Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
RFQ SY103 2nd order 2024.exe
|
PE32+ executable (console) x86-64 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_RFQ SY103 2nd or_7be5a683b7ce35d984490767b86aac2a29b92f_5fa42fed_c184db70-752d-49d4-972d-f3d88664d989\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1F3C.tmp.dmp
|
Mini DuMP crash report, 16 streams, Wed Jul 3 07:26:51 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER20E3.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2103.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\jsc.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\RFQ SY103 2nd order 2024.exe
|
"C:\Users\user\Desktop\RFQ SY103 2nd order 2024.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\jsc.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\jsc.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\jsc.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\jsc.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 7296 -s 1032
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Text
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/sct
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/sc/dk
|
unknown
|
||
|
http://tempuri.org/Entity/Id23ResponseD
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#HexBinary
|
unknown
|
||
|
http://tempuri.org/Entity/Id12Response
|
unknown
|
||
|
http://tempuri.org/
|
unknown
|
||
|
http://tempuri.org/Entity/Id2Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/dk/p_sha1
|
unknown
|
||
|
http://tempuri.org/Entity/Id21Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/2005/02/trust/spnego#GSS_Wrap
|
unknown
|
||
|
http://tempuri.org/Entity/Id9
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID
|
unknown
|
||
|
http://tempuri.org/Entity/Id8
|
unknown
|
||
|
http://tempuri.org/Entity/Id5
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Prepare
|
unknown
|
||
|
http://tempuri.org/Entity/Id4
|
unknown
|
||
|
http://tempuri.org/Entity/Id7
|
unknown
|
||
|
http://tempuri.org/Entity/Id6
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust#BinarySecret
|
unknown
|
||
|
http://tempuri.org/Entity/Id19Response
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-rel-token-profile-1.0.pdf#license
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Aborted
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/TerminateSequence
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/fault
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey
|
unknown
|
||
|
http://tempuri.org/Entity/Id15Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Renew
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/Register
|
unknown
|
||
|
http://tempuri.org/Entity/Id6Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/SymmetricKey
|
unknown
|
||
|
https://api.ip.sb/ip
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/sc
|
unknown
|
||
|
http://tempuri.org/Entity/Id1ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Volatile2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id9Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id20
|
unknown
|
||
|
http://tempuri.org/Entity/Id21
|
unknown
|
||
|
http://tempuri.org/Entity/Id22
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#Kerberosv5APREQSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id23
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/CK/PSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id24
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/Issue
|
unknown
|
||
|
http://tempuri.org/Entity/Id24Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id1Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/AckRequested
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/ReadOnly
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Replay
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Durable2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/SymmetricKey
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Completion
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust
