Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.TrojanLoader.MSIL.DaVinci.Heur.12946.7200.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\SecuriteInfo.com.TrojanLoader.MSIL.DaVinci.Heur.12946.7200.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmp40BB.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\XjmosAst.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\XjmosAst.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\XjmosAst.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_14v0dpj0.hsh.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_a5pm1ml2.5vf.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qyqeqfs2.2f2.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xjfnhxhl.vda.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp4EE4.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 2 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.TrojanLoader.MSIL.DaVinci.Heur.12946.7200.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.TrojanLoader.MSIL.DaVinci.Heur.12946.7200.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\XjmosAst.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\XjmosAst" /XML "C:\Users\user\AppData\Local\Temp\tmp40BB.tmp"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\XjmosAst.exe
|
C:\Users\user\AppData\Roaming\XjmosAst.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\XjmosAst" /XML "C:\Users\user\AppData\Local\Temp\tmp4EE4.tmp"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 2 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt0#
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
http://us2.smtp.mailhostbox.com
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://crt.Nh
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://ocsp.sectigo.com0A
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
||
|
http://crl.micros
|
unknown
|
There are 23 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
us2.smtp.mailhostbox.com
|
208.91.199.223
|
|
|
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
208.91.199.223
|
us2.smtp.mailhostbox.com
|
United States
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3250000
|
trusted library allocation
|
page read and write
|
|
|
|
317A000
|
trusted library allocation
|
page read and write
|
|
|
|
3101000
|
trusted library allocation
|
page read and write
|
|
|
|
3819000
|
trusted library allocation
|
page read and write
|
|
|
|
314E000
|
trusted library allocation
|
page read and write
|
|
|
|
3201000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
C40000
|
trusted library allocation
|
page read and write
|
||
|
4D66000
|
trusted library allocation
|
page read and write
|
||
|
14A5000
|
heap
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
2775000
|
trusted library allocation
|
page read and write
|
||
|
F3B000
|
stack
|
page read and write
|
||
|
4F40000
|
trusted library section
|
page readonly
|
||
|
5D98000
|
trusted library allocation
|
page read and write
|
||
|
5055000
|
heap
|
page read and write
|
||
|
19FE000
|
stack
|
page read and write
|
||
|
4F60000
|
heap
|
page read and write
|
||
|
506E000
|
stack
|
page read and write
|
||
|
A82000
|
trusted library allocation
|
page read and write
|
||
|
3168000
|
trusted library allocation
|
page read and write
|
||
|
1242000
|
trusted library allocation
|
page read and write
|
||
|
4D50000
|
heap
|
page read and write
|
||
|
18D0000
|
trusted library allocation
|
page read and write
|
||
|
4DA0000
|
heap
|
page read and write
|
||
|
8104000
|
heap
|
page read and write
|
||
|
6EDE000
|
stack
|
page read and write
|
||
|
8670000
|
heap
|
page read and write
|
||
|
146B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A50000
|
heap
|
page read and write
|
||
|
DF9000
|
stack
|
page read and write
|
||
|
A5D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6900000
|
trusted library allocation
|
page execute and read and write
|
||
|
2580000
|
trusted library allocation
|
