Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
HOU3ED3EDRFQ.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
||
C:\ProgramData\remcos\logs.dat
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\HOU3ED3EDRFQ.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\tmpFE55.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\LDrvERevBZJN.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\LDrvERevBZJN.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\LDrvERevBZJN.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\json[1].json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
modified
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2wnsfygh.vus.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3azngg0p.xd5.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5kt3pcvv.kpt.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bszyaidt.zcl.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_cj3w0flg.4hw.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lge4uoef.1rx.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_uj31u4sw.ysq.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_y2zvglcw.0kq.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\tmpB84.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 8 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\HOU3ED3EDRFQ.exe
|
"C:\Users\user\Desktop\HOU3ED3EDRFQ.exe"
|
||
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\HOU3ED3EDRFQ.exe"
|
||
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\LDrvERevBZJN.exe"
|
||
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\LDrvERevBZJN" /XML "C:\Users\user\AppData\Local\Temp\tmpFE55.tmp"
|
||
C:\Users\user\Desktop\HOU3ED3EDRFQ.exe
|
"C:\Users\user\Desktop\HOU3ED3EDRFQ.exe"
|
||
C:\Users\user\Desktop\HOU3ED3EDRFQ.exe
|
"C:\Users\user\Desktop\HOU3ED3EDRFQ.exe"
|
||
C:\Users\user\AppData\Roaming\LDrvERevBZJN.exe
|
C:\Users\user\AppData\Roaming\LDrvERevBZJN.exe
|
||
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\LDrvERevBZJN" /XML "C:\Users\user\AppData\Local\Temp\tmpB84.tmp"
|
||
C:\Users\user\AppData\Roaming\LDrvERevBZJN.exe
|
"C:\Users\user\AppData\Roaming\LDrvERevBZJN.exe"
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 4 hidden processes, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
45.66.231.218
|
|||
http://geoplugin.net/json.gpc
|
unknown
|
||
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
http://www.fontbureau.com
|
unknown
|
||
http://www.fontbureau.com/designersG
|
unknown
|
||
http://geoplugin.net/json.gph
|
unknown
|
||
http://www.fontbureau.com/designers/?
|
unknown
|
||
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
http://www.fontbureau.com/designers?
|
unknown
|
||
http://www.tiro.com
|
unknown
|
||
http://www.fontbureau.com/designers
|
unknown
|
||
http://www.goodfont.co.kr
|
unknown
|
||
http://geoplugin.net/json.gp:
|
unknown
|
||
http://geoplugin.net/json.gpz
|
unknown
|
||
http://geoplugin.net/json.gpSystem32
|
unknown
|
||
http://www.carterandcone.coml
|
unknown
|
||
http://www.sajatypeworks.com
|
unknown
|
||
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
http://www.typography.netD
|
unknown
|
||
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
http://www.founder.com.cn/cn
|
unknown
|
||
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
http://geoplugin.net/json.gp/C
|
unknown
|
||
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
http://www.fontbureau.com/designers8
|
unknown
|
||
http://www.fonts.com
|
unknown
|
||
http://www.sandoll.co.kr
|
unknown
|
||
http://www.urwpp.deDPlease
|
unknown
|
||
http://www.zhongyicts.com.cn
|
unknown
|
||
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
http://www.sakkal.com
|
unknown
|