|
unknown
|
||
|
http://tempuri.org/Entity/Id10
|
unknown
|
||
|
http://tempuri.org/Entity/Id11
|
unknown
|
||
|
http://tempuri.org/Entity/Id12
|
unknown
|
||
|
http://tempuri.org/Entity/Id16Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContextResponse
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id13
|
unknown
|
||
|
http://tempuri.org/Entity/Id14
|
unknown
|
||
|
http://tempuri.org/Entity/Id15
|
unknown
|
||
|
http://tempuri.org/Entity/Id16
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Nonce
|
unknown
|
||
|
http://tempuri.org/Entity/Id17
|
unknown
|
||
|
http://tempuri.org/Entity/Id18
|
unknown
|
||
|
http://tempuri.org/Entity/Id5Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id19
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dns
|
unknown
|
||
|
http://tempuri.org/Entity/Id10Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Renew
|
unknown
|
||
|
http://tempuri.org/Entity/Id8Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/PublicKey
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/SCT
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2006/02/addressingidentity
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/PublicKey
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKeySHA1
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Rollback
|
unknown
|
||
|
http://tempuri.org/Entity/Id3ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id23Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/SCT
|
unknown
|
||
|
http://tempuri.org/D
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/06/addressingex
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/Nonce
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/CreateSequenceResponse
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing/fault
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Renew
|
unknown
|
There are 90 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
178.23.190.118
|
unknown
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
||
|
\REGISTRY\A\{8e7ce31c-55df-6137-7ce1-761b94118a70}\Root\InventoryApplicationFile\rfq sy103 2nd or|ede9cb0c99495926
|
ProgramId
|
||
|
\REGISTRY\A\{8e7ce31c-55df-6137-7ce1-761b94118a70}\Root\InventoryApplicationFile\rfq sy103 2nd or|ede9cb0c99495926
|
FileId
|
||
|
\REGISTRY\A\{8e7ce31c-55df-6137-7ce1-761b94118a70}\Root\InventoryApplicationFile\rfq sy103 2nd or|ede9cb0c99495926
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{8e7ce31c-55df-6137-7ce1-761b94118a70}\Root\InventoryApplicationFile\rfq sy103 2nd or|ede9cb0c99495926
|
LongPathHash
|
||
|
\REGISTRY\A\{8e7ce31c-55df-6137-7ce1-761b94118a70}\Root\InventoryApplicationFile\rfq sy103 2nd or|ede9cb0c99495926
|
Name
|
||
|
\REGISTRY\A\{8e7ce31c-55df-6137-7ce1-761b94118a70}\Root\InventoryApplicationFile\rfq sy103 2nd or|ede9cb0c99495926
|
OriginalFileName
|
||
|
\REGISTRY\A\{8e7ce31c-55df-6137-7ce1-761b94118a70}\Root\InventoryApplicationFile\rfq sy103 2nd or|ede9cb0c99495926
|
Publisher
|
||
|
\REGISTRY\A\{8e7ce31c-55df-6137-7ce1-761b94118a70}\Root\InventoryApplicationFile\rfq sy103 2nd or|ede9cb0c99495926
|
Version
|
||
|
\REGISTRY\A\{8e7ce31c-55df-6137-7ce1-761b94118a70}\Root\InventoryApplicationFile\rfq sy103 2nd or|ede9cb0c99495926
|
BinFileVersion
|
||
|
\REGISTRY\A\{8e7ce31c-55df-6137-7ce1-761b94118a70}\Root\InventoryApplicationFile\rfq sy103 2nd or|ede9cb0c99495926
|
BinaryType
|
||
|
\REGISTRY\A\{8e7ce31c-55df-6137-7ce1-761b94118a70}\Root\InventoryApplicationFile\rfq sy103 2nd or|ede9cb0c99495926
|
ProductName
|
||
|
\REGISTRY\A\{8e7ce31c-55df-6137-7ce1-761b94118a70}\Root\InventoryApplicationFile\rfq sy103 2nd or|ede9cb0c99495926
|
ProductVersion
|
||
|
\REGISTRY\A\{8e7ce31c-55df-6137-7ce1-761b94118a70}\Root\InventoryApplicationFile\rfq sy103 2nd or|ede9cb0c99495926
|
LinkDate
|
||
|
\REGISTRY\A\{8e7ce31c-55df-6137-7ce1-761b94118a70}\Root\InventoryApplicationFile\rfq sy103 2nd or|ede9cb0c99495926
|
BinProductVersion
|
||
|
\REGISTRY\A\{8e7ce31c-55df-6137-7ce1-761b94118a70}\Root\InventoryApplicationFile\rfq sy103 2nd or|ede9cb0c99495926
