Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
GJRX21GBj3.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\H0840I45
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 8
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\GJRX21GBj3.exe
|
"C:\Users\user\Desktop\GJRX21GBj3.exe"
|
|
|
|
C:\Windows\System32\svchost.exe
|
"C:\Windows\System32\svchost.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe"
|
|
|
|
C:\Program Files (x86)\IOfMKDBObDNcoFXmnQFfpHnZMkYQTQoWbtTYIbmdlDZwBcxOaxyRzLAJiwAkei\pMYZJWoDTJXnmaTJMCEeAnzIbNV.exe
|
"C:\Program Files (x86)\IOfMKDBObDNcoFXmnQFfpHnZMkYQTQoWbtTYIbmdlDZwBcxOaxyRzLAJiwAkei\pMYZJWoDTJXnmaTJMCEeAnzIbNV.exe"
|
|
|
|
C:\Windows\SysWOW64\findstr.exe
|
"C:\Windows\SysWOW64\findstr.exe"
|
|
|
|
C:\Program Files (x86)\IOfMKDBObDNcoFXmnQFfpHnZMkYQTQoWbtTYIbmdlDZwBcxOaxyRzLAJiwAkei\pMYZJWoDTJXnmaTJMCEeAnzIbNV.exe
|
"C:\Program Files (x86)\IOfMKDBObDNcoFXmnQFfpHnZMkYQTQoWbtTYIbmdlDZwBcxOaxyRzLAJiwAkei\pMYZJWoDTJXnmaTJMCEeAnzIbNV.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.valerieomage.com/c7rq/?k06T=httm3UUwH6NnwSQhbzeVca8kqE5bj6YPstl+OFvVeu4EU857dyc7w4+qhgXRMO7PTzi/X2HMMMtdNC+wv2+smLAouLcyIEijMeq9ccv2ntai0EWGFrkjFC0U/c7k/DTDLA==&rz=LZsl-bkp-XfXeRLp
|
23.227.38.74
|
|
|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
http://www.mg55aa.xyz/7npk/
|
35.241.34.216
|
||
|
https://download.quark.cn/download/quarkpc?platform=android&ch=pcquark
|
unknown
|
||
|
https://g.alicdn.com/woodpeckerx/jssdk/plugins/performance.js
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://g.alicdn.com/woodpeckerx/jssdk/plugins/globalerror.js
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
http://www.siteblogoficialon.com/xti2/
|
108.179.193.98
|
||
|
https://aka.ms/nativeaot-c
|
unknown
|
||
|
https://valerieomage.com/c7rq?k06T=httm3UUwH6NnwSQhbzeVca8kqE5bj6YPstl
|
unknown
|
||
|
https://aka.ms/nativeaot-compatibilityy
|
unknown
|
||
|
https://track.uc.cn/collect
|
unknown
|
||
|
http://www.lacemalt.top/tb8p/
|
203.161.55.102
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://www.kosherphonestore.com/ktbm/?k06T=dCS0byWQIzTRzJnjmD3PHvju9v1sRk6AuoksZ/9OoI4xLWFKRKixtkji
|
unknown
|
||
|
http://www.kosherphonestore.com/ktbm/
|
84.32.84.130
|
||
|
http://www.lacemalt.top/tb8p/?k06T=qOKUC29yX8oZAlbJDfcpCLzpMPZC9WFwxrZXgt1GanD4ODtcEeVG6I3ogONv/wZG3CcBcKt2BHXhpUQRSUiI6LSlbUKGOe5tpqy+YL001eRQtx2Jgk6C84cNpUHQ9eTwUQ==&rz=LZsl-bkp-XfXeRLp
|
203.161.55.102
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
http://www.mybodyradar.net/nml2/
|
3.33.130.190
|
||
|
https://image.uc.cn/s/uae/g/3o/berg/static/archer_index.e96dc6dc6863835f4ad0.js
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
http://www.cwgehkk.store/kwl6/
|
43.155.26.241
|
||
|
http://www.lavillitadepapa.com
|
unknown
|
||
|
https://www.siteblogoficialon.com/xti2/?k06T=QBz94yBRYCLuyG0lRWVoJ262XBKS6lrDLuuKlraC8
|
unknown
|
||
|
https://hm.baidu.com/hm.js?
