Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
jsLnybSs43.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\directory\name.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\name.vbs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\newfile.exe.log
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\aut7353.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut7393.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut777A.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut7827.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\autEE7E.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\autEECE.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\demonetising
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\sulfhydric
|
ASCII text, with very long lines (29698), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\newfile\newfile.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\jsLnybSs43.exe
|
"C:\Users\user\Desktop\jsLnybSs43.exe"
|
|
|
|
C:\Users\user\AppData\Local\directory\name.exe
|
"C:\Users\user\Desktop\jsLnybSs43.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Users\user\Desktop\jsLnybSs43.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\newfile\newfile.exe
|
"C:\Users\user\AppData\Roaming\newfile\newfile.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\newfile\newfile.exe
|
"C:\Users\user\AppData\Roaming\newfile\newfile.exe"
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\name.vbs"
|
|
|
|
C:\Users\user\AppData\Local\directory\name.exe
|
"C:\Users\user\AppData\Local\directory\name.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Users\user\AppData\Local\directory\name.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://ip-api.com/line/?fields=hosting3c3
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
http://mail.jaszredony.hu
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
http://crt.comodoca.cRX
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://ip-api.com/line/?fields=hosting
|
208.95.112.1
|
||
|
http://ip-api.com
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mail.jaszredony.hu
|
178.238.222.77
|
|
|
|
ip-api.com
|
208.95.112.1
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
208.95.112.1
|
ip-api.com
|
United States
|
|
|
|
178.238.222.77
|
mail.jaszredony.hu
|
Hungary
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
newfile
|
There are 6 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2BE1000
|
trusted library allocation
|
page read and write
|
|
|
|
2C0E000
|
trusted library allocation
|
page read and write
|
|
|
|
2F7E000
|
trusted library allocation
|
page read and write
|
|
|
|
F70000
|
direct allocation
|
page read and write
|
|
|
|
36C0000
|
direct allocation
|
page read and write
|
|
|
|
2F51000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
system
|
page execute and read and write
|
|
|
|
1220000
|
heap
|
page read and write
|
||
|
5D50000
|
heap
|
page read and write
|
||
|
11B0000
|
trusted library allocation
|
page read and write
|
||
|
1117000
|
heap
|
page read and write
|
||
|
5150000
|
heap
|
page execute and read and write
|
||
|
D57000
|
trusted library allocation
|
page execute and read and write
|
||
|
26E0000
|
heap
|
page read and write
|
||
|
1089000
|
heap
|
page read and write
|
||
|
1042000
|
heap
|
page read and write
|
||
|
E00000
|
unkown
|
page write copy
|
||
|
624D000
|
stack
|
page read and write
|
||
|
2C0C000
|
trusted library allocation
|
page read and write
|
||
|
3C15000
|
trusted library allocation
|
page read and write
|
||
|
F5F000
|
stack
|
page read and write
|
||
|
F74000
|
trusted library allocation
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
2BBC000
|
trusted library allocation
|
page read and write
|
||
|
17CA000
|
heap
|
page read and write
|
||
|
538E000
|
trusted library allocation
|
page read and write
|
||
|
D31000
|
unkown
|
page execute read
|
||
|
4209000
|
direct allocation
|
page read and write
|
||
|
3BF4000
|
heap
|
page read and write
|
||
|
DFC000
|
unkown
|
page read and write
|
||
|
5A68000
|
trusted library allocation
|
page read and write
|
||
|
D30000
|
unkown
|
page readonly
|
||
|
286879E0000
|
heap
|
page read and write
|
||
|
1957000
|
heap
|
page read and write
|
||
|
10A8000
|
heap
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