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{8e7ce31c-55df-6137-7ce1-761b94118a70}\Root\InventoryApplicationFile\rfq sy103 2nd or|ede9cb0c99495926
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{8e7ce31c-55df-6137-7ce1-761b94118a70}\Root\InventoryApplicationFile\rfq sy103 2nd or|ede9cb0c99495926
|
Size
|
||
|
\REGISTRY\A\{8e7ce31c-55df-6137-7ce1-761b94118a70}\Root\InventoryApplicationFile\rfq sy103 2nd or|ede9cb0c99495926
|
Language
|
||
|
\REGISTRY\A\{8e7ce31c-55df-6137-7ce1-761b94118a70}\Root\InventoryApplicationFile\rfq sy103 2nd or|ede9cb0c99495926
|
Usn
|
There are 14 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2E66000
|
trusted library allocation
|
page read and write
|
|
|
|
2096394A000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
209637C8000
|
trusted library allocation
|
page read and write
|
|
|
|
209538BA000
|
trusted library allocation
|
page read and write
|
|
|
|
20963528000
|
trusted library allocation
|
page read and write
|
||
|
20951A3A000
|
heap
|
page read and write
|
||
|
710F000
|
stack
|
page read and write
|
||
|
2EF2000
|
trusted library allocation
|
page read and write
|
||
|
603F000
|
heap
|
page read and write
|
||
|
586E000
|
stack
|
page read and write
|
||
|
149A000
|
heap
|
page read and write
|
||
|
71DE000
|
stack
|
page read and write
|
||
|
20951902000
|
unkown
|
page readonly
|
||
|
20951900000
|
unkown
|
page readonly
|
||
|
5FA6000
|
heap
|
page read and write
|
||
|
3228000
|
trusted library allocation
|
page read and write
|
||
|
149E000
|
heap
|
page read and write
|
||
|
132F000
|
stack
|
page read and write
|
||
|
52F0000
|
trusted library allocation
|
page read and write
|
||
|
5FED000
|
heap
|
page read and write
|
||
|
104E000
|
stack
|
page read and write
|
||
|
7670000
|
trusted library allocation
|
page read and write
|
||
|
2D56000
|
trusted library allocation
|
page read and write
|
||
|
607D000
|
heap
|
page read and write
|
||
|
3237000
|
trusted library allocation
|
page read and write
|
||
|
6050000
|
heap
|
page read and write
|
||
|
6683000
|
trusted library allocation
|
page read and write
|
||
|
74AE000
|
stack
|
page read and write
|
||
|
77B0000
|
heap
|
page read and write
|
||
|
1370000
|
trusted library allocation
|
page read and write
|
||
|
5FE6000
|
heap
|
page read and write
|
||
|
6068000
|
heap
|
page read and write
|
||
|
EEE000
|
stack
|
page read and write
|
||
|
6E45000
|
heap
|
page read and write
|
||
|
10B0000
|
trusted library allocation
|
page read and write
|
||
|
6686000
|
trusted library allocation
|
page read and write
|
||
|
6DBC000
|
stack
|
page read and write
|
||
|
32A8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
6690000
|
trusted library allocation
|
page read and write
|
||
|
529A000
|
trusted library allocation
|
page read and write
|
||
|
5892000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
D67000
|
stack
|
page read and write
|
||
|
10D2000
|
trusted library allocation
|
page read and write
|
||
|
52EE000
|
stack
|
page read and write
|
||
|
6024000
|
heap
|
page read and write
|
||
|
6030000
|
heap
|
page read and write
|
||
|
2D70000
|
trusted library allocation
|
page read and write
|
||
|
3DD1000
|
trusted library allocation
|
page read and write
|
||
|
5250000
|
heap
|
page read and write
|
||
|
77C6000
|
heap
|
page read and write
|
||
|
7675000
|
trusted library allocation
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
328E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A4000
|
trusted library allocation
|
page read and write
|
||
|
3EB4000
|
trusted library allocation
|
page read and write
|
||
|
606E000
|
heap
|
page read and write
|
||
|
5290000
|
trusted library allocation
|
page read and write
|
||
|
209519F9000
|
heap
|
page read and write
|
||
|
2EE8000
|
trusted library allocation
|
page read and write
|
||
|
7500000
|
heap
|
page read and write
|
||
|
7FFD9B782000
|
trusted library allocation
|
page read and write
|
||
|
56EE000
|
stack
