allocation
|
page read and write
|
||
|
10FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3163000
|
trusted library allocation
|
page read and write
|
||
|
2B6E000
|
trusted library allocation
|
page read and write
|
||
|
3117000
|
trusted library allocation
|
page read and write
|
||
|
2DF7000
|
trusted library allocation
|
page read and write
|
||
|
5130000
|
heap
|
page execute and read and write
|
||
|
C7B000
|
unkown
|
page execute read
|
||
|
2DE2000
|
trusted library allocation
|
page read and write
|
||
|
8050000
|
trusted library section
|
page read and write
|
||
|
2E98000
|
trusted library allocation
|
page read and write
|
||
|
2F35000
|
trusted library allocation
|
page read and write
|
||
|
2FBE000
|
trusted library allocation
|
page read and write
|
||
|
2DCF000
|
trusted library allocation
|
page read and write
|
||
|
2DD3000
|
trusted library allocation
|
page read and write
|
||
|
FAF000
|
stack
|
page read and write
|
||
|
1312000
|
trusted library allocation
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
3261000
|
trusted library allocation
|
page read and write
|
||
|
66A7000
|
trusted library allocation
|
page read and write
|
||
|
E92000
|
trusted library allocation
|
page read and write
|
||
|
3062000
|
trusted library allocation
|
page read and write
|
||
|
1317000
|
trusted library allocation
|
page execute and read and write
|
||
|
137E000
|
stack
|
page read and write
|
||
|
BF2000
|
unkown
|
page execute read
|
||
|
CF6000
|
heap
|
page read and write
|
||
|
2D7C000
|
trusted library allocation
|
page read and write
|
||
|
E80000
|
trusted library allocation
|
page read and write
|
||
|
2F99000
|
trusted library allocation
|
page read and write
|
||
|
6910000
|
heap
|
page read and write
|
||
|
2B54000
|
trusted library allocation
|
page read and write
|
||
|
2D0B000
|
trusted library allocation
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
E96000
|
trusted library allocation
|
page execute and read and write
|
||
|
10E0000
|
trusted library allocation
|
page read and write
|
||
|
2E47000
|
trusted library allocation
|
page read and write
|
||
|
6D30000
|
trusted library allocation
|
page execute and read and write
|
||
|
BE0000
|
trusted library allocation
|
page read and write
|
||
|
304D000
|
trusted library allocation
|
page read and write
|
||
|
2E10000
|
heap
|
page read and write
|
||
|
2F8F000
|
trusted library allocation
|
page read and write
|
||
|
739000
|
stack
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
316D000
|
trusted library allocation
|
page read and write
|
||
|
2E7D000
|
trusted library allocation
|
page read and write
|
||
|
60E4000
|
heap
|
page read and write
|
||
|
3086000
|
trusted library allocation
|
page read and write
|
||
|
10E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
5920000
|
trusted library allocation
|
page read and write
|
||
|
2F65000
|
trusted library allocation
|
page read and write
|
||
|
5480000
|
heap
|
page read and write
|
||
|
6100000
|
heap
|
page read and write
|
||
|
2FA6000
|
trusted library allocation
|
page read and write
|
||
|
7B7E000
|
heap
|
page read and write
|
||
|
30FC000
|
trusted library allocation
|
page read and write
|
||
|
30A5000
|
trusted library allocation
|
page read and write
|
||
|
30F8000
|
trusted library allocation
|
page read and write
|
||
|
30F6000
|
trusted library allocation
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
2D1E000
|
trusted library allocation
|
page read and write
|
||
|
2F12000
|
trusted library allocation
|
page read and write
|
||
|
E74000
|
trusted library allocation
|
page read and write
|
||
|
321A000
|
trusted library allocation
|
page read and write
|
||
|
2F18000
|
trusted library allocation
|
page read and write
|
||
|
2E35000
|