11E9000
|
heap
|
page read and write
|
||
|
1B45000
|
heap
|
page read and write
|
||
|
1971000
|
heap
|
page read and write
|
||
|
A3E000
|
stack
|
page read and write
|
||
|
15BF000
|
stack
|
page read and write
|
||
|
870000
|
unkown
|
page readonly
|
||
|
5570000
|
trusted library allocation
|
page read and write
|
||
|
7D9000
|
stack
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
2BB1000
|
trusted library allocation
|
page read and write
|
||
|
1980000
|
heap
|
page read and write
|
||
|
B4A000
|
heap
|
page read and write
|
||
|
2F1E000
|
stack
|
page read and write
|
||
|
2AEB000
|
trusted library allocation
|
page read and write
|
||
|
6CD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
175F000
|
heap
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
1018000
|
heap
|
page read and write
|
||
|
19A9000
|
heap
|
page read and write
|
||
|
6340000
|
trusted library allocation
|
page read and write
|
||
|
117E000
|
stack
|
page read and write
|
||
|
53DE000
|
stack
|
page read and write
|
||
|
2996000
|
trusted library allocation
|
page read and write
|
||
|
F70000
|
trusted library allocation
|
page read and write
|
||
|
CEE000
|
stack
|
page read and write
|
||
|
17A7000
|
heap
|
page read and write
|
||
|
3A3E000
|
direct allocation
|
page read and write
|
||
|
1077000
|
heap
|
page read and write
|
||
|
39C9000
|
direct allocation
|
page read and write
|
||
|
543F000
|
stack
|
page read and write
|
||
|
2980000
|
trusted library allocation
|
page read and write
|
||
|
3A8E000
|
direct allocation
|
page read and write
|
||
|
2994000
|
trusted library allocation
|
page read and write
|
||
|
539E000
|
stack
|
page read and write
|
||
|
4063000
|
direct allocation
|
page read and write
|
||
|
3700000
|
direct allocation
|
page read and write
|
||
|
1753000
|
heap
|
page read and write
|
||
|
40E0000
|
direct allocation
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
1963000
|
heap
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
1033000
|
heap
|
page read and write
|
||
|
E5A000
|
stack
|
page read and write
|
||
|
1008000
|
heap
|
page read and write
|
||
|
6790000
|
trusted library allocation
|
page read and write
|
||
|
F7F000
|
stack
|
page read and write
|
||
|
2AFE000
|
trusted library allocation
|
page read and write
|
||
|
96C8BFE000
|
stack
|
page read and write
|
||
|
3873000
|
direct allocation
|
page read and write
|
||
|
B28000
|
heap
|
page read and write
|
||
|
1797000
|
heap
|
page read and write
|
||
|
10AA000
|
heap
|
page read and write
|
||
|
BEC000
|
heap
|
page read and write
|
||
|
FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AFA000
|
trusted library allocation
|
page read and write
|
||
|
18CB000
|
heap
|
page read and write
|
||
|
38A0000
|
direct allocation
|
page read and write
|
||
|
BF3000
|
heap
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
51EC000
|
stack
|
page read and write
|
||
|
39CD000
|
direct allocation
|
page read and write
|
||
|
5030000
|
trusted library allocation
|
page read and write
|
||
|
4063000
|
direct allocation
|
page read and write
|
||
|
11DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
E43000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B12000
|
trusted library allocation
|
page read and write
|
||
|
1B35000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
F10000
|
unkown
|
page readonly
|
||
|
3F86000
|
trusted library allocation
|
page read and write
|
||
|
1962000
|
heap
|
page read and write
|
||
|
28687A16000
|
heap
|
page read and write
|
||
|
11DD000
|
heap
|
page read and write
|
||
|
3A3E000
|
direct allocation
|
page read and write
|
||
|
17A9000
|
heap
|
page read and write
|
||
|
10BF000
|
heap
|
page read and write
|
||
|
DF2000
|
unkown
|
page readonly
|
||
|
E04000
|
unkown
|
page readonly
|
||
|
10C3000
|
heap
|
page read and write
|
||
|
6780000
|
trusted library allocation
|
page read and write
|
||
|
11D0000
|
trusted library allocation
|
page read and write
|
||
|
122C000
|
heap
|
page read and write
|
||
|
427E000
|
direct allocation
|
page read and write
|
||
|
175F000
|
heap
|
page read and write
|
||
|
116E000
|
heap
|
page read and write
|
||
|
D4A000
|
trusted library allocation
|
page execute and read and write
|
||
|
427E000
|
direct allocation
|
page read and write
|
||
|
121B000
|
heap
|
