Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
PO#RSB-8927393_2324.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\PO#RSB-8927393_2324.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\KgHL37J7K
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 7
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_e4wignoh.cgd.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nowgvmwk.j0p.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_o5wuw5yz.rlu.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yjyi1kom.e32.psm1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\PO#RSB-8927393_2324.exe
|
"C:\Users\user\Desktop\PO#RSB-8927393_2324.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\PO#RSB-8927393_2324.exe"
|
|
|
|
C:\Users\user\Desktop\PO#RSB-8927393_2324.exe
|
"C:\Users\user\Desktop\PO#RSB-8927393_2324.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Users\user\Desktop\PO#RSB-8927393_2324.exe
|
"C:\Users\user\Desktop\PO#RSB-8927393_2324.exe"
|
|
|
|
C:\Program Files (x86)\SfIdDALnKPRkoCdjcmLxntTwRWgtRRLmJJNPrEOnuGlyOqQeANvDKbEGFktAZjookfnnyI\TVuzjGWylRcD.exe
|
"C:\Program Files (x86)\SfIdDALnKPRkoCdjcmLxntTwRWgtRRLmJJNPrEOnuGlyOqQeANvDKbEGFktAZjookfnnyI\TVuzjGWylRcD.exe"
|
|
|
|
C:\Windows\SysWOW64\w32tm.exe
|
"C:\Windows\SysWOW64\w32tm.exe"
|
|
|
|
C:\Program Files (x86)\SfIdDALnKPRkoCdjcmLxntTwRWgtRRLmJJNPrEOnuGlyOqQeANvDKbEGFktAZjookfnnyI\TVuzjGWylRcD.exe
|
"C:\Program Files (x86)\SfIdDALnKPRkoCdjcmLxntTwRWgtRRLmJJNPrEOnuGlyOqQeANvDKbEGFktAZjookfnnyI\TVuzjGWylRcD.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
|
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.desakedungpeluk.com/fwoh/
|
202.52.146.180
|
|
|
|
http://www.stigaequity.com/g6p3/?ER9dVZR=ribLlrKo4+aNk92vcl6tJoF/Wx2bO83lSnYMoyHDTVlljCBLTbU97JTETYJyyGq3p6fcq731smqcseDbybcpYOuelIXZBxgBjMkzGiPSdnNvEa8E1B1rFKPXfL7Uhr2TtbaNlqUJmpII&GFi=c8EPf
|
3.33.130.190
|
|
|
|
http://www.stigaequity.com/g6p3/
|
3.33.130.190
|
|
|
|
http://www.interoceptiv.com/f6cy/?GFi=c8EPf&ER9dVZR=ViKCibVXrLYIfGkUWUzEOaSlHvtpmYyv8mF5qjT/BPKazql6ii5kKGQHLaSbydSSoUBECJyqDvT8mzUSv37yKhNGp2B6IS3ZvB9wkFVTcG5y2IknMhFR9SC0mei2pox1qw6FBw9NsPmM
|
3.33.130.190
|
|
|
|
http://www.interoceptiv.com/f6cy/
|
3.33.130.190
|
|
|
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://www.stigaequity.com
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
http://artistcalculator.com/8kls/?GFi=c8EPf&ER9dVZR=2KGZ/3QNXi4ulTzvjIbSvnVIk
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
http://www.artistcalculator.com/8kls/?GFi=c8EPf&ER9dVZR=2KGZ/3QNXi4ulTzvjIbSvnVIk+/410+IZnCrksCfUlhFzRQv5I69qDoixyW/nlEH6HekfEjhjWldx4T2xAX96nP+8g6Xqrd0P2gOkZ8UL+qLTVw01tpdU0aJtXq0SBQRvwi7Sr6O0xKY
|
162.241.216.26
|
There are 7 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
interoceptiv.com
|
3.33.130.190
|
|
|
|
desakedungpeluk.com
|
202.52.146.180
|
|
|
|
stigaequity.com
|
3.33.130.190
|
|
|
|
www.desakedungpeluk.com
|
unknown
|
|
|
|
www.artistcalculator.com
|
unknown
|
|
|
|
www.interoceptiv.com
|
unknown
|
|
|
|
www.stigaequity.com
|
unknown
|
|
|
|
artistcalculator.com
|
162.241.216.26
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
202.52.146.180
|
desakedungpeluk.com
|
Indonesia
|
|
|
|
3.33.130.190
|
interoceptiv.com
|
United States
|
|
|
|
162.241.216.26
|
artistcalculator.com
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3AF0000
|
unkown
|
page execute and read and write
|
|
|
|
28D0000
|
unclassified section
|
page execute and read and write
|
|
|
|
13D0000
|
unclassified section
|
page execute and read and write
|
|
|
|
3740000
|
trusted library allocation
|
page read and write
|
|
|
|
890000
|
system
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
3790000
|
trusted library allocation
|
page read and write
|
|
|
|
2F80000
|
system
|
page execute and read and write
|
|
|
|
640000
|
unkown
|
page readonly
|
||
|
2360000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
50D0000
|
heap
|
page read and write
|
||
|
3372000
|
heap
|
page read and write
|
||
|
70AE000
|
stack
|
page read and write
|
||
|
2BB9000
|
trusted library allocation
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
4EA000
|
stack
|
page read and write
|
||
|
33FF000
|
heap
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
4F20000
|
trusted library allocation
|
page read and write
|
||
|
24D4000
|
heap
|
page read and write
|
||
|
