Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
HUDGEWS2352ERFQ.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
||
C:\ProgramData\remcos\logs.dat
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\HUDGEWS2352ERFQ.exe.log
|
CSV text
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\tmp53B5.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\RAFUlP.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\RAFUlP.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RAFUlP.exe.log
|
CSV text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\json[1].json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1dmmnzmu.am0.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2pltiyjb.rlx.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4bajgvcb.t1u.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5m14hlf0.qhi.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_agwzuijw.js0.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jk1mvpvv.4k5.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mntbx5lf.wbf.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tnzr1gjw.fzs.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\tmp6112.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 8 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\HUDGEWS2352ERFQ.exe
|
"C:\Users\user\Desktop\HUDGEWS2352ERFQ.exe"
|
||
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\HUDGEWS2352ERFQ.exe"
|
||
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\RAFUlP.exe"
|
||
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\RAFUlP" /XML "C:\Users\user\AppData\Local\Temp\tmp53B5.tmp"
|
||
C:\Users\user\Desktop\HUDGEWS2352ERFQ.exe
|
"C:\Users\user\Desktop\HUDGEWS2352ERFQ.exe"
|
||
C:\Users\user\AppData\Roaming\RAFUlP.exe
|
C:\Users\user\AppData\Roaming\RAFUlP.exe
|
||
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\RAFUlP" /XML "C:\Users\user\AppData\Local\Temp\tmp6112.tmp"
|
||
C:\Users\user\AppData\Roaming\RAFUlP.exe
|
"C:\Users\user\AppData\Roaming\RAFUlP.exe"
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 3 hidden processes, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
45.66.231.218
|
|||
http://geoplugin.net/json.gpc
|
unknown
|
||
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
http://www.fontbureau.com
|
unknown
|
||
http://www.fontbureau.com/designersG
|
unknown
|
||
http://www.fontbureau.com/designers/?
|
unknown
|
||
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
http://geoplugin.net/json.gpl
|
unknown
|
||
http://www.fontbureau.com/designers?
|
unknown
|
||
http://geoplugin.net/json.gpi
|
unknown
|
||
http://www.tiro.com
|
unknown
|
||
http://www.fontbureau.com/designers
|
unknown
|
||
http://geoplugin.net/json.gpu
|
unknown
|
||
http://www.goodfont.co.kr
|
unknown
|
||
http://geoplugin.net/json.gpSystem32
|
unknown
|
||
http://www.carterandcone.coml
|
unknown
|
||
http://www.sajatypeworks.com
|
unknown
|
||
http://www.sakkal.comH9
|
unknown
|
||
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
http://www.typography.netD
|
unknown
|
||
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
http://www.founder.com.cn/cn
|
unknown
|
||
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
http://geoplugin.net/json.gp/C
|
unknown
|
||
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
http://www.fontbureau.com/designers8
|
unknown
|
||
http://www.fonts.com
|
unknown
|
||
http://www.sandoll.co.kr
|
unknown
|
||
http://www.urwpp.deDPlease
|
unknown
|
||
http://www.zhongyicts.com.cn
|
unknown
|
||
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
http://www.sakkal.com
|
unknown
|
There are 25 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
geoplugin.net
|
178.237.33.50
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
45.66.231.218
|
unknown
|
Germany
|
||
178.237.33.50
|
geoplugin.net
|
Netherlands
|
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_CURRENT_USER\SOFTWARE\Rmc-UII1DP