page read and write
|
||
|
63A000
|
stack
|
page read and write
|
||
|
4D75000
|
heap
|
page read and write
|
||
|
511E000
|
stack
|
page read and write
|
||
|
11C9E000
|
stack
|
page read and write
|
||
|
24F0000
|
trusted library allocation
|
page read and write
|
||
|
310E000
|
unkown
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
896F000
|
stack
|
page read and write
|
||
|
2550000
|
heap
|
page read and write
|
||
|
8682000
|
heap
|
page read and write
|
||
|
1450000
|
trusted library allocation
|
page read and write
|
||
|
15AF000
|
stack
|
page read and write
|
||
|
4C80000
|
trusted library allocation
|
page read and write
|
||
|
11EDC000
|
stack
|
page read and write
|
||
|
4CC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
64F0000
|
heap
|
page read and write
|
||
|
69CE000
|
stack
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
1387000
|
heap
|
page read and write
|
||
|
6960000
|
trusted library allocation
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
C44000
|
trusted library allocation
|
page read and write
|
||
|
1688000
|
heap
|
page read and write
|
||
|
4D30000
|
trusted library allocation
|
page execute and read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
285E000
|
trusted library allocation
|
page read and write
|
||
|
4D90000
|
heap
|
page execute and read and write
|
||
|
6920000
|
trusted library allocation
|
page read and write
|
||
|
A0E000
|
stack
|
page read and write
|
||
|
93B0000
|
heap
|
page read and write
|
||
|
1430000
|
trusted library allocation
|
page read and write
|
||
|
66ED000
|
stack
|
page read and write
|
||
|
672E000
|
stack
|
page read and write
|
||
|
40B5000
|
trusted library allocation
|
page read and write
|
||
|
1290000
|
trusted library allocation
|
page read and write
|
||
|
118DE000
|
stack
|
page read and write
|
||
|
A54000
|
trusted library allocation
|
page read and write
|
||
|
6C0E000
|
stack
|
page read and write
|
||
|
5446000
|
trusted library allocation
|
page read and write
|
||
|
1420000
|
trusted library allocation
|
page read and write
|
||
|
5B56000
|
trusted library allocation
|
page read and write
|
||
|
4BF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5AEF000
|
stack
|
page read and write
|
||
|
6DA0000
|
trusted library section
|
page read and write
|
||
|
5B60000
|
trusted library allocation
|
page read and write
|
||
|
28CB000
|
trusted library allocation
|
page read and write
|
||
|
2B9F000
|
stack
|
page read and write
|
||
|
6E1E000
|
stack
|
page read and write
|
||
|
C43000
|
trusted library allocation
|
page execute and read and write
|
||
|
6910000
|
trusted library allocation
|
page read and write
|
||
|
C7B000
|
trusted library allocation
|
page execute and read and write
|
||
|
6A5E000
|
stack
|
page read and write
|
||
|
26A1000
|
trusted library allocation
|
page read and write
|
||
|
116CC000
|
stack
|
page read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
576E000
|
stack
|
page read and write
|
||
|
1433000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F6F000
|
stack
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
4C5B000
|
trusted library allocation
|
page read and write
|
||
|
6DC0000
|
trusted library allocation
|
page read and write
|
||
|
62F7000
|
heap
|
page read and write
|
||
|
1460000
|
trusted library allocation
|
page read and write
|
||
|
826E000
|
stack
|
page read and write
|
||
|
161E000
|
stack
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
5050000
|
heap
|
page read and write
|
||
|
6B9E000
|
stack
|
page read and write
|
||
|
125B000
|
trusted library allocation
|
page execute and read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
3811000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
2660000
|
trusted library section
|
page read and write
|
||
|
4F70000
|
heap
|
page read and write
|
||
|
2510000
|
trusted library allocation
|
page read and write
|
||
|
1462000
|
trusted library allocation
|
