Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SOA-Al Daleel.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\SOA-Al Daleel.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmp2314.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\eeXxnIpy.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\eeXxnIpy.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\eeXxnIpy.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ectwbuih.5cg.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mnyspowo.u10.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ohak1fj1.vyt.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_uqxq0o4h.eom.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp2F78.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 2 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SOA-Al Daleel.exe
|
"C:\Users\user\Desktop\SOA-Al Daleel.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\eeXxnIpy.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\eeXxnIpy" /XML "C:\Users\user\AppData\Local\Temp\tmp2314.tmp"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\eeXxnIpy.exe
|
C:\Users\user\AppData\Roaming\eeXxnIpy.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\eeXxnIpy" /XML "C:\Users\user\AppData\Local\Temp\tmp2F78.tmp"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt0#
|
unknown
|
||
|
http://ocsp.sectigo.com0A
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
http://us2.smtp.mailhostbox.com
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
us2.smtp.mailhostbox.com
|
208.91.199.223
|
|
|
|
bg.microsoft.map.fastly.net
|
199.232.214.172
|
||
|
time.windows.com
|
unknown
|
||
|
56.126.166.20.in-addr.arpa
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
208.91.199.223
|
us2.smtp.mailhostbox.com
|
United States
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3020000
|
trusted library allocation
|
page read and write
|
|
|
|
2FD1000
|
trusted library allocation
|
page read and write
|
|
|
|
41BF000
|
trusted library allocation
|
page read and write
|
|
|
|
2C3A000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2BC1000
|
trusted library allocation
|
page read and write
|
|
|
|
4450000
|
trusted library allocation
|
page read and write
|
|
|
|
1490000
|
trusted library allocation
|
page read and write
|
||
|
292F000
|
stack
|
page read and write
|
||
|
6FD61000
|
unkown
|
page execute read
|
||
|
2E24000
|
trusted library allocation
|
page read and write
|
||
|
5AA0000
|
trusted library allocation
|
page read and write
|
||
|
108E000
|
heap
|
page read and write
|
||
|
2A08000
|
trusted library allocation
|
page read and write
|
||
|
5AAC000
|
trusted library allocation
|
page read and write
|
||
|
148D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FD90000
|
trusted library allocation
|
page execute and read and write
|
||
|
1834000
|
trusted library allocation
|
page read and write
|
||
|
235D000
|
stack
|
page read and write
|
||
|
84AC000
|
stack
|
page read and write
|
||
|
316F000
|
stack
|
page read and write
|
||
|
6077000
|
trusted library allocation
|
page read and write
|
||
|
FEA000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
15DE000
|
trusted library allocation
|
page read and write
|
||
|
9FFD000
|
trusted library allocation
|
page read and write
|
||
|
FA5000
|
heap
|
page read and write
|
||
|
47A0000
|
trusted library allocation
|
page read and write
|
||
|
7E30000
|
heap
|
page read and write
|
||
|
1288000
|
heap
|
page read and write
|
||
|
6FD7D000
|
unkown
|
page read and write
|
||
|
55AE000
|
stack
|
page read and write
|
||
|
1450000
|
heap
|
page read and write
|
||
|
5738000
|
trusted library allocation
|
page read and write
|
||
|
E3B000
|
stack
|
page read and write
|
||
|
3396000
|
trusted library allocation
|
page read and write
|
||
|
5430000
|
trusted library allocation
|
page read and write
|
||
|
F38000
|
stack
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
2ED0000
|
heap
|
page read and write
|
||
|
1820000
|
trusted library allocation
|
page read and write
|
||
|
6FD7D000
|
unkown
|
page read and write
|
||
|
2E30000
|
trusted library allocation
|
page read and write
|
||
|
2BBD000
|
stack
|
page read and write
|
||
|
5E00000
|
heap
|