trusted library allocation
|
page read and write
|
||
|
2DE8000
|
trusted library allocation
|
page read and write
|
||
|
30AF000
|
trusted library allocation
|
page read and write
|
||
|
66C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
D5A000
|
heap
|
page read and write
|
||
|
3195000
|
trusted library allocation
|
page read and write
|
||
|
E73000
|
trusted library allocation
|
page execute and read and write
|
||
|
633A000
|
heap
|
page read and write
|
||
|
2D3D000
|
trusted library allocation
|
page read and write
|
||
|
2D22000
|
trusted library allocation
|
page read and write
|
||
|
10B2000
|
trusted library allocation
|
page read and write
|
||
|
2D01000
|
trusted library allocation
|
page read and write
|
||
|
543D000
|
stack
|
page read and write
|
||
|
3012000
|
trusted library allocation
|
page read and write
|
||
|
3094000
|
trusted library allocation
|
page read and write
|
||
|
64FF000
|
stack
|
page read and write
|
||
|
3001000
|
trusted library allocation
|
page read and write
|
||
|
30C2000
|
trusted library allocation
|
page read and write
|
||
|
2BB0000
|
trusted library allocation
|
page read and write
|
||
|
2E9A000
|
trusted library allocation
|
page read and write
|
||
|
305C000
|
trusted library allocation
|
page read and write
|
||
|
2EE4000
|
trusted library allocation
|
page read and write
|
||
|
31A1000
|
trusted library allocation
|
page read and write
|
||
|
31BC000
|
trusted library allocation
|
page read and write
|
||
|
2F63000
|
trusted library allocation
|
page read and write
|
||
|
2CF2000
|
trusted library allocation
|
page read and write
|
||
|
322B000
|
trusted library allocation
|
page read and write
|
||
|
CBE000
|
heap
|
page read and write
|
||
|
BF0000
|
unkown
|
page readonly
|
||
|
2E30000
|
trusted library allocation
|
page read and write
|
||
|
2D07000
|
trusted library allocation
|
page read and write
|
||
|
2F21000
|
trusted library allocation
|
page read and write
|
||
|
C41000
|
unkown
|
page execute read
|
||
|
2CE8000
|
trusted library allocation
|
page read and write
|
||
|
3146000
|
trusted library allocation
|
page read and write
|
||
|
2E26000
|
trusted library allocation
|
page read and write
|
||
|
2E96000
|
trusted library allocation
|
page read and write
|
||
|
319F000
|
trusted library allocation
|
page read and write
|
||
|
10B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F1A000
|
trusted library allocation
|
page read and write
|
||
|
10C0000
|
trusted library allocation
|
page read and write
|
||
|
322D000
|
trusted library allocation
|
page read and write
|
||
|
2FD3000
|
trusted library allocation
|
page read and write
|
||
|
2EF5000
|
trusted library allocation
|
page read and write
|
||
|
2D78000
|
trusted library allocation
|
page read and write
|
||
|
5910000
|
heap
|
page read and write
|
||
|
2D1C000
|
trusted library allocation
|
page read and write
|
||
|
314E000
|
trusted library allocation
|
page read and write
|
||
|
305E000
|
trusted library allocation
|
page read and write
|
||
|
319D000
|
trusted library allocation
|
page read and write
|
||
|
6920000
|
trusted library section
|
page readonly
|
||
|
4FBE000
|
stack
|
page read and write
|
||
|
C64000
|
unkown
|
page execute read
|
||
|
580E000
|
stack
|
page read and write
|
||
|
3216000
|
trusted library allocation
|
page read and write
|
||
|
8060000
|
trusted library allocation
|
page read and write
|
||
|
6960000
|
trusted library allocation
|
page execute and read and write
|
||
|
5370000
|
heap
|
page read and write
|
||
|
2DC3000
|
trusted library allocation
|
page read and write
|
||
|
301E000
|
trusted library allocation
|
page read and write
|
||
|
30E3000
|
trusted library allocation
|
page read and write
|
||
|
2E92000
|
trusted library allocation
|