|
page read and write
|
||
|
20951C85000
|
heap
|
page read and write
|
||
|
20953500000
|
heap
|
page execute and read and write
|
||
|
7028000
|
trusted library allocation
|
page read and write
|
||
|
601F000
|
heap
|
page read and write
|
||
|
32B3000
|
trusted library allocation
|
page read and write
|
||
|
6120000
|
trusted library allocation
|
page read and write
|
||
|
7F030000
|
trusted library allocation
|
page execute and read and write
|
||
|
6E5E000
|
heap
|
page read and write
|
||
|
10D6000
|
trusted library allocation
|
page execute and read and write
|
||
|
11D1000
|
heap
|
page read and write
|
||
|
323A000
|
trusted library allocation
|
page read and write
|
||
|
601A000
|
heap
|
page read and write
|
||
|
3303000
|
trusted library allocation
|
page read and write
|
||
|
702A000
|
trusted library allocation
|
page read and write
|
||
|
884E000
|
stack
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
5263000
|
heap
|
page execute and read and write
|
||
|
5870000
|
trusted library allocation
|
page read and write
|
||
|
10E2000
|
trusted library allocation
|
page read and write
|
||
|
62E0000
|
trusted library allocation
|
page read and write
|
||
|
330E000
|
trusted library allocation
|
page read and write
|
||
|
6F08000
|
heap
|
page read and write
|
||
|
5FC2000
|
heap
|
page read and write
|
||
|
7B82FFE000
|
stack
|
page read and write
|
||
|
7FFD9B792000
|
trusted library allocation
|
page read and write
|
||
|
6694000
|
trusted library allocation
|
page read and write
|
||
|
7640000
|
trusted library allocation
|
page execute and read and write
|
||
|
5295000
|
trusted library allocation
|
page read and write
|
||
|
7042000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page read and write
|
||
|
209519A0000
|
heap
|
page read and write
|
||
|
20951A0E000
|
heap
|
page read and write
|
||
|
58A1000
|
trusted library allocation
|
page read and write
|
||
|
6EA5000
|
heap
|
page read and write
|
||
|
6680000
|
trusted library allocation
|
page read and write
|
||
|
20951C45000
|
heap
|
page read and write
|
||
|
5886000
|
trusted library allocation
|
page read and write
|
||
|
6633000
|
trusted library allocation
|
page read and write
|
||
|
2DA0000
|
trusted library allocation
|
page read and write
|
||
|
77AE000
|
stack
|
page read and write
|
||
|
5272000
|
trusted library allocation
|
page read and write
|
||
|
20951A10000
|
heap
|
page read and write
|
||
|
7150000
|
trusted library allocation
|
page read and write
|
||
|
F2E000
|
stack
|
page read and write
|
||
|
20953521000
|
trusted library allocation
|
page read and write
|
||
|
3DDF000
|
trusted library allocation
|
page read and write
|
||
|
60C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6110000
|
trusted library allocation
|
page read and write
|
||
|
10DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
2096C162000
|
heap
|
page read and write
|
||
|
7B82CF3000
|
stack
|
page read and write
|
||
|
6630000
|
trusted library allocation
|
page read and write
|
||
|
446000
|
remote allocation
|
page execute and read and write
|
||
|
608B000
|
trusted library allocation
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
10B4000
|
trusted library allocation
|
page read and write
|
||
|
3290000
|
trusted library allocation
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
7015000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
10E5000
|
trusted library allocation
|
page execute and read and write
|
||
|
20951A42000
|
heap
|
page read and write
|
||
|
20951C40000
|
heap
|
page read and write
|
||
|
3F63000
|
trusted library allocation
|
page read and write
|
||
|
30DD000
|
trusted library allocation
|
page read and write
|
||
|
7B830FE000
|
stack
|
page read and write
|
||
|
30D2000
|
trusted library allocation
|
page read and write
|
||
|
2096B550000
|
trusted library allocation
|
page read and write
|
||
|
4063000
|
trusted library allocation
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
6053000
|
heap
|
page read and write
