Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
QUOTATION_JULQTRA071244#U00faPDF.scr.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\QUOTATION_JULQTRA071244#U00faPDF.scr.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\QUOTATION_JULQTRA071244#U00faPDF.scr.exe
|
"C:\Users\user\Desktop\QUOTATION_JULQTRA071244#U00faPDF.scr.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_compiler.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_compiler.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://github.com/mgravell/protobuf-neti
|
unknown
|
||
|
https://stackoverflow.com/q/14436606/23354
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
https://github.com/mgravell/protobuf-netJ
|
unknown
|
||
|
http://filetransfer.io/data-package/btd2ptah/download0C
|
unknown
|
||
|
https://filetransfer.ioli
|
unknown
|
||
|
https://stackoverflow.com/q/11564914/23354;
|
unknown
|
||
|
https://stackoverflow.com/q/2152978/23354
|
unknown
|
||
|
http://ip-api.com
|
unknown
|
||
|
https://filetransfer.io/data-package/btd2ptah/download
|
188.114.96.3
|
||
|
http://filetransfer.iod
|
unknown
|
||
|
https://github.com/mgravell/protobuf-net
|
unknown
|
||
|
http://filetransfer.io/data-package/btd2ptah/download
|
188.114.96.3
|
||
|
http://filetransfer.io
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://s21.filetransfer.io
|
unknown
|
||
|
http://ip-api.com/line/?fields=hosting
|
208.95.112.1
|
There are 7 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ip-api.com
|
208.95.112.1
|
|
|
|
s21.filetransfer.io
|
188.114.96.3
|
||
|
filetransfer.io
|
188.114.96.3
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
208.95.112.1
|
ip-api.com
|
United States
|
|
|
|
188.114.96.3
|
s21.filetransfer.io
|
European Union
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_JULQTRA071244#U00faPDF_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASMANCS
|
FileDirectory
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
80E0000
|
trusted library section
|
page read and write
|
|
|
|
7B20000
|
trusted library section
|
page read and write
|
|
|
|
346B000
|
trusted library allocation
|
page read and write
|
|
|
|
4A01000
|
trusted library allocation
|
page read and write
|
|
|
|
6EC4000
|
trusted library allocation
|
page read and write
|
|
|
|
7156000
|
trusted library allocation
|
page read and write
|
|
|
|
69D1000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
31DE000
|
trusted library allocation
|
page read and write
|
|
|
|
11B0000
|
heap
|
page read and write
|
||
|
1380000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
2DAE000
|
stack
|
page read and write
|
||
|
7E0B000
|
trusted library allocation
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
679D000
|
heap
|
page read and write
|
||
|
11E5000
|
heap
|
page read and write
|
||
|
5262000
|
trusted library allocation
|
page read and write
|
||
|
2EC0000
|
trusted library allocation
|
page read and write
|
||
|
53CC000
|
stack
|
page read and write
|
||
|
6770000
|
heap
|
page read and write
|
||
|
43E000
|
remote allocation
|
page execute and read and write
|
||
|
53E3000
|
heap
|
page read and write
|
||
|
106D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
2E90000
|
trusted library allocation
|
page read and write
|
||
|
10A4000
|
heap
|
page read and write
|
||
|
5B5E000
|
stack
|
page read and write
|
||
|
333D000
|
trusted library allocation
|
page read and write
|
||
|
1060000
|
trusted library allocation
|
page read and write
|
||
|
7D80000
|
trusted library allocation
|
page read and write
|
||
|
3318000
|
trusted library allocation
|
page read and write
|
||
|
2C70000
|
trusted library allocation
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
56EF000
|
stack
|
page read and write
|
||
|
2E74000
|
trusted library allocation
|
page read and write
|
||
|
2E9E000
|
trusted library allocation
|
page read and write
|
||
|
331E000
|
trusted library allocation
|
page read and write
|
||
|
2EC4000
|
trusted library allocation
|
page read and write
|
||
|
8A80000
|
trusted library allocation
|
page read and write
|
||
|
3399000
|
trusted library allocation
|
page read and write
|
||
|
58DD000
|
stack
