Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
file.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_file.exe_77195de72e43971d48d6de71c532aaf1a8604b66_05e236d2_6637171a-30ad-41d5-b2b5-4ea79d4d8a51\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB989.tmp.dmp
|
Mini DuMP crash report, 14 streams, Thu Jul 4 22:24:54 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERBA65.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERBAA5.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RegAsm.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 6060 -s 272
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
77.105.135.107:3445
|
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Text
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/sct
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/sc/dk
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
http://tempuri.org/Entity/Id14ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id23ResponseD
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#HexBinary
|
unknown
|
||
|
http://tempuri.org/Entity/Id12Response
|
unknown
|
||
|
http://tempuri.org/
|
unknown
|
||
|
http://tempuri.org/Entity/Id2Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/dk/p_sha1
|
unknown
|
||
|
http://tempuri.org/Entity/Id21Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/2005/02/trust/spnego#GSS_Wrap
|
unknown
|
||
|
http://tempuri.org/Entity/Id9
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID
|
unknown
|
||
|
http://tempuri.org/Entity/Id8
|
unknown
|
||
|
http://tempuri.org/Entity/Id6ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id5
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Prepare
|
unknown
|
||
|
http://tempuri.org/Entity/Id4
|
unknown
|
||
|
http://tempuri.org/Entity/Id7
|
unknown
|
||
|
http://purl.oen
|
unknown
|
||
|
http://tempuri.org/Entity/Id6
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust#BinarySecret
|
unknown
|
||
|
http://tempuri.org/Entity/Id19Response
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-rel-token-profile-1.0.pdf#license
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Aborted
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/TerminateSequence
|
unknown
|
||
|
http://tempuri.org/Entity/Id13ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/fault
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey
|
unknown
|
||
|
http://tempuri.org/Entity/Id15Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id5ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Renew
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/Register
|
unknown
|
||
|
http://tempuri.org/Entity/Id6Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/SymmetricKey
|
unknown
|
||
|
https://api.ip.sb/ip
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/sc
|
unknown
|
||
|
http://tempuri.org/Entity/Id1ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Volatile2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id9Response
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://tempuri.org/Entity/Id20
|
unknown
|
||
|
http://tempuri.org/Entity/Id21
|
unknown
|
||
|
http://tempuri.org/Entity/Id22
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#Kerberosv5APREQSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id23
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/CK/PSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id24
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/Issue
|
unknown
|
||
|
http://tempuri.org/Entity/Id24Response
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
http://tempuri.org/Entity/Id1Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/AckRequested
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/ReadOnly
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Replay
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Durable2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/SymmetricKey
|
unknown
|
||
|
http://tempuri.org/Entity/Id21ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Completion
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust
|
unknown
|
||
|
http://tempuri.org/Entity/Id10
|
unknown
|
||
|
http://tempuri.org/Entity/Id11
|
unknown
|
||
|
