Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
KVAoyRsrZC.exe
|
PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\regid.1991-06.com.microsoft\regid.1991-06.com.microsoft_Windows-10-Pro.swidtag
|
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\KVAoyRsrZC.exe
|
"C:\Users\user\Desktop\KVAoyRsrZC.exe"
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k NetworkService -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k wsappx -p -s ClipSVC
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s wscsvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalService -p -s LicenseManager
|
|
|
|
C:\Windows\System32\Sgrmuserer.exe
|
C:\Windows\system32\Sgrmuserer.exe
|
||
|
C:\Program Files\Windows Defender\MpCmdRun.exe
|
"C:\Program Files\Windows Defender\mpcmdrun.exe" -wdenable
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Routes/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Driving
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Transit/Stops/
|
unknown
|
||
|
https://dynamic.api.tilep
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Traffic/Incidents/
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Walking
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gri?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r=
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/REST/V1/MapControlConfiguration/native/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Locations
|
unknown
|
||
|
https://dev.ditu.live.com/REST/V1/MapControlConfiguration/native/
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/logging.ashx
|
unknown
|
||
|
http://standards.iso.org/iso/19770/-2/2009/schema.xsd
|
unknown
|
||
|
https://dev.ditu.live.com/mapcontrol/logging.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r=
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Transit/Schedules/
|
unknown
|
||
|
https://dynamic.t
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Transit
|
unknown
|
||
|
https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen
|
unknown
|
||
|
https://tiles.virtualearth.net/tiles/cmd/StreetSideBubbleMetaData?north=
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r=
|
unknown
|
||
|
http://www.bingmapsportal.com
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Locations
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/JsonFilter/VenueMaps/data/
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r=
|
unknown
|
There are 24 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
eu.minerpool.pw
|
91.92.248.9
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.10.68.220
|
unknown
|
Seychelles
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WMI\Security
|
c688cf83-9945-5ff6-0e1e-1ff1f8a2ec9a
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
22EE5C68000
|
heap
|
page read and write
|
||
|
200026F9000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
22EE5C62000
|
heap
|
page read and write
|
||
|
20002780000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
2C43EA13000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
1E279466000
|
heap
|
page read and write
|
||
|
20003F90000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
CDDC37E000
|
unkown
|
page readonly
|
||
|
294F0200000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20002780000
|
trusted library allocation
|
page read and write
|
||
|
CDDC87E000
|
unkown
|
page readonly
|
||
|
22EE5C58000
|
heap
|
page read and write
|
||
|
2000266F000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
2000400B000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20009A9B000
|
heap
|
page read and write
|
||
|
D776FFC000
|
stack
|
page read and write
|
||
|
20002683000
|
heap
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
200960F0000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20002780000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
D5496FE000
|
stack
|
page read and write
|
||
|
1879E84B000
|
heap
|
page read and write
|
||
|
20002500000
|
heap
|
page read and write
|
||
|
22EE5C42000
|
heap
|
page read and write
|
||
|
294F0090000
|
heap
|
page read and write
|
||
|
20003FE2000
|
heap
|
page read and write
|
||
|
1879E700000
|
heap
|
page read and write
|
||
|
20002780000
|
trusted library allocation
|
page read and write
|
||
|
22EE5C8F000
|
heap
|
page read and write
|
||
|
CDDBE7D000
|
stack
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
1E2793C0000
|
remote allocation
|
page read and write
|
||
|
22EE5C4A000
|
heap
|
page read and write
|
||
|
200960F0000
|
trusted library allocation
|
page read and write
|
||
|
1E279413000
|
heap
|
page read and write
|
||
|
D549C7E000
|
stack
|
page read and write
|
||
|
1E279517000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
22EE5C57000
|
heap
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
CDDBA7E000
|
unkown
|
page readonly
|
||
|
1E2793C0000
|
remote allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