page read and write
|
||
|
2D50000
|
heap
|
page execute and read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
5382000
|
trusted library allocation
|
page read and write
|
||
|
38A0000
|
direct allocation
|
page read and write
|
||
|
1B56000
|
heap
|
page read and write
|
||
|
667D000
|
stack
|
page read and write
|
||
|
420D000
|
direct allocation
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
533F000
|
stack
|
page read and write
|
||
|
54EE000
|
stack
|
page read and write
|
||
|
1032000
|
heap
|
page read and write
|
||
|
2FA2000
|
trusted library allocation
|
page read and write
|
||
|
13FF000
|
stack
|
page read and write
|
||
|
1845000
|
heap
|
page read and write
|
||
|
296F000
|
stack
|
page read and write
|
||
|
2BEE000
|
stack
|
page read and write
|
||
|
19BA000
|
heap
|
page read and write
|
||
|
7F770000
|
trusted library allocation
|
page execute and read and write
|
||
|
11F0000
|
trusted library allocation
|
page read and write
|
||
|
6690000
|
trusted library allocation
|
page execute and read and write
|
||
|
105F000
|
heap
|
page read and write
|
||
|
11CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
1957000
|
heap
|
page read and write
|
||
|
96C84FA000
|
stack
|
page read and write
|
||
|
110E000
|
stack
|
page read and write
|
||
|
12C9000
|
heap
|
page read and write
|
||
|
537E000
|
trusted library allocation
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
2970000
|
trusted library allocation
|
page read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
5587000
|
trusted library allocation
|
page read and write
|
||
|
6C40000
|
trusted library allocation
|
page read and write
|
||
|
541C000
|
stack
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
529E000
|
stack
|
page read and write
|
||
|
3873000
|
direct allocation
|
page read and write
|
||
|
29A0000
|
trusted library allocation
|
page read and write
|
||
|
3750000
|
direct allocation
|
page read and write
|
||
|
90C000
|
stack
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
A6F000
|
stack
|
page read and write
|
||
|
28689500000
|
heap
|
page read and write
|
||
|
40E0000
|
direct allocation
|
page read and write
|
||
|
ED0000
|
direct allocation
|
page execute and read and write
|
||
|
5370000
|
trusted library allocation
|
page read and write
|
||
|
63FD000
|
stack
|
page read and write
|
||
|
15DB000
|
stack
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
1164000
|
heap
|
page read and write
|
||
|
12FC000
|
heap
|
page read and write
|
||
|
6250000
|
trusted library allocation
|
page execute and read and write
|
||
|
5DD3000
|
heap
|
page read and write
|
||
|
B58000
|
heap
|
page read and write
|
||
|
39CD000
|
direct allocation
|
page read and write
|
||
|
66BE000
|
stack
|
page read and write
|
||
|
42DE000
|
direct allocation
|
page read and write
|
||
|
101E000
|
stack
|
page read and write
|
||
|
1135000
|
heap
|
page read and write
|
||
|
517E000
|
stack
|
page read and write
|
||
|
CFA000
|
stack
|
page read and write
|
||
|
10CA000
|
stack
|
page read and write
|
||
|
F10000
|
unkown
|
page readonly
|
||
|
6ED0000
|
heap
|
page read and write
|
||
|
F11000
|
unkown
|
page execute read
|
||
|
1F1E000
|
stack
|
page read and write
|
||
|
11F7000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F40000
|
direct allocation
|
page read and write
|
||
|
2F7C000
|
trusted library allocation
|
page read and write
|
||
|
4F6E000
|
stack
|
page read and write
|
||
|
1920000
|
heap
|
page read and write
|
||
|
D70000
|
trusted library allocation
|
page read and write
|
||
|
525E000
|
stack
|
page read and write
|
||
|
A5B000
|
stack
|
page read and write
|
||
|
2C20000
|
trusted library allocation
|
page read and write
|
||
|
DBE000
|
stack
|
page read and write
|
||
|
E30000
|
trusted library allocation
|
page read and write
|
||
|
1A47000
|
heap
|
page read and write
|
||
|
E55000
|
heap
|
page read and write
|
||
|
2BF1000
|
trusted library allocation
|
page read and write
|
||
|
96C8EFF000
|
stack
|
page read and write
|
||
|
BB6000
|
heap
|
page read and write
|
||
|
17A9000
|
heap
|
page read and write
|
||
|
501D000
|
stack
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
41D0000
|
direct allocation
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
12E4000
|
heap
|
page read and write
|
||
|
106B000