http://tempuri.org/Entity/Id10ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id12
|
unknown
|
||
|
http://tempuri.org/Entity/Id16Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContextResponse
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id13
|
unknown
|
||
|
http://tempuri.org/Entity/Id14
|
unknown
|
||
|
http://tempuri.org/Entity/Id15
|
unknown
|
||
|
http://tempuri.org/Entity/Id16
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Nonce
|
unknown
|
||
|
http://tempuri.org/Entity/Id17
|
unknown
|
||
|
http://tempuri.org/Entity/Id18
|
unknown
|
||
|
http://tempuri.org/Entity/Id5Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id19
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dns
|
unknown
|
||
|
http://tempuri.org/Entity/Id15ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id10Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Renew
|
unknown
|
||
|
http://tempuri.org/Entity/Id11ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id8Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/PublicKey
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/SCT
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2006/02/addressingidentity
|
unknown
|
||
|
http://tempuri.org/Entity/Id17ResponseD
|
unknown
|
There are 90 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
77.105.135.107
|
unknown
|
Russian Federation
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{9e8c39a5-128d-ab30-e61c-ad190c3e61f9}\Root\InventoryApplicationFile\file.exe|5c6ea74fda3dfec0
|
ProgramId
|
|
|
|
\REGISTRY\A\{9e8c39a5-128d-ab30-e61c-ad190c3e61f9}\Root\InventoryApplicationFile\file.exe|5c6ea74fda3dfec0
|
FileId
|
|
|
|
\REGISTRY\A\{9e8c39a5-128d-ab30-e61c-ad190c3e61f9}\Root\InventoryApplicationFile\file.exe|5c6ea74fda3dfec0
|
LowerCaseLongPath
|
|
|
|
\REGISTRY\A\{9e8c39a5-128d-ab30-e61c-ad190c3e61f9}\Root\InventoryApplicationFile\file.exe|5c6ea74fda3dfec0
|
LongPathHash
|
|
|
|
\REGISTRY\A\{9e8c39a5-128d-ab30-e61c-ad190c3e61f9}\Root\InventoryApplicationFile\file.exe|5c6ea74fda3dfec0
|
Name
|
|
|
|
\REGISTRY\A\{9e8c39a5-128d-ab30-e61c-ad190c3e61f9}\Root\InventoryApplicationFile\file.exe|5c6ea74fda3dfec0
|
OriginalFileName
|
|
|
|
\REGISTRY\A\{9e8c39a5-128d-ab30-e61c-ad190c3e61f9}\Root\InventoryApplicationFile\file.exe|5c6ea74fda3dfec0
|
Publisher
|
|
|
|
\REGISTRY\A\{9e8c39a5-128d-ab30-e61c-ad190c3e61f9}\Root\InventoryApplicationFile\file.exe|5c6ea74fda3dfec0
|
Version
|
|
|
|
\REGISTRY\A\{9e8c39a5-128d-ab30-e61c-ad190c3e61f9}\Root\InventoryApplicationFile\file.exe|5c6ea74fda3dfec0
|
BinFileVersion
|
|
|
|
\REGISTRY\A\{9e8c39a5-128d-ab30-e61c-ad190c3e61f9}\Root\InventoryApplicationFile\file.exe|5c6ea74fda3dfec0
|
BinaryType
|
|
|
|
\REGISTRY\A\{9e8c39a5-128d-ab30-e61c-ad190c3e61f9}\Root\InventoryApplicationFile\file.exe|5c6ea74fda3dfec0
|
ProductName
|
|
|
|
\REGISTRY\A\{9e8c39a5-128d-ab30-e61c-ad190c3e61f9}\Root\InventoryApplicationFile\file.exe|5c6ea74fda3dfec0
|
ProductVersion
|
|
|
|
\REGISTRY\A\{9e8c39a5-128d-ab30-e61c-ad190c3e61f9}\Root\InventoryApplicationFile\file.exe|5c6ea74fda3dfec0
|
LinkDate
|
|
|
|
\REGISTRY\A\{9e8c39a5-128d-ab30-e61c-ad190c3e61f9}\Root\InventoryApplicationFile\file.exe|5c6ea74fda3dfec0
|
BinProductVersion
|
|
|
|
\REGISTRY\A\{9e8c39a5-128d-ab30-e61c-ad190c3e61f9}\Root\InventoryApplicationFile\file.exe|5c6ea74fda3dfec0
|
AppxPackageFullName
|
|
|
|
\REGISTRY\A\{9e8c39a5-128d-ab30-e61c-ad190c3e61f9}\Root\InventoryApplicationFile\file.exe|5c6ea74fda3dfec0
|
AppxPackageRelativeId
|
|
|
|
\REGISTRY\A\{9e8c39a5-128d-ab30-e61c-ad190c3e61f9}\Root\InventoryApplicationFile\file.exe|5c6ea74fda3dfec0
|
Size
|
|
|
|
\REGISTRY\A\{9e8c39a5-128d-ab30-e61c-ad190c3e61f9}\Root\InventoryApplicationFile\file.exe|5c6ea74fda3dfec0
|
Language
|
|
|
|
\REGISTRY\A\{9e8c39a5-128d-ab30-e61c-ad190c3e61f9}\Root\InventoryApplicationFile\file.exe|5c6ea74fda3dfec0
|
Usn
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
|
0018000DDABBE6B3
|
There are 18 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
F35000
|
unkown
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2AD5000
|
trusted library allocation
|
page read and write
|
|
|
|
2A41000
|
trusted library allocation
|
page read and write
|
|
|
|
3CD0000
|