page read and write
|
||
|
2FA0000
|
heap
|
page read and write
|
||
|
6C8E000
|
stack
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
2640000
|
trusted library allocation
|
page read and write
|
||
|
1280000
|
trusted library allocation
|
page execute and read and write
|
||
|
727E000
|
stack
|
page read and write
|
||
|
8090000
|
heap
|
page read and write
|
||
|
5ACE000
|
stack
|
page read and write
|
||
|
4CA0000
|
trusted library allocation
|
page read and write
|
||
|
6460000
|
trusted library allocation
|
page read and write
|
||
|
83A000
|
heap
|
page read and write
|
||
|
572C000
|
stack
|
page read and write
|
||
|
6290000
|
heap
|
page read and write
|
||
|
6E40000
|
trusted library allocation
|
page read and write
|
||
|
810F000
|
heap
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
629E000
|
heap
|
page read and write
|
||
|
472B000
|
trusted library allocation
|
page read and write
|
||
|
546D000
|
trusted library allocation
|
page read and write
|
||
|
C27000
|
heap
|
page read and write
|
||
|
4D00000
|
trusted library allocation
|
page execute and read and write
|
||
|
A76000
|
trusted library allocation
|
page execute and read and write
|
||
|
11DDB000
|
stack
|
page read and write
|
||
|
C0B000
|
heap
|
page read and write
|
||
|
1252000
|
trusted library allocation
|
page read and write
|
||
|
41EE000
|
trusted library allocation
|
page read and write
|
||
|
4129000
|
trusted library allocation
|
page read and write
|
||
|
5440000
|
trusted library allocation
|
page read and write
|
||
|
A87000
|
trusted library allocation
|
page execute and read and write
|
||
|
16CD000
|
heap
|
page read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
1624000
|
heap
|
page read and write
|
||
|
252E000
|
trusted library allocation
|
page read and write
|
||
|
2553000
|
heap
|
page read and write
|
||
|
2575000
|
trusted library allocation
|
page read and write
|
||
|
A4D000
|
stack
|
page read and write
|
||
|
1A3E000
|
stack
|
page read and write
|
||
|
161A000
|
heap
|
page read and write
|
||
|
7DE000
|
stack
|
page read and write
|
||
|
857000
|
heap
|
page read and write
|
||
|
2FEC000
|
stack
|
page read and write
|
||
|
1A44000
|
trusted library allocation
|
page read and write
|
||
|
80C4000
|
heap
|
page read and write
|
||
|
1628000
|
trusted library allocation
|
page read and write
|
||
|
3190000
|
heap
|
page read and write
|
||
|
3258000
|
trusted library allocation
|
page read and write
|
||
|
4209000
|
trusted library allocation
|
page read and write
|
||
|
416E000
|
trusted library allocation
|
page read and write
|
||
|
661D000
|
stack
|
page read and write
|
||
|
5444000
|
trusted library allocation
|
page read and write
|
||
|
124A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5BBE000
|
stack
|
page read and write
|
||
|
4D20000
|
trusted library allocation
|
page read and write
|
||
|
1480000
|
trusted library allocation
|
page read and write
|
||
|
18E0000
|
trusted library allocation
|
page read and write
|
||
|
1A46000
|
trusted library allocation
|
page read and write
|
||
|
1434000
|
trusted library allocation
|
page read and write
|
||
|
2500000
|
heap
|
page execute and read and write
|
||
|
15F0000
|
heap
|
page read and write
|
||
|
FF360000
|
trusted library allocation
|
page execute and read and write
|
||
|
544B000
|
trusted library allocation
|
page read and write
|
||
|
28C1000
|
trusted library allocation
|
page read and write
|
||
|
5616000
|
trusted library allocation
|
page read and write
|
||
|
58AE000
|
stack
|
page read and write
|
||
|
26EE000
|
trusted library allocation
|
page read and write
|
||
|
28D5000
|
trusted library allocation
|
page read and write
|
||
|
5F0000
|
trusted library allocation
|
page read and write
|
||
|
872000
|
heap
|
page read and write
|
||
|
A72000
|
trusted library allocation
|
page read and write
|
||
|
A50000
|
trusted library allocation
|
page read and write
|
||
|