|
exepath
|
||
HKEY_CURRENT_USER\SOFTWARE\Rmc-UII1DP
|
licence
|
||
HKEY_CURRENT_USER\SOFTWARE\Rmc-UII1DP
|
time
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
3D91000
|
trusted library allocation
|
page read and write
|
||
1127000
|
heap
|
page read and write
|
||
40F0000
|
trusted library allocation
|
page read and write
|
||
2E7F000
|
stack
|
page read and write
|
||
EC7000
|
heap
|
page read and write
|
||
115E000
|
heap
|
page read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
A4AC000
|
stack
|
page read and write
|
||
7FBC0000
|
trusted library allocation
|
page execute and read and write
|
||
DFC000
|
stack
|
page read and write
|
||
1550000
|
heap
|
page read and write
|
||
2D10000
|
heap
|
page execute and read and write
|
||
7690000
|
trusted library allocation
|
page read and write
|
||
2BAC000
|
stack
|
page read and write
|
||
76E0000
|
trusted library section
|
page read and write
|
||
A4EE000
|
stack
|
page read and write
|
||
2560000
|
heap
|
page read and write
|
||
5364000
|
heap
|
page read and write
|
||
A4BE000
|
stack
|
page read and write
|
||
1320000
|
trusted library allocation
|
page read and write
|
||
1155000
|
heap
|
page read and write
|
||
24FA000
|
stack
|
page read and write
|
||
1220000
|
trusted library allocation
|
page read and write
|
||
130E000
|
stack
|
page read and write
|
||
133D000
|
trusted library allocation
|
page execute and read and write
|
||
3D29000
|
trusted library allocation
|
page read and write
|
||
ABBE000
|
stack
|
page read and write
|
||
7680000
|
trusted library allocation
|
page execute and read and write
|
||
5BB0000
|
heap
|
page read and write
|
||
A3AC000
|
stack
|
page read and write
|
||
2FC0000
|
heap
|
page read and write
|
||
74AD000
|
stack
|
page read and write
|
||
586E000
|
heap
|
page read and write
|
||
3CBF000
|
stack
|
page read and write
|
||
1210000
|
trusted library allocation
|
page read and write
|
||
71F0000
|
trusted library allocation
|
page read and write
|
||
25EF000
|
unkown
|
page read and write
|
||
12A0000
|
heap
|
page read and write
|
||
74C0000
|
heap
|
page read and write
|
||
FE3000
|
heap
|
page read and write
|
||
2C50000
|
heap
|
page read and write
|
||
A700000
|
heap
|
page read and write
|
||
59F0000
|
heap
|
page read and write
|
||
2A2B000
|
heap
|
page read and write
|
||
2B20000
|
trusted library allocation
|
page read and write
|
||
5285000
|
trusted library allocation
|
page read and write
|
||
113E000
|
stack
|
page read and write
|
||
746E000
|
stack
|
page read and write
|
||
521C000
|
trusted library allocation
|
page read and write
|
||
2F5F000
|
stack
|
page read and write
|
||
119D000
|
stack
|
page read and write
|
||
D5C000
|
stack
|
page read and write
|
||
1840000
|
heap
|
page read and write
|
||
59C0000
|
heap
|
page read and write
|
||
5360000
|
heap
|
page read and write
|
||
76BE000
|
stack
|
page read and write
|
||
A830000
|
trusted library allocation
|
page execute and read and write
|
||
76A0000
|
trusted library allocation
|
page read and write
|
||
5454000
|
heap
|
page read and write
|
||
1346000
|
trusted library allocation
|
page execute and read and write
|
||
3D27000
|
trusted library allocation
|
page read and write
|
||
30DF000
|
unkown
|
page read and write
|
||
5250000
|
trusted library allocation
|
page read and write
|
||
25AE000
|
unkown
|
page read and write
|
||
1130000
|
heap
|
page read and write
|
||
FE0000
|
heap
|
page read and write
|
||
2C00000
|
heap
|
page read and write
|
||
54F0000
|
trusted library allocation
|
page read and write
|
||
A810000
|
trusted library allocation
|
page read and write
|
||
565B000
|
trusted library allocation
|
page read and write
|
||
1200000
|
heap
|
page read and write
|
||
9D8E000
|
stack
|
page read and write
|
||
122B000
|
trusted library allocation
|
page read and write