trusted library allocation
|
page read and write
|
||
|
30A1000
|
trusted library allocation
|
page read and write
|
||
|
516E000
|
trusted library allocation
|
page read and write
|
||
|
30C8000
|
trusted library allocation
|
page read and write
|
||
|
2EAC000
|
trusted library allocation
|
page read and write
|
||
|
6A62000
|
heap
|
page read and write
|
||
|
3A83000
|
trusted library allocation
|
page read and write
|
||
|
2D78000
|
trusted library allocation
|
page read and write
|
||
|
FF8000
|
heap
|
page read and write
|
||
|
6FE0000
|
trusted library allocation
|
page read and write
|
||
|
3CD3000
|
trusted library allocation
|
page read and write
|
||
|
709E000
|
stack
|
page read and write
|
||
|
3DB2000
|
trusted library allocation
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
5576000
|
heap
|
page read and write
|
||
|
2B70000
|
trusted library allocation
|
page read and write
|
||
|
7E20000
|
heap
|
page read and write
|
||
|
2BDD000
|
trusted library allocation
|
page read and write
|
||
|
6263000
|
trusted library allocation
|
page read and write
|
||
|
5046000
|
trusted library allocation
|
page read and write
|
||
|
53E0000
|
heap
|
page execute and read and write
|
||
|
F41000
|
heap
|
page read and write
|
||
|
53F0000
|
trusted library allocation
|
page read and write
|
||
|
2F18000
|
trusted library allocation
|
page read and write
|
||
|
3BE8000
|
trusted library allocation
|
page read and write
|
||
|
3C96000
|
trusted library allocation
|
page read and write
|
||
|
3BDB000
|
trusted library allocation
|
page read and write
|
||
|
2FC8000
|
trusted library allocation
|
page read and write
|
||
|
2F2B000
|
trusted library allocation
|
page read and write
|
||
|
554D000
|
heap
|
page read and write
|
||
|
E40000
|
trusted library allocation
|
page read and write
|
||
|
5568000
|
heap
|
page read and write
|
||
|
3A4F000
|
trusted library allocation
|
page read and write
|
||
|
13EE000
|
stack
|
page read and write
|
||
|
534E000
|
trusted library allocation
|
page read and write
|
||
|
E2B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5156000
|
trusted library allocation
|
page read and write
|
||
|
3CC4000
|
trusted library allocation
|
page read and write
|
||
|
3CA6000
|
trusted library allocation
|
page read and write
|
||
|
F77000
|
unkown
|
page read and write
|
||
|
3D3C000
|
trusted library allocation
|
page read and write
|
||
|
6FF0000
|
trusted library allocation
|
page read and write
|
||
|
55C7000
|
heap
|
page read and write
|
||
|
7F9D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C6B000
|
trusted library allocation
|
page read and write
|
||
|
E27000
|
trusted library allocation
|
page execute and read and write
|
||
|
DFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A41000
|
trusted library allocation
|
page read and write
|
||
|
6D90000
|
trusted library allocation
|
page read and write
|
||
|
56A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E3C000
|
trusted library allocation
|
page read and write
|
||
|
E25000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E28000
|
trusted library allocation
|
page read and write
|
||
|
2C43000
|
trusted library allocation
|
page read and write
|
||
|
6F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
30ED000
|
stack
|
page read and write
|
||
|
5052000
|
trusted library allocation
|
page read and write
|
||
|
53C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C45000
|
trusted library allocation
|
page read and write
|
||
|
151E000
|
heap
|
page read and write
|
||
|
6E00000
|
trusted library allocation
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
6A7D000
|
heap
|
page read and write
|
||
|
3DD2000
|
trusted library allocation
|
page read and write
|
||
|
2DD5000
|
trusted library allocation
|
page read and write
|
||
|
50A0000
|
trusted library allocation
|
page read and write
|
||
|
2FBF000
|
trusted library allocation
|
page read and write
|
||
|
2EB6000
|
trusted library allocation
|
page read and write
|
||
|
12FC000
|
stack
|
page read and write
|
||
|
170F000
|
stack
|
page read and write
|
||
|
1510000
|
heap
|
page read and write
|
||
|
2E8D000
|
trusted library allocation
|
page read and write
|
||
|