|
||
|
58B0000
|
trusted library allocation
|
page read and write
|
||
|
10E0000
|
trusted library allocation
|
page read and write
|
||
|
7660000
|
heap
|
page read and write
|
||
|
6E3A000
|
heap
|
page read and write
|
||
|
209638F5000
|
trusted library allocation
|
page read and write
|
||
|
6170000
|
trusted library allocation
|
page execute and read and write
|
||
|
74EF000
|
stack
|
page read and write
|
||
|
F45000
|
heap
|
page read and write
|
||
|
7FFD9B7DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1110000
|
trusted library allocation
|
page read and write
|
||
|
1167000
|
heap
|
page read and write
|
||
|
329D000
|
trusted library allocation
|
page read and write
|
||
|
6080000
|
trusted library allocation
|
page read and write
|
||
|
209535AE000
|
trusted library allocation
|
page read and write
|
||
|
5881000
|
trusted library allocation
|
page read and write
|
||
|
2D51000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
20951A12000
|
heap
|
page read and write
|
||
|
209519EE000
|
heap
|
page read and write
|
||
|
5FB2000
|
heap
|
page read and write
|
||
|
3300000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
||
|
30DA000
|
trusted library allocation
|
page read and write
|
||
|
1173000
|
heap
|
page read and write
|
||
|
20951BC0000
|
heap
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
416C000
|
trusted library allocation
|
page read and write
|
||
|
2C48000
|
trusted library allocation
|
page read and write
|
||
|
6EF4000
|
heap
|
page read and write
|
||
|
7FFD9B93C000
|
trusted library allocation
|
page read and write
|
||
|
635C000
|
stack
|
page read and write
|
||
|
10A0000
|
trusted library allocation
|
page read and write
|
||
|
74F0000
|
heap
|
page read and write
|
||
|
7B82DFF000
|
stack
|
page read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D34000
|
trusted library allocation
|
page read and write
|
||
|
20953430000
|
trusted library section
|
page read and write
|
||
|
7FFD9B936000
|
trusted library allocation
|
page read and write
|
||
|
2D3B000
|
trusted library allocation
|
page read and write
|
||
|
2D90000
|
trusted library allocation
|
page read and write
|
||
|
70CE000
|
stack
|
page read and write
|
||
|
2D80000
|
trusted library allocation
|
page read and write
|
||
|
6310000
|
trusted library allocation
|
page execute and read and write
|
||
|
7060000
|
trusted library allocation
|
page execute and read and write
|
||
|
7120000
|
trusted library allocation
|
page read and write
|
||
|
6E9D000
|
heap
|
page read and write
|
||
|
20951ACD000
|
heap
|
page read and write
|
||
|
115A000
|
heap
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
608E000
|
trusted library allocation
|
page read and write
|
||
|
6E10000
|
heap
|
page read and write
|
||
|
7035000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
58AA000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
6E2F000
|
heap
|
page read and write
|
||
|
572E000
|
stack
|
page read and write
|
||
|
7012000
|
trusted library allocation
|
page read and write
|
||
|
2096C106000
|
trusted library section
|
page read and write
|
||
|
30E6000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B798000
|
trusted library allocation
|
page read and write
|
||
|
582E000
|
stack
|
page read and write
|
||
|
20951BA0000
|
heap
|
page read and write
|
||
|
1497000
|
heap
|
page read and write
|
||
|
C6A000
|
stack
|
page read and write
|
||
|
7140000
|
trusted library allocation
|
page execute and read and write
|
||
|
3EC6000
|
trusted library allocation
|
page read and write
|
||
|
10EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7010000
|
trusted library allocation
|
page read and write
|
||
|
209519D0000
|
heap
|
page read and write
|
||
|
2F04000
|
trusted library allocation
|
page read and write
|
||
|
2EEE000
|
trusted library allocation
|
page read and write
|
||
|
763B000
|
stack
|
page read and write
|
||
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
55AF000
|
stack
|
page read and write
|
||
|