|
||
30E0000
|
heap
|
page read and write
|
||
5210000
|
trusted library allocation
|
page read and write
|
||
E40000
|
heap
|
page read and write
|
||
A5BE000
|
stack
|
page read and write
|
||
FC7000
|
heap
|
page read and write
|
||
7513000
|
heap
|
page read and write
|
||
1352000
|
trusted library allocation
|
page read and write
|
||
7C7E000
|
stack
|
page read and write
|
||
569E000
|
stack
|
page read and write
|
||
59B0000
|
heap
|
page read and write
|
||
1214000
|
trusted library allocation
|
page read and write
|
||
AD9000
|
stack
|
page read and write
|
||
5860000
|
heap
|
page read and write
|
||
1830000
|
trusted library allocation
|
page execute and read and write
|
||
10FE000
|
stack
|
page read and write
|
||
2B6E000
|
stack
|
page read and write
|
||
A20E000
|
stack
|
page read and write
|
||
FAA000
|
heap
|
page read and write
|
||
4089000
|
trusted library allocation
|
page read and write
|
||
5840000
|
trusted library allocation
|
page read and write
|
||
5BA5000
|
heap
|
page read and write
|
||
A780000
|
trusted library allocation
|
page read and write
|
||
1050000
|
heap
|
page read and write
|
||
56F0000
|
heap
|
page read and write
|
||
54C4000
|
trusted library section
|
page readonly
|
||
1060000
|
heap
|
page read and write
|
||
11E0000
|
heap
|
page read and write
|
||
2E7A000
|
heap
|
page read and write
|
||
5290000
|
trusted library allocation
|
page read and write
|
||
29BF000
|
stack
|
page read and write
|
||
59D0000
|
trusted library allocation
|
page read and write
|
||
70EE000
|
stack
|
page read and write
|
||
FFE000
|
stack
|
page read and write
|
||
59A0000
|
heap
|
page execute and read and write
|
||
793E000
|
stack
|
page read and write
|
||
1350000
|
trusted library allocation
|
page read and write
|
||
11DE000
|
stack
|
page read and write
|
||
3FCB000
|
trusted library allocation
|
page read and write
|
||
4087000
|
trusted library allocation
|
page read and write
|
||
52B0000
|
trusted library allocation
|
page execute and read and write
|
||
5676000
|
trusted library allocation
|
page read and write
|
||
7282000
|
trusted library allocation
|
page read and write
|
||
1330000
|
trusted library allocation
|
page read and write
|
||
E30000
|
heap
|
page read and write
|
||
311D000
|
trusted library allocation
|
page read and write
|
||
104F000
|
heap
|
page read and write
|
||
126E000
|
heap
|
page read and write
|
||
56D0000
|
heap
|
page read and write
|
||
5280000
|
trusted library allocation
|
page read and write
|
||
77A0000
|
trusted library allocation
|
page read and write
|
||
71EE000
|
stack
|
page read and write
|
||
1150000
|
heap
|
page read and write
|
||
589B000
|
stack
|
page read and write
|
||
723E000
|
stack
|
page read and write
|
||
5270000
|
trusted library allocation
|
page read and write
|
||
1323000
|
trusted library allocation
|
page execute and read and write
|
||
40B1000
|
trusted library allocation
|
page read and write
|
||
5700000
|
trusted library allocation
|
page execute and read and write
|
||
7660000
|
trusted library allocation
|
page execute and read and write
|
||
A87E000
|
stack
|
page read and write
|
||
474000
|
remote allocation
|
page execute and read and write
|
||
122D000
|
trusted library allocation
|
page execute and read and write
|
||
522E000
|
trusted library allocation
|
page read and write
|
||
56F3000
|
heap
|
page execute and read and write
|
||
1240000
|
trusted library allocation
|
page read and write
|
||
1120000
|
heap
|
page read and write
|
||
14AE000
|
stack
|
page read and write
|
||
59E0000
|
trusted library allocation
|
page read and write
|
||
1085000
|
heap
|
page read and write
|
||
A6FD000
|
stack
|
page read and write
|
||
B42000
|
unkown
|
page readonly
|
||
314E000
|
stack
|
page read and write
|
||
54BB000
|
stack
|
page read and write
|
||
DC0000
|
heap
|
page read and write
|
||
1232000
|