3DEE000
|
trusted library allocation
|
page read and write
|
||
|
2D74000
|
trusted library allocation
|
page read and write
|
||
|
2D2F000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
unkown
|
page readonly
|
||
|
61CC000
|
stack
|
page read and write
|
||
|
5589000
|
heap
|
page read and write
|
||
|
6ACE000
|
heap
|
page read and write
|
||
|
435000
|
remote allocation
|
page execute and read and write
|
||
|
55A5000
|
heap
|
page read and write
|
||
|
5162000
|
trusted library allocation
|
page read and write
|
||
|
2DC6000
|
trusted library allocation
|
page read and write
|
||
|
5100000
|
heap
|
page read and write
|
||
|
2C83000
|
trusted library allocation
|
page read and write
|
||
|
6DC8000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
trusted library allocation
|
page read and write
|
||
|
3C27000
|
trusted library allocation
|
page read and write
|
||
|
3E79000
|
trusted library allocation
|
page read and write
|
||
|
30A7000
|
trusted library allocation
|
page read and write
|
||
|
2F21000
|
trusted library allocation
|
page read and write
|
||
|
6AD8000
|
heap
|
page read and write
|
||
|
6230000
|
heap
|
page read and write
|
||
|
EC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
2CB6000
|
trusted library allocation
|
page read and write
|
||
|
54C0000
|
heap
|
page execute and read and write
|
||
|
3074000
|
trusted library allocation
|
page read and write
|
||
|
3BCE000
|
trusted library allocation
|
page read and write
|
||
|
55D0000
|
heap
|
page read and write
|
||
|
6E10000
|
heap
|
page read and write
|
||
|
3E25000
|
trusted library allocation
|
page read and write
|
||
|
2E51000
|
trusted library allocation
|
page read and write
|
||
|
2CAB000
|
trusted library allocation
|
page read and write
|
||
|
F82000
|
unkown
|
page readonly
|
||
|
3DA5000
|
trusted library allocation
|
page read and write
|
||
|
308E000
|
trusted library allocation
|
page read and write
|
||
|
3C16000
|
trusted library allocation
|
page read and write
|
||
|
60BC000
|
stack
|
page read and write
|
||
|
3DE8000
|
trusted library allocation
|
page read and write
|
||
|
3C5E000
|
trusted library allocation
|
page read and write
|
||
|
4BDB000
|
stack
|
page read and write
|
||
|
3BFA000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
2D84000
|
trusted library allocation
|
page read and write
|
||
|
3CE0000
|
trusted library allocation
|
page read and write
|
||
|
2D67000
|
trusted library allocation
|
page read and write
|
||
|
3DE3000
|
trusted library allocation
|
page read and write
|
||
|
6DB5000
|
trusted library allocation
|
page read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
2FD4000
|
trusted library allocation
|
page read and write
|
||
|
74BE000
|
stack
|
page read and write
|
||
|
5140000
|
trusted library allocation
|
page read and write
|
||
|
3E18000
|
trusted library allocation
|
page read and write
|
||
|
8EA000
|
stack
|
page read and write
|
||
|
3BEF000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
trusted library allocation
|
page read and write
|
||
|
3D41000
|
trusted library allocation
|
page read and write
|
||
|
5593000
|
heap
|
page read and write
|
||
|
E22000
|
trusted library allocation
|
page read and write
|
||
|
2D6E000
|
trusted library allocation
|
page read and write
|
||
|
2F45000
|
trusted library allocation
|
page read and write
|
||
|
6AA7000
|
heap
|
page read and write
|
||
|
F35000
|
unkown
|
page write copy
|
||
|
69AC000
|
stack
|
page read and write
|
||
|
3CC7000
|
trusted library allocation
|
page read and write
|
||
|
3D1E000
|
trusted library allocation
|
page read and write
|
||
|
F01000
|
unkown
|
page execute read
|
||
|
5151000
|
trusted library allocation
|
page read and write
|
||
|
6ABA000
|
heap
|
page read and write
|
||
|
73BE000
|
stack
|
page read and write
|
||
|
6DD5000
|
trusted library allocation
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
2B7B000
|
trusted library allocation
|
page read and write
|
||
|
565E000
|
stack
|
page read and write
|
||
|
30B2000
|
trusted library allocation
|
page read and write
|
||
|
3D86000
|
trusted library allocation
|
page read and write
|
||
|
7E31000
|
heap
|
page read and write
|
||
|