page read and write
|
||
|
5FDE000
|
stack
|
page read and write
|
||
|
EA5000
|
heap
|
page read and write
|
||
|
3231000
|
trusted library allocation
|
page read and write
|
||
|
6164000
|
heap
|
page read and write
|
||
|
7E4E000
|
stack
|
page read and write
|
||
|
67AE000
|
stack
|
page read and write
|
||
|
2EAD000
|
trusted library allocation
|
page read and write
|
||
|
31B4000
|
trusted library allocation
|
page read and write
|
||
|
1163000
|
heap
|
page read and write
|
||
|
31CB000
|
trusted library allocation
|
page read and write
|
||
|
1315000
|
trusted library allocation
|
page execute and read and write
|
||
|
C97000
|
unkown
|
page execute read
|
||
|
2D09000
|
trusted library allocation
|
page read and write
|
||
|
10AE000
|
stack
|
page read and write
|
||
|
2F02000
|
trusted library allocation
|
page read and write
|
||
|
53BE000
|
stack
|
page read and write
|
||
|
3090000
|
trusted library allocation
|
page read and write
|
||
|
634A000
|
heap
|
page read and write
|
||
|
30D3000
|
trusted library allocation
|
page read and write
|
||
|
2E91000
|
trusted library allocation
|
page read and write
|
||
|
6A6E000
|
stack
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
2D82000
|
trusted library allocation
|
page read and write
|
||
|
6581000
|
trusted library allocation
|
page read and write
|
||
|
30A3000
|
trusted library allocation
|
page read and write
|
||
|
2FA1000
|
trusted library allocation
|
page read and write
|
||
|
2FE8000
|
trusted library allocation
|
page read and write
|
||
|
2EDE000
|
trusted library allocation
|
page read and write
|
||
|
66ED000
|
stack
|
page read and write
|
||
|
3009000
|
trusted library allocation
|
page read and write
|
||
|
DF4D000
|
stack
|
page read and write
|
||
|
6975000
|
heap
|
page read and write
|
||
|
7C10000
|
trusted library allocation
|
page read and write
|
||
|
324F000
|
trusted library allocation
|
page read and write
|
||
|
C86000
|
unkown
|
page execute read
|
||
|
30AB000
|
trusted library allocation
|
page read and write
|
||
|
528E000
|
stack
|
page read and write
|
||
|
2D24000
|
trusted library allocation
|
page read and write
|
||
|
2BB5000
|
trusted library allocation
|
page read and write
|
||
|
31F3000
|
trusted library allocation
|
page read and write
|
||
|
2EF9000
|
trusted library allocation
|
page read and write
|
||
|
2F0C000
|
trusted library allocation
|
page read and write
|
||
|
30C0000
|
trusted library allocation
|
page read and write
|
||
|
690E000
|
stack
|
page read and write
|
||
|
6320000
|
heap
|
page read and write
|
||
|
2DDE000
|
trusted library allocation
|
page read and write
|
||
|
2F2D000
|
trusted library allocation
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
2F4A000
|
trusted library allocation
|
page read and write
|
||
|
10E4000
|
trusted library allocation
|
page read and write
|
||
|
2CEE000
|
trusted library allocation
|
page read and write
|
||
|
A915000
|
trusted library allocation
|
page read and write
|
||
|
2DE4000
|
trusted library allocation
|
page read and write
|
||
|
2E56000
|
trusted library allocation
|
page read and write
|
||
|
2EB5000
|
trusted library allocation
|
page read and write
|
||
|
31BE000
|
trusted library allocation
|
page read and write
|
||
|
2F31000
|
trusted library allocation
|
page read and write
|
||
|
30F4000
|
trusted library allocation
|
page read and write
|
||
|
5909000
|
trusted library allocation
|
page read and write
|
||
|
2DB5000
|
trusted library allocation
|
page read and write
|
||
|
52A3000
|
heap
|
page read and write
|
||
|
2D93000
|
trusted library allocation
|
page read and write
|
||
|
2E43000
|
trusted library allocation
|
page read and write
|
||
|
324C000
|
trusted library allocation
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