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
3DB9000
|
trusted library allocation
|
page read and write
|
||
|
2C90000
|
trusted library allocation
|
page read and write
|
||
|
BE5000
|
heap
|
page read and write
|
||
|
C0B000
|
unkown
|
page readonly
|
||
|
5F3C000
|
stack
|
page read and write
|
||
|
1234000
|
heap
|
page read and write
|
||
|
335D000
|
trusted library allocation
|
page read and write
|
||
|
15AE000
|
stack
|
page read and write
|
||
|
7D50000
|
trusted library allocation
|
page read and write
|
||
|
6760000
|
heap
|
page read and write
|
||
|
3361000
|
trusted library allocation
|
page read and write
|
||
|
1347000
|
trusted library allocation
|
page execute and read and write
|
||
|
10A6000
|
heap
|
page read and write
|
||
|
7DE9000
|
trusted library allocation
|
page read and write
|
||
|
3323000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
1397000
|
trusted library allocation
|
page execute and read and write
|
||
|
8260000
|
trusted library allocation
|
page read and write
|
||
|
109E000
|
stack
|
page read and write
|
||
|
553E000
|
stack
|
page read and write
|
||
|
5B1E000
|
stack
|
page read and write
|
||
|
63A0000
|
trusted library section
|
page read and write
|
||
|
1386000
|
trusted library allocation
|
page execute and read and write
|
||
|
55BD000
|
stack
|
page read and write
|
||
|
6FA4000
|
trusted library allocation
|
page read and write
|
||
|
33A3000
|
trusted library allocation
|
page read and write
|
||
|
50FD000
|
stack
|
page read and write
|
||
|
B50000
|
unkown
|
page readonly
|
||
|
11B9000
|
heap
|
page read and write
|
||
|
1336000
|
trusted library allocation
|
page execute and read and write
|
||
|
5251000
|
trusted library allocation
|
page read and write
|
||
|
650E000
|
stack
|
page read and write
|
||
|
5FFE000
|
stack
|
page read and write
|
||
|
60FE000
|
stack
|
page read and write
|
||
|
132D000
|
stack
|
page read and write
|
||
|
58EE000
|
stack
|
page read and write
|
||
|
3365000
|
trusted library allocation
|
page read and write
|
||
|
7E40000
|
trusted library allocation
|
page read and write
|
||
|
3DD9000
|
trusted library allocation
|
page read and write
|
||
|
2DB1000
|
trusted library allocation
|
page read and write
|
||
|
138A000
|
trusted library allocation
|
page execute and read and write
|
||
|
339D000
|
trusted library allocation
|
page read and write
|
||
|
575E000
|
stack
|
page read and write
|
||
|
306F000
|
trusted library allocation
|
page read and write
|
||
|
7DE0000
|
trusted library allocation
|
page read and write
|
||
|
2EA0000
|
heap
|
page read and write
|
||
|
7DF0000
|
trusted library allocation
|
page read and write
|
||
|
523B000
|
trusted library allocation
|
page read and write
|
||
|
5236000
|
trusted library allocation
|
page read and write
|
||
|
3258000
|
trusted library allocation
|
page read and write
|
||
|
54EC000
|
stack
|
page read and write
|
||
|
7D9E000
|
trusted library allocation
|
page read and write
|
||
|
3350000
|
trusted library allocation
|
page read and write
|
||
|
14AE000
|
stack
|
page read and write
|
||
|
7F99000
|
trusted library allocation
|
page read and write
|
||
|
338C000
|
trusted library allocation
|
page read and write
|
||
|
10A5000
|
heap
|
page read and write
|
||
|
3316000
|
trusted library allocation
|
page read and write
|
||
|
5FBE000
|
stack
|
page read and write
|
||
|
1053000
|
trusted library allocation
|
page execute and read and write
|
||
|
6640000
|
trusted library allocation
|
page read and write
|
||
|
8010000
|
trusted library allocation
|
page read and write
|
||
|
7E90000
|
trusted library allocation
|
page read and write
|
||
|
5CAE000
|
stack
|
page read and write
|
||
|
5E3E000
|
stack
|
page read and write
|
||
|
334E000
|
trusted library allocation
|
page read and write
|
||
|
2EF0000
|
heap
|
page read and write
|
||
|
63D0000
|
heap
|
page read and write
|
||
|
3442000
|
trusted library allocation
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
7FE0000
|
trusted library allocation
|
page read and write
|
||
|
623E000
|
stack
|
page read and write
|
||
|
3384000
|
trusted library allocation
|
page read and write
|
||
|
8A40000
|
trusted library allocation
|