6DF2000
|
trusted library allocation
|
page read and write
|
||
|
3CBD000
|
trusted library allocation
|
page read and write
|
||
|
2A3F000
|
stack
|
page read and write
|
||
|
51A1000
|
trusted library allocation
|
page read and write
|
||
|
FEC000
|
stack
|
page read and write
|
||
|
6F9D000
|
stack
|
page read and write
|
||
|
74FE000
|
stack
|
page read and write
|
||
|
3142000
|
trusted library allocation
|
page read and write
|
||
|
3E51000
|
trusted library allocation
|
page read and write
|
||
|
2C0C000
|
trusted library allocation
|
page read and write
|
||
|
2920000
|
trusted library allocation
|
page read and write
|
||
|
2BD2000
|
trusted library allocation
|
page read and write
|
||
|
3DCC000
|
trusted library allocation
|
page read and write
|
||
|
2D55000
|
trusted library allocation
|
page read and write
|
||
|
3C43000
|
trusted library allocation
|
page read and write
|
||
|
1340000
|
heap
|
page read and write
|
||
|
DE3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BBC000
|
trusted library allocation
|
page read and write
|
||
|
F44000
|
heap
|
page read and write
|
||
|
F38000
|
heap
|
page read and write
|
||
|
2C56000
|
trusted library allocation
|
page read and write
|
||
|
2B67000
|
trusted library allocation
|
page read and write
|
||
|
2F40000
|
trusted library allocation
|
page read and write
|
||
|
2BC6000
|
trusted library allocation
|
page read and write
|
||
|
70E0000
|
heap
|
page read and write
|
||
|
5345000
|
trusted library allocation
|
page read and write
|
||
|
3D25000
|
trusted library allocation
|
page read and write
|
||
|
69F0000
|
trusted library allocation
|
page read and write
|
||
|
3A61000
|
trusted library allocation
|
page read and write
|
||
|
6DB9000
|
trusted library allocation
|
page read and write
|
||
|
5370000
|
trusted library allocation
|
page read and write
|
||
|
5490000
|
trusted library allocation
|
page read and write
|
||
|
5F7E000
|
stack
|
page read and write
|
||
|
F0B000
|
heap
|
page read and write
|
||
|
517A000
|
trusted library allocation
|
page read and write
|
||
|
501F000
|
stack
|
page read and write
|
||
|
3DAC000
|
trusted library allocation
|
page read and write
|
||
|
2E97000
|
trusted library allocation
|
page read and write
|
||
|
2B96000
|
trusted library allocation
|
page read and write
|
||
|
3C8A000
|
trusted library allocation
|
page read and write
|
||
|
5470000
|
trusted library allocation
|
page read and write
|
||
|
5060000
|
trusted library allocation
|
page read and write
|
||
|
3040000
|
trusted library allocation
|
page read and write
|
||
|
E02000
|
trusted library allocation
|
page read and write
|
||
|
151A000
|
heap
|
page read and write
|
||
|
DE4000
|
trusted library allocation
|
page read and write
|
||
|
3D6D000
|
trusted library allocation
|
page read and write
|
||
|
6DF0000
|
trusted library allocation
|
page read and write
|
||
|
3E2E000
|
trusted library allocation
|
page read and write
|
||
|
F01000
|
unkown
|
page execute read
|
||
|
3140000
|
heap
|
page read and write
|
||
|
3CD5000
|
trusted library allocation
|
page read and write
|
||
|
3D79000
|
trusted library allocation
|
page read and write
|
||
|
3D11000
|
trusted library allocation
|
page read and write
|
||
|
2BC2000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
E8E000
|
stack
|
page read and write
|
||
|
5070000
|
trusted library allocation
|
page read and write
|
||
|
2CE5000
|
trusted library allocation
|
page read and write
|
||
|
2930000
|
heap
|
page execute and read and write
|
||
|
7010000
|
trusted library allocation
|
page execute and read and write
|
||
|
EF0000
|
trusted library allocation
|
page read and write
|
||
|
5480000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C06000
|
trusted library allocation
|
page read and write
|
||
|
291E000
|
stack
|
page read and write
|
||
|
3DC2000
|
trusted library allocation
|
page read and write
|
||
|
2F74000
|
trusted library allocation
|
page read and write
|
||
|
3067000
|
trusted library allocation
|
page read and write
|
||
|
3DFB000
|
trusted library allocation
|
page read and write
|
||
|
2EB1000
|
trusted library allocation
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
1350000