5DF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5608000
|
trusted library allocation
|
page read and write
|
||
|
327E000
|
trusted library allocation
|
page read and write
|
||
|
2765000
|
trusted library allocation
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
1250000
|
trusted library allocation
|
page read and write
|
||
|
5E3D000
|
stack
|
page read and write
|
||
|
4D30000
|
heap
|
page read and write
|
||
|
4D40000
|
trusted library allocation
|
page read and write
|
||
|
6BD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C60000
|
trusted library allocation
|
page read and write
|
||
|
561C000
|
trusted library allocation
|
page read and write
|
||
|
A6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
573F000
|
stack
|
page read and write
|
||
|
83E000
|
heap
|
page read and write
|
||
|
24EC000
|
stack
|
page read and write
|
||
|
4C71000
|
trusted library allocation
|
page read and write
|
||
|
4F40000
|
trusted library allocation
|
page execute and read and write
|
||
|
87AE000
|
stack
|
page read and write
|
||
|
AC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
12FE000
|
heap
|
page read and write
|
||
|
31F0000
|
heap
|
page execute and read and write
|
||
|
A69E000
|
stack
|
page read and write
|
||
|
2590000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
12F9000
|
stack
|
page read and write
|
||
|
A70000
|
trusted library allocation
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
737000
|
stack
|
page read and write
|
||
|
1230000
|
trusted library allocation
|
page read and write
|
||
|
4FC0000
|
heap
|
page execute and read and write
|
||
|
269E000
|
stack
|
page read and write
|
||
|
5D8E000
|
stack
|
page read and write
|
||
|
30F0000
|
heap
|
page execute and read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
6D5F000
|
stack
|
page read and write
|
||
|
6E80000
|
trusted library allocation
|
page read and write
|
||
|
70FE000
|
stack
|
page read and write
|
||
|
C62000
|
trusted library allocation
|
page read and write
|
||
|
86EF000
|
heap
|
page read and write
|
||
|
6C1E000
|
stack
|
page read and write
|
||
|
5C0E000
|
stack
|
page read and write
|
||
|
4C16000
|
trusted library allocation
|
page read and write
|
||
|
3F0000
|
unkown
|
page readonly
|
||
|
AB0000
|
trusted library allocation
|
page read and write
|
||
|
69DE000
|
stack
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
130A000
|
heap
|
page read and write
|
||
|
54BC000
|
stack
|
page read and write
|
||
|
418C000
|
trusted library allocation
|
page read and write
|
||
|
6DD0000
|
trusted library section
|
page read and write
|
||
|
CB0000
|
trusted library allocation
|
page read and write
|
||
|
6CCE000
|
stack
|
page read and write
|
||
|
28C7000
|
trusted library allocation
|
page read and write
|
||
|
1144F000
|
stack
|
page read and write
|
||
|
2536000
|
trusted library allocation
|
page read and write
|
||
|
6932000
|
trusted library allocation
|
page read and write
|
||
|
5DC0000
|
trusted library allocation
|
page read and write
|
||
|
28C3000
|
trusted library allocation
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
C66000
|
trusted library allocation
|
page execute and read and write
|
||
|
4CF0000
|
trusted library allocation
|
page read and write
|
||
|
4D2B000
|
stack
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
586E000
|
stack
|
page read and write
|
||
|
2700000
|
heap
|
page read and write
|
||
|
15F8000
|
heap
|
page read and write
|
||
|
4720000
|
trusted library allocation
|
page read and write
|
||
|
11B5E000
|
stack
|
page read and write
|
||
|
24F4000
|
trusted library allocation
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
3F2000
|
unkown
|
page readonly
|
||
|
2650000
|
heap
|
page execute and read and write
|
||
|
8F7000
|
stack
|
page read and write
|
||
|
641E000
|
stack
|
page read and write
|
||
|
1210000
|
trusted library allocation
|
page read and write
|
||
|
BF0000
|
trusted library allocation