|
unknown
|
||
|
https://aka.ms/nativeaot-compatibility
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://aka.ms/nativeaot-compatibilityY
|
unknown
|
||
|
http://www.mg55aa.xyz/7npk/?rz=LZsl-bkp-XfXeRLp&k06T=3lhlChS8FYnXqyMl6DrMwk16pFUOD90SHj/DecBTIjGSaQxy34ZC87B+/wA+Ty9En/TQ2WIUU2NJwAlG0p0MOprHpEJhuLS8Xg3IfDdoqaVi1Ch1kdwH1TvR7mgJgyRVyQ==
|
35.241.34.216
|
||
|
https://g.alicdn.com/woodpeckerx/jssdk/wpkReporter.js
|
unknown
|
||
|
https://aka.ms/GlobalizationInvariantMode
|
unknown
|
||
|
http://www.lavillitadepapa.com/i1fz/
|
74.208.46.171
|
||
|
http://www.siteblogoficialon.com/xti2/?k06T=QBz94yBRYCLuyG0lRWVoJ262XBKS6lrDLuuKlraC8+h4eo3ZkplyB9kY6zupybd5FXB5boaSfX9kd7InJ4l2/UGXXDPdESA3G681NsEYfip50N0NMaShmTLM2x7hQcZfKg==&rz=LZsl-bkp-XfXeRLp
|
108.179.193.98
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
http://www.cwgehkk.store/kwl6/?k06T=a60HvCvUhLiFhuUSc8WrKARCzXFsQAvffUZBz2uIU9nHYJX4NGLIPasF9EYqD4O1NmBy69LXG4mImYvzxGn1S/csb+glCs2OenUaXJQynPXKXRJsgC/umNodRP7idNP7JA==&rz=LZsl-bkp-XfXeRLp
|
43.155.26.241
|
||
|
https://image.uc.cn/s/uae/g/3o/berg/static/index.c4bc5b38d870fecd8a1f.css
|
unknown
|
||
|
http://www.kosherphonestore.com/ktbm/?k06T=dCS0byWQIzTRzJnjmD3PHvju9v1sRk6AuoksZ/9OoI4xLWFKRKixtkjiz3Hv37r9oCCf0bTqtzy4xv37G1SgBfWJK+jN8eMH36uauFGPXBOtm3yBDVUMLLFQh/MQ7JKdaw==&rz=LZsl-bkp-XfXeRLp
|
84.32.84.130
|
There are 29 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
shops.myshopify.com
|
23.227.38.74
|
|
|
|
www.gospelstudygroup.org
|
unknown
|
|
|
|
www.amkmos.online
|
unknown
|
|
|
|
www.mybodyradar.net
|
unknown
|
|
|
|
www.valerieomage.com
|
unknown
|
|
|
|
www.instantmailer.cloud
|
unknown
|
|
|
|
www.kosherphonestore.com
|
unknown
|
|
|
|
www.mcxright.com
|
unknown
|
|
|
|
www.siteblogoficialon.com
|
unknown
|
|
|
|
www.lacemalt.top
|
203.161.55.102
|
||
|
www.kosherphonestore.com.cdn.hstgr.net
|
84.32.84.130
|
||
|
siteblogoficialon.com
|
108.179.193.98
|
||
|
www.mg55aa.xyz
|
35.241.34.216
|
||
|
www.cwgehkk.store
|
43.155.26.241
|
||
|
www.lavillitadepapa.com
|
74.208.46.171
|
||
|
mybodyradar.net
|
3.33.130.190
|
There are 6 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
23.227.38.74
|
shops.myshopify.com
|
Canada
|
|
|
|
43.155.26.241
|
www.cwgehkk.store
|
Japan
|
||
|
203.161.55.102
|
www.lacemalt.top
|
Malaysia
|
||
|
108.179.193.98
|
siteblogoficialon.com
|
United States
|
||
|
74.208.46.171
|
www.lavillitadepapa.com
|
United States
|
||
|
84.32.84.130
|
www.kosherphonestore.com.cdn.hstgr.net
|
Lithuania
|
||
|
3.33.130.190
|
mybodyradar.net
|
United States
|
||
|
35.241.34.216
|
www.mg55aa.xyz
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2E40000
|
system
|
page execute and read and write
|
|
|
|
5BA0000
|
unclassified section
|
page execute and read and write
|
|
|
|
5CE0000
|
unclassified section
|
page execute and read and write
|
|
|
|
3150000
|
trusted library allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
2AF0000
|
unkown
|
page execute and read and write
|
|
|
|
2C90000
|
system
|
page execute and read and write
|
|
|
|
30D0000
|
trusted library allocation
|
page read and write
|
|
|
|
2F2C000
|
unkown
|
page read and write
|
||
|
2CFD000
|
system
|
page execute and read and write
|
||
|
2D90000
|
unkown
|
page read and write
|
||
|
3876000
|
unkown
|
page read and write
|
||
|
E48000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
DE0000
|
unkown
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
16FAA200000
|
trusted library allocation
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
60235FD000
|
stack
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
16FA9FA0000
|
heap
|
page read and write
|
||
|
32A9000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
E48000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
3054000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
807B000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32AF000
|
heap
|
page read and write
|
||
|
80AF000
|
heap
|
page read and write
|
||
|
3274000
|
heap
|
page read and write
|
||
|
3B9A000
|
unkown
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
16FA84F6000
|
system
|
page execute and read and write
|
||
|
14A1000
|
unkown
|
page readonly
|
||
|
32FC000
|
unkown
|
page read and write
|
||
|
53C0000
|
heap
|
page read and write
|
||
|
29B958A0000
|
direct allocation
|
page read and write
|
||
|
809B000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
DD0000
|
unkown
|
page read and write
|
||
|
80C6000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
286EC000
|
system
|
page read and write
|
||
|
2DC2BD60000
|
heap
|
page read and write
|
||
|
7FF658550000
|
unkown
|
page readonly
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
8054000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
29B958C0000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
8063000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