|
heap
|
page read and write
|
||
|
4209000
|
direct allocation
|
page read and write
|
||
|
1297000
|
heap
|
page read and write
|
||
|
2F21000
|
trusted library allocation
|
page read and write
|
||
|
B3E000
|
heap
|
page read and write
|
||
|
10AA000
|
heap
|
page read and write
|
||
|
DCC000
|
unkown
|
page readonly
|
||
|
537B000
|
trusted library allocation
|
page read and write
|
||
|
117E000
|
stack
|
page read and write
|
||
|
DCC000
|
unkown
|
page readonly
|
||
|
2AE6000
|
trusted library allocation
|
page read and write
|
||
|
DFC000
|
unkown
|
page write copy
|
||
|
FD0000
|
heap
|
page execute and read and write
|
||
|
51BE000
|
stack
|
page read and write
|
||
|
1798000
|
heap
|
page read and write
|
||
|
1938000
|
heap
|
page read and write
|
||
|
2AE0000
|
trusted library allocation
|
page read and write
|
||
|
E04000
|
unkown
|
page readonly
|
||
|
FFE000
|
stack
|
page read and write
|
||
|
CE0000
|
direct allocation
|
page execute and read and write
|
||
|
17FF000
|
stack
|
page read and write
|
||
|
E04000
|
unkown
|
page readonly
|
||
|
FAC000
|
unkown
|
page readonly
|
||
|
54D3000
|
heap
|
page read and write
|
||
|
B39000
|
stack
|
page read and write
|
||
|
D42000
|
trusted library allocation
|
page read and write
|
||
|
11F5000
|
trusted library allocation
|
page execute and read and write
|
||
|
17FF000
|
stack
|
page read and write
|
||
|
D30000
|
unkown
|
page readonly
|
||
|
F11000
|
unkown
|
page execute read
|
||
|
1B46000
|
heap
|
page read and write
|
||
|
3750000
|
direct allocation
|
page read and write
|
||
|
5A60000
|
trusted library allocation
|
page read and write
|
||
|
E43000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AF2000
|
trusted library allocation
|
page read and write
|
||
|
67A000
|
stack
|
page read and write
|
||
|
29D0000
|
heap
|
page read and write
|
||
|
252E000
|
stack
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
123B000
|
heap
|
page read and write
|
||
|
FE0000
|
unkown
|
page write copy
|
||
|
28687C25000
|
heap
|
page read and write
|
||
|
D55000
|
trusted library allocation
|
page execute and read and write
|
||
|
DF2000
|
unkown
|
page readonly
|
||
|
4FD8000
|
trusted library allocation
|
page read and write
|
||
|
1854000
|
heap
|
page read and write
|
||
|
2E10000
|
heap
|
page read and write
|
||
|
1310000
|
trusted library allocation
|
page read and write
|
||
|
DCC000
|
unkown
|
page readonly
|
||
|
513E000
|
stack
|
page read and write
|
||
|
5A87000
|
trusted library allocation
|
page read and write
|
||
|
3BD9000
|
trusted library allocation
|
page read and write
|
||
|
286898A0000
|
heap
|
page read and write
|
||
|
1079000
|
heap
|
page read and write
|
||
|
19DA000
|
heap
|
page read and write
|
||
|
1980000
|
heap
|
page read and write
|
||
|
E54000
|
trusted library allocation
|
page read and write
|
||
|
1078000
|
heap
|
page read and write
|
||
|
17CF000
|
stack
|
page read and write
|
||
|
2F7A000
|
trusted library allocation
|
page read and write
|
||
|
19DB000
|
heap
|
page read and write
|
||
|
BE8000
|
heap
|
page read and write
|
||
|
1239000
|
heap
|
page read and write
|
||
|
1B55000
|
heap
|
page read and write
|
||
|
6C80000
|
heap
|
page read and write
|
||
|
2AEE000
|
trusted library allocation
|
page read and write
|
||
|
2700000
|
heap
|
page read and write
|
||
|
FDC000
|
unkown
|
page read and write
|
||
|
10AA000
|
heap
|
page read and write
|
||
|
5FCD000
|
stack
|
page read and write
|
||
|
2C14000
|
trusted library allocation
|
page read and write
|
||
|
FE4000
|
unkown
|
page readonly
|
||
|
1926000
|
heap
|
page read and write
|
||
|
E5D000
|
trusted library allocation
|
page execute and read and write
|
||
|
19FA000
|
heap
|
page read and write
|
||
|
DFC000
|
unkown
|
page write copy
|
||
|
1947000
|
heap
|
page read and write
|
||
|
4FAE000
|
stack
|
page read and write
|
||
|
19B8000
|
heap
|
page read and write
|
||
|
C04000
|
heap
|
page read and write
|
||
|
1720000
|
heap
|
page read and write
|
||
|
6260000
|
trusted library allocation
|
page execute and read and write
|
||
|
3700000
|
direct allocation
|
page read and write
|
||
|
5DAC000
|
heap
|
page read and write
|
||
|
591F000
|
stack
|
page read and write
|
||
|
11EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
653E000
|
stack
|
page read and write
|