page execute and read and write
|
||
|
56DE000
|
stack
|
page read and write
|
||
|
339B000
|
trusted library allocation
|
page read and write
|
||
|
5256000
|
trusted library allocation
|
page read and write
|
||
|
8250000
|
trusted library allocation
|
page execute and read and write
|
||
|
11BE000
|
heap
|
page read and write
|
||
|
5270000
|
trusted library allocation
|
page read and write
|
||
|
7D9B000
|
trusted library allocation
|
page read and write
|
||
|
5DAE000
|
stack
|
page read and write
|
||
|
5242000
|
trusted library allocation
|
page read and write
|
||
|
7D96000
|
trusted library allocation
|
page read and write
|
||
|
6419000
|
heap
|
page read and write
|
||
|
7F90000
|
trusted library allocation
|
page read and write
|
||
|
53E0000
|
heap
|
page read and write
|
||
|
1078000
|
heap
|
page read and write
|
||
|
12C0000
|
trusted library allocation
|
page read and write
|
||
|
557F000
|
stack
|
page read and write
|
||
|
571E000
|
stack
|
page read and write
|
||
|
108E000
|
heap
|
page read and write
|
||
|
1050000
|
trusted library allocation
|
page read and write
|
||
|
3335000
|
trusted library allocation
|
page read and write
|
||
|
3256000
|
trusted library allocation
|
page read and write
|
||
|
5C5E000
|
stack
|
page read and write
|
||
|
7E50000
|
trusted library allocation
|
page read and write
|
||
|
524E000
|
trusted library allocation
|
page read and write
|
||
|
4EED000
|
stack
|
page read and write
|
||
|
2EB0000
|
trusted library allocation
|
page read and write
|
||
|
12E9000
|
heap
|
page read and write
|
||
|
7DD9000
|
trusted library allocation
|
page read and write
|
||
|
5290000
|
heap
|
page read and write
|
||
|
306B000
|
trusted library allocation
|
page read and write
|
||
|
339F000
|
trusted library allocation
|
page read and write
|
||
|
2E7C000
|
stack
|
page read and write
|
||
|
336B000
|
trusted library allocation
|
page read and write
|
||
|
6610000
|
trusted library allocation
|
page execute and read and write
|
||
|
1330000
|
trusted library allocation
|
page read and write
|
||
|
3382000
|
trusted library allocation
|
page read and write
|
||
|
7E80000
|
trusted library allocation
|
page read and write
|
||
|
7DA4000
|
trusted library allocation
|
page read and write
|
||
|
8150000
|
trusted library section
|
page read and write
|
||
|
55C0000
|
trusted library allocation
|
page read and write
|
||
|
332F000
|
trusted library allocation
|
page read and write
|
||
|
523E000
|
trusted library allocation
|
page read and write
|
||
|
62CD000
|
stack
|
page read and write
|
||
|
BEE000
|
unkown
|
page readonly
|
||
|
63E7000
|
heap
|
page read and write
|
||
|
1390000
|
trusted library allocation
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
3E17000
|
trusted library allocation
|
page read and write
|
||
|
63CE000
|
stack
|
page read and write
|
||
|
4F23000
|
trusted library allocation
|
page read and write
|
||
|
334C000
|
trusted library allocation
|
page read and write
|
||
|
6660000
|
trusted library allocation
|
page execute and read and write
|
||
|
3001000
|
trusted library allocation
|
page read and write
|
||
|
12CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
331C000
|
trusted library allocation
|
page read and write
|
||
|
3380000
|
trusted library allocation
|
page read and write
|
||
|
4001000
|
trusted library allocation
|
page read and write
|
||
|
675E000
|
stack
|
page read and write
|
||
|
6630000
|
trusted library allocation
|
page read and write
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
12C4000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
3057000
|
trusted library allocation
|
page read and write
|
||
|
3369000
|
trusted library allocation
|
page read and write
|
||
|
305F000
|
trusted library allocation
|
page read and write
|
||
|
7DB1000
|
trusted library allocation
|
page read and write
|
||
|
3088000
|
trusted library allocation
|
page read and write
|
||
|
10E3000
|
heap
|
page read and write
|
||
|
557E000
|
stack
|
page read and write
|
||
|
66F0000
|
trusted library allocation
|
page read and write
|
||
|
2DE5000
|
trusted library allocation
|
page read and write
|
||
|
5A1D000
|
stack