There are 24 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
geoplugin.net
|
178.237.33.50
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
45.66.231.218
|
unknown
|
Germany
|
||
178.237.33.50
|
geoplugin.net
|
Netherlands
|
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_CURRENT_USER\SOFTWARE\Rmc-UII1DP
|
exepath
|
||
HKEY_CURRENT_USER\SOFTWARE\Rmc-UII1DP
|
licence
|
||
HKEY_CURRENT_USER\SOFTWARE\Rmc-UII1DP
|
time
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
1547000
|
heap
|
page read and write
|
||
455A000
|
trusted library allocation
|
page read and write
|
||
158F000
|
heap
|
page read and write
|
||
315F000
|
stack
|
page read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
37FA000
|
trusted library allocation
|
page read and write
|
||
BB7000
|
heap
|
page read and write
|
||
9F0000
|
heap
|
page read and write
|
||
69E0000
|
heap
|
page read and write
|
||
169D000
|
trusted library allocation
|
page execute and read and write
|
||
6F4E000
|
stack
|
page read and write
|
||
3462000
|
trusted library allocation
|
page read and write
|
||
4CD0000
|
trusted library allocation
|
page read and write
|
||
59C0000
|
heap
|
page read and write
|
||
867000
|
heap
|
page read and write
|
||
98E000
|
stack
|
page read and write
|
||
7C3F000
|
stack
|
page read and write
|
||
1602000
|
heap
|
page read and write
|
||
5C70000
|
heap
|
page execute and read and write
|
||
801E000
|
stack
|
page read and write
|
||
4EFC000
|
stack
|
page read and write
|
||
343B000
|
trusted library allocation
|
page read and write
|
||
1830000
|
heap
|
page read and write
|
||
6D3D000
|
stack
|
page read and write
|
||
1A3E000
|
stack
|
page read and write
|
||
5E39000
|
heap
|
page read and write
|
||
99F0000
|
heap
|
page read and write
|
||
3240000
|
heap
|
page read and write
|
||
471000
|
remote allocation
|
page execute and read and write
|
||
3430000
|
trusted library allocation
|
page read and write
|
||
1540000
|
heap
|
page read and write
|
||
B7D000
|
stack
|
page read and write
|
||
1B70000
|
heap
|
page execute and read and write
|
||
84A000
|
heap
|
page read and write
|
||
137C000
|
stack
|
page read and write
|
||
1650000
|
heap
|
page read and write
|
||
4F00000
|
heap
|
page read and write
|
||
5D7D000
|
stack
|
page read and write
|
||
8EA000
|
heap
|
page read and write
|
||
5A80000
|
trusted library allocation
|
page read and write
|
||
1640000
|
heap
|
page read and write
|
||
179A000
|
trusted library allocation
|
page execute and read and write
|
||
2A73000
|
trusted library allocation
|
page read and write
|
||
79C000
|
stack
|
page read and write
|
||
2DED000
|
stack
|
page read and write
|
||
6C0A000
|
trusted library allocation
|
page read and write
|
||
884000
|
heap
|
page read and write
|
||
500D000
|
stack
|
page read and write
|
||
6040000
|
trusted library allocation
|
page read and write
|
||
178D000
|
trusted library allocation
|
page execute and read and write
|
||
1693000
|
trusted library allocation
|
page execute and read and write
|
||
6B30000
|
trusted library allocation
|
page execute and read and write
|
||
A1F0000
|
trusted library allocation
|
page read and write
|
||
A79000
|
stack
|
page read and write
|
||
6AF5000
|
trusted library allocation
|
page read and write
|
||
50E0000
|
heap
|
page read and write
|
||
C4A000
|
trusted library allocation
|
page execute and read and write
|
||
7C7D000
|
stack
|
page read and write
|
||
16A0000
|
heap
|
page read and write
|
||
CA4000
|
heap
|
page read and write
|
||
9BEE000
|
stack
|
page read and write
|
||
5E20000
|
heap
|
page read and write
|
||
5E30000
|
heap
|
page read and write
|
||
C00000
|
trusted library allocation
|
page read and write
|
||
4D10000
|
heap
|