3248000
|
trusted library allocation
|
page read and write
|
||
|
3200000
|
trusted library allocation
|
page read and write
|
||
|
7D0D000
|
stack
|
page read and write
|
||
|
615A000
|
heap
|
page read and write
|
||
|
2BF1000
|
trusted library allocation
|
page read and write
|
||
|
2B76000
|
trusted library allocation
|
page read and write
|
||
|
2F50000
|
trusted library allocation
|
page read and write
|
||
|
301C000
|
trusted library allocation
|
page read and write
|
||
|
2DD2000
|
trusted library allocation
|
page read and write
|
||
|
10F0000
|
trusted library allocation
|
page read and write
|
||
|
C58000
|
unkown
|
page execute read
|
||
|
568E000
|
stack
|
page read and write
|
||
|
7BB3000
|
heap
|
page read and write
|
||
|
C8C000
|
unkown
|
page execute read
|
||
|
2D3F000
|
trusted library allocation
|
page read and write
|
||
|
2E2A000
|
trusted library allocation
|
page read and write
|
||
|
3214000
|
trusted library allocation
|
page read and write
|
||
|
2E7B000
|
trusted library allocation
|
page read and write
|
||
|
3199000
|
trusted library allocation
|
page read and write
|
||
|
6970000
|
heap
|
page read and write
|
||
|
3100000
|
trusted library allocation
|
page read and write
|
||
|
6EE0000
|
heap
|
page read and write
|
||
|
7E7000
|
heap
|
page read and write
|
||
|
10B5000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B90000
|
trusted library allocation
|
page read and write
|
||
|
2D2D000
|
trusted library allocation
|
page read and write
|
||
|
2D3B000
|
trusted library allocation
|
page read and write
|
||
|
2FB6000
|
trusted library allocation
|
page read and write
|
||
|
3007000
|
trusted library allocation
|
page read and write
|
||
|
304F000
|
trusted library allocation
|
page read and write
|
||
|
2FDA000
|
trusted library allocation
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
6CE0000
|
heap
|
page read and write
|
||
|
2F4C000
|
trusted library allocation
|
page read and write
|
||
|
2EB3000
|
trusted library allocation
|
page read and write
|
||
|
E70000
|
trusted library allocation
|
page read and write
|
||
|
2D99000
|
trusted library allocation
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
3045000
|
trusted library allocation
|
page read and write
|
||
|
2EB1000
|
trusted library allocation
|
page read and write
|
||
|
2B4E000
|
stack
|
page read and write
|
||
|
66F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
10BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D95000
|
trusted library allocation
|
page read and write
|
||
|
5290000
|
trusted library allocation
|
page read and write
|
||
|
30E1000
|
trusted library allocation
|
page read and write
|
||
|
60E0000
|
heap
|
page read and write
|
||
|
3088000
|
trusted library allocation
|
page read and write
|
||
|
2DCE000
|
trusted library allocation
|
page read and write
|
||
|
2E2E000
|
trusted library allocation
|
page read and write
|
||
|
2CFF000
|
trusted library allocation
|
page read and write
|
||
|
2DD8000
|
trusted library allocation
|
page read and write
|
||
|
308A000
|
trusted library allocation
|
page read and write
|
||
|
2EA9000
|
trusted library allocation
|
page read and write
|
||
|
314A000
|
trusted library allocation
|
page read and write
|
||
|
30DB000
|
trusted library allocation
|
page read and write
|
||
|
2D20000
|
trusted library allocation
|
page read and write
|
||
|
6570000
|
heap
|
page read and write
|
||
|
52A0000
|
heap
|
page read and write
|
||
|
13BC000
|
stack
|
page read and write
|
||
|
1108000
|
heap
|
page read and write
|
||
|
2E9C000
|
trusted library allocation
|
page read and write
|
||
|
314C000
|
trusted library allocation
|
page read and write
|
||
|
3240000
|
trusted library allocation
|
page read and write
|
||
|
577E000
|