page read and write
|
||
|
49F5000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
77BD000
|
stack
|
page read and write
|
||
|
648F000
|
stack
|
page read and write
|
||
|
FFAE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1640000
|
trusted library allocation
|
page read and write
|
||
|
5052000
|
trusted library allocation
|
page read and write
|
||
|
3340000
|
trusted library allocation
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
59D0000
|
trusted library allocation
|
page read and write
|
||
|
6FD7F000
|
unkown
|
page readonly
|
||
|
2F1D000
|
trusted library allocation
|
page read and write
|
||
|
7770000
|
trusted library section
|
page read and write
|
||
|
56DE000
|
stack
|
page read and write
|
||
|
108D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3FF9000
|
trusted library allocation
|
page read and write
|
||
|
7DAE000
|
stack
|
page read and write
|
||
|
5900000
|
heap
|
page read and write
|
||
|
2F11000
|
trusted library allocation
|
page read and write
|
||
|
656E000
|
stack
|
page read and write
|
||
|
16C2000
|
heap
|
page read and write
|
||
|
7AD5000
|
heap
|
page read and write
|
||
|
135C000
|
stack
|
page read and write
|
||
|
505E000
|
trusted library allocation
|
page read and write
|
||
|
168A000
|
heap
|
page read and write
|
||
|
1648000
|
heap
|
page read and write
|
||
|
12B2000
|
trusted library allocation
|
page read and write
|
||
|
157F000
|
stack
|
page read and write
|
||
|
574C000
|
trusted library allocation
|
page read and write
|
||
|
79AE000
|
stack
|
page read and write
|
||
|
1550000
|
trusted library allocation
|
page read and write
|
||
|
FA7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EC0000
|
heap
|
page execute and read and write
|
||
|
2C2A000
|
trusted library allocation
|
page read and write
|
||
|
6ACF000
|
stack
|
page read and write
|
||
|
30E2000
|
trusted library allocation
|
page read and write
|
||
|
1850000
|
heap
|
page read and write
|
||
|
1836000
|
trusted library allocation
|
page read and write
|
||
|
4179000
|
trusted library allocation
|
page read and write
|
||
|
2EF0000
|
trusted library allocation
|
page read and write
|
||
|
6180000
|
heap
|
page read and write
|
||
|
5920000
|
trusted library allocation
|
page execute and read and write
|
||
|
659E000
|
stack
|
page read and write
|
||
|
4575000
|
trusted library allocation
|
page read and write
|
||
|
1240000
|
heap
|
page execute and read and write
|
||
|
7C3F000
|
stack
|
page read and write
|
||
|
1484000
|
trusted library allocation
|
page read and write
|
||
|
F90000
|
trusted library allocation
|
page read and write
|
||
|
1662000
|
trusted library allocation
|
page read and write
|
||
|
5A0F000
|
stack
|
page read and write
|
||
|
982000
|
unkown
|
page readonly
|
||
|
5F20000
|
trusted library allocation
|
page read and write
|
||
|
10D3000
|
heap
|
page read and write
|
||
|
15FA000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
heap
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
E6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
46E7000
|
trusted library allocation
|
page read and write
|
||
|
1080000
|
trusted library allocation
|
page read and write
|
||
|
1840000
|
trusted library allocation
|
page read and write
|
||
|
4A43000
|
trusted library allocation
|
page read and write
|
||
|
63ED000
|
stack
|
page read and write
|
||
|
5459000
|
trusted library allocation
|
page read and write
|
||
|
16BF000
|
heap
|
page read and write
|
||
|
3151000
|
trusted library allocation
|
page read and write
|
||
|
1650000
|
trusted library allocation
|
page read and write
|
||
|
549E000
|
stack
|
page read and write
|
||
|
2DC0000
|
trusted library allocation
|
page read and write
|
||
|
78A0000
|
heap
|
page read and write
|
||
|
33D0000
|
heap
|
page read and write
|
||
|
14A2000
|
trusted library allocation
|
page read and write
|
||
|
5061000
|
trusted library allocation
|
page read and write
|
||
|
166B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C36000
|
trusted library allocation
|
page read and write
|
||
|
FA2000
|
trusted library allocation
|
page read and write
|
||
|
12A0000
|
trusted library allocation
|
page read and write
|
||
|
332E000
|
stack
|
page read and write
|
||