trusted library allocation
|
page read and write
|
||
1229000
|
trusted library allocation
|
page read and write
|
||
5260000
|
trusted library allocation
|
page read and write
|
||
7260000
|
trusted library allocation
|
page read and write
|
||
A790000
|
trusted library allocation
|
page execute and read and write
|
||
2D21000
|
trusted library allocation
|
page read and write
|
||
1460000
|
trusted library allocation
|
page read and write
|
||
7D7F000
|
stack
|
page read and write
|
||
31FE000
|
stack
|
page read and write
|
||
1310000
|
trusted library allocation
|
page read and write
|
||
FD4000
|
heap
|
page read and write
|
||
C28000
|
unkown
|
page readonly
|
||
797E000
|
stack
|
page read and write
|
||
AD3C000
|
stack
|
page read and write
|
||
3F06000
|
trusted library allocation
|
page read and write
|
||
4141000
|
trusted library allocation
|
page read and write
|
||
1342000
|
trusted library allocation
|
page read and write
|
||
1180000
|
heap
|
page read and write
|
||
478000
|
remote allocation
|
page execute and read and write
|
||
134A000
|
trusted library allocation
|
page execute and read and write
|
||
5654000
|
trusted library allocation
|
page read and write
|
||
59A0000
|
trusted library section
|
page readonly
|
||
5BA0000
|
heap
|
page read and write
|
||
5231000
|
trusted library allocation
|
page read and write
|
||
56A5000
|
heap
|
page read and write
|
||
5680000
|
trusted library allocation
|
page read and write
|
||
52A0000
|
heap
|
page read and write
|
||
599E000
|
stack
|
page read and write
|
||
3070000
|
heap
|
page execute and read and write
|
||
5A00000
|
trusted library allocation
|
page read and write
|
||
A10E000
|
stack
|
page read and write
|
||
523D000
|
trusted library allocation
|
page read and write
|
||
306B000
|
stack
|
page read and write
|
||
2F60000
|
heap
|
page read and write
|
||
5450000
|
heap
|
page read and write
|
||
1189000
|
heap
|
page read and write
|
||
56F0000
|
heap
|
page execute and read and write
|
||
5699000
|
trusted library allocation
|
page read and write
|
||
7DE0000
|
heap
|
page read and write
|
||
1340000
|
trusted library allocation
|
page read and write
|
||
2BCD000
|
stack
|
page read and write
|
||
2F70000
|
heap
|
page read and write
|
||
41FB000
|
trusted library allocation
|
page read and write
|
||
2970000
|
heap
|
page read and write
|
||
A62D000
|
stack
|
page read and write
|
||
59F0000
|
trusted library allocation
|
page read and write
|
||
E8E000
|
stack
|
page read and write
|
||
1242000
|
trusted library allocation
|
page read and write
|
||
4266000
|
trusted library allocation
|
page read and write
|
||
2BCD000
|
stack
|
page read and write
|
||
124B000
|
trusted library allocation
|
page execute and read and write
|
||
2E70000
|
heap
|
page read and write
|
||
5227000
|
trusted library allocation
|
page read and write
|
||
EC0000
|
heap
|
page read and write
|
||
2C70000
|
heap
|
page read and write
|
||
42B5000
|
trusted library allocation
|
page read and write
|
||
A0CE000
|
stack
|
page read and write
|
||
1847000
|
heap
|
page read and write
|
||
4EBB000
|
stack
|
page read and write
|
||
9E90000
|
heap
|
page read and write
|
||
C36000
|
unkown
|
page readonly
|
||
1370000
|
heap
|
page read and write
|
||
56C0000
|
trusted library allocation
|
page read and write
|
||
1260000
|
heap
|
page read and write
|
||
FAE000
|
heap
|
page read and write
|
||
1295000
|
heap
|
page read and write
|
||
5214000
|
trusted library allocation
|
page read and write
|
||
5A3E000
|
heap
|
page read and write
|
||
182B000
|
stack
|
page read and write
|
||
AA7E000
|
stack
|
page read and write
|
||
CDA000
|
stack
|
page read and write
|
||
59D0000
|
trusted library allocation
|
page execute and read and write
|
||
318F000
|
stack
|
page read and write
|
||
A710000
|
heap
|
page read and write
|
||
3BBE000
|
stack
|
page read and write