stack
|
page read and write
|
||
|
3170000
|
trusted library allocation
|
page read and write
|
||
|
610F000
|
stack
|
page read and write
|
||
|
2ED8000
|
trusted library allocation
|
page read and write
|
||
|
2E9E000
|
trusted library allocation
|
page read and write
|
||
|
2D26000
|
trusted library allocation
|
page read and write
|
||
|
F65000
|
heap
|
page read and write
|
||
|
2DCB000
|
trusted library allocation
|
page read and write
|
||
|
6700000
|
trusted library allocation
|
page read and write
|
||
|
7B00000
|
heap
|
page read and write
|
||
|
1135000
|
heap
|
page read and write
|
||
|
7B74000
|
heap
|
page read and write
|
||
|
2EAB000
|
trusted library allocation
|
page read and write
|
||
|
592D000
|
trusted library allocation
|
page read and write
|
||
|
2DFF000
|
trusted library allocation
|
page read and write
|
||
|
5150000
|
trusted library allocation
|
page read and write
|
||
|
5900000
|
trusted library allocation
|
page read and write
|
||
|
2E62000
|
trusted library allocation
|
page read and write
|
||
|
2EF7000
|
trusted library allocation
|
page read and write
|
||
|
8070000
|
trusted library section
|
page read and write
|
||
|
7D4E000
|
stack
|
page read and write
|
||
|
CE6000
|
heap
|
page read and write
|
||
|
3038000
|
trusted library allocation
|
page read and write
|
||
|
2F2B000
|
trusted library allocation
|
page read and write
|
||
|
2D90000
|
trusted library allocation
|
page read and write
|
||
|
319B000
|
trusted library allocation
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
66A0000
|
trusted library allocation
|
page read and write
|
||
|
2EFB000
|
trusted library allocation
|
page read and write
|
||
|
2FF0000
|
trusted library allocation
|
page read and write
|
||
|
2D7E000
|
stack
|
page read and write
|
||
|
2CE6000
|
trusted library allocation
|
page read and write
|
||
|
316B000
|
trusted library allocation
|
page read and write
|
||
|
2FE6000
|
trusted library allocation
|
page read and write
|
||
|
2DE1000
|
trusted library allocation
|
page read and write
|
||
|
632A000
|
heap
|
page read and write
|
||
|
DCEE000
|
stack
|
page read and write
|
||
|
2E32000
|
trusted library allocation
|
page read and write
|
||
|
3024000
|
trusted library allocation
|
page read and write
|
||
|
2E7F000
|
trusted library allocation
|
page read and write
|
||
|
680B000
|
stack
|
page read and write
|
||
|
BF2000
|
unkown
|
page execute read
|
||
|
2D03000
|
trusted library allocation
|
page read and write
|
||
|
2DED000
|
trusted library allocation
|
page read and write
|
||
|
2E21000
|
trusted library allocation
|
page read and write
|
||
|
308E000
|
trusted library allocation
|
page read and write
|
||
|
67F0000
|
trusted library allocation
|
page read and write
|
||
|
DA7000
|
heap
|
page read and write
|
||
|
2F61000
|
trusted library allocation
|
page read and write
|
||
|
2FEE000
|
trusted library allocation
|
page read and write
|
||
|
2F69000
|
trusted library allocation
|
page read and write
|
||
|
2EEB000
|
trusted library allocation
|
page read and write
|
||
|
2F8F000
|
trusted library allocation
|
page read and write
|
||
|
2E03000
|
trusted library allocation
|
page read and write
|
||
|
1330000
|
trusted library allocation
|
page read and write
|
||
|
2E9D000
|
trusted library allocation
|
page read and write
|
||
|
2DE6000
|
trusted library allocation
|
page read and write
|
||
|
2DEC000
|
trusted library allocation
|
page read and write
|
||
|
10D6000
|
heap
|
page read and write
|
||
|
CF3000
|
heap
|
page read and write
|
||
|
3150000
|
trusted library allocation
|
page read and write
|
||
|
DEE000
|
stack
|
page read and write
|
||
|
31A4000
|
trusted library allocation
|
page read and write
|
There are 603 hidden memdumps, click here to show them.