|
30E0000
|
trusted library allocation
|
page read and write
|
||
|
E64000
|
trusted library allocation
|
page read and write
|
||
|
2F50000
|
trusted library allocation
|
page read and write
|
||
|
74CE000
|
stack
|
page read and write
|
||
|
173E000
|
heap
|
page read and write
|
||
|
2BBE000
|
stack
|
page read and write
|
||
|
55F3000
|
heap
|
page read and write
|
||
|
66F0000
|
heap
|
page read and write
|
||
|
153E000
|
stack
|
page read and write
|
||
|
666F000
|
stack
|
page read and write
|
||
|
1290000
|
trusted library allocation
|
page read and write
|
||
|
7460000
|
trusted library section
|
page read and write
|
||
|
5090000
|
trusted library allocation
|
page read and write
|
||
|
7360000
|
heap
|
page read and write
|
||
|
1680000
|
heap
|
page read and write
|
||
|
1505000
|
heap
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
121F000
|
stack
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
3391000
|
trusted library allocation
|
page read and write
|
||
|
7AAE000
|
stack
|
page read and write
|
||
|
698E000
|
stack
|
page read and write
|
||
|
736E000
|
heap
|
page read and write
|
||
|
518E000
|
stack
|
page read and write
|
||
|
5740000
|
trusted library allocation
|
page read and write
|
||
|
14A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
1780000
|
trusted library allocation
|
page read and write
|
||
|
1500000
|
heap
|
page read and write
|
||
|
16A7000
|
heap
|
page read and write
|
||
|
5BAE000
|
stack
|
page read and write
|
||
|
F92000
|
trusted library allocation
|
page read and write
|
||
|
55DE000
|
stack
|
page read and write
|
||
|
FC8000
|
heap
|
page read and write
|
||
|
59B0000
|
heap
|
page execute and read and write
|
||
|
557C000
|
stack
|
page read and write
|
||
|
110D000
|
stack
|
page read and write
|
||
|
16FB000
|
heap
|
page read and write
|
||
|
6070000
|
trusted library allocation
|
page read and write
|
||
|
2C28000
|
trusted library allocation
|
page read and write
|
||
|
6160000
|
heap
|
page read and write
|
||
|
56FC000
|
stack
|
page read and write
|
||
|
43E9000
|
trusted library allocation
|
page read and write
|
||
|
1640000
|
heap
|
page read and write
|
||
|
5F8D000
|
stack
|
page read and write
|
||
|
1540000
|
trusted library allocation
|
page read and write
|
||
|
93DC000
|
stack
|
page read and write
|
||
|
3090000
|
trusted library allocation
|
page read and write
|
||
|
1460000
|
heap
|
page read and write
|
||
|
85AC000
|
stack
|
page read and write
|
||
|
77A0000
|
heap
|
page read and write
|
||
|
58D6000
|
trusted library allocation
|
page read and write
|
||
|
1747000
|
heap
|
page read and write
|
||
|
66E0000
|
heap
|
page read and write
|
||
|
2C42000
|
trusted library allocation
|
page read and write
|
||
|
514E000
|
stack
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
7C8D000
|
stack
|
page read and write
|
||
|
E70000
|
trusted library allocation
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
5C00000
|
heap
|
page read and write
|
||
|
2AB0000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
5F30000
|
trusted library allocation
|
page read and write
|
||
|
6380000
|
trusted library allocation
|
page read and write
|
||
|
2600000
|
heap
|
page read and write
|
||
|
2E55000
|
trusted library allocation
|
page read and write
|
||
|
55EE000
|
stack
|
page read and write
|
||
|
58FF000
|
stack
|
page read and write
|
||
|
5072000
|
trusted library allocation
|
page read and write
|
||
|
78BD000
|
stack
|
page read and write
|
||
|
1643000
|
trusted library allocation
|
page read and write
|
||
|
7AE5000
|
heap
|
page read and write
|
||
|
1600000
|
trusted library allocation
|
page execute and read and write
|
||
|
12B7000
|
heap
|
page read and write
|
||
|
15F0000
|
trusted library allocation
|
page read and write
|
||
|
7480000
|
trusted library allocation
|
page execute and read and write
|
||
|
1620000
|
trusted library allocation
|
page read and write
|
||
|
14AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
559E000
|
stack
|
page read and write
|
||
|
1115000
|
heap
|
page read and write
|
||
|
14A0000
|
trusted library allocation
|
page read and write
|
||
|
6700000
|
trusted library allocation
|
page execute and read and write
|
||
|