29B9C000000
|
direct allocation
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
D00000
|
unkown
|
page readonly
|
||
|
9E0000
|
unkown
|
page readonly
|
||
|
7FF658719000
|
unkown
|
page write copy
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
7FF658727000
|
unkown
|
page readonly
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
80B8000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
8380000
|
heap
|
page read and write
|
||
|
4EEC000
|
stack
|
page read and write
|
||
|
804F000
|
heap
|
page read and write
|
||
|
DB0000
|
unkown
|
page readonly
|
||
|
31FA000
|
heap
|
page read and write
|
||
|
B6A000
|
stack
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
3992000
|
direct allocation
|
page execute and read and write
|
||
|
CFC000
|
stack
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
52DE000
|
stack
|
page read and write
|
||
|
57EF000
|
stack
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
33F0000
|
trusted library allocation
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
451A000
|
unclassified section
|
page read and write
|
||
|
14A1000
|
unkown
|
page readonly
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32A3000
|
heap
|
page read and write
|
||
|
35CE000
|
heap
|
page read and write
|
||
|
813D000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
2EB0000
|
heap
|
page read and write
|
||
|
29B99400000
|
direct allocation
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
E05000
|
unkown
|
page read and write
|
||
|
53F0000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
141A000
|
heap
|
page read and write
|
||
|
16FA8687000
|
heap
|
page read and write
|
||
|
C6C000
|
stack
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
3286000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
940000
|
unkown
|
page readonly
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
2D54000
|
system
|
page execute and read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
29B95820000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
E05000
|
unkown
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
8057000
|
heap
|
page read and write
|
||
|
13FE000
|
heap
|
page read and write
|
||
|
6022DFB000
|
stack
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
41E2000
|
unkown
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
5CD0000
|
heap
|
page read and write
|
||
|
DF1000
|
unkown
|
page execute read
|
||
|
32B8000
|
heap
|
page read and write
|
||
|
3022000
|
unkown
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
D60000
|
unkown
|
page read and write
|
||
|
80A2000
|
heap
|
page read and write
|
||
|
C50C3FE000
|
stack
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
16FA86C0000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
B00000
|
unkown
|
page readonly
|
||
|
940000
|
unkown
|
page readonly
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
1300000
|
unkown
|
page readonly
|
||
|
7667000
|
unclassified section
|
page execute and read and write
|
||
|
CB0000
|
unkown
|
page readonly
|
||
|
813F000
|
heap
|
page read and write
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
28412000
|
system
|
page read and write
|
||
|
920000
|
unkown
|
page readonly
|
||
|
16FAA201000
|
trusted library allocation
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
80B4000
|
heap
|
page read and write
|
||
|
5850000
|
direct allocation
|
page execute and read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
4477000
|
unkown
|
page execute and read and write
|
||
|
29B95850000
|
heap
|
page read and write
|
||
|
2DBAB25F000
|
direct allocation
|
page read and write
|
||
|
7FF658719000
|
unkown
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
2DC2BE4F000
|
heap
|
page read and write
|
||
|
DF0000
|
unkown
|
page readonly
|
||
|
7FF658551000
|
unkown
|
page execute read
|
||
|
5416000
|
heap
|
page read and write
|
||
|
3650000
|
direct allocation
|
page execute and read and write
|
||
|
529E000
|
stack
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
3283000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
D2E000
|
stack
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
CA0000
|
unkown
|
page readonly
|
||
|
13FE000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
3054000
|
heap
|
page read and write
|
||
|
284D2000
|
system
|
page read and write
|
||
|
59EE000
|
direct allocation
|
page execute and read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
3010000
|
heap
|
page read and write
|
||
|
3779000
|
direct allocation
|
page execute and read and write
|
||
|
CE0000
|
unkown
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
3283000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
28C66000
|
system
|
page read and write
|
||
|
16FAA2AA000
|
trusted library allocation
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