||
|
DF2000
|
unkown
|
page readonly
|
||
|
F87000
|
trusted library allocation
|
page execute and read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
54E0000
|
heap
|
page read and write
|
||
|
1023000
|
heap
|
page read and write
|
||
|
E0E000
|
stack
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
10B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
18F0000
|
heap
|
page read and write
|
||
|
2D40000
|
trusted library allocation
|
page execute and read and write
|
||
|
6C50000
|
trusted library allocation
|
page read and write
|
||
|
53A2000
|
trusted library allocation
|
page read and write
|
||
|
65BE000
|
stack
|
page read and write
|
||
|
7EE30000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BE1000
|
trusted library allocation
|
page read and write
|
||
|
553F000
|
stack
|
page read and write
|
||
|
6180000
|
heap
|
page read and write
|
||
|
872000
|
unkown
|
page readonly
|
||
|
595E000
|
stack
|
page read and write
|
||
|
9BE000
|
stack
|
page read and write
|
||
|
D31000
|
unkown
|
page execute read
|
||
|
4209000
|
direct allocation
|
page read and write
|
||
|
4209000
|
direct allocation
|
page read and write
|
||
|
D30000
|
trusted library allocation
|
page read and write
|
||
|
2C22000
|
trusted library allocation
|
page read and write
|
||
|
38F0000
|
direct allocation
|
page read and write
|
||
|
F97000
|
trusted library allocation
|
page execute and read and write
|
||
|
123A000
|
heap
|
page read and write
|
||
|
D30000
|
unkown
|
page readonly
|
||
|
2F9E000
|
trusted library allocation
|
page read and write
|
||
|
19C9000
|
heap
|
page read and write
|
||
|
56DC000
|
stack
|
page read and write
|
||
|
212E000
|
stack
|
page read and write
|
||
|
2C2E000
|
trusted library allocation
|
page read and write
|
||
|
120F000
|
heap
|
page read and write
|
||
|
1300000
|
trusted library allocation
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
54C0000
|
heap
|
page read and write
|
||
|
19B9000
|
heap
|
page read and write
|
||
|
57DE000
|
stack
|
page read and write
|
||
|
E00000
|
unkown
|
page write copy
|
||
|
11D5000
|
heap
|
page read and write
|
||
|
39CD000
|
direct allocation
|
page read and write
|
||
|
CF0000
|
direct allocation
|
page read and write
|
||
|
5A5F000
|
stack
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
E44000
|
trusted library allocation
|
page read and write
|
||
|
103C000
|
stack
|
page read and write
|
||
|
5A80000
|
trusted library allocation
|
page read and write
|
||
|
14FE000
|
stack
|
page read and write
|
||
|
FD8000
|
trusted library allocation
|
page read and write
|
||
|
FE4000
|
unkown
|
page readonly
|
||
|
28687BE0000
|
heap
|
page read and write
|
||
|
3A8E000
|
direct allocation
|
page read and write
|
||
|
3BF1000
|
trusted library allocation
|
page read and write
|
||
|
6800000
|
trusted library allocation
|
page read and write
|
||
|
2BDE000
|
stack
|
page read and write
|
||
|
5DCA000
|
heap
|
page read and write
|
||
|
FAC000
|
unkown
|
page readonly
|
||
|
123F000
|
stack
|
page read and write
|
||
|
114F000
|
heap
|
page read and write
|
||
|
1B60000
|
heap
|
page read and write
|
||
|
123A000
|
heap
|
page read and write
|
||
|
15EF000
|
stack
|
page read and write
|
||
|
175A000
|
heap
|
page read and write
|
||
|
E30000
|
trusted library allocation
|
page read and write
|
||
|
11A5000
|
heap
|
page read and write
|
||
|
FD2000
|
unkown
|
page readonly
|
||
|
6850000
|
heap
|
page read and write
|
||
|
17A7000
|
heap
|
page read and write
|
||
|
28687AE0000
|
heap
|
page read and write
|
||
|
4FD0000
|
trusted library allocation
|
page read and write
|
||
|
3823000
|
direct allocation
|
page read and write
|
||
|
5376000
|
trusted library allocation
|
page read and write
|
||
|
4209000
|
direct allocation
|
page read and write
|
||
|
F7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
26D0000
|
direct allocation
|
page execute and read and write
|
||
|
17BF000
|
stack
|
page read and write
|
||
|
39C9000
|
direct allocation
|
page read and write
|
||
|
3750000
|
direct allocation
|
page read and write
|
||
|
D10000
|
trusted library allocation
|
page read and write
|
||
|
1938000
|
heap
|
page read and write
|
||
|
420D000
|
direct allocation
|
page read and write
|
||
|
D31000
|
unkown
|
page execute read
|
||
|
42D1000
|
direct allocation