635D000
|
stack
|
page read and write
|
||
|
2C17000
|
trusted library allocation
|
page read and write
|
||
|
109E000
|
heap
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
3FD7000
|
trusted library allocation
|
page read and write
|
||
|
5439000
|
trusted library allocation
|
page read and write
|
||
|
9BDD000
|
trusted library allocation
|
page read and write
|
||
|
5A3D000
|
stack
|
page read and write
|
||
|
312E000
|
stack
|
page read and write
|
||
|
339D000
|
trusted library allocation
|
page read and write
|
||
|
543E000
|
trusted library allocation
|
page read and write
|
||
|
12A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7DEE000
|
stack
|
page read and write
|
||
|
43E1000
|
trusted library allocation
|
page read and write
|
||
|
59FE000
|
stack
|
page read and write
|
||
|
FED000
|
stack
|
page read and write
|
||
|
5C4E000
|
stack
|
page read and write
|
||
|
1213000
|
heap
|
page read and write
|
||
|
F96000
|
trusted library allocation
|
page execute and read and write
|
||
|
12AA000
|
heap
|
page read and write
|
||
|
4159000
|
trusted library allocation
|
page read and write
|
||
|
10BE000
|
stack
|
page read and write
|
||
|
30D0000
|
heap
|
page read and write
|
||
|
5742000
|
trusted library allocation
|
page read and write
|
||
|
11C0000
|
trusted library allocation
|
page read and write
|
||
|
941E000
|
stack
|
page read and write
|
||
|
1810000
|
trusted library allocation
|
page execute and read and write
|
||
|
1293000
|
trusted library allocation
|
page read and write
|
||
|
1A5E000
|
stack
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
12D0000
|
trusted library allocation
|
page read and write
|
||
|
6FD7D000
|
unkown
|
page read and write
|
||
|
3140000
|
heap
|
page execute and read and write
|
||
|
669E000
|
stack
|
page read and write
|
||
|
5C05000
|
heap
|
page read and write
|
||
|
78FD000
|
stack
|
page read and write
|
||
|
E85000
|
heap
|
page read and write
|
||
|
12BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
3028000
|
trusted library allocation
|
page read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
14B2000
|
trusted library allocation
|
page read and write
|
||
|
1083000
|
trusted library allocation
|
page execute and read and write
|
||
|
14AE000
|
stack
|
page read and write
|
||
|
58D2000
|
trusted library allocation
|
page read and write
|
||
|
4151000
|
trusted library allocation
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
2F0E000
|
trusted library allocation
|
page read and write
|
||
|
3360000
|
heap
|
page execute and read and write
|
||
|
5A98000
|
trusted library allocation
|
page read and write
|
||
|
5C50000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BFA000
|
stack
|
page read and write
|
||
|
7F850000
|
trusted library allocation
|
page execute and read and write
|
||
|
5190000
|
heap
|
page execute and read and write
|
||
|
131E000
|
stack
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
1C00000
|
trusted library allocation
|
page read and write
|
||
|
180B000
|
stack
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
15D0000
|
trusted library allocation
|
page read and write
|
||
|
5905000
|
heap
|
page read and write
|
||
|
5D6D000
|
stack
|
page read and write
|
||
|
602E000
|
stack
|
page read and write
|
||
|
505A000
|
trusted library allocation
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
E63000
|
trusted library allocation
|
page execute and read and write
|
||
|
5E10000
|
heap
|
page read and write
|
||
|
163D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5080000
|
trusted library allocation
|
page read and write
|
||
|
59C0000
|
trusted library allocation
|
page read and write
|
||
|
14B5000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C30000
|
trusted library allocation
|
page read and write
|
||
|
2EB0000
|
heap
|
page read and write
|
||
|
1564000
|
trusted library allocation
|
page read and write
|
||
|
51A0000
|
heap
|
page read and write
|
||
|
1352000
|
heap
|
page read and write
|
||
|
5750000
|
heap
|
page read and write
|
||
|
10EA000
|
stack
|
page read and write
|
||
|
4CFD000
|
stack
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page execute and read and write
|
||
|
1230000
|