page execute and read and write
|
||
1088000
|
unkown
|
page readonly
|
||
25CC000
|
stack
|
page read and write
|
||
B23C000
|
stack
|
page read and write
|
||
7AF0000
|
trusted library allocation
|
page read and write
|
||
A50000
|
heap
|
page read and write
|
||
69F5000
|
heap
|
page read and write
|
||
4CA000
|
stack
|
page read and write
|
||
180E000
|
stack
|
page read and write
|
||
2DEF000
|
stack
|
page read and write
|
||
15E8000
|
heap
|
page read and write
|
||
67A0000
|
heap
|
page read and write
|
||
2C9E000
|
stack
|
page read and write
|
||
1680000
|
trusted library allocation
|
page read and write
|
||
5C61000
|
trusted library allocation
|
page read and write
|
||
C13000
|
trusted library allocation
|
page execute and read and write
|
||
6030000
|
trusted library allocation
|
page execute and read and write
|
||
1780000
|
trusted library allocation
|
page read and write
|
||
50B0000
|
heap
|
page read and write
|
||
C30000
|
heap
|
page read and write
|
||
DAE000
|
stack
|
page read and write
|
||
815E000
|
stack
|
page read and write
|
||
345D000
|
trusted library allocation
|
page read and write
|
||
7A30000
|
trusted library section
|
page read and write
|
||
3749000
|
trusted library allocation
|
page read and write
|
||
829E000
|
stack
|
page read and write
|
||
7ECE000
|
stack
|
page read and write
|
||
474000
|
remote allocation
|
page execute and read and write
|
||
5F20000
|
heap
|
page read and write
|
||
1B65000
|
trusted library allocation
|
page read and write
|
||
17A2000
|
trusted library allocation
|
page read and write
|
||
1B80000
|
trusted library allocation
|
page read and write
|
||
6C8D000
|
stack
|
page read and write
|
||
282A000
|
trusted library allocation
|
page read and write
|
||
C14000
|
trusted library allocation
|
page read and write
|
||
3451000
|
trusted library allocation
|
page read and write
|
||
811F000
|
stack
|
page read and write
|
||
39C4000
|
trusted library allocation
|
page read and write
|
||
4CE0000
|
trusted library allocation
|
page read and write
|
||
4D00000
|
trusted library allocation
|
page execute and read and write
|
||
C52000
|
trusted library allocation
|
page read and write
|
||
3B3A000
|
trusted library allocation
|
page read and write
|
||
6CE0000
|
trusted library allocation
|
page read and write
|
||
35FA000
|
trusted library allocation
|
page read and write
|
||
1796000
|
trusted library allocation
|
page execute and read and write
|
||
156A000
|
heap
|
page read and write
|
||
330C000
|
stack
|
page read and write
|
||
C5B000
|
trusted library allocation
|
page execute and read and write
|
||
1820000
|
trusted library allocation
|
page read and write
|
||
7B3E000
|
stack
|
page read and write
|
||
4C33000
|
heap
|
page read and write
|
||
5E5E000
|
heap
|
page read and write
|
||
5C7000
|
stack
|
page read and write
|
||
1BA7000
|
heap
|
page read and write
|
||
34E0000
|
heap
|
page read and write
|
||
F80000
|
unkown
|
page readonly
|
||
44F1000
|
trusted library allocation
|
page read and write
|
||
5A70000
|
heap
|
page read and write
|
||
344E000
|
stack
|
page read and write
|
||
46CE000
|
trusted library allocation
|
page read and write
|
||
C40000
|
trusted library allocation
|
page read and write
|
||
1792000
|
trusted library allocation
|
page read and write
|
||
68DE000
|
stack
|
page read and write
|
||
6F8E000
|
stack
|
page read and write
|
||
48BC000
|
stack
|
page read and write
|
||
15B1000
|
heap
|
page read and write
|
||
5101000
|
heap
|
page read and write
|
||
9F5000
|
heap
|
page read and write
|
||
7C86000
|
trusted library allocation
|
page read and write
|
||
A0AE000
|
stack
|
page read and write
|
||
7600000
|
trusted library allocation
|
page read and write