|
||
1213000
|
trusted library allocation
|
page execute and read and write
|
||
5224000
|
trusted library allocation
|
page read and write
|
||
2BC0000
|
trusted library allocation
|
page read and write
|
||
566E000
|
trusted library allocation
|
page read and write
|
||
5A19000
|
heap
|
page read and write
|
||
123E000
|
stack
|
page read and write
|
||
9FCE000
|
stack
|
page read and write
|
||
4081000
|
trusted library allocation
|
page read and write
|
||
1236000
|
trusted library allocation
|
page execute and read and write
|
||
567D000
|
trusted library allocation
|
page read and write
|
||
2F7F000
|
stack
|
page read and write
|
||
293E000
|
stack
|
page read and write
|
||
56A0000
|
heap
|
page read and write
|
||
1230000
|
trusted library allocation
|
page read and write
|
||
C5C000
|
stack
|
page read and write
|
||
31BF000
|
stack
|
page read and write
|
||
1338000
|
heap
|
page read and write
|
||
3230000
|
heap
|
page read and write
|
||
1323000
|
heap
|
page read and write
|
||
2BB0000
|
trusted library allocation
|
page execute and read and write
|
||
7670000
|
trusted library section
|
page read and write
|
||
52D0000
|
heap
|
page execute and read and write
|
||
12A3000
|
heap
|
page read and write
|
||
56E0000
|
heap
|
page read and write
|
||
3059000
|
trusted library allocation
|
page read and write
|
||
1357000
|
trusted library allocation
|
page execute and read and write
|
||
3D2D000
|
trusted library allocation
|
page read and write
|
||
2C0C000
|
stack
|
page read and write
|
||
78F0000
|
trusted library allocation
|
page read and write
|
||
7521000
|
heap
|
page read and write
|
||
2D7F000
|
stack
|
page read and write
|
||
2D0E000
|
stack
|
page read and write
|
||
56A0000
|
trusted library allocation
|
page read and write
|
||
A47F000
|
stack
|
page read and write
|
||
56E0000
|
heap
|
page read and write
|
||
1324000
|
trusted library allocation
|
page read and write
|
||
2E3A000
|
stack
|
page read and write
|
||
DB0000
|
heap
|
page read and write
|
||
32FF000
|
stack
|
page read and write
|
||
525B000
|
trusted library allocation
|
page read and write
|
||
307F000
|
stack
|
page read and write
|
||
11DE000
|
stack
|
page read and write
|
||
1197000
|
heap
|
page read and write
|
||
1076000
|
heap
|
page read and write
|
||
5A50000
|
heap
|
page read and write
|
||
742E000
|
stack
|
page read and write
|
||
77EE000
|
stack
|
page read and write
|
||
5650000
|
trusted library allocation
|
page read and write
|
||
FA0000
|
heap
|
page read and write
|
||
5B80000
|
trusted library section
|
page read and write
|
||
28D0000
|
heap
|
page read and write
|
||
53FE000
|
stack
|
page read and write
|
||
1080000
|
heap
|
page read and write
|
||
14B8000
|
trusted library allocation
|
page read and write
|
||
1056000
|
heap
|
page read and write
|
||
471000
|
remote allocation
|
page execute and read and write
|
||
B03E000
|
stack
|
page read and write
|
||
A5FD000
|
stack
|
page read and write
|
||
3D21000
|
trusted library allocation
|
page read and write
|
||
5671000
|
trusted library allocation
|
page read and write
|
||
EB5000
|
heap
|
page read and write
|
||
FB8000
|
heap
|
page read and write
|
||
5237000
|
trusted library allocation
|
page read and write
|
||
599D000
|
stack
|
page read and write
|
||
2FBE000
|
unkown
|
page read and write
|
||
7DE9000
|
heap
|
page read and write
|
||
78EE000
|
stack
|
page read and write
|
||
3071000
|
trusted library allocation
|
page read and write
|
||
132D000
|
trusted library allocation
|
page execute and read and write
|
||
3081000
|
trusted library allocation
|
page read and write
|
||
EB0000
|
heap
|
page read and write
|
||
7DC1000
|
heap
|
page read and write
|
||
33CC000
|
trusted library allocation
|
page read and write
|
||
52C0000
|
trusted library allocation
|
page read and write
|
||
5220000
|
trusted library allocation