|
page read and write
|
||
|
4209000
|
trusted library allocation
|
page read and write
|
||
|
5DD0000
|
trusted library allocation
|
page read and write
|
||
|
4BE0000
|
trusted library allocation
|
page read and write
|
||
|
4207000
|
trusted library allocation
|
page read and write
|
||
|
36E4000
|
trusted library allocation
|
page read and write
|
||
|
1626000
|
heap
|
page read and write
|
||
|
1684000
|
heap
|
page read and write
|
||
|
C6A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2811000
|
trusted library allocation
|
page read and write
|
||
|
28C9000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
1130F000
|
stack
|
page read and write
|
||
|
2531000
|
trusted library allocation
|
page read and write
|
||
|
4F50000
|
heap
|
page read and write
|
||
|
1223000
|
trusted library allocation
|
page execute and read and write
|
||
|
3182000
|
trusted library allocation
|
page read and write
|
||
|
4201000
|
trusted library allocation
|
page read and write
|
||
|
3124000
|
trusted library allocation
|
page read and write
|
||
|
8CB000
|
heap
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
904000
|
heap
|
page read and write
|
||
|
62B0000
|
heap
|
page read and write
|
||
|
62F5000
|
heap
|
page read and write
|
||
|
BDE000
|
stack
|
page read and write
|
||
|
4B90000
|
trusted library allocation
|
page read and write
|
||
|
6298000
|
heap
|
page read and write
|
||
|
C45000
|
heap
|
page read and write
|
||
|
C4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
80E4000
|
heap
|
page read and write
|
||
|
64EC000
|
stack
|
page read and write
|
||
|
5472000
|
trusted library allocation
|
page read and write
|
||
|
1674000
|
heap
|
page read and write
|
||
|
82AE000
|
stack
|
page read and write
|
||
|
1465000
|
trusted library allocation
|
page execute and read and write
|
||
|
32BF000
|
stack
|
page read and write
|
||
|
1667000
|
heap
|
page read and write
|
||
|
79E000
|
unkown
|
page read and write
|
||
|
314F000
|
unkown
|
page read and write
|
||
|
327E000
|
stack
|
page read and write
|
||
|
C1F000
|
heap
|
page read and write
|
||
|
FEE80000
|
trusted library allocation
|
page execute and read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
7EE90000
|
trusted library allocation
|
page execute and read and write
|
||
|
1240000
|
trusted library allocation
|
page read and write
|
||
|
864000
|
heap
|
page read and write
|
||
|
C42000
|
heap
|
page read and write
|
||
|
24F6000
|
trusted library allocation
|
page read and write
|
||
|
70BE000
|
stack
|
page read and write
|
||
|
B0E000
|
stack
|
page read and write
|
||
|
326B000
|
trusted library allocation
|
page read and write
|
||
|
5620000
|
heap
|
page execute and read and write
|
||
|
53A000
|
stack
|
page read and write
|
||
|
11B1E000
|
stack
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
CEC000
|
heap
|
page read and write
|
||
|
80BA000
|
heap
|
page read and write
|
||
|
DFE000
|
stack
|
page read and write
|
||
|
1440000
|
trusted library allocation
|
page read and write
|
||
|
2F80000
|
trusted library allocation
|
page read and write
|
||
|
2B18000
|
trusted library allocation
|
page read and write
|
||
|
901000
|
heap
|
page read and write
|
||
|
2635000
|
trusted library allocation
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
3176000
|
trusted library allocation
|
page read and write
|
||
|
2560000
|
trusted library allocation
|
page read and write
|
||
|
5D4E000
|
stack
|
page read and write
|
||
|
5A8E000
|
stack
|
page read and write
|
||
|
36A1000
|
trusted library allocation
|
page read and write
|
||
|
5260000
|
heap
|
page read and write
|
||
|
5B50000
|
trusted library allocation
|
page read and write
|
||
|
11C5E000
|
stack
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
253D000
|
trusted library allocation
|
page read and write
|
||
|
6BC0000
|
heap
|
page read and write
|
||
|
145A000
|
trusted library allocation
|
page execute and read and write