7FF6586A9000
|
unkown
|
page readonly
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
920000
|
unkown
|
page readonly
|
||
|
32BC000
|
heap
|
page read and write
|
||
|
AE0000
|
unkown
|
page readonly
|
||
|
C50C27E000
|
stack
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
3A77000
|
unkown
|
page execute and read and write
|
||
|
30B0000
|
heap
|
page read and write
|
||
|
7FF6586A9000
|
unkown
|
page readonly
|
||
|
2E38000
|
stack
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
8067000
|
unclassified section
|
page execute and read and write
|
||
|
CE0000
|
unkown
|
page read and write
|
||
|
2DC2BE29000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
6C67000
|
unclassified section
|
page execute and read and write
|
||
|
2CF1000
|
system
|
page execute and read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
80B8000
|
heap
|
page read and write
|
||
|
8037000
|
heap
|
page read and write
|
||
|
1881000
|
unkown
|
page readonly
|
||
|
3A62000
|
unclassified section
|
page read and write
|
||
|
52E0000
|
heap
|
page read and write
|
||
|
35AE000
|
stack
|
page read and write
|
||
|
16FA8680000
|
heap
|
page read and write
|
||
|
2CE1000
|
system
|
page execute and read and write
|
||
|
16FA869D000
|
heap
|
page read and write
|
||
|
54F0000
|
heap
|
page read and write
|
||
|
2AEF000
|
stack
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
5877000
|
unkown
|
page execute and read and write
|
||
|
6023DFE000
|
stack
|
page read and write
|
||
|
FEF000
|
stack
|
page read and write
|
||
|
35CA000
|
heap
|
page read and write
|
||
|
16FA86B3000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
DF1000
|
unkown
|
page execute read
|
||
|
29B95890000
|
heap
|
page read and write
|
||
|
356D000
|
stack
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
13FA000
|
heap
|
page read and write
|
||
|
2DEC000
|
unkown
|
page read and write
|
||
|
DFE000
|
unkown
|
page readonly
|
||
|
16FAA103000
|
trusted library allocation
|
page read and write
|
||
|
5B98000
|
direct allocation
|
page execute and read and write
|
||
|
16FAA100000
|
trusted library allocation
|
page read and write
|
||
|
2DC2BE52000
|
heap
|
page read and write
|
||
|
328D000
|
heap
|
page read and write
|
||
|
4698000
|
unkown
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
CB0000
|
unkown
|
page readonly
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
1881000
|
unkown
|
page readonly
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
DF0000
|
unkown
|
page readonly
|
||
|
8044000
|
heap
|
page read and write
|
||
|
3190000
|
trusted library allocation
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
39A2000
|
unclassified section
|
page read and write
|
||
|
D80000
|
unkown
|
page read and write
|
||
|
3EBE000
|
unkown
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
49D0000
|
unclassified section
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
9F0000
|
unkown
|
page readonly
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
D31000
|
unkown
|
page readonly
|
||
|
9AA000
|
stack
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
300F000
|
stack
|
page read and write
|
||
|
DF1000
|
unkown
|
page execute read
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
6267000
|
unclassified section
|
page execute and read and write
|
||
|
32C5000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
3490000
|
trusted library allocation
|
page execute and read and write
|
||
|
DF0000
|
unkown
|
page readonly
|
||
|
B6A000
|
stack
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
5250000
|
heap
|
page read and write
|
||
|
313C000
|
unkown
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
7FF658724000
|
unkown
|
page read and write
|
||
|
C6C000
|
stack
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
9F0000
|
unkown
|
page readonly
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
2BCB000
|
stack
|
page read and write
|
||
|
9E0000
|
unkown
|
page readonly
|
||
|
328D000
|
heap
|
page read and write
|
||
|
16FA8480000
|
system
|
page execute and read and write
|
||
|
3288000
|
heap
|
page read and write
|
||
|
DB0000
|
unkown
|
page readonly
|
||
|
3050000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
377D000
|
direct allocation
|
page execute and read and write
|
||
|
DFE000
|
unkown
|
page readonly
|
||
|
803C000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
5B01000
|
direct allocation
|
page execute and read and write
|
||
|
5B1D000
|
direct allocation
|
page execute and read and write
|
||
|
3190000
|
trusted library allocation
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
D71000
|
unkown
|
page readonly
|
||
|
16FA9FB0000
|
trusted library allocation
|
page read and write
|
||
|
2CD8000
|
system
|
page execute and read and write
|
||
|
16FAA2CE000
|
trusted library allocation