trusted library allocation
|
page read and write
|
||
|
2EAC000
|
stack
|
page read and write
|
||
|
7BB0000
|
heap
|
page read and write
|
||
|
34EF000
|
trusted library allocation
|
page read and write
|
||
|
556B000
|
stack
|
page read and write
|
||
|
15E0000
|
heap
|
page read and write
|
||
|
BF7000
|
stack
|
page read and write
|
||
|
16B4000
|
heap
|
page read and write
|
||
|
2EAE000
|
unkown
|
page read and write
|
||
|
462E000
|
trusted library allocation
|
page read and write
|
||
|
30F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
50CE000
|
stack
|
page read and write
|
||
|
1C10000
|
heap
|
page read and write
|
||
|
5770000
|
trusted library allocation
|
page read and write
|
||
|
6FD7D000
|
unkown
|
page read and write
|
||
|
3100000
|
trusted library allocation
|
page read and write
|
||
|
15E0000
|
trusted library allocation
|
page read and write
|
||
|
78CD000
|
heap
|
page read and write
|
||
|
12AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
5740000
|
heap
|
page read and write
|
||
|
506D000
|
trusted library allocation
|
page read and write
|
||
|
5A8E000
|
stack
|
page read and write
|
||
|
FA5000
|
trusted library allocation
|
page execute and read and write
|
||
|
549E000
|
stack
|
page read and write
|
||
|
E40000
|
trusted library allocation
|
page read and write
|
||
|
5980000
|
trusted library section
|
page readonly
|
||
|
1360000
|
trusted library allocation
|
page execute and read and write
|
||
|
54E0000
|
heap
|
page execute and read and write
|
||
|
51B0000
|
heap
|
page read and write
|
||
|
1280000
|
heap
|
page read and write
|
||
|
2E34000
|
trusted library allocation
|
page read and write
|
||
|
FF770000
|
trusted library allocation
|
page execute and read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
5760000
|
trusted library allocation
|
page read and write
|
||
|
6260000
|
heap
|
page read and write
|
||
|
1634000
|
trusted library allocation
|
page read and write
|
||
|
278F000
|
unkown
|
page read and write
|
||
|
55F0000
|
heap
|
page read and write
|
||
|
12B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
694E000
|
stack
|
page read and write
|
||
|
1630000
|
trusted library allocation
|
page read and write
|
||
|
7E00000
|
trusted library section
|
page read and write
|
||
|
30E6000
|
trusted library allocation
|
page read and write
|
||
|
2F30000
|
trusted library allocation
|
page read and write
|
||
|
14E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
14B0000
|
trusted library allocation
|
page read and write
|
||
|
50EC000
|
stack
|
page read and write
|
||
|
5730000
|
trusted library allocation
|
page read and write
|
||
|
6270000
|
heap
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
301E000
|
trusted library allocation
|
page read and write
|
||
|
30EF000
|
unkown
|
page read and write
|
||
|
165A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1483000
|
trusted library allocation
|
page execute and read and write
|
||
|
597B000
|
stack
|
page read and write
|
||
|
58E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5F40000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E1C000
|
stack
|
page read and write
|
||
|
7B3E000
|
stack
|
page read and write
|
||
|
90FE000
|
stack
|
page read and write
|
||
|
79DE000
|
stack
|
page read and write
|
||
|
264E000
|
unkown
|
page read and write
|
||
|
5500000
|
heap
|
page read and write
|
||
|
91A000
|
stack
|
page read and write
|
||
|
5E07000
|
heap
|
page read and write
|
||
|
12A2000
|
trusted library allocation
|
page read and write
|
||
|
951E000
|
stack
|
page read and write
|
||
|
3047000
|
trusted library allocation
|
page read and write
|
||
|
1652000
|
trusted library allocation
|
page read and write
|
||
|
91FE000
|
stack
|
page read and write
|
||
|
1155000
|
heap
|
page read and write
|
||
|
147E000
|
stack
|
page read and write
|
||
|
3FD9000
|
trusted library allocation
|
page read and write
|
||
|
75CE000
|
stack
|
page read and write
|
||
|
129E000
|
heap
|
page read and write
|
||
|
5730000
|
trusted library section
|
page readonly
|
||
|
817E000
|
stack
|
page read and write
|
||
|
4BFC000
|
stack
|
page read and write
|
||
|
2FBA000
|
heap
|
page read and write
|
||
|
1590000
|
trusted library allocation