|
||
|
7DF000
|
unkown
|
page read and write
|
||
|
13C1000
|
heap
|
page read and write
|
||
|
544E000
|
trusted library allocation
|
page read and write
|
||
|
5DCC000
|
trusted library allocation
|
page read and write
|
||
|
5461000
|
trusted library allocation
|
page read and write
|
||
|
1490000
|
trusted library allocation
|
page execute and read and write
|
||
|
371E000
|
trusted library allocation
|
page read and write
|
||
|
1158E000
|
stack
|
page read and write
|
||
|
545E000
|
trusted library allocation
|
page read and write
|
||
|
1257000
|
trusted library allocation
|
page execute and read and write
|
||
|
5D0F000
|
stack
|
page read and write
|
||
|
6DB0000
|
heap
|
page read and write
|
||
|
598C000
|
stack
|
page read and write
|
||
|
16C0000
|
heap
|
page read and write
|
||
|
160E000
|
heap
|
page read and write
|
||
|
4F80000
|
trusted library allocation
|
page read and write
|
||
|
4D26000
|
trusted library allocation
|
page read and write
|
||
|
143D000
|
trusted library allocation
|
page execute and read and write
|
||
|
303D000
|
stack
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
52FE000
|
stack
|
page read and write
|
||
|
26F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
BE0000
|
trusted library allocation
|
page read and write
|
||
|
8C9000
|
heap
|
page read and write
|
||
|
62CD000
|
heap
|
page read and write
|
||
|
4C7D000
|
trusted library allocation
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
A53000
|
trusted library allocation
|
page execute and read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
515D000
|
stack
|
page read and write
|
||
|
6DA000
|
stack
|
page read and write
|
||
|
C77000
|
trusted library allocation
|
page execute and read and write
|
||
|
6C4E000
|
stack
|
page read and write
|
||
|
3540000
|
heap
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
5BD0000
|
trusted library allocation
|
page read and write
|
||
|
25DE000
|
stack
|
page read and write
|
||
|
11D5000
|
heap
|
page read and write
|
||
|
4DA3000
|
heap
|
page read and write
|
||
|
A60000
|
trusted library allocation
|
page read and write
|
||
|
6BDE000
|
stack
|
page read and write
|
||
|
11102000
|
trusted library allocation
|
page read and write
|
||
|
29A8000
|
trusted library allocation
|
page read and write
|
||
|
115CB000
|
stack
|
page read and write
|
||
|
4F50000
|
trusted library allocation
|
page read and write
|
||
|
307A000
|
stack
|
page read and write
|
||
|
1319000
|
heap
|
page read and write
|
||
|
4D40000
|
trusted library section
|
page readonly
|
||
|
18F0000
|
heap
|
page read and write
|
||
|
5452000
|
trusted library allocation
|
page read and write
|
||
|
1367000
|
heap
|
page read and write
|
||
|
54D0000
|
heap
|
page read and write
|
||
|
4C50000
|
trusted library allocation
|
page read and write
|
||
|
24AE000
|
stack
|
page read and write
|
||
|
2570000
|
trusted library allocation
|
page read and write
|
||
|
6D90000
|
trusted library allocation
|
page execute and read and write
|
||
|
3139000
|
trusted library allocation
|
page read and write
|
||
|
59AF000
|
stack
|
page read and write
|
||
|
1452000
|
trusted library allocation
|
page read and write
|
||
|
C5D000
|
trusted library allocation
|
page execute and read and write
|
||
|
CB2000
|
heap
|
page read and write
|
||
|
28C5000
|
trusted library allocation
|
page read and write
|
||
|
7F040000
|
trusted library allocation
|
page execute and read and write
|
||
|
3758000
|
trusted library allocation
|
page read and write
|
||
|
4105000
|
trusted library allocation
|
page read and write
|
||
|
2C1A000
|
heap
|
page read and write
|
||
|
83AE000
|
stack
|
page read and write
|
||
|
5BCE000
|
stack
|
page read and write
|
||
|
18CC000
|
stack
|
page read and write
|
||
|
4CD0000
|
trusted library allocation
|
page read and write
|
||
|
11A1E000
|
stack
|
page read and write
|
||
|
AFE000
|
stack
|
page read and write
|
||
|
4D70000
|
heap
|