|
page read and write
|
||
|
D20000
|
trusted library allocation
|
page read and write
|
||
|
96C85FF000
|
stack
|
page read and write
|
||
|
3A8E000
|
direct allocation
|
page read and write
|
||
|
19A8000
|
heap
|
page read and write
|
||
|
BFE000
|
stack
|
page read and write
|
||
|
40E0000
|
direct allocation
|
page read and write
|
||
|
28687C20000
|
heap
|
page read and write
|
||
|
F9B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5360000
|
trusted library allocation
|
page read and write
|
||
|
107A000
|
heap
|
page read and write
|
||
|
308F000
|
trusted library allocation
|
page read and write
|
||
|
620E000
|
stack
|
page read and write
|
||
|
231E000
|
stack
|
page read and write
|
||
|
52EF000
|
stack
|
page read and write
|
||
|
2D3C000
|
stack
|
page read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
66A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
427E000
|
direct allocation
|
page read and write
|
||
|
1089000
|
heap
|
page read and write
|
||
|
1947000
|
heap
|
page read and write
|
||
|
3A1D000
|
direct allocation
|
page read and write
|
||
|
3F40000
|
direct allocation
|
page read and write
|
||
|
617C000
|
stack
|
page read and write
|
||
|
1953000
|
heap
|
page read and write
|
||
|
12E0000
|
trusted library allocation
|
page read and write
|
||
|
B55000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
11C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2ADD000
|
stack
|
page read and write
|
||
|
E4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F40000
|
direct allocation
|
page read and write
|
||
|
3BF0000
|
heap
|
page read and write
|
||
|
196B000
|
heap
|
page read and write
|
||
|
17CB000
|
heap
|
page read and write
|
||
|
1048000
|
heap
|
page read and write
|
||
|
4FE0000
|
heap
|
page execute and read and write
|
||
|
1186000
|
heap
|
page read and write
|
||
|
DF2000
|
unkown
|
page readonly
|
||
|
C50000
|
heap
|
page read and write
|
||
|
B96000
|
heap
|
page read and write
|
||
|
10C9000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
320F000
|
stack
|
page read and write
|
||
|
1930000
|
heap
|
page read and write
|
||
|
2B5C000
|
stack
|
page read and write
|
||
|
1042000
|
heap
|
page read and write
|
||
|
1208000
|
heap
|
page read and write
|
||
|
3BB1000
|
trusted library allocation
|
page read and write
|
||
|
10AC000
|
stack
|
page read and write
|
||
|
96C89FE000
|
stack
|
page read and write
|
||
|
96C8FFB000
|
stack
|
page read and write
|
||
|
3A1D000
|
direct allocation
|
page read and write
|
||
|
124A000
|
heap
|
page read and write
|
||
|
E0E000
|
stack
|
page read and write
|
||
|
87A000
|
unkown
|
page readonly
|
||
|
6D9000
|
stack
|
page read and write
|
||
|
1728000
|
heap
|
page read and write
|
||
|
1A79000
|
heap
|
page read and write
|
||
|
15CE000
|
stack
|
page read and write
|
||
|
1032000
|
heap
|
page read and write
|
||
|
3F40000
|
direct allocation
|
page read and write
|
||
|
FB0000
|
heap
|
page execute and read and write
|
||
|
CFA000
|
stack
|
page read and write
|
||
|
E75000
|
heap
|
page read and write
|
||
|
54DF000
|
stack
|
page read and write
|
||
|
11FB000
|
trusted library allocation
|
page execute and read and write
|
||
|
19DA000
|
heap
|
page read and write
|
||
|
96C8DFF000
|
stack
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
FD2000
|
unkown
|
page readonly
|
||
|
2F84000
|
trusted library allocation
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
2B90000
|
heap
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
39C9000
|
direct allocation
|
page read and write
|
||
|
38F0000
|
direct allocation
|
page read and write
|
||
|
4063000
|
direct allocation
|
page read and write
|
||
|
D24000
|
trusted library allocation
|
page read and write
|
||
|
3F40000
|
direct allocation
|
page read and write
|
||
|
539D000
|
trusted library allocation
|
page read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
53EE000
|
stack
|
page read and write
|
||
|
2BA0000
|
heap
|
page execute and read and write
|
||
|
D52000
|
trusted library allocation
|
page read and write
|
||
|
11F2000
|
trusted library allocation
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
D31000
|
unkown
|
page execute read
|
||
|
17EA000
|
heap
|
page read and write
|
||
|
3700000
|
direct allocation
|
page read and write
|
||
|