|
page read and write
|
||
|
1830000
|
trusted library allocation
|
page read and write
|
||
|
66A0000
|
heap
|
page read and write
|
||
|
F9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
3BC1000
|
trusted library allocation
|
page read and write
|
||
|
1667000
|
trusted library allocation
|
page execute and read and write
|
||
|
5990000
|
heap
|
page read and write
|
||
|
7ABA000
|
heap
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
2F40000
|
trusted library allocation
|
page read and write
|
||
|
1620000
|
trusted library allocation
|
page read and write
|
||
|
5B0E000
|
stack
|
page read and write
|
||
|
49A7000
|
trusted library allocation
|
page read and write
|
||
|
27BB000
|
heap
|
page read and write
|
||
|
5930000
|
heap
|
page read and write
|
||
|
28EE000
|
stack
|
page read and write
|
||
|
2F70000
|
heap
|
page execute and read and write
|
||
|
2E49000
|
trusted library allocation
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
6386000
|
trusted library allocation
|
page read and write
|
||
|
12B5000
|
heap
|
page read and write
|
||
|
1BF0000
|
trusted library allocation
|
page read and write
|
||
|
168E000
|
heap
|
page read and write
|
||
|
1C18000
|
heap
|
page read and write
|
||
|
5044000
|
trusted library allocation
|
page read and write
|
||
|
7F6E000
|
stack
|
page read and write
|
||
|
7AB0000
|
heap
|
page read and write
|
||
|
195E000
|
stack
|
page read and write
|
||
|
86EF000
|
stack
|
page read and write
|
||
|
164D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1480000
|
trusted library allocation
|
page read and write
|
||
|
615B000
|
stack
|
page read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
F8E000
|
stack
|
page read and write
|
||
|
1660000
|
trusted library allocation
|
page read and write
|
||
|
AFA000
|
stack
|
page read and write
|
||
|
120E000
|
stack
|
page read and write
|
||
|
58D0000
|
trusted library allocation
|
page read and write
|
||
|
66B0000
|
heap
|
page read and write
|
||
|
3370000
|
trusted library allocation
|
page read and write
|
||
|
59A0000
|
heap
|
page read and write
|
||
|
4CD3000
|
trusted library allocation
|
page read and write
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
54F0000
|
heap
|
page read and write
|
||
|
882E000
|
stack
|
page read and write
|
||
|
114F000
|
heap
|
page read and write
|
||
|
2670000
|
heap
|
page read and write
|
||
|
1656000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BF5000
|
trusted library allocation
|
page read and write
|
||
|
14BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
FF7000
|
heap
|
page read and write
|
||
|
5C60000
|
heap
|
page read and write
|
||
|
5F26000
|
trusted library allocation
|
page read and write
|
||
|
128E000
|
stack
|
page read and write
|
||
|
1084000
|
trusted library allocation
|
page read and write
|
||
|
53F0000
|
trusted library allocation
|
page read and write
|
||
|
1039000
|
heap
|
page read and write
|
||
|
5A90000
|
trusted library allocation
|
page read and write
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
63A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
622D000
|
stack
|
page read and write
|
||
|
6080000
|
trusted library allocation
|
page read and write
|
||
|
5066000
|
trusted library allocation
|
page read and write
|
||
|
690E000
|
stack
|
page read and write
|
||
|
1580000
|
trusted library section
|
page read and write
|
||
|
668E000
|
stack
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page execute and read and write
|
||
|
5046000
|
trusted library allocation
|
page read and write
|
||
|
FDE000
|
heap
|
page read and write
|
||
|
5780000
|
heap
|
page read and write
|
||
|
33E1000
|
trusted library allocation
|
page read and write
|
||
|
1305000
|
heap
|
page read and write
|
||
|
1630000
|
trusted library allocation
|
page read and write
|
||
|
403F000
|
trusted library allocation
|
page read and write
|
||
|
545E000
|
stack
|
page read and write
|
||
|
12B0000
|
trusted library allocation
|
page read and write
|
||
|
2D28000
|
trusted library allocation
|
page read and write
|
||
|
6670000
|
trusted library allocation
|
page read and write
|
||
|
1560000
|
trusted library allocation
|
page read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