page read and write
|
||
|
4F60000
|
heap
|
page read and write
|
||
|
122D000
|
trusted library allocation
|
page execute and read and write
|
||
|
AA7000
|
heap
|
page read and write
|
||
|
5170000
|
heap
|
page read and write
|
||
|
54D3000
|
heap
|
page read and write
|
||
|
1317000
|
heap
|
page read and write
|
||
|
C3F000
|
heap
|
page read and write
|
||
|
32FB000
|
heap
|
page read and write
|
||
|
13B9000
|
heap
|
page read and write
|
||
|
A7A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1246000
|
trusted library allocation
|
page execute and read and write
|
||
|
1456000
|
trusted library allocation
|
page execute and read and write
|
||
|
820000
|
trusted library allocation
|
page read and write
|
||
|
1120E000
|
stack
|
page read and write
|
||
|
1255000
|
trusted library allocation
|
page execute and read and write
|
||
|
16B2000
|
heap
|
page read and write
|
||
|
4229000
|
trusted library allocation
|
page read and write
|
||
|
7F6000
|
heap
|
page read and write
|
||
|
261C000
|
stack
|
page read and write
|
||
|
2542000
|
trusted library allocation
|
page read and write
|
||
|
5DD6000
|
trusted library allocation
|
page read and write
|
||
|
CB6000
|
heap
|
page read and write
|
||
|
51B0000
|
heap
|
page read and write
|
||
|
680E000
|
stack
|
page read and write
|
||
|
4D44000
|
trusted library section
|
page readonly
|
||
|
4067000
|
trusted library allocation
|
page read and write
|
||
|
4C54000
|
trusted library allocation
|
page read and write
|
||
|
C3E000
|
stack
|
page read and write
|
||
|
1A40000
|
trusted library allocation
|
page read and write
|
||
|
4FB0000
|
trusted library allocation
|
page read and write
|
||
|
3150000
|
trusted library allocation
|
page read and write
|
||
|
526E000
|
heap
|
page read and write
|
||
|
4D9C000
|
stack
|
page read and write
|
||
|
3150000
|
heap
|
page read and write
|
||
|
6510000
|
heap
|
page read and write
|
||
|
28BD000
|
trusted library allocation
|
page read and write
|
||
|
C72000
|
trusted library allocation
|
page read and write
|
||
|
FEE000
|
stack
|
page read and write
|
||
|
2630000
|
trusted library allocation
|
page read and write
|
||
|
5BD7000
|
trusted library allocation
|
page read and write
|
||
|
30ED000
|
stack
|
page read and write
|
||
|
4C76000
|
trusted library allocation
|
page read and write
|
||
|
4285000
|
trusted library allocation
|
page read and write
|
||
|
3078000
|
trusted library allocation
|
page read and write
|
||
|
5160000
|
heap
|
page read and write
|
||
|
6E30000
|
trusted library section
|
page read and write
|
||
|
3114000
|
trusted library allocation
|
page read and write
|
||
|
1467000
|
trusted library allocation
|
page execute and read and write
|
||
|
1880000
|
heap
|
page read and write
|
||
|
31DC000
|
stack
|
page read and write
|
||
|
324C000
|
trusted library allocation
|
page read and write
|
||
|
26EB000
|
trusted library allocation
|
page read and write
|
||
|
4301000
|
trusted library allocation
|
page read and write
|
||
|
67E0000
|
heap
|
page read and write
|
||
|
5D90000
|
trusted library allocation
|
page read and write
|
||
|
86B9000
|
heap
|
page read and write
|
||
|
8CF000
|
heap
|
page read and write
|
||
|
1148E000
|
stack
|
page read and write
|
||
|
483C000
|
stack
|
page read and write
|
||
|
324E000
|
trusted library allocation
|
page read and write
|
||
|
3277000
|
trusted library allocation
|
page read and write
|
||
|
6970000
|
trusted library allocation
|
page read and write
|
||
|
3145000
|
trusted library allocation
|
page read and write
|
||
|
11D9E000
|
stack
|
page read and write
|
||
|
54E0000
|
heap
|
page read and write
|
||
|
26F0000
|
trusted library allocation
|
page read and write
|
||
|
407E000
|
trusted library allocation
|
page read and write
|
||
|
56F1000
|
heap
|
page read and write
|
||
|
C96000
|
heap
|
page read and write
|
||
|
1134E000
|
stack
|
page read and write
|
||
|
5880000
|
heap
|
page execute and read and write