|
||
ACCE000
|
stack
|
page read and write
|
||
C57000
|
trusted library allocation
|
page execute and read and write
|
||
A1EF000
|
stack
|
page read and write
|
||
3729000
|
trusted library allocation
|
page read and write
|
||
50F0000
|
heap
|
page read and write
|
||
2700000
|
trusted library allocation
|
page read and write
|
||
31C0000
|
heap
|
page read and write
|
||
4C61000
|
trusted library allocation
|
page read and write
|
||
13E5000
|
heap
|
page read and write
|
||
6CD0000
|
trusted library allocation
|
page read and write
|
||
25D0000
|
trusted library allocation
|
page read and write
|
||
30DE000
|
unkown
|
page read and write
|
||
311F000
|
unkown
|
page read and write
|
||
14F7000
|
stack
|
page read and write
|
||
BCF000
|
stack
|
page read and write
|
||
161B000
|
heap
|
page read and write
|
||
3CAE000
|
trusted library allocation
|
page read and write
|
||
157F000
|
heap
|
page read and write
|
||
7622000
|
trusted library allocation
|
page read and write
|
||
17A0000
|
trusted library allocation
|
page read and write
|
||
4C66000
|
trusted library allocation
|
page read and write
|
||
DAE000
|
stack
|
page read and write
|
||
855F000
|
stack
|
page read and write
|
||
33BF000
|
stack
|
page read and write
|
||
5024000
|
trusted library section
|
page readonly
|
||
2CA0000
|
heap
|
page read and write
|
||
2721000
|
trusted library allocation
|
page read and write
|
||
5A90000
|
heap
|
page read and write
|
||
26F0000
|
trusted library allocation
|
page read and write
|
||
3120000
|
heap
|
page read and write
|
||
830000
|
heap
|
page read and write
|
||
4C30000
|
heap
|
page read and write
|
||
324B000
|
heap
|
page read and write
|
||
319C000
|
stack
|
page read and write
|
||
839E000
|
stack
|
page read and write
|
||
17AB000
|
trusted library allocation
|
page execute and read and write
|
||
15B8000
|
heap
|
page read and write
|
||
11A0000
|
heap
|
page read and write
|
||
940000
|
heap
|
page read and write
|
||
3A80000
|
trusted library allocation
|
page read and write
|
||
32CF000
|
stack
|
page read and write
|
||
F82000
|
unkown
|
page readonly
|
||
2A61000
|
trusted library allocation
|
page read and write
|
||
1600000
|
heap
|
page read and write
|
||
25E0000
|
heap
|
page execute and read and write
|
||
3843000
|
trusted library allocation
|
page read and write
|
||
3721000
|
trusted library allocation
|
page read and write
|
||
127C000
|
stack
|
page read and write
|
||
825F000
|
stack
|
page read and write
|
||
1BA0000
|
heap
|
page read and write
|
||
6A12000
|
heap
|
page read and write
|
||
368F000
|
stack
|
page read and write
|
||
6CE4000
|
trusted library allocation
|
page read and write
|
||
44F9000
|
trusted library allocation
|
page read and write
|
||
5950000
|
trusted library allocation
|
page execute and read and write
|
||
840000
|
heap
|
page read and write
|
||
C46000
|
trusted library allocation
|
page execute and read and write
|
||
1560000
|
heap
|
page read and write
|
||
193E000
|
stack
|
page read and write
|
||
7CB0000
|
trusted library allocation
|
page read and write
|
||
5930000
|
trusted library allocation
|
page read and write
|
||
1540000
|
heap
|
page read and write
|
||
CA0000
|
heap
|
page read and write
|
||
1B40000
|
trusted library allocation
|
page read and write
|
||
1580000
|
heap
|
page read and write
|
||
3434000
|
trusted library allocation
|
page read and write
|
||
1B50000
|
trusted library allocation
|
page read and write
|
||
9F6C000
|
stack
|
page read and write
|
||
15A2000
|
heap
|
page read and write
|
||
5E15000
|
heap
|
page read and write
|
||
3BF4000
|
trusted library allocation
|
page read and write
|
||
B33E000
|
stack
|
page read and write
|
||
34C0000
|