5F7E000
|
stack
|
page read and write
|
||
|
589E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B972000
|
trusted library allocation
|
page read and write
|
||
|
11C9000
|
heap
|
page read and write
|
||
|
60B0000
|
trusted library allocation
|
page read and write
|
||
|
20963521000
|
trusted library allocation
|
page read and write
|
||
|
432000
|
remote allocation
|
page execute and read and write
|
||
|
3306000
|
trusted library allocation
|
page read and write
|
||
|
3327000
|
trusted library allocation
|
page read and write
|
||
|
7110000
|
trusted library allocation
|
page read and write
|
||
|
10C0000
|
trusted library allocation
|
page read and write
|
||
|
64CE000
|
stack
|
page read and write
|
||
|
20963C3C000
|
trusted library allocation
|
page read and write
|
||
|
6F00000
|
heap
|
page read and write
|
||
|
5FB0000
|
heap
|
page read and write
|
||
|
6EC7000
|
heap
|
page read and write
|
||
|
6370000
|
trusted library allocation
|
page execute and read and write
|
||
|
32C9000
|
trusted library allocation
|
page read and write
|
||
|
6090000
|
trusted library allocation
|
page read and write
|
||
|
58C1000
|
trusted library allocation
|
page read and write
|
||
|
4ECC000
|
stack
|
page read and write
|
||
|
7FFD9B83C000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F0E000
|
heap
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
329A000
|
trusted library allocation
|
page read and write
|
||
|
2096BE70000
|
trusted library section
|
page read and write
|
||
|
20951C30000
|
trusted library allocation
|
page read and write
|
||
|
719E000
|
stack
|
page read and write
|
||
|
2D62000
|
trusted library allocation
|
page read and write
|
||
|
2DD1000
|
trusted library allocation
|
page read and write
|
||
|
148E000
|
stack
|
page read and write
|
||
|
136E000
|
stack
|
page read and write
|
||
|
6E9A000
|
heap
|
page read and write
|
||
|
20953510000
|
heap
|
page read and write
|
||
|
587B000
|
trusted library allocation
|
page read and write
|
||
|
2D4E000
|
trusted library allocation
|
page read and write
|
||
|
32F4000
|
trusted library allocation
|
page read and write
|
||
|
2D95000
|
trusted library allocation
|
page read and write
|
||
|
20951C00000
|
trusted library allocation
|
page read and write
|
||
|
6300000
|
trusted library allocation
|
page execute and read and write
|
||
|
62B0000
|
trusted library allocation
|
page read and write
|
||
|
10BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7B834FF000
|
stack
|
page read and write
|
||
|
703A000
|
trusted library allocation
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
7050000
|
trusted library allocation
|
page read and write
|
||
|
1227000
|
heap
|
page read and write
|
||
|
55EE000
|
stack
|
page read and write
|
||
|
5270000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1490000
|
heap
|
page read and write
|
||
|
894E000
|
stack
|
page read and write
|
||
|
325B000
|
trusted library allocation
|
page read and write
|
||
|
702F000
|
trusted library allocation
|
page read and write
|
||
|
6085000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page execute and read and write
|
||
|
703F000
|
trusted library allocation
|
page read and write
|
||
|
2D30000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page execute and read and write
|
||
|
32C1000
|
trusted library allocation
|
page read and write
|
||
|
3F1F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
3DF1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B866000
|
trusted library allocation
|
page execute and read and write
|
||
|
6EE0000
|
heap
|
page read and write
|
||
|
6EB6000
|
heap
|
page read and write
|
||
|
2D20000
|
trusted library allocation
|
page read and write
|
||
|
6E6A000
|
heap
|
page read and write
|
||
|
6100000
|
trusted library allocation
|
page read and write
|
||
|
1138000
|
heap
|
page read and write
|
||
|
60F0000
|
trusted library allocation
|
page read and write
|
||
|
6E4D000
|
heap
|
page read and write
|
||
|
1145000
|
heap
|
page read and write