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
329A000
|
heap
|
page read and write
|
||
|
D80000
|
unkown
|
page read and write
|
||
|
41F6000
|
unclassified section
|
page read and write
|
||
|
29B99403000
|
direct allocation
|
page read and write
|
||
|
16FA86AC000
|
heap
|
page read and write
|
||
|
5B16000
|
direct allocation
|
page execute and read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
31F0000
|
heap
|
page read and write
|
||
|
DB0000
|
unkown
|
page readonly
|
||
|
DF1000
|
unkown
|
page execute read
|
||
|
930000
|
unkown
|
page readonly
|
||
|
7FF658550000
|
unkown
|
page readonly
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
3054000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
8120000
|
trusted library allocation
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
7FF658551000
|
unkown
|
page execute read
|
||
|
DA6000
|
heap
|
page read and write
|
||
|
28F0000
|
unkown
|
page readonly
|
||
|
E05000
|
unkown
|
page read and write
|
||
|
AF0000
|
unkown
|
page readonly
|
||
|
1110000
|
unkown
|
page readonly
|
||
|
3190000
|
trusted library allocation
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
29B9D400000
|
direct allocation
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
31FE000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
34A1000
|
heap
|
page read and write
|
||
|
29B95830000
|
heap
|
page read and write
|
||
|
14F0000
|
unkown
|
page readonly
|
||
|
329A000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F7000
|
heap
|
page read and write
|
||
|
57F0000
|
direct allocation
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
D5E000
|
stack
|
page read and write
|
||
|
16FAA115000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
unkown
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
8051000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
D80000
|
unkown
|
page read and write
|
||
|
6600000
|
trusted library allocation
|
page read and write
|
||
|
32FC000
|
unkown
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
DB0000
|
unkown
|
page readonly
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
D2E000
|
stack
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
D7E000
|
stack
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
16FAA10D000
|
trusted library allocation
|
page read and write
|
||
|
29B95880000
|
direct allocation
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
29B958CC000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
28EE000
|
stack
|
page read and write
|
||
|
29E4000
|
heap
|
page read and write
|
||
|
D00000
|
unkown
|
page readonly
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
16FA9E90000
|
heap
|
page read and write
|
||
|
3010000
|
heap
|
page read and write
|
||
|
80B2000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
29B9CA00000
|
direct allocation
|
page read and write
|
||
|
CC0000
|
unkown
|
page readonly
|
||
|
29B97400000
|
direct allocation
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
CA0000
|
unkown
|
page readonly
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
AE0000
|
unkown
|
page readonly
|
||
|
930000
|
unkown
|
page readonly
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
3921000
|
direct allocation
|
page execute and read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
363F000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
28F0000
|
unkown
|
page readonly
|
||
|
32E5000
|
heap
|
page read and write
|
||
|
16FA8590000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
80AF000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
E07000
|
unkown
|
page readonly
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
29E4000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
16FA9FB0000
|
trusted library allocation
|
page read and write
|
||
|
8032000
|
heap
|
page read and write
|
||
|
3140000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
12FF000
|
stack
|
page read and write
|
||
|
16FAA121000
|
trusted library allocation
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
3288000
|
heap
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
483E000
|
unclassified section
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
3077000
|
unkown
|
page execute and read and write
|
||
|
878F000
|
stack
|
page read and write
|
||
|
D80000
|
unkown
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
802C000
|
heap
|
page read and write
|
||
|
FEF000
|
stack
|
page read and write
|
||
|
16FA86B3000
|
heap
|
page read and write
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
32E3000
|
heap
|
page read and write
|
||
|
16FA84F9000
|
system
|
page execute and read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
DF0000
|
unkown
|
page readonly
|
||
|
8A67000
|
unclassified section
|
page execute and read and write
|
||
|
597D000
|
direct allocation
|
page execute and read and write