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
1382000
|
trusted library allocation
|
page read and write
|
||
|
2EBE000
|
trusted library allocation
|
page read and write
|
||
|
7027000
|
trusted library allocation
|
page read and write
|
||
|
2DC9000
|
trusted library allocation
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
33A5000
|
trusted library allocation
|
page read and write
|
||
|
5230000
|
trusted library allocation
|
page read and write
|
||
|
11D1000
|
heap
|
page read and write
|
||
|
1360000
|
trusted library allocation
|
page read and write
|
||
|
55D0000
|
heap
|
page read and write
|
||
|
3333000
|
trusted library allocation
|
page read and write
|
||
|
4F29000
|
trusted library allocation
|
page read and write
|
||
|
12D3000
|
trusted library allocation
|
page read and write
|
||
|
79E2000
|
trusted library allocation
|
page read and write
|
||
|
2E9C000
|
trusted library allocation
|
page read and write
|
||
|
12E7000
|
heap
|
page read and write
|
||
|
7F70000
|
trusted library allocation
|
page read and write
|
||
|
7F60000
|
trusted library allocation
|
page read and write
|
||
|
524A000
|
trusted library allocation
|
page read and write
|
||
|
3281000
|
trusted library allocation
|
page read and write
|
||
|
4DEC000
|
stack
|
page read and write
|
||
|
109A000
|
heap
|
page read and write
|
||
|
3363000
|
trusted library allocation
|
page read and write
|
||
|
1040000
|
trusted library allocation
|
page read and write
|
||
|
7F50000
|
trusted library allocation
|
page read and write
|
||
|
1264000
|
heap
|
page read and write
|
||
|
6650000
|
trusted library allocation
|
page read and write
|
||
|
2E88000
|
trusted library allocation
|
page read and write
|
||
|
8060000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3041000
|
trusted library allocation
|
page read and write
|
||
|
7DD0000
|
trusted library allocation
|
page read and write
|
||
|
3367000
|
trusted library allocation
|
page read and write
|
||
|
2DA0000
|
trusted library allocation
|
page read and write
|
||
|
3067000
|
trusted library allocation
|
page read and write
|
||
|
CDB000
|
stack
|
page read and write
|
||
|
6818000
|
heap
|
page read and write
|
||
|
7E30000
|
trusted library allocation
|
page read and write
|
||
|
134B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BC0000
|
heap
|
page execute and read and write
|
||
|
336F000
|
trusted library allocation
|
page read and write
|
||
|
338F000
|
trusted library allocation
|
page read and write
|
||
|
2DF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
B0A000
|
stack
|
page read and write
|
||
|
57EE000
|
stack
|
page read and write
|
||
|
33A7000
|
trusted library allocation
|
page read and write
|
||
|
333B000
|
trusted library allocation
|
page read and write
|
||
|
3352000
|
trusted library allocation
|
page read and write
|
||
|
7D70000
|
trusted library allocation
|
page read and write
|
||
|
330E000
|
trusted library allocation
|
page read and write
|
||
|
55BE000
|
stack
|
page read and write
|
||
|
3372000
|
trusted library allocation
|
page read and write
|
||
|
13B0000
|
trusted library allocation
|
page read and write
|
||
|
629E000
|
stack
|
page read and write
|
||
|
11F1000
|
heap
|
page read and write
|
||
|
1342000
|
trusted library allocation
|
page read and write
|
||
|
2E98000
|
trusted library allocation
|
page read and write
|
||
|
139B000
|
trusted library allocation
|
page execute and read and write
|
||
|
338A000
|
trusted library allocation
|
page read and write
|
||
|
3386000
|
trusted library allocation
|
page read and write
|
||
|
336D000
|
trusted library allocation
|
page read and write
|
||
|
1392000
|
trusted library allocation
|
page read and write
|
||
|
C3D000
|
unkown
|
page readonly
|
||
|
331A000
|
trusted library allocation
|
page read and write
|
||
|
3356000
|
trusted library allocation
|
page read and write
|
||
|
7E20000
|
trusted library allocation
|
page read and write
|
||
|
13C6000
|
heap
|
page read and write
|
||
|
1332000
|
trusted library allocation
|
page read and write
|
||
|
7E00000
|
trusted library allocation
|
page read and write
|
||
|
B52000
|
unkown
|
page readonly
|
||
|
660E000
|
stack
|
page read and write