|
||
|
251B000
|
trusted library allocation
|
page read and write
|
||
|
C0E000
|
heap
|
page read and write
|
||
|
280F000
|
stack
|
page read and write
|
||
|
2C10000
|
heap
|
page read and write
|
||
|
1393000
|
heap
|
page read and write
|
||
|
A8B000
|
trusted library allocation
|
page execute and read and write
|
||
|
C50000
|
trusted library allocation
|
page read and write
|
||
|
CFA000
|
stack
|
page read and write
|
||
|
3269000
|
trusted library allocation
|
page read and write
|
||
|
119DF000
|
stack
|
page read and write
|
||
|
12E8000
|
heap
|
page read and write
|
||
|
519E000
|
heap
|
page read and write
|
||
|
5466000
|
trusted library allocation
|
page read and write
|
||
|
59EE000
|
stack
|
page read and write
|
||
|
6E20000
|
trusted library allocation
|
page execute and read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
28BF000
|
trusted library allocation
|
page read and write
|
||
|
426E000
|
trusted library allocation
|
page read and write
|
||
|
2620000
|
trusted library allocation
|
page read and write
|
||
|
CA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
15EE000
|
stack
|
page read and write
|
||
|
4D60000
|
trusted library allocation
|
page read and write
|
||
|
4726000
|
trusted library allocation
|
page read and write
|
||
|
6470000
|
trusted library allocation
|
page read and write
|
||
|
CC4000
|
heap
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
4CE0000
|
heap
|
page read and write
|
||
|
56E0000
|
heap
|
page read and write
|
||
|
4C10000
|
trusted library allocation
|
page read and write
|
||
|
4730000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C6E000
|
trusted library allocation
|
page read and write
|
||
|
109ED000
|
trusted library allocation
|
page read and write
|
||
|
4D80000
|
trusted library allocation
|
page read and write
|
||
|
3120000
|
trusted library allocation
|
page read and write
|
||
|
5B70000
|
trusted library allocation
|
page execute and read and write
|
||
|
3160000
|
heap
|
page read and write
|
||
|
C90000
|
trusted library allocation
|
page read and write
|
||
|
3F93000
|
trusted library allocation
|
page read and write
|
||
|
645E000
|
stack
|
page read and write
|
||
|
5610000
|
trusted library allocation
|
page read and write
|
||
|
64F2000
|
heap
|
page read and write
|
||
|
123D000
|
trusted library allocation
|
page execute and read and write
|
||
|
8A6E000
|
stack
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
5600000
|
trusted library allocation
|
page read and write
|
||
|
26E0000
|
trusted library allocation
|
page read and write
|
||
|
4C82000
|
trusted library allocation
|
page read and write
|
||
|
6DCE000
|
stack
|
page read and write
|
||
|
5BC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6E90000
|
trusted library allocation
|
page read and write
|
||
|
36A9000
|
trusted library allocation
|
page read and write
|
||
|
490C000
|
stack
|
page read and write
|
||
|
327B000
|
trusted library allocation
|
page read and write
|
||
|
314C000
|
trusted library allocation
|
page read and write
|
||
|
69D000
|
stack
|
page read and write
|
||
|
5740000
|
heap
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
587E000
|
stack
|
page read and write
|
||
|
1224000
|
trusted library allocation
|
page read and write
|
||
|
2F74000
|
trusted library allocation
|
page read and write
|
||
|
5612000
|
trusted library allocation
|
page read and write
|
||
|
4103000
|
trusted library allocation
|
page read and write
|
||
|
695E000
|
stack
|
page read and write
|
||
|
137B000
|
heap
|
page read and write
|
||
|
2756000
|
trusted library allocation
|
page read and write
|
||
|
67CE000
|
stack
|
page read and write
|
||
|
12A0000
|
trusted library allocation
|
page read and write
|
||
|
4101000
|
trusted library allocation
|
page read and write
|
||
|
2F70000
|
trusted library allocation
|
page read and write
|
There are 536 hidden memdumps, click here to show them.