|
heap
|
page read and write
|
||
|
7E36000
|
heap
|
page read and write
|
||
|
6DA0000
|
trusted library allocation
|
page read and write
|
||
|
305B000
|
trusted library allocation
|
page read and write
|
||
|
607E000
|
stack
|
page read and write
|
||
|
3CB0000
|
trusted library allocation
|
page read and write
|
||
|
5180000
|
trusted library allocation
|
page read and write
|
||
|
3C3D000
|
trusted library allocation
|
page read and write
|
||
|
5512000
|
heap
|
page read and write
|
||
|
5080000
|
trusted library allocation
|
page read and write
|
||
|
2B1A000
|
trusted library allocation
|
page read and write
|
||
|
314E000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
unkown
|
page readonly
|
||
|
2EE0000
|
trusted library allocation
|
page read and write
|
||
|
3049000
|
trusted library allocation
|
page read and write
|
||
|
2D5C000
|
trusted library allocation
|
page read and write
|
||
|
6F20000
|
trusted library allocation
|
page read and write
|
||
|
3D9A000
|
trusted library allocation
|
page read and write
|
||
|
5522000
|
heap
|
page read and write
|
||
|
621E000
|
stack
|
page read and write
|
||
|
555D000
|
heap
|
page read and write
|
||
|
3C52000
|
trusted library allocation
|
page read and write
|
||
|
2C95000
|
trusted library allocation
|
page read and write
|
||
|
5190000
|
trusted library allocation
|
page read and write
|
||
|
3C01000
|
trusted library allocation
|
page read and write
|
||
|
6DA9000
|
trusted library allocation
|
page read and write
|
||
|
54B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BB5000
|
trusted library allocation
|
page read and write
|
||
|
9E7000
|
stack
|
page read and write
|
||
|
753D000
|
stack
|
page read and write
|
||
|
60C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5120000
|
trusted library allocation
|
page read and write
|
||
|
5549000
|
heap
|
page read and write
|
||
|
557A000
|
heap
|
page read and write
|
||
|
2C7C000
|
trusted library allocation
|
page read and write
|
||
|
50E0000
|
heap
|
page read and write
|
||
|
3A7B000
|
trusted library allocation
|
page read and write
|
||
|
DED000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E37000
|
trusted library allocation
|
page read and write
|
||
|
139E000
|
stack
|
page read and write
|
||
|
6250000
|
trusted library allocation
|
page execute and read and write
|
||
|
3D30000
|
trusted library allocation
|
page read and write
|
||
|
2FAC000
|
trusted library allocation
|
page read and write
|
||
|
5400000
|
trusted library allocation
|
page execute and read and write
|
||
|
324D000
|
stack
|
page read and write
|
||
|
2C9B000
|
trusted library allocation
|
page read and write
|
||
|
3E31000
|
trusted library allocation
|
page read and write
|
||
|
3C7F000
|
trusted library allocation
|
page read and write
|
||
|
2C54000
|
trusted library allocation
|
page read and write
|
||
|
ED0000
|
trusted library allocation
|
page read and write
|
||
|
2F50000
|
trusted library allocation
|
page read and write
|
||
|
5110000
|
trusted library allocation
|
page execute and read and write
|
||
|
6260000
|
trusted library allocation
|
page read and write
|
||
|
2D3B000
|
trusted library allocation
|
page read and write
|
||
|
6DB2000
|
trusted library allocation
|
page read and write
|
||
|
3CCD000
|
trusted library allocation
|
page read and write
|
||
|
705E000
|
stack
|
page read and write
|
||
|
3DF1000
|
trusted library allocation
|
page read and write
|
||
|
5024000
|
trusted library allocation
|
page read and write
|
||
|
4A48000
|
trusted library allocation
|
page read and write
|
||
|
569E000
|
stack
|
page read and write
|
||
|
30BD000
|
trusted library allocation
|
page read and write
|
||
|
6FDE000
|
stack
|
page read and write
|
||
|
2E67000
|
trusted library allocation
|
page read and write
|
||
|
53D0000
|
trusted library allocation
|
page read and write
|
||
|
2FDE000
|
trusted library allocation
|
page read and write
|
||
|
5128000
|
trusted library allocation
|
page read and write
|
||
|
55BD000
|
heap
|
page read and write
|
||
|
2DF9000
|
trusted library allocation
|
page read and write
|
||
|
3DEC000
|
trusted library allocation
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