|
||
|
7E70000
|
trusted library allocation
|
page read and write
|
||
|
1283000
|
heap
|
page read and write
|
||
|
6790000
|
heap
|
page read and write
|
||
|
639D000
|
stack
|
page read and write
|
||
|
3388000
|
trusted library allocation
|
page read and write
|
||
|
2E6E000
|
trusted library allocation
|
page read and write
|
||
|
10F3000
|
heap
|
page read and write
|
||
|
2EAC000
|
trusted library allocation
|
page read and write
|
||
|
12DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F80000
|
trusted library allocation
|
page read and write
|
||
|
2FFF000
|
stack
|
page read and write
|
||
|
2C80000
|
trusted library allocation
|
page read and write
|
||
|
7DC5000
|
trusted library allocation
|
page read and write
|
||
|
613E000
|
stack
|
page read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
1145000
|
heap
|
page read and write
|
||
|
2DC0000
|
trusted library allocation
|
page read and write
|
||
|
2BAE000
|
stack
|
page read and write
|
||
|
2EFB000
|
heap
|
page read and write
|
||
|
7D90000
|
trusted library allocation
|
page read and write
|
||
|
7F40000
|
trusted library allocation
|
page execute and read and write
|
||
|
13A7000
|
heap
|
page read and write
|
||
|
2BB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
12C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7E10000
|
trusted library allocation
|
page execute and read and write
|
||
|
6980000
|
heap
|
page read and write
|
||
|
DD7000
|
stack
|
page read and write
|
||
|
3DB1000
|
trusted library allocation
|
page read and write
|
||
|
6627000
|
trusted library allocation
|
page read and write
|
||
|
3331000
|
trusted library allocation
|
page read and write
|
||
|
2E30000
|
heap
|
page execute and read and write
|
||
|
3374000
|
trusted library allocation
|
page read and write
|
||
|
59DE000
|
stack
|
page read and write
|
||
|
7DDB000
|
trusted library allocation
|
page read and write
|
||
|
7E60000
|
trusted library allocation
|
page read and write
|
||
|
6826000
|
heap
|
page read and write
|
||
|
2BD8000
|
trusted library allocation
|
page read and write
|
||
|
5B90000
|
trusted library allocation
|
page read and write
|
||
|
2DB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
525D000
|
trusted library allocation
|
page read and write
|
||
|
3354000
|
trusted library allocation
|
page read and write
|
||
|
70DF000
|
trusted library allocation
|
page read and write
|
||
|
2DD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
7DAE000
|
trusted library allocation
|
page read and write
|
||
|
EF8000
|
stack
|
page read and write
|
||
|
1054000
|
trusted library allocation
|
page read and write
|
||
|
55E0000
|
heap
|
page execute and read and write
|
||
|
66E0000
|
heap
|
page read and write
|
||
|
7EF60000
|
trusted library allocation
|
page execute and read and write
|
||
|
5F7E000
|
stack
|
page read and write
|
||
|
1340000
|
trusted library allocation
|
page read and write
|
||
|
665E000
|
stack
|
page read and write
|
||
|
133A000
|
trusted library allocation
|
page execute and read and write
|
||
|
12B0000
|
trusted library allocation
|
page read and write
|
||
|
89D0000
|
heap
|
page read and write
|
||
|
3340000
|
trusted library allocation
|
page read and write
|
||
|
1370000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D8E000
|
stack
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
6637000
|
trusted library allocation
|
page read and write
|
||
|
30CF000
|
trusted library allocation
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
105D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7DA0000
|
trusted library allocation
|
page read and write
|
||
|
2E80000
|
trusted library allocation
|
page read and write
|
||
|
2E8E000
|
trusted library allocation
|
page read and write
|
||
|
7EE90000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D90000
|
trusted library allocation
|
page read and write
|
||
|
305C000
|
trusted library allocation
|
page read and write
|
||
|
547E000
|
stack
|
page read and write
|
||
|
55D0000
|
heap
|
page execute and read and write
|
||
|
6620000
|
trusted library allocation
|
page read and write
|
There are 326 hidden memdumps, click here to show them.