|
||
|
5300000
|
heap
|
page read and write
|
||
|
6E8A000
|
heap
|
page read and write
|
||
|
7B831FD000
|
stack
|
page read and write
|
||
|
60A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
76A0000
|
heap
|
page read and write
|
||
|
32A0000
|
trusted library allocation
|
page read and write
|
||
|
5313000
|
heap
|
page read and write
|
||
|
324D000
|
trusted library allocation
|
page read and write
|
||
|
3242000
|
trusted library allocation
|
page read and write
|
||
|
1120000
|
trusted library allocation
|
page execute and read and write
|
||
|
20951A3C000
|
heap
|
page read and write
|
||
|
114E000
|
heap
|
page read and write
|
||
|
7FFD9B926000
|
trusted library allocation
|
page read and write
|
||
|
2D8E000
|
trusted library allocation
|
page read and write
|
||
|
30CF000
|
trusted library allocation
|
page read and write
|
||
|
605C000
|
heap
|
page read and write
|
||
|
62D0000
|
heap
|
page execute and read and write
|
||
|
10E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
7B835FD000
|
stack
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
7B82EFE000
|
stack
|
page read and write
|
||
|
20951C80000
|
heap
|
page read and write
|
||
|
6E7A000
|
heap
|
page read and write
|
||
|
20951C20000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7130000
|
trusted library allocation
|
page read and write
|
||
|
3EEE000
|
trusted library allocation
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
62F0000
|
trusted library allocation
|
page read and write
|
||
|
6190000
|
trusted library allocation
|
page read and write
|
||
|
2096352D000
|
trusted library allocation
|
page read and write
|
||
|
7B832FE000
|
stack
|
page read and write
|
||
|
62C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3234000
|
trusted library allocation
|
page read and write
|
||
|
2096BE60000
|
heap
|
page execute and read and write
|
||
|
2096C110000
|
heap
|
page read and write
|
||
|
3EAD000
|
trusted library allocation
|
page read and write
|
||
|
2D1C000
|
stack
|
page read and write
|
||
|
4171000
|
trusted library allocation
|
page read and write
|
||
|
7B833FE000
|
stack
|
page read and write
|
||
|
209519DC000
|
heap
|
page read and write
|
||
|
7019000
|
trusted library allocation
|
page read and write
|
||
|
20951C33000
|
trusted library allocation
|
page read and write
|
||
|
5298000
|
trusted library allocation
|
page read and write
|
||
|
10CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
65D0000
|
trusted library allocation
|
page read and write
|
||
|
1380000
|
heap
|
page execute and read and write
|
||
|
3EA8000
|
trusted library allocation
|
page read and write
|
||
|
5310000
|
heap
|
page read and write
|
||
|
322A000
|
trusted library allocation
|
page read and write
|
||
|
3263000
|
trusted library allocation
|
page read and write
|
||
|
5280000
|
trusted library allocation
|
page execute and read and write
|
||
|
647C000
|
stack
|
page read and write
|
||
|
5F80000
|
heap
|
page read and write
|
||
|
2D5D000
|
trusted library allocation
|
page read and write
|
||
|
10B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
5260000
|
heap
|
page execute and read and write
|
||
|
3319000
|
trusted library allocation
|
page read and write
|
||
|
20963531000
|
trusted library allocation
|
page read and write
|
||
|
65CE000
|
stack
|
page read and write
|
||
|
6180000
|
trusted library allocation
|
page execute and read and write
|
||
|
7650000
|
trusted library allocation
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
437000
|
remote allocation
|
page execute and read and write
|
||
|
7045000
|
trusted library allocation
|
page read and write
|
||
|
5210000
|
trusted library allocation
|
page read and write
|
||
|
7040000
|
trusted library allocation
|
page read and write
|
||
|
20951990000
|
heap
|
page read and write
|
||
|
7FF4ADE20000
|
trusted library allocation
|
page execute and read and write
|
||
|
662D000
|
stack
|
page read and write
|
There are 346 hidden memdumps, click here to show them.