82C9000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
30F0000
|
unkown
|
page execute and read and write
|
||
|
640000
|
unkown
|
page readonly
|
||
|
1FEAB070000
|
trusted library allocation
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
2350000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
2300000
|
unkown
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3678000
|
heap
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
337D000
|
heap
|
page read and write
|
||
|
8251000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
342C000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
849C000
|
stack
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
2DB6000
|
unkown
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
747E000
|
stack
|
page read and write
|
||
|
825B000
|
heap
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
4F70000
|
trusted library section
|
page readonly
|
||
|
2F48000
|
unkown
|
page read and write
|
||
|
67E000
|
unkown
|
page readonly
|
||
|
533E000
|
stack
|
page read and write
|
||
|
4718000
|
unclassified section
|
page read and write
|
||
|
2ACE000
|
stack
|
page read and write
|
||
|
1FEAB100000
|
trusted library allocation
|
page read and write
|
||
|
28C7000
|
trusted library allocation
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
630000
|
unkown
|
page readonly
|
||
|
3521000
|
heap
|
page read and write
|
||
|
9B0000
|
unkown
|
page read and write
|
||
|
2978C000
|
system
|
page read and write
|
||
|
294B2000
|
system
|
page read and write
|
||
|
2B19000
|
unclassified section
|
page execute and read and write
|
||
|
AD4E000
|
stack
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
32E4000
|
heap
|
page read and write
|
||
|
2D64000
|
trusted library allocation
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
4F10000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
650000
|
unkown
|
page readonly
|
||
|
771000
|
unkown
|
page readonly
|
||
|
13C8000
|
direct allocation
|
page execute and read and write
|
||
|
120C000
|
stack
|
page read and write
|
||
|
89AF000
|
stack
|
page read and write
|
||
|
293D000
|
trusted library allocation
|
page read and write
|
||
|
28A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
685000
|
unkown
|
page read and write
|
||
|
1FEAB211000
|
trusted library allocation
|
page read and write
|
||
|
911000
|
system
|
page execute and read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
2360000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
33D6000
|
heap
|
page read and write
|
||
|
520E000
|
stack
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
BBC000
|
unkown
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
6EDF0000
|
unkown
|
page readonly
|
||
|
8F5000
|
system
|
page execute and read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
8247000
|
heap
|
page read and write
|
||
|
E9C35FF000
|
stack
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
33EA000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
4FEF000
|
stack
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
687000
|
unkown
|
page readonly
|
||
|
33EA000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3DF2000
|
unclassified section
|
page read and write
|
||
|
6810000
|
trusted library allocation
|
page read and write
|
||
|
380000
|
unkown
|
page readonly
|
||
|
332D000
|
stack
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
E9C25FD000
|
stack
|
page read and write
|
||
|
670000
|
unkown
|
page readonly
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
D9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
640000
|
unkown
|
page readonly
|
||
|
3521000
|
heap
|
page read and write
|
||
|
660000
|
unkown
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
4EA000
|
stack
|
page read and write
|
||
|
A00000
|
unkown
|
page readonly
|
||
|
EB1000
|
unkown
|
page readonly
|
||
|
1FEAB301000
|
trusted library allocation
|
page read and write
|
||
|
28D0000
|
trusted library allocation
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
508B000
|
stack
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
79C000
|
stack
|
page read and write
|
||
|
E19000
|
heap
|
page read and write
|
||
|
8265000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
AF8E000
|
stack
|
page read and write
|
||
|
5380000
|
heap
|
page read and write
|
||
|
C70000
|
unkown
|
page readonly
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3D39000