607E000
|
stack
|
page read and write
|
||
|
4CEE000
|
stack
|
page read and write
|
||
|
19DA000
|
heap
|
page read and write
|
||
|
62FE000
|
stack
|
page read and write
|
||
|
121B000
|
heap
|
page read and write
|
||
|
3A19000
|
direct allocation
|
page read and write
|
||
|
1042000
|
heap
|
page read and write
|
||
|
1340000
|
heap
|
page read and write
|
||
|
17CA000
|
heap
|
page read and write
|
||
|
E04000
|
unkown
|
page readonly
|
||
|
2D68000
|
trusted library allocation
|
page read and write
|
||
|
6820000
|
heap
|
page read and write
|
||
|
D40000
|
trusted library allocation
|
page read and write
|
||
|
5DA1000
|
heap
|
page read and write
|
||
|
1971000
|
heap
|
page read and write
|
||
|
2990000
|
trusted library allocation
|
page read and write
|
||
|
5230000
|
heap
|
page execute and read and write
|
||
|
50D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
420D000
|
direct allocation
|
page read and write
|
||
|
17EF000
|
stack
|
page read and write
|
||
|
53C0000
|
trusted library allocation
|
page read and write
|
||
|
28687A44000
|
heap
|
page read and write
|
||
|
103B000
|
heap
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
17CA000
|
heap
|
page read and write
|
||
|
12F0000
|
heap
|
page read and write
|
||
|
610E000
|
stack
|
page read and write
|
||
|
10AB000
|
heap
|
page read and write
|
||
|
54D0000
|
heap
|
page read and write
|
||
|
2B0D000
|
trusted library allocation
|
page read and write
|
||
|
5391000
|
trusted library allocation
|
page read and write
|
||
|
19DA000
|
heap
|
page read and write
|
||
|
D46000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FF0000
|
heap
|
page read and write
|
||
|
1064000
|
heap
|
page read and write
|
||
|
123C000
|
heap
|
page read and write
|
||
|
F59000
|
stack
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
D14000
|
heap
|
page read and write
|
||
|
557D000
|
trusted library allocation
|
page read and write
|
||
|
3F49000
|
trusted library allocation
|
page read and write
|
||
|
5A7D000
|
trusted library allocation
|
page read and write
|
||
|
176E000
|
heap
|
page read and write
|
||
|
5490000
|
heap
|
page execute and read and write
|
||
|
10AA000
|
heap
|
page read and write
|
||
|
2CB0000
|
trusted library allocation
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
4210000
|
direct allocation
|
page read and write
|
||
|
D2E000
|
stack
|
page read and write
|
||
|
122C000
|
heap
|
page read and write
|
||
|
12EA000
|
heap
|
page read and write
|
||
|
427E000
|
direct allocation
|
page read and write
|
||
|
3823000
|
direct allocation
|
page read and write
|
||
|
17DB000
|
stack
|
page read and write
|
||
|
427E000
|
direct allocation
|
page read and write
|
||
|
5396000
|
trusted library allocation
|
page read and write
|
||
|
6C3E000
|
stack
|
page read and write
|
||
|
4063000
|
direct allocation
|
page read and write
|
||
|
1064000
|
heap
|
page read and write
|
||
|
53B0000
|
trusted library allocation
|
page read and write
|
||
|
17BA000
|
heap
|
page read and write
|
||
|
A75000
|
heap
|
page read and write
|
||
|
18F4000
|
heap
|
page read and write
|
||
|
3A3E000
|
direct allocation
|
page read and write
|
||
|
1743000
|
heap
|
page read and write
|
||
|
5D5D000
|
heap
|
page read and write
|
||
|
420D000
|
direct allocation
|
page read and write
|
||
|
427E000
|
direct allocation
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
29B0000
|
heap
|
page read and write
|
||
|
64FE000
|
stack
|
page read and write
|
||
|
4F2E000
|
stack
|
page read and write
|
||
|
1A57000
|
heap
|
page read and write
|
||
|
124C000
|
heap
|
page read and write
|
||
|
17AA000
|
heap
|
page read and write
|
||
|
538A000
|
trusted library allocation
|
page read and write
|
||
|
1A9E000
|
heap
|
page read and write
|
||
|
D3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1948000
|
heap
|
page read and write
|
||
|
190C000
|
heap
|
page read and write
|
||
|
3A1D000
|
direct allocation
|
page read and write
|
||
|
17B8000
|
heap
|
page read and write
|
||
|
11C0000
|
trusted library allocation
|
page read and write
|
||
|
6810000
|
trusted library allocation
|
page read and write
|
||
|
3A19000
|
direct allocation
|
page read and write
|
||
|
C9E000
|
stack
|
page read and write
|
||
|
DCC000
|
unkown
|
page readonly
|
||
|
17C9000
|
heap
|