trusted library allocation
|
page execute and read and write
|
||
153E000
|
stack
|
page read and write
|
||
354F000
|
stack
|
page read and write
|
||
150E000
|
stack
|
page read and write
|
||
C2D000
|
trusted library allocation
|
page execute and read and write
|
||
69C000
|
stack
|
page read and write
|
||
A4E000
|
stack
|
page read and write
|
||
6C4E000
|
stack
|
page read and write
|
||
5E70000
|
heap
|
page read and write
|
||
13E0000
|
heap
|
page read and write
|
||
2800000
|
heap
|
page read and write
|
||
4CC0000
|
trusted library allocation
|
page execute and read and write
|
||
50E5000
|
heap
|
page read and write
|
||
378B000
|
trusted library allocation
|
page read and write
|
||
AB90000
|
heap
|
page read and write
|
||
34B0000
|
heap
|
page read and write
|
||
6AF9000
|
trusted library allocation
|
page read and write
|
||
B43E000
|
stack
|
page read and write
|
||
1190000
|
heap
|
page read and write
|
||
9E6B000
|
stack
|
page read and write
|
||
6D7E000
|
stack
|
page read and write
|
||
3090000
|
heap
|
page read and write
|
||
474000
|
remote allocation
|
page execute and read and write
|
||
6AF1000
|
trusted library allocation
|
page read and write
|
||
6020000
|
trusted library section
|
page read and write
|
||
3F4E000
|
stack
|
page read and write
|
||
59AB000
|
stack
|
page read and write
|
||
107A000
|
unkown
|
page readonly
|
||
6E4E000
|
stack
|
page read and write
|
||
8560000
|
heap
|
page read and write
|
||
BB0000
|
heap
|
page read and write
|
||
164B000
|
heap
|
page read and write
|
||
EAF000
|
stack
|
page read and write
|
||
1810000
|
trusted library allocation
|
page execute and read and write
|
||
305D000
|
stack
|
page read and write
|
||
107F000
|
unkown
|
page readonly
|
||
C70000
|
trusted library allocation
|
page read and write
|
||
303A000
|
stack
|
page read and write
|
||
5010000
|
heap
|
page read and write
|
||
4C5E000
|
trusted library allocation
|
page read and write
|
||
B13C000
|
stack
|
page read and write
|
||
35FC000
|
trusted library allocation
|
page read and write
|
||
7E7D000
|
stack
|
page read and write
|
||
404F000
|
stack
|
page read and write
|
||
736E000
|
stack
|
page read and write
|
||
1690000
|
trusted library allocation
|
page read and write
|
||
11EE000
|
stack
|
page read and write
|
||
1790000
|
trusted library allocation
|
page read and write
|
||
A60000
|
heap
|
page read and write
|
||
4CB0000
|
heap
|
page read and write
|
||
2F60000
|
heap
|
page read and write
|
||
1612000
|
heap
|
page read and write
|
||
344E000
|
trusted library allocation
|
page read and write
|
||
16A5000
|
heap
|
page read and write
|
||
13F0000
|
heap
|
page read and write
|
||
478000
|
remote allocation
|
page execute and read and write
|
||
17C0000
|
trusted library allocation
|
page read and write
|
||
71CF000
|
stack
|
page read and write
|
||
845E000
|
stack
|
page read and write
|
||
9DF0000
|
trusted library allocation
|
page execute and read and write
|
||
2C5F000
|
unkown
|
page read and write
|
||
90A000
|
heap
|
page read and write
|
||
112A000
|
stack
|
page read and write
|
||
BD0000
|
heap
|
page read and write
|
||
5020000
|
trusted library section
|
page readonly
|
||
17A7000
|
trusted library allocation
|
page execute and read and write
|
||
5A93000
|
heap
|
page read and write
|
||
1510000
|
heap
|
page read and write
|
||
5E10000
|
heap
|
page read and write
|
||
C80000
|
trusted library allocation
|
page execute and read and write
|
||
4519000
|
trusted library allocation
|
page read and write
|
||
A0ED000
|
stack
|
page read and write
|
||
4C4B000
|
trusted library allocation
|
page read and write
|
||
4728000
|
trusted library allocation
|
page read and write
|
||
69DE000
|
stack
|
page read and write