|
unkown
|
page execute and read and write
|
||
|
1217000
|
heap
|
page read and write
|
||
|
FB2000
|
trusted library allocation
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
234C000
|
stack
|
page read and write
|
||
|
2350000
|
heap
|
page read and write
|
||
|
2DE4000
|
trusted library allocation
|
page read and write
|
||
|
2F0B000
|
stack
|
page read and write
|
||
|
2980000
|
trusted library allocation
|
page read and write
|
||
|
8293000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
30DA000
|
unkown
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
399E000
|
stack
|
page read and write
|
||
|
685000
|
unkown
|
page read and write
|
||
|
3FA000
|
stack
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
1331000
|
direct allocation
|
page execute and read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
29572000
|
system
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
712D000
|
stack
|
page read and write
|
||
|
8250000
|
heap
|
page read and write
|
||
|
D5E000
|
stack
|
page read and write
|
||
|
759000
|
stack
|
page read and write
|
||
|
687000
|
unkown
|
page readonly
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
340C000
|
heap
|
page read and write
|
||
|
54FE000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
33B8000
|
heap
|
page read and write
|
||
|
1ED0000
|
unclassified section
|
page execute and read and write
|
||
|
3B0D000
|
direct allocation
|
page execute and read and write
|
||
|
3620000
|
trusted library allocation
|
page read and write
|
||
|
AE8D000
|
stack
|
page read and write
|
||
|
82CF000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
82BC000
|
heap
|
page read and write
|
||
|
28C0000
|
trusted library allocation
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
8256000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
1FEAB20E000
|
trusted library allocation
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
292E000
|
trusted library allocation
|
page read and write
|
||
|
29C0000
|
heap
|
page read and write
|
||
|
39E0000
|
direct allocation
|
page execute and read and write
|
||
|
AB69000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3880000
|
trusted library allocation
|
page execute and read and write
|
||
|
7DE000
|
stack
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
737E000
|
stack
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
968000
|
system
|
page execute and read and write
|
||
|
84DC000
|
stack
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
B8B000
|
heap
|
page read and write
|
||
|
3BC9000
|
trusted library allocation
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
2354000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
470000
|
unkown
|
page readonly
|
||
|
3521000
|
heap
|
page read and write
|
||
|
101E000
|
stack
|
page read and write
|
||
|
4EAF000
|
stack
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
6EE0F000
|
unkown
|
page readonly
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3378000
|
heap
|
page read and write
|
||
|
33D3000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
28F0000
|
trusted library allocation
|
page read and write
|
||
|
8350000
|
trusted library allocation
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
3D22000
|
direct allocation
|
page execute and read and write
|
||
|
3660000
|
heap
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
1FEA95F0000
|
heap
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
1FEA9640000
|
heap
|
page read and write
|
||
|
FB7000
|
trusted library allocation
|
page execute and read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
1FEA9600000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
33C9000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
B78000
|
heap
|
page read and write
|
||
|
FA2000
|
trusted library allocation
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
685000
|
unkown
|
page read and write
|
||
|
DE2000
|
heap
|
page read and write
|
||
|
1FEAB200000
|
trusted library allocation
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
1001000
|
unkown
|
page readonly
|
||
|
3521000
|
heap
|
page read and write
|
||
|
6EE0D000
|
unkown
|
page read and write
|
||
|
4BCC000
|
stack
|
page read and write
|
||
|
612000
|
unkown
|
page readonly
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
8260000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