|
||
|
30A0000
|
heap
|
page read and write
|
||
|
1110000
|
unkown
|
page readonly
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
E07000
|
unkown
|
page readonly
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
807F000
|
heap
|
page read and write
|
||
|
7FF658727000
|
unkown
|
page readonly
|
||
|
DE0000
|
unkown
|
page read and write
|
||
|
32B2000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
3286000
|
heap
|
page read and write
|
||
|
16FAA110000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
unkown
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
3022000
|
unkown
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
8059000
|
heap
|
page read and write
|
||
|
7FF658669000
|
unkown
|
page read and write
|
||
|
DFE000
|
unkown
|
page readonly
|
||
|
3228000
|
heap
|
page read and write
|
||
|
DFE000
|
unkown
|
page readonly
|
||
|
391D000
|
direct allocation
|
page execute and read and write
|
||
|
E05000
|
unkown
|
page read and write
|
||
|
29B99803000
|
direct allocation
|
page read and write
|
||
|
2E20000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
804A000
|
heap
|
page read and write
|
||
|
53F8000
|
heap
|
page read and write
|
||
|
16FAA2BE000
|
trusted library allocation
|
page read and write
|
||
|
29B99C00000
|
direct allocation
|
page read and write
|
||
|
AF0000
|
unkown
|
page readonly
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
7FF65871F000
|
unkown
|
page read and write
|
||
|
56EF000
|
stack
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
D60000
|
unkown
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
8074000
|
heap
|
page read and write
|
||
|
4B62000
|
unclassified section
|
page read and write
|
||
|
29B95920000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
60245FF000
|
stack
|
page read and write
|
||
|
81E0000
|
trusted library allocation
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
8085000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
B00000
|
unkown
|
page readonly
|
||
|
3230000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
C50BF79000
|
stack
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
29B958C6000
|
heap
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
1300000
|
unkown
|
page readonly
|
||
|
31FF000
|
heap
|
page read and write
|
||
|
8026000
|
heap
|
page read and write
|
||
|
D71000
|
unkown
|
page readonly
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
80C0000
|
heap
|
page read and write
|
||
|
4E77000
|
unkown
|
page execute and read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
E07000
|
unkown
|
page readonly
|
||
|
E70000
|
heap
|
page read and write
|
||
|
4050000
|
unkown
|
page read and write
|
||
|
29B99800000
|
direct allocation
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
874E000
|
stack
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
80A8000
|
heap
|
page read and write
|
||
|
5018000
|
unclassified section
|
page read and write
|
||
|
2E20000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
1171000
|
unkown
|
page read and write
|
||
|
3ABC000
|
unclassified section
|
page read and write
|
||
|
C50C0FF000
|
stack
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
80BB000
|
heap
|
page read and write
|
||
|
30E2000
|
unkown
|
page read and write
|
||
|
CC0000
|
unkown
|
page readonly
|
||
|
E40000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
3279000
|
heap
|
page read and write
|
||
|
4FEA000
|
stack
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
3C7C000
|
unclassified section
|
page read and write
|
||
|
110F000
|
stack
|
page read and write
|
||
|
14F0000
|
unkown
|
page readonly
|
||
|
3014000
|
heap
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
31F7000
|
heap
|
page read and write
|
||
|
16FA86B0000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
31F5000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
8099000
|
heap
|
page read and write
|
||
|
CFC000
|
stack
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
80BE000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
E07000
|
unkown
|
page readonly
|
||
|
5979000
|
direct allocation
|
page execute and read and write
|
||
|
9AA000
|
stack
|
page read and write
|
||
|
80C2000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
13FA000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
3054000
|
heap
|
page read and write
|
||
|
341A000
|
heap
|
page read and write
|
||
|
37EE000
|
direct allocation
|
page execute and read and write
|
||
|
3010000
|
trusted library allocation
|
page read and write
|
||
|
D31000
|
unkown
|
page readonly
|
||
|
16FAA2C4000
|
trusted library allocation
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
803F000
|
heap
|
page read and write
|
||
|
16FAA000000
|
trusted library allocation
|
page read and write
|
There are 578 hidden memdumps, click here to show them.