|
||
9FAD000
|
stack
|
page read and write
|
||
4C6D000
|
trusted library allocation
|
page read and write
|
||
C20000
|
trusted library allocation
|
page read and write
|
||
55EC000
|
stack
|
page read and write
|
||
AFCE000
|
stack
|
page read and write
|
||
71D0000
|
trusted library allocation
|
page read and write
|
||
1A3F000
|
stack
|
page read and write
|
||
6C00000
|
trusted library allocation
|
page read and write
|
||
2CB0000
|
heap
|
page read and write
|
||
8E7000
|
heap
|
page read and write
|
||
5E00000
|
trusted library section
|
page read and write
|
||
15A0000
|
heap
|
page read and write
|
||
AD0D000
|
stack
|
page read and write
|
||
5C10000
|
heap
|
page read and write
|
||
3358000
|
trusted library allocation
|
page read and write
|
||
708E000
|
stack
|
page read and write
|
||
2B00000
|
heap
|
page read and write
|
||
1B3E000
|
stack
|
page read and write
|
||
342B000
|
stack
|
page read and write
|
||
5C50000
|
trusted library section
|
page read and write
|
||
25D4000
|
trusted library allocation
|
page read and write
|
||
2CBB000
|
heap
|
page read and write
|
||
3470000
|
trusted library allocation
|
page read and write
|
||
258E000
|
stack
|
page read and write
|
||
9CD000
|
stack
|
page read and write
|
||
4C20000
|
trusted library allocation
|
page read and write
|
||
882000
|
heap
|
page read and write
|
||
34F1000
|
trusted library allocation
|
page read and write
|
||
C42000
|
trusted library allocation
|
page read and write
|
||
1589000
|
heap
|
page read and write
|
||
358E000
|
stack
|
page read and write
|
||
15A3000
|
heap
|
page read and write
|
||
8DA000
|
heap
|
page read and write
|
||
C90000
|
trusted library allocation
|
page read and write
|
||
1B60000
|
trusted library allocation
|
page read and write
|
||
3456000
|
trusted library allocation
|
page read and write
|
||
C22000
|
trusted library allocation
|
page read and write
|
||
A00000
|
heap
|
page read and write
|
||
34D0000
|
trusted library allocation
|
page read and write
|
||
3130000
|
heap
|
page read and write
|
||
31A0000
|
heap
|
page read and write
|
||
337E000
|
stack
|
page read and write
|
||
7AFA000
|
trusted library allocation
|
page read and write
|
||
99ED000
|
stack
|
page read and write
|
||
7C80000
|
trusted library allocation
|
page read and write
|
||
156E000
|
heap
|
page read and write
|
||
38FE000
|
trusted library allocation
|
page read and write
|
||
84E000
|
heap
|
page read and write
|
||
340F000
|
stack
|
page read and write
|
||
3510000
|
heap
|
page read and write
|
||
7C90000
|
trusted library allocation
|
page execute and read and write
|
||
2710000
|
heap
|
page read and write
|
||
2C1E000
|
unkown
|
page read and write
|
||
4C00000
|
trusted library allocation
|
page read and write
|
||
2AE0000
|
heap
|
page read and write
|
||
874000
|
heap
|
page read and write
|
||
C1D000
|
trusted library allocation
|
page execute and read and write
|
||
2705000
|
trusted library allocation
|
page read and write
|
||
25D6000
|
trusted library allocation
|
page read and write
|
||
AECE000
|
stack
|
page read and write
|
||
C10000
|
trusted library allocation
|
page read and write
|
||
4C44000
|
trusted library allocation
|
page read and write
|
||
8573000
|
heap
|
page read and write
|
||
AE8E000
|
stack
|
page read and write
|
||
1694000
|
trusted library allocation
|
page read and write
|
||
70CE000
|
stack
|
page read and write
|
||
4C40000
|
trusted library allocation
|
page read and write
|
||
26EE000
|
stack
|
page read and write
|
||
59B0000
|
trusted library section
|
page readonly
|
||
A3D000
|
stack
|
page read and write
|
||
9CEE000
|
stack
|
page read and write
|
There are 343 hidden memdumps, click here to show them.