33F9000
|
heap
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
1FEA96B7000
|
heap
|
page read and write
|
||
|
3360000
|
heap
|
page read and write
|
||
|
3451000
|
heap
|
page read and write
|
||
|
AAE000
|
stack
|
page read and write
|
||
|
671000
|
unkown
|
page execute read
|
||
|
660000
|
unkown
|
page read and write
|
||
|
3383000
|
heap
|
page read and write
|
||
|
C15000
|
heap
|
page read and write
|
||
|
390000
|
unkown
|
page readonly
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
4D6C000
|
stack
|
page read and write
|
||
|
2850000
|
trusted library allocation
|
page read and write
|
||
|
A00000
|
unkown
|
page readonly
|
||
|
5660000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
B21E000
|
stack
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
337D000
|
heap
|
page read and write
|
||
|
29B74000
|
system
|
page read and write
|
||
|
B78000
|
heap
|
page read and write
|
||
|
3519000
|
unclassified section
|
page execute and read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
54F0000
|
heap
|
page read and write
|
||
|
896E000
|
stack
|
page read and write
|
||
|
2D69000
|
trusted library allocation
|
page read and write
|
||
|
82C3000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
370000
|
unkown
|
page readonly
|
||
|
3521000
|
heap
|
page read and write
|
||
|
2622000
|
unkown
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
670000
|
unkown
|
page readonly
|
||
|
3374000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
2562000
|
unkown
|
page read and write
|
||
|
395E000
|
stack
|
page read and write
|
||
|
33DD000
|
heap
|
page read and write
|
||
|
B50000
|
unkown
|
page read and write
|
||
|
9E0000
|
unkown
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
2DD4000
|
trusted library allocation
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
2942000
|
trusted library allocation
|
page read and write
|
||
|
E54000
|
heap
|
page read and write
|
||
|
79C000
|
stack
|
page read and write
|
||
|
5210000
|
trusted library section
|
page read and write
|
||
|
4586000
|
unclassified section
|
page read and write
|
||
|
1FEAB300000
|
trusted library allocation
|
page read and write
|
||
|
1FEA96DD000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3B09000
|
direct allocation
|
page execute and read and write
|
||
|
70ED000
|
stack
|
page read and write
|
||
|
E9C2DFE000
|
stack
|
page read and write
|
||
|
3620000
|
trusted library allocation
|
page read and write
|
||
|
5340000
|
trusted library allocation
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3F19000
|
unclassified section
|
page execute and read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
BBD000
|
unkown
|
page read and write
|
||
|
B320000
|
trusted library allocation
|
page read and write
|
||
|
7240000
|
heap
|
page read and write
|
||
|
6EDF1000
|
unkown
|
page execute read
|
||
|
FAA000
|
trusted library allocation
|
page execute and read and write
|
||
|
34DE000
|
stack
|
page read and write
|
||
|
1080000
|
direct allocation
|
page execute and read and write
|
||
|
1FEA96E5000
|
heap
|
page read and write
|
||
|
8274000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
2950000
|
trusted library allocation
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3AD9000
|
trusted library allocation
|
page read and write
|
||
|
3436000
|
heap
|
page read and write
|
||
|
AA4E000
|
stack
|
page read and write
|
||
|
1FEAB203000
|
trusted library allocation
|
page read and write
|
||
|
3416000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
630000
|
unkown
|
page readonly
|
||
|
3521000
|
heap
|
page read and write
|
||
|
37E0000
|
trusted library allocation
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
2AD1000
|
trusted library allocation
|
page read and write
|
||
|
8268000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
870000
|
unkown
|
page read and write
|
||
|
6C7E000
|
stack
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
3340000
|
heap
|
page read and write
|
||
|
3372000
|
heap
|
page read and write
|
||
|
400C000
|
unclassified section
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
5EC000
|
stack
|
page read and write
|
||
|
3956000
|
heap
|
page read and write
|
||
|
3B7E000
|
direct allocation
|
page execute and read and write
|
||
|
C70000
|
unkown
|
page readonly
|
||
|
82CC000
|
heap
|