|
page read and write
|
||
24BD000
|
stack
|
page read and write
|
||
A5EE000
|
stack
|
page read and write
|
||
5B90000
|
heap
|
page execute and read and write
|
||
5A10000
|
heap
|
page read and write
|
||
25F0000
|
heap
|
page read and write
|
||
A72E000
|
stack
|
page read and write
|
||
133B000
|
trusted library allocation
|
page read and write
|
||
BD7000
|
stack
|
page read and write
|
||
306C000
|
trusted library allocation
|
page read and write
|
||
474000
|
remote allocation
|
page execute and read and write
|
||
56D0000
|
trusted library allocation
|
page read and write
|
||
119E000
|
stack
|
page read and write
|
||
5259000
|
trusted library allocation
|
page read and write
|
||
56C5000
|
trusted library allocation
|
page read and write
|
||
C2D000
|
unkown
|
page readonly
|
||
123A000
|
trusted library allocation
|
page execute and read and write
|
||
2AF0000
|
heap
|
page read and write
|
||
74E9000
|
heap
|
page read and write
|
||
54C0000
|
trusted library section
|
page readonly
|
||
1339000
|
trusted library allocation
|
page read and write
|
||
5690000
|
trusted library allocation
|
page read and write
|
||
1300000
|
heap
|
page read and write
|
||
5240000
|
trusted library allocation
|
page read and write
|
||
2A20000
|
heap
|
page read and write
|
||
7D80000
|
heap
|
page read and write
|
||
9C8E000
|
stack
|
page read and write
|
||
121D000
|
trusted library allocation
|
page execute and read and write
|
||
52D3000
|
heap
|
page execute and read and write
|
||
71F7000
|
trusted library allocation
|
page read and write
|
||
165E000
|
stack
|
page read and write
|
||
59B0000
|
trusted library allocation
|
page execute and read and write
|
||
4D28000
|
trusted library allocation
|
page read and write
|
||
1192000
|
heap
|
page read and write
|
||
56B0000
|
trusted library allocation
|
page read and write
|
||
B40000
|
unkown
|
page readonly
|
||
DE0000
|
heap
|
page read and write
|
||
A97D000
|
stack
|
page read and write
|
||
5682000
|
trusted library allocation
|
page read and write
|
||
135B000
|
trusted library allocation
|
page execute and read and write
|
||
5A00000
|
heap
|
page read and write
|
||
1110000
|
heap
|
page read and write
|
||
555F000
|
stack
|
page read and write
|
||
7B2F000
|
stack
|
page read and write
|
||
AF3E000
|
stack
|
page read and write
|
||
AE3C000
|
stack
|
page read and write
|
||
1247000
|
trusted library allocation
|
page execute and read and write
|
||
DD8000
|
stack
|
page read and write
|
||
408D000
|
trusted library allocation
|
page read and write
|
||
10CE000
|
stack
|
page read and write
|
||
305B000
|
trusted library allocation
|
page read and write
|
||
145E000
|
stack
|
page read and write
|
||
2BD0000
|
trusted library allocation
|
page read and write
|
||
AABD000
|
stack
|
page read and write
|
||
CFC000
|
stack
|
page read and write
|
||
5410000
|
trusted library allocation
|
page read and write
|
||
4086000
|
trusted library allocation
|
page read and write
|
||
9E8D000
|
stack
|
page read and write
|
||
2C4C000
|
stack
|
page read and write
|
||
5400000
|
trusted library allocation
|
page read and write
|
||
54D0000
|
heap
|
page read and write
|
||
7F070000
|
trusted library allocation
|
page execute and read and write
|
||
A8BE000
|
stack
|
page read and write
|
||
727E000
|
stack
|
page read and write
|
||
12F0000
|
heap
|
page read and write
|
||
FBF000
|
heap
|
page read and write
|
||
3D51000
|
trusted library allocation
|
page read and write
|
||
5242000
|
trusted library allocation
|
page read and write
|
||
1030000
|
heap
|
page read and write
|
||
54E0000
|
heap
|
page read and write
|
||
74DB000
|
heap
|
page read and write
|
||
30BD000
|
stack
|
page read and write
|
||
1200000
|
trusted library allocation
|
page read and write
|
||
1377000
|
heap
|
page read and write
|
There are 360 hidden memdumps, click here to show them.