E1E000
|
heap
|
page read and write
|
||
|
2D1C000
|
trusted library allocation
|
page read and write
|
||
|
4A4A000
|
trusted library allocation
|
page read and write
|
||
|
6DDA000
|
trusted library allocation
|
page read and write
|
||
|
5420000
|
trusted library allocation
|
page read and write
|
||
|
D9E000
|
stack
|
page read and write
|
||
|
3D06000
|
trusted library allocation
|
page read and write
|
||
|
5380000
|
trusted library allocation
|
page read and write
|
||
|
6A79000
|
heap
|
page read and write
|
||
|
3D93000
|
trusted library allocation
|
page read and write
|
||
|
3CF7000
|
trusted library allocation
|
page read and write
|
||
|
5041000
|
trusted library allocation
|
page read and write
|
||
|
5020000
|
trusted library allocation
|
page read and write
|
||
|
3C78000
|
trusted library allocation
|
page read and write
|
||
|
55BA000
|
heap
|
page read and write
|
||
|
F2A000
|
unkown
|
page readonly
|
||
|
2E84000
|
trusted library allocation
|
page read and write
|
||
|
3AC0000
|
trusted library allocation
|
page read and write
|
||
|
3138000
|
trusted library allocation
|
page read and write
|
||
|
3CB7000
|
trusted library allocation
|
page read and write
|
||
|
70DD000
|
stack
|
page read and write
|
||
|
3C34000
|
trusted library allocation
|
page read and write
|
||
|
152D000
|
heap
|
page read and write
|
||
|
3C40000
|
trusted library allocation
|
page read and write
|
||
|
561E000
|
stack
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
3CDB000
|
trusted library allocation
|
page read and write
|
||
|
3095000
|
trusted library allocation
|
page read and write
|
||
|
534B000
|
trusted library allocation
|
page read and write
|
||
|
315B000
|
trusted library allocation
|
page read and write
|
||
|
3DB6000
|
trusted library allocation
|
page read and write
|
||
|
2D26000
|
trusted library allocation
|
page read and write
|
||
|
3D56000
|
trusted library allocation
|
page read and write
|
||
|
6A56000
|
heap
|
page read and write
|
||
|
2FBD000
|
trusted library allocation
|
page read and write
|
||
|
5410000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C9F000
|
trusted library allocation
|
page read and write
|
||
|
53E3000
|
heap
|
page execute and read and write
|
||
|
6DE0000
|
trusted library allocation
|
page read and write
|
||
|
DA5000
|
heap
|
page read and write
|
||
|
3C4B000
|
trusted library allocation
|
page read and write
|
||
|
2FAF000
|
stack
|
page read and write
|
||
|
2B89000
|
trusted library allocation
|
page read and write
|
||
|
28DB000
|
stack
|
page read and write
|
||
|
3C0B000
|
trusted library allocation
|
page read and write
|
||
|
3DD9000
|
trusted library allocation
|
page read and write
|
||
|
2D48000
|
trusted library allocation
|
page read and write
|
||
|
3081000
|
trusted library allocation
|
page read and write
|
||
|
6DCA000
|
trusted library allocation
|
page read and write
|
||
|
E06000
|
trusted library allocation
|
page execute and read and write
|
||
|
763E000
|
stack
|
page read and write
|
||
|
2BAA000
|
trusted library allocation
|
page read and write
|
||
|
2EBC000
|
trusted library allocation
|
page read and write
|
||
|
F82000
|
unkown
|
page readonly
|
||
|
3D04000
|
trusted library allocation
|
page read and write
|
||
|
3DDF000
|
trusted library allocation
|
page read and write
|
||
|
69EB000
|
stack
|
page read and write
|
||
|
2E65000
|
trusted library allocation
|
page read and write
|
||
|
6A6C000
|
heap
|
page read and write
|
||
|
53B0000
|
trusted library allocation
|
page read and write
|
||
|
558D000
|
heap
|
page read and write
|
||
|
514B000
|
trusted library allocation
|
page read and write
|
||
|
3E34000
|
trusted library allocation
|
page read and write
|
||
|
6280000
|
trusted library allocation
|
page read and write
|
||
|
3C37000
|
trusted library allocation
|
page read and write
|
||
|
2E59000
|
trusted library allocation
|
page read and write
|
||
|
2D2D000
|
trusted library allocation
|
page read and write
|
||
|
6DE4000
|
trusted library allocation
|
page read and write
|
||
|
55C1000
|
heap
|
page read and write
|
||
|
3C2D000
|
trusted library allocation
|
page read and write
|
||
|
3E1E000
|
trusted library allocation