page read and write
|
||
|
F9F000
|
stack
|
page read and write
|
||
|
3330000
|
heap
|
page read and write
|
||
|
1FEA96B0000
|
heap
|
page read and write
|
||
|
121E000
|
direct allocation
|
page execute and read and write
|
||
|
24D0000
|
heap
|
page read and write
|
||
|
886000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
8ED000
|
system
|
page execute and read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
82BF000
|
heap
|
page read and write
|
||
|
640000
|
unkown
|
page readonly
|
||
|
B1DC000
|
stack
|
page read and write
|
||
|
4F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
780000
|
unkown
|
page read and write
|
||
|
390000
|
unkown
|
page readonly
|
||
|
D8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
2C24000
|
unkown
|
page read and write
|
||
|
3432000
|
heap
|
page read and write
|
||
|
2900000
|
heap
|
page execute and read and write
|
||
|
4FA0000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
283C000
|
unkown
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
1FEAB20A000
|
trusted library allocation
|
page read and write
|
||
|
3383000
|
heap
|
page read and write
|
||
|
2830000
|
trusted library allocation
|
page read and write
|
||
|
1FEAB3A6000
|
trusted library allocation
|
page read and write
|
||
|
3AD1000
|
trusted library allocation
|
page read and write
|
||
|
1346000
|
direct allocation
|
page execute and read and write
|
||
|
2470000
|
unkown
|
page readonly
|
||
|
8240000
|
trusted library allocation
|
page read and write
|
||
|
3D32000
|
unclassified section
|
page read and write
|
||
|
26F0000
|
unkown
|
page execute and read and write
|
||
|
4DAE000
|
stack
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
620000
|
unkown
|
page readonly
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
7FD50000
|
trusted library allocation
|
page execute and read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
1FEA96CF000
|
heap
|
page read and write
|
||
|
8A1E000
|
stack
|
page read and write
|
||
|
5350000
|
trusted library section
|
page read and write
|
||
|
1FEAB215000
|
trusted library allocation
|
page read and write
|
||
|
3367000
|
heap
|
page read and write
|
||
|
685000
|
unkown
|
page read and write
|
||
|
851E000
|
stack
|
page read and write
|
||
|
828F000
|
heap
|
page read and write
|
||
|
FBB000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E4C000
|
unclassified section
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
A3F000
|
heap
|
page read and write
|
||
|
5370000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
9E0000
|
unkown
|
page read and write
|
||
|
3CB1000
|
direct allocation
|
page execute and read and write
|
||
|
D83000
|
trusted library allocation
|
page execute and read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
B0DC000
|
stack
|
page read and write
|
||
|
33AA000
|
heap
|
page read and write
|
||
|
349E000
|
stack
|
page read and write
|
||
|
337B000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
D80000
|
trusted library allocation
|
page read and write
|
||
|
1020000
|
trusted library allocation
|
page execute and read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
33C4000
|
heap
|
page read and write
|
||
|
50D3000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
AF7000
|
stack
|
page read and write
|
||
|
43F4000
|
unclassified section
|
page read and write
|
||
|
24D4000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
B31E000
|
stack
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
E74000
|
heap
|
page read and write
|
||
|
2470000
|
unkown
|
page readonly
|
||
|
3521000
|
heap
|
page read and write
|
||
|
2300000
|
unkown
|
page read and write
|
||
|
DA8000
|
heap
|
page read and write
|
||
|
67E000
|
unkown
|
page readonly
|
||
|
1FEAB060000
|
heap
|
page read and write
|
||
|
2936000
|
trusted library allocation
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
B20000
|
unkown
|
page readonly
|
||
|
6E7E000
|
stack
|
page read and write
|
||
|
7F0000
|
unkown
|
page readonly
|
||
|
AFF000
|
stack
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
14D0000
|
unclassified section
|
page execute and read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
D70000
|
trusted library allocation
|
page read and write
|
||
|
2562000
|
unkown
|
page read and write
|
||
|
670000
|
unkown
|
page readonly
|
||
|
3521000
|
heap
|
page read and write
|
||
|
5139000
|