1E279370000
|
trusted library allocation
|
page read and write
|
||
|
157D5718000
|
heap
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
1E279500000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
22EE5C4D000
|
heap
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20002649000
|
heap
|
page read and write
|
||
|
D7775FE000
|
stack
|
page read and write
|
||
|
22EE6402000
|
trusted library allocation
|
page read and write
|
||
|
1879E800000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20002780000
|
trusted library allocation
|
page read and write
|
||
|
200960B0000
|
trusted library allocation
|
page read and write
|
||
|
D549B7E000
|
unkown
|
page readonly
|
||
|
CDDCA7E000
|
unkown
|
page readonly
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
1879EE02000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
2C43EA16000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
22EE5C41000
|
heap
|
page read and write
|
||
|
20002780000
|
trusted library allocation
|
page read and write
|
||
|
22EE5C5D000
|
heap
|
page read and write
|
||
|
22EE5C70000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
22EE5C8B000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
157D4E37000
|
heap
|
page read and write
|
||
|
2C43E910000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200960F0000
|
trusted library allocation
|
page read and write
|
||
|
2C43E9F0000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20002780000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
2C43EA02000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
294F0202000
|
heap
|
page read and write
|
||
|
2000549B000
|
heap
|
page read and write
|
||
|
2C43F202000
|
trusted library allocation
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
200860A0000
|
trusted library allocation
|
page read and write
|
||
|
1879E813000
|
heap
|
page read and write
|
||
|
200960F0000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
20004A9B000
|
heap
|
page read and write
|
||
|
200860A0000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20002780000
|
trusted library allocation
|
page read and write
|
||
|
157D4E48000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
D549AFE000
|
stack
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
1879E82B000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
22EE5C00000
|
heap
|
page read and write
|
||
|
1879E913000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
1879E87E000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
2000729B000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
22EE5C59000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200960F0000
|
trusted library allocation
|
page read and write
|
||
|
157D4F02000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20003F90000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
20004013000
|
heap
|
page read and write
|
||
|
D5497FE000
|
stack
|
page read and write
|
||
|
294F0A02000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20005E9B000
|
heap
|
page read and write
|
||
|
157D4C40000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
CDDC47E000
|
stack
|
page read and write
|
||
|
D54A07E000
|
stack
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
157D4C20000
|
heap
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
A939F4B000
|
stack
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20002780000
|
trusted library allocation
|
page read and write
|
||
|
1E279443000
|
heap
|
page read and write
|
||
|
1879E600000
|
heap
|
page read and write
|
||
|
2C43F080000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
200027B0000
|
heap
|
page read and write
|
||
|
2000268F000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
2C43EA5E000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
1E279513000
|
heap
|
page read and write
|
||
|
200960F0000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
2C43EA00000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
1879E840000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
22EE5C6B000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
20003FFB000
|
heap
|
page read and write
|
||
|
20002780000
|
trusted library allocation
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
1E27945E000
|
heap
|
page read and write
|
||
|
1E2793C0000
|
remote allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
294F022B000
|
heap
|
page read and write
|
||
|
4DC18CB000
|
stack
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
22EE5C2B000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
CDDC7FE000
|
stack
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
22EE5C61000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200960F0000
|
trusted library allocation
|
page read and write
|
||
|
20002780000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
22EE5C8D000
|
heap
|
page read and write
|
||
|
2C43EA33000
|
heap
|
page read and write
|