page read and write
|
||
|
1980000
|
heap
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
29B3000
|
heap
|
page read and write
|
||
|
4063000
|
direct allocation
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
3873000
|
direct allocation
|
page read and write
|
||
|
420D000
|
direct allocation
|
page read and write
|
||
|
103B000
|
heap
|
page read and write
|
||
|
92C000
|
stack
|
page read and write
|
||
|
4209000
|
direct allocation
|
page read and write
|
||
|
673F000
|
stack
|
page read and write
|
||
|
1099000
|
heap
|
page read and write
|
||
|
11E6000
|
trusted library allocation
|
page execute and read and write
|
||
|
A4E000
|
stack
|
page read and write
|
||
|
D30000
|
unkown
|
page readonly
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
10C6000
|
heap
|
page read and write
|
||
|
F8B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B06000
|
trusted library allocation
|
page read and write
|
||
|
5050000
|
trusted library allocation
|
page execute and read and write
|
||
|
511E000
|
stack
|
page read and write
|
||
|
4CDE000
|
stack
|
page read and write
|
||
|
6357000
|
trusted library allocation
|
page read and write
|
||
|
9DE000
|
stack
|
page read and write
|
||
|
123F000
|
stack
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
FDC000
|
unkown
|
page write copy
|
||
|
15FF000
|
stack
|
page read and write
|
||
|
10CA000
|
heap
|
page read and write
|
||
|
6350000
|
trusted library allocation
|
page read and write
|
||
|
3BE1000
|
trusted library allocation
|
page read and write
|
||
|
D2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
11BD000
|
stack
|
page read and write
|
||
|
3F21000
|
trusted library allocation
|
page read and write
|
||
|
3823000
|
direct allocation
|
page read and write
|
||
|
127E000
|
heap
|
page read and write
|
||
|
2CFE000
|
stack
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
1048000
|
heap
|
page read and write
|
||
|
D23000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B01000
|
trusted library allocation
|
page read and write
|
||
|
5A70000
|
trusted library allocation
|
page read and write
|
||
|
106A000
|
heap
|
page read and write
|
||
|
1B64000
|
heap
|
page read and write
|
||
|
19D8000
|
heap
|
page read and write
|
||
|
11C4000
|
trusted library allocation
|
page read and write
|
||
|
6B3E000
|
stack
|
page read and write
|
||
|
12F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
E50000
|
trusted library allocation
|
page read and write
|
||
|
1938000
|
heap
|
page read and write
|
||
|
6797000
|
trusted library allocation
|
page read and write
|
||
|
133C000
|
stack
|
page read and write
|
||
|
38A0000
|
direct allocation
|
page read and write
|
||
|
2C32000
|
trusted library allocation
|
page read and write
|
||
|
5580000
|
trusted library allocation
|
page read and write
|
||
|
663E000
|
stack
|
page read and write
|
||
|
40E0000
|
direct allocation
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
DFC000
|
unkown
|
page read and write
|
||
|
11E0000
|
trusted library allocation
|
page read and write
|
||
|
547E000
|
stack
|
page read and write
|
||
|
4063000
|
direct allocation
|
page read and write
|
||
|
17A7000
|
heap
|
page read and write
|
||
|
420D000
|
direct allocation
|
page read and write
|
||
|
6A30000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A19000
|
direct allocation
|
page read and write
|
||
|
1B55000
|
heap
|
page read and write
|
||
|
96C8CFE000
|
stack
|
page read and write
|
||
|
A7F000
|
stack
|
page read and write
|
||
|
2F91000
|
trusted library allocation
|
page read and write
|
||
|
D5B000
|
trusted library allocation
|
page execute and read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
60CF000
|
stack
|
page read and write
|
||
|
10AA000
|
heap
|
page read and write
|
||
|
581E000
|
stack
|
page read and write
|
||
|
3F40000
|
direct allocation
|
page read and write
|
||
|
96C88FF000
|
stack
|
page read and write
|
||
|
40E0000
|
direct allocation
|
page read and write
|
||
|
96C86FE000
|
stack
|
page read and write
|
||
|
38F0000
|
direct allocation
|
page read and write
|
||
|
28687BC0000
|
heap
|
page read and write
|
||
|
40E0000
|
direct allocation
|
page read and write
|
||
|
11E2000
|
trusted library allocation
|
page read and write
|
There are 639 hidden memdumps, click here to show them.