unkown
|
page execute and read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
AB50000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
343C000
|
heap
|
page read and write
|
||
|
337D000
|
heap
|
page read and write
|
||
|
1FEAB3C4000
|
trusted library allocation
|
page read and write
|
||
|
480000
|
unkown
|
page readonly
|
||
|
E9C1DFB000
|
stack
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
687000
|
unkown
|
page readonly
|
||
|
4327000
|
trusted library allocation
|
page read and write
|
||
|
7FB000
|
stack
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
5365000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
2600000
|
unkown
|
page readonly
|
||
|
B50000
|
unkown
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
687000
|
unkown
|
page readonly
|
||
|
379B000
|
heap
|
page read and write
|
||
|
7F0000
|
unkown
|
page readonly
|
||
|
24D0000
|
heap
|
page read and write
|
||
|
9D1000
|
unkown
|
page readonly
|
||
|
11AD000
|
direct allocation
|
page execute and read and write
|
||
|
32E4000
|
heap
|
page read and write
|
||
|
1FEA955F000
|
system
|
page execute and read and write
|
||
|
B331000
|
trusted library allocation
|
page read and write
|
||
|
5B39000
|
unkown
|
page execute and read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
33D3000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
32E0000
|
heap
|
page read and write
|
||
|
2914000
|
trusted library allocation
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
905000
|
system
|
page execute and read and write
|
||
|
25DF000
|
stack
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3620000
|
trusted library allocation
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
5230000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
67E000
|
unkown
|
page readonly
|
||
|
88EE000
|
stack
|
page read and write
|
||
|
8520000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
FA6000
|
trusted library allocation
|
page execute and read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
4EEE000
|
stack
|
page read and write
|
||
|
8299000
|
heap
|
page read and write
|
||
|
671000
|
unkown
|
page execute read
|
||
|
1FEA96E2000
|
heap
|
page read and write
|
||
|
32E4000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3FA000
|
stack
|
page read and write
|
||
|
48AA000
|
unclassified section
|
page read and write
|
||
|
28E0000
|
trusted library allocation
|
page read and write
|
||
|
33F3000
|
heap
|
page read and write
|
||
|
E48000
|
heap
|
page read and write
|
||
|
337D000
|
heap
|
page read and write
|
||
|
1FEAB3BE000
|
trusted library allocation
|
page read and write
|
||
|
670000
|
unkown
|
page readonly
|
||
|
671000
|
unkown
|
page execute read
|
||
|
3521000
|
heap
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
25F0000
|
heap
|
page read and write
|
||
|
3CC7000
|
unkown
|
page execute and read and write
|
||
|
913000
|
system
|
page execute and read and write
|
||
|
C0E000
|
stack
|
page read and write
|
||
|
6F20000
|
trusted library section
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
337D000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
6EFD000
|
stack
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
2F48000
|
stack
|
page read and write
|
||
|
780000
|
unkown
|
page read and write
|
||
|
AE4E000
|
stack
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
33D6000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
8A5F000
|
stack
|
page read and write
|
||
|
380000
|
unkown
|
page readonly
|
||
|
FA0000
|
trusted library allocation
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
4F40000
|
trusted library allocation
|
page read and write
|
||
|
4F80000
|
heap
|
page execute and read and write
|
||
|
AEE000
|
stack
|
page read and write
|
||
|
460000
|
unkown
|
page readonly
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
4375000
|
trusted library allocation
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
B20000
|
unkown
|
page readonly
|
||
|
3521000
|
heap
|
page read and write
|
||
|
671000
|
unkown
|
page execute read
|
||
|
351E000
|
stack
|
page read and write
|
||
|
AB4D000
|
stack
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
5EC000
|
stack
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
D1F000
|
stack
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
1FEAB3CE000
|
trusted library allocation
|
page read and write