||
|
1E279472000
|
heap
|
page read and write
|
||
|
20007C9B000
|
heap
|
page read and write
|
||
|
20002780000
|
trusted library allocation
|
page read and write
|
||
|
157D4D50000
|
trusted library allocation
|
page read and write
|
||
|
200027E5000
|
heap
|
page read and write
|
||
|
20002623000
|
heap
|
page read and write
|
||
|
294F0302000
|
heap
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
20002700000
|
heap
|
page read and write
|
||
|
157D5736000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20002639000
|
heap
|
page read and write
|
||
|
20004003000
|
heap
|
page read and write
|
||
|
D549E7E000
|
stack
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
20002730000
|
direct allocation
|
page execute read
|
||
|
22EE5C60000
|
heap
|
page read and write
|
||
|
22EE5C63000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200960F0000
|
trusted library allocation
|
page read and write
|
||
|
20002780000
|
trusted library allocation
|
page read and write
|
||
|
22EE5B70000
|
heap
|
page read and write
|
||
|
1E27B002000
|
trusted library allocation
|
page read and write
|
||
|
CDDC67E000
|
stack
|
page read and write
|
||
|
20002780000
|
trusted library allocation
|
page read and write
|
||
|
D77698B000
|
stack
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
157D4D20000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
1E279400000
|
heap
|
page read and write
|
||
|
1E27947D000
|
heap
|
page read and write
|
||
|
1879EE00000
|
heap
|
page read and write
|
||
|
157D4E30000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
1E279340000
|
heap
|
page read and write
|
||
|
1E279502000
|
heap
|
page read and write
|
||
|
200960F0000
|
trusted library allocation
|
page read and write
|
||
|
22EE5C84000
|
heap
|
page read and write
|
||
|
20002780000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
22EE5A90000
|
heap
|
page read and write
|
||
|
22EE5C5A000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
200960F0000
|
trusted library allocation
|
page read and write
|
||
|
20002638000
|
heap
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
20002780000
|
trusted library allocation
|
page read and write
|
||
|
1E279310000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
294F022F000
|
heap
|
page read and write
|
||
|
CDDC77E000
|
unkown
|
page readonly
|
||
|
20002780000
|
trusted library allocation
|
page read and write
|
||
|
7FF635EB0000
|
unkown
|
page write copy
|
||
|
22EE5CAA000
|
heap
|
page read and write
|
||
|
20002790000
|
direct allocation
|
page execute and read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
2000909B000
|
heap
|
page read and write
|
||
|
22EE5C54000
|
heap
|
page read and write
|
||
|
D54987E000
|
unkown
|
page readonly
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
22EE5C66000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200960F0000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200960F0000
|
trusted library allocation
|
page read and write
|
||
|
22EE5C13000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
22EE5C5C000
|
heap
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
D7774FE000
|
stack
|
page read and write
|
||
|
20003F90000
|
trusted library allocation
|
page read and write
|
||
|
D7771FF000
|
stack
|
page read and write
|
||
|
157D5732000
|
heap
|
page read and write
|
||
|
2000401B000
|
heap
|
page read and write
|
||
|
CDDB69B000
|
stack
|
page read and write
|
||
|
22EE5C5E000
|
heap
|
page read and write
|
||
|
4DC1E7E000
|
stack
|
page read and write
|
||
|
157D4EB1000
|
heap
|
page read and write
|
||
|
157D4E00000
|
heap
|
page read and write
|
||
|
D549D7E000
|
unkown
|
page readonly
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
157D4E48000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
1E279402000
|
heap
|
page read and write
|
||
|
200960F0000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200960F0000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200025E0000
|
heap
|
page read and write
|
||
|
20002780000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
157D573E000
|
heap
|
page read and write
|
||
|
1879ED90000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20002780000
|
trusted library allocation
|
page read and write
|
||
|
200027E0000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
157D4E87000
|
heap
|
page read and write
|
||
|
7FF635770000
|
unkown
|
page readonly
|
||
|
20002780000
|
trusted library allocation
|
page read and write
|
||
|
157D5702000
|
heap
|
page read and write
|
||
|
CDDC2FC000
|
stack
|
page read and write
|
||
|
CDDC57E000
|
unkown
|
page readonly
|
||
|
157D4E16000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
2C43EA40000
|
heap
|
page read and write
|
||
|
1879E802000
|
heap
|
page read and write
|
||
|
157D4E68000
|
heap
|
page read and write
|
||
|
1879E620000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
294F0190000
|
heap