1566000
|
trusted library allocation
|
page read and write
|
||
|
FF4000
|
heap
|
page read and write
|
||
|
5040000
|
trusted library allocation
|
page read and write
|
||
|
304B000
|
trusted library allocation
|
page read and write
|
||
|
5F90000
|
trusted library allocation
|
page execute and read and write
|
||
|
872E000
|
stack
|
page read and write
|
||
|
92DC000
|
stack
|
page read and write
|
||
|
303A000
|
trusted library allocation
|
page read and write
|
||
|
58F0000
|
trusted library allocation
|
page read and write
|
||
|
2F16000
|
trusted library allocation
|
page read and write
|
||
|
E7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
308C000
|
stack
|
page read and write
|
||
|
147E000
|
stack
|
page read and write
|
||
|
FAB000
|
trusted library allocation
|
page execute and read and write
|
||
|
CF8000
|
stack
|
page read and write
|
||
|
14B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
109F000
|
heap
|
page read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
606E000
|
stack
|
page read and write
|
||
|
239A000
|
stack
|
page read and write
|
||
|
10C5000
|
heap
|
page read and write
|
||
|
58C0000
|
heap
|
page read and write
|
||
|
14D0000
|
trusted library allocation
|
page read and write
|
||
|
572E000
|
stack
|
page read and write
|
||
|
69CE000
|
stack
|
page read and write
|
||
|
57FF000
|
stack
|
page read and write
|
||
|
85ED000
|
stack
|
page read and write
|
||
|
625E000
|
stack
|
page read and write
|
||
|
27B0000
|
heap
|
page read and write
|
||
|
5BEE000
|
stack
|
page read and write
|
||
|
5450000
|
trusted library allocation
|
page read and write
|
||
|
1769000
|
heap
|
page read and write
|
||
|
11E7000
|
stack
|
page read and write
|
||
|
588D000
|
stack
|
page read and write
|
||
|
14F0000
|
heap
|
page read and write
|
||
|
5084000
|
trusted library allocation
|
page read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
2F45000
|
trusted library allocation
|
page read and write
|
||
|
349B000
|
trusted library allocation
|
page read and write
|
||
|
5E6E000
|
stack
|
page read and write
|
||
|
7AF0000
|
heap
|
page read and write
|
||
|
980000
|
unkown
|
page readonly
|
||
|
1370000
|
heap
|
page read and write
|
||
|
6FD60000
|
unkown
|
page readonly
|
||
|
E60000
|
trusted library allocation
|
page read and write
|
||
|
5460000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EEE000
|
stack
|
page read and write
|
||
|
7ADE000
|
stack
|
page read and write
|
||
|
129D000
|
trusted library allocation
|
page execute and read and write
|
||
|
504E000
|
trusted library allocation
|
page read and write
|
||
|
2650000
|
heap
|
page read and write
|
||
|
3FD1000
|
trusted library allocation
|
page read and write
|
||
|
504B000
|
trusted library allocation
|
page read and write
|
||
|
54DE000
|
stack
|
page read and write
|
||
|
118A000
|
heap
|
page read and write
|
||
|
1633000
|
trusted library allocation
|
page execute and read and write
|
||
|
4409000
|
trusted library allocation
|
page read and write
|
||
|
539C000
|
stack
|
page read and write
|
||
|
338E000
|
trusted library allocation
|
page read and write
|
||
|
7D8D000
|
stack
|
page read and write
|
||
|
6FD76000
|
unkown
|
page readonly
|
||
|
5440000
|
trusted library allocation
|
page read and write
|
||
|
105C000
|
heap
|
page read and write
|
||
|
2AA0000
|
trusted library allocation
|
page read and write
|
||
|
680E000
|
stack
|
page read and write
|
||
|
3250000
|
heap
|
page read and write
|
||
|
2E60000
|
heap
|
page read and write
|
||
|
17CE000
|
stack
|
page read and write
|
||
|
5933000
|
heap
|
page read and write
|
||
|
78E2000
|
heap
|
page read and write
|
||
|
837F000
|
stack
|
page read and write
|
||
|
3BE9000
|
trusted library allocation
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
794E000
|
stack
|
page read and write
|
||
|
5746000
|
trusted library allocation
|
page read and write
|
||
|
325D000
|
trusted library allocation
|
page read and write
|
||
|
64CE000
|
stack
|
page read and write
|
||
|
102D000
|
stack
|
page read and write
|
||
|
14EE000
|
stack
|
page read and write
|
||
|
806E000
|
stack
|
page read and write
|
There are 515 hidden memdumps, click here to show them.