|
||
|
892F000
|
stack
|
page read and write
|
||
|
4F90000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
1FEAB221000
|
trusted library allocation
|
page read and write
|
||
|
82AD000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
6EBE000
|
stack
|
page read and write
|
||
|
3B8B000
|
trusted library allocation
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
382D000
|
heap
|
page read and write
|
||
|
2960000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
trusted library allocation
|
page read and write
|
||
|
1FEA9520000
|
system
|
page execute and read and write
|
||
|
A28000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
395A000
|
heap
|
page read and write
|
||
|
DAE000
|
heap
|
page read and write
|
||
|
964C000
|
trusted library allocation
|
page read and write
|
||
|
B48000
|
heap
|
page read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
5360000
|
heap
|
page read and write
|
||
|
100F000
|
stack
|
page read and write
|
||
|
11A9000
|
direct allocation
|
page execute and read and write
|
||
|
723E000
|
stack
|
page read and write
|
||
|
630000
|
unkown
|
page readonly
|
||
|
2354000
|
heap
|
page read and write
|
||
|
2955000
|
trusted library allocation
|
page read and write
|
||
|
9D1000
|
unkown
|
page readonly
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3378000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
6EE06000
|
unkown
|
page readonly
|
||
|
3408000
|
heap
|
page read and write
|
||
|
370000
|
unkown
|
page readonly
|
||
|
267C000
|
unkown
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
1FEAB070000
|
trusted library allocation
|
page read and write
|
||
|
43C3000
|
trusted library allocation
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
DD5000
|
heap
|
page read and write
|
||
|
2931000
|
trusted library allocation
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
A28000
|
heap
|
page read and write
|
||
|
4739000
|
unkown
|
page execute and read and write
|
||
|
367A000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3CAD000
|
direct allocation
|
page execute and read and write
|
||
|
870000
|
unkown
|
page read and write
|
||
|
6FC000
|
stack
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
283C000
|
unkown
|
page read and write
|
||
|
82DF000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
4F22000
|
trusted library allocation
|
page read and write
|
||
|
2910000
|
trusted library allocation
|
page read and write
|
||
|
470000
|
unkown
|
page readonly
|
||
|
1000000
|
unkown
|
page readonly
|
||
|
33DD000
|
heap
|
page read and write
|
||
|
D84000
|
trusted library allocation
|
page read and write
|
||
|
620000
|
unkown
|
page readonly
|
||
|
1010000
|
direct allocation
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
2840000
|
trusted library section
|
page read and write
|
||
|
2AA7000
|
unclassified section
|
page execute and read and write
|
||
|
82B6000
|
heap
|
page read and write
|
||
|
4919000
|
unclassified section
|
page execute and read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
8288000
|
heap
|
page read and write
|
||
|
650000
|
unkown
|
page readonly
|
||
|
771000
|
unkown
|
page readonly
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
630000
|
unkown
|
page readonly
|
||
|
480000
|
unkown
|
page readonly
|
||
|
EB0000
|
unkown
|
page readonly
|
||
|
25F0000
|
heap
|
page read and write
|
||
|
3402000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
610000
|
unkown
|
page readonly
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
2600000
|
unkown
|
page readonly
|
||
|
5090000
|
trusted library allocation
|
page execute and read and write
|
||
|
39CB000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3383000
|
heap
|
page read and write
|
||
|
6CBE000
|
stack
|
page read and write
|
||
|
337D000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
460000
|
unkown
|
page readonly
|
||
|
134D000
|
direct allocation
|
page execute and read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
88AF000
|
stack
|
page read and write
|
||
|
3520000
|
heap
|
page read and write
|
||
|
291B000
|
trusted library allocation
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
F0E000
|
stack
|
page read and write
|
||
|
3620000
|
trusted library allocation
|
page read and write
|
||
|
67E000
|
unkown
|
page readonly
|
There are 693 hidden memdumps, click here to show them.