|
page read and write
|
||
|
157D4E13000
|
heap
|
page read and write
|
||
|
1879EE15000
|
heap
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
200960F0000
|
trusted library allocation
|
page read and write
|
||
|
2C43EA37000
|
heap
|
page read and write
|
||
|
294F023D000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20004090000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
294F0213000
|
heap
|
page read and write
|
||
|
D54977E000
|
unkown
|
page readonly
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
22EE5C36000
|
heap
|
page read and write
|
||
|
1E279330000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
3260CBB000
|
stack
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
2C43EA48000
|
heap
|
page read and write
|
||
|
200027D1000
|
direct allocation
|
page execute and read and write
|
||
|
2000409B000
|
heap
|
page read and write
|
||
|
22EE5A70000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
294F00B0000
|
heap
|
page read and write
|
||
|
20002780000
|
trusted library allocation
|
page read and write
|
||
|
1879E864000
|
heap
|
page read and write
|
||
|
20002780000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
1E279390000
|
trusted library allocation
|
page read and write
|
||
|
20002780000
|
direct allocation
|
page execute and read and write
|
||
|
2000689B000
|
heap
|
page read and write
|
||
|
1E279457000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200026B7000
|
heap
|
page read and write
|
||
|
22EE5C5B000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
157D4E80000
|
heap
|
page read and write
|
||
|
4DC1CFF000
|
stack
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
CDDBF7E000
|
unkown
|
page readonly
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
22EE5C97000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
1879E900000
|
heap
|
page read and write
|
||
|
20003FD0000
|
heap
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
20003FDA000
|
heap
|
page read and write
|
||
|
507C2BB000
|
stack
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
4DC19CF000
|
stack
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
22EE5C67000
|
heap
|
page read and write
|
||
|
200960F0000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
1879E88A000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
157D5602000
|
heap
|
page read and write
|
||
|
2C43E8F0000
|
heap
|
page read and write
|
||
|
22EE5D02000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
A93A5FE000
|
unkown
|
page readonly
|
||
|
200026AE000
|
heap
|
page read and write
|
||
|
200027C1000
|
direct allocation
|
page execute and read and write
|
||
|
CDDC97E000
|
stack
|
page read and write
|
||
|
CDDB79D000
|
stack
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
22EE5C8E000
|
heap
|
page read and write
|
||
|
294F023F000
|
heap
|
page read and write
|
||
|
D776EFD000
|
stack
|
page read and write
|
||
|
22EE5C92000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
157D5700000
|
heap
|
page read and write
|
||
|
2000869B000
|
heap
|
page read and write
|
||
|
A93A4FD000
|
stack
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20002780000
|
trusted library allocation
|
page read and write
|
||
|
200960F0000
|
trusted library allocation
|
page read and write
|
||
|
200026B3000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
1879E856000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
294F01C0000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
D7772FE000
|
stack
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
D7773FE000
|
stack
|
page read and write
|
||
|
157D572E000
|
heap
|
page read and write
|
||
|
20002600000
|
heap
|
page read and write
|
||
|
200027A0000
|
trusted library allocation
|
page read and write
|
||
|
2C43EA54000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
1E27942B000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
1879E902000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
22EE5C6D000
|
heap
|
page read and write
|
||
|
7FF635D22000
|
unkown
|
page execute and write copy
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
22EE5C6A000
|
heap
|
page read and write
|
||
|
22EE5BA0000
|
trusted library allocation
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
2000260C000
|
heap
|
page read and write
|
||
|
2C43EA60000
|
heap
|
page read and write
|
||
|
D54939B000
|
stack
|
page read and write
|
||
|
D7770FE000
|
stack
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
D54A17E000
|
unkown
|
page readonly
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
22EE5C47000
|
heap
|
page read and write
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
||
|
2C43EB02000
|
heap
|
page read and write
|
||
|
1879E83A000
|
heap
|
page read and write
|
||
|
D549F7E000
|
unkown
|
page readonly
|
||
|
20096720000
|
trusted library allocation
|
page read and write
|
There are 469 hidden memdumps, click here to show them.