|
page read and write
|
||
|
2FB5000
|
trusted library allocation
|
page read and write
|
||
|
F2A000
|
unkown
|
page readonly
|
||
|
6DB0000
|
trusted library allocation
|
page read and write
|
||
|
3D4C000
|
trusted library allocation
|
page read and write
|
||
|
E0A000
|
trusted library allocation
|
page execute and read and write
|
||
|
3140000
|
trusted library allocation
|
page read and write
|
||
|
7000000
|
trusted library allocation
|
page execute and read and write
|
||
|
54D0000
|
heap
|
page read and write
|
||
|
6DDF000
|
trusted library allocation
|
page read and write
|
||
|
444000
|
remote allocation
|
page execute and read and write
|
||
|
3BC2000
|
trusted library allocation
|
page read and write
|
||
|
3DF6000
|
trusted library allocation
|
page read and write
|
||
|
512A000
|
trusted library allocation
|
page read and write
|
||
|
30AD000
|
trusted library allocation
|
page read and write
|
||
|
503E000
|
trusted library allocation
|
page read and write
|
||
|
50F0000
|
trusted library allocation
|
page read and write
|
||
|
2BA3000
|
trusted library allocation
|
page read and write
|
||
|
2FD9000
|
trusted library allocation
|
page read and write
|
||
|
30AE000
|
stack
|
page read and write
|
||
|
2E4E000
|
trusted library allocation
|
page read and write
|
||
|
5340000
|
trusted library allocation
|
page read and write
|
||
|
312F000
|
trusted library allocation
|
page read and write
|
||
|
6A50000
|
heap
|
page read and write
|
||
|
5103000
|
heap
|
page read and write
|
||
|
30F0000
|
direct allocation
|
page execute and read and write
|
||
|
289E000
|
stack
|
page read and write
|
||
|
430000
|
remote allocation
|
page execute and read and write
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
5075000
|
trusted library allocation
|
page read and write
|
||
|
6DAC000
|
trusted library allocation
|
page read and write
|
||
|
50F2000
|
trusted library allocation
|
page read and write
|
||
|
504D000
|
trusted library allocation
|
page read and write
|
||
|
5360000
|
trusted library allocation
|
page read and write
|
||
|
5E7E000
|
stack
|
page read and write
|
||
|
5531000
|
heap
|
page read and write
|
||
|
2D8F000
|
trusted library allocation
|
page read and write
|
||
|
2FE4000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
3D37000
|
trusted library allocation
|
page read and write
|
||
|
6A8D000
|
heap
|
page read and write
|
||
|
150E000
|
stack
|
page read and write
|
||
|
2EA0000
|
trusted library allocation
|
page read and write
|
||
|
2C62000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
trusted library allocation
|
page read and write
|
||
|
2C8E000
|
trusted library allocation
|
page read and write
|
||
|
6FEC000
|
trusted library allocation
|
page read and write
|
||
|
5125000
|
trusted library allocation
|
page read and write
|
||
|
2F34000
|
trusted library allocation
|
page read and write
|
||
|
3C91000
|
trusted library allocation
|
page read and write
|
||
|
2B7D000
|
trusted library allocation
|
page read and write
|
||
|
2C4D000
|
trusted library allocation
|
page read and write
|
||
|
2F29000
|
trusted library allocation
|
page read and write
|
||
|
2C6F000
|
trusted library allocation
|
page read and write
|
||
|
5171000
|
trusted library allocation
|
page read and write
|
||
|
502B000
|
trusted library allocation
|
page read and write
|
||
|
EE6000
|
heap
|
page read and write
|
||
|
2F4A000
|
trusted library allocation
|
page read and write
|
||
|
3C9B000
|
trusted library allocation
|
page read and write
|
||
|
6DCF000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
trusted library allocation
|
page read and write
|
||
|
2E5C000
|
trusted library allocation
|
page read and write
|
||
|
54A0000
|
trusted library allocation
|
page read and write
|
||
|
6220000
|
trusted library allocation
|
page read and write
|
||
|
6F1D000
|
stack
|
page read and write
|
||
|
6C50000
|
heap
|
page read and write
|
||
|
E16000
|
heap
|
page read and write
|
||
|
E00000
|
trusted library allocation
|
page read and write
|
||
|
6DF5000
|
trusted library allocation
|
page read and write
|
||
|
C50000
|
heap
|
page read and write
|
There are 424 hidden memdumps, click here to show them.