Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
PO 11072024.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
||
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\PO 11072024.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\tmp33D1.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\ppUSXdJgAIFILG.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\ppUSXdJgAIFILG.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\ppUSXdJgAIFILG.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\json[1].json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_12wvsfra.soh.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_el5rygfv.nt1.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mz3xmrjc.nbf.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_spzomboo.xv5.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\tmp3B91.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 3 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\PO 11072024.exe
|
"C:\Users\user\Desktop\PO 11072024.exe"
|
||
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\ppUSXdJgAIFILG.exe"
|
||
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\ppUSXdJgAIFILG" /XML "C:\Users\user\AppData\Local\Temp\tmp33D1.tmp"
|
||
C:\Users\user\Desktop\PO 11072024.exe
|
"C:\Users\user\Desktop\PO 11072024.exe"
|
||
C:\Users\user\Desktop\PO 11072024.exe
|
"C:\Users\user\Desktop\PO 11072024.exe"
|
||
C:\Users\user\Desktop\PO 11072024.exe
|
"C:\Users\user\Desktop\PO 11072024.exe"
|
||
C:\Users\user\AppData\Roaming\ppUSXdJgAIFILG.exe
|
C:\Users\user\AppData\Roaming\ppUSXdJgAIFILG.exe
|
||
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\ppUSXdJgAIFILG" /XML "C:\Users\user\AppData\Local\Temp\tmp3B91.tmp"
|
||
C:\Users\user\AppData\Roaming\ppUSXdJgAIFILG.exe
|
"C:\Users\user\AppData\Roaming\ppUSXdJgAIFILG.exe"
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 3 hidden processes, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
172.93.218.178
|
|||
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
http://www.fontbureau.com
|
unknown
|
||
http://www.fontbureau.com/designersG
|
unknown
|
||
http://www.fontbureau.com/designers/?
|
unknown
|
||
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
http://www.fontbureau.com/designers?
|
unknown
|
||
http://www.tiro.com
|
unknown
|
||
http://www.fontbureau.com/designers
|
unknown
|
||
http://www.goodfont.co.kr
|
unknown
|
||
http://geoplugin.net/json.gpSystem32
|
unknown
|
||
http://www.carterandcone.coml
|
unknown
|
||
http://www.sajatypeworks.com
|
unknown
|
||
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
http://www.typography.netD
|
unknown
|
||
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
http://www.founder.com.cn/cn
|
unknown
|
||
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
http://geoplugin.net/
|
unknown
|
||
http://geoplugin.net/json.gp/C
|
unknown
|
||
http://geoplugin.net/json.gpJ
|
unknown
|
||
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
http://www.fontbureau.com/designers8
|
unknown
|
||
http://geoplugin.net/json.gpQ
|
unknown
|
||
http://www.fonts.com
|
unknown
|
||
http://www.sandoll.co.kr
|
unknown
|
||
http://www.urwpp.deDPlease
|
unknown
|
||
http://www.zhongyicts.com.cn
|
unknown
|
||
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
http://www.sakkal.com
|
unknown
|
There are 23 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
geoplugin.net
|
178.237.33.50
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
172.93.218.178
|
unknown
|
United States
|
||
178.237.33.50
|
geoplugin.net
|
Netherlands
|
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_CURRENT_USER\SOFTWARE\765-XJJE0J
|
exepath
|
||
HKEY_CURRENT_USER\SOFTWARE\765-XJJE0J
|
licence
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
16C7000
|
heap
|
page read and write
|
||
134B000
|
heap
|
page read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
4299000
|
trusted library allocation
|
page read and write
|
||
2F30000
|
trusted library allocation
|
page read and write
|
||
5D80000
|
trusted library section
|
page read and write
|
||
148E000
|
stack
|
page read and write
|
||
1950000
|
trusted library allocation
|
page read and write
|
||
14B0000
|
heap
|
page read and write
|
||
2F10000
|
trusted library allocation
|
page read and write
|
||
19A0000
|
heap
|
page read and write
|
||
1670000
|
trusted library allocation
|
page read and write
|
||
35C9000
|
trusted library allocation
|
page read and write
|
||
2EF6000
|
trusted library allocation
|
page read and write
|
||
160E000
|
stack
|
page read and write
|
||
A42E000
|
stack
|
page read and write
|
||
1630000
|
trusted library allocation
|
page read and write
|
||
639E000
|
heap
|
page read and write
|
||
F5C000
|
stack
|
page read and write
|
||
FE0000
|
heap
|
page read and write
|
||
A06E000
|
stack
|
page read and write
|
||
167D000
|
stack
|
page read and write
|
||
1187000
|
trusted library allocation
|
page execute and read and write
|
||
2F71000
|
trusted library allocation
|
page read and write
|
||
E39000
|
stack
|
page read and write
|
||
1727000
|
heap
|
page read and write
|
||
A02E000
|
stack
|
page read and write
|
||
9D0E000
|
stack
|
page read and write
|
||
F37000
|
stack
|
page read and write
|
||
17D0000
|
heap
|
page read and write
|
||
732E000
|
stack
|
page read and write
|
||
5420000
|
heap
|
page execute and read and write
|
||
1981000
|
trusted library allocation
|
page read and write
|
||
3F79000
|
trusted library allocation
|
page read and write
|
||
1646000
|
trusted library allocation
|
page execute and read and write
|
||
446E000
|
trusted library allocation
|
page read and write
|
||
5D60000
|
trusted library allocation
|
page read and write
|
||
15DC000
|
stack
|
page read and write
|
||
16A0000
|
heap
|
page read and write
|
||
1623000
|
trusted library allocation
|
page execute and read and write
|
||
2EDB000
|
trusted library allocation
|
page read and write
|
||
7DB0000
|
trusted library allocation
|
page read and write
|
||
13E0000
|
heap
|
page read and write
|
||
1635000
|
heap
|
page read and write
|
||
315F000
|
stack
|
page read and write
|
||
1060000
|
heap
|
page read and write
|
||
5802000
|
trusted library allocation
|
page read and write
|
||
76E0000
|
trusted library allocation
|
page execute and read and write
|
||
2EFD000
|
trusted library allocation
|
page read and write
|
||
57C0000
|
heap
|
page read and write
|
||
FD0000
|
heap
|
page read and write
|
||
7A74000
|
heap
|
page read and write
|
||
12F7000
|
stack
|
page read and write
|
||
4291000
|
trusted library allocation
|
page read and write
|
||
5770000
|
trusted library allocation
|
page read and write
|
||
174C000
|
heap
|
page read and write
|
||
17C0000
|
heap
|
page read and write
|
||
1182000
|
trusted library allocation
|
page read and write
|
||
5409000
|
trusted library allocation
|
page read and write
|
||
7A80000
|
heap
|
page read and write
|
||
5D90000
|
trusted library allocation
|
page read and write
|
||
161E000
|
stack
|
page read and write
|
||
2ECF000
|
stack
|
page read and write
|
||
53B0000
|
trusted library allocation
|
page read and write
|
||
1160000
|
trusted library allocation
|
page read and write
|
||
5CD0000
|
heap
|
page read and write
|
||
811E000
|
stack
|
page read and write
|
||
112D000
|
stack
|
page read and write
|
||
7810000
|
trusted library allocation
|
page execute and read and write
|
||
3270000
|
heap
|
page read and write
|
||
16E1000
|
heap
|
page read and write
|
||
141A000
|
heap
|
page read and write
|
||
1453000
|
heap
|
page read and write
|
||
3280000
|
heap
|
page execute and read and write
|
||
7FDD0000
|
trusted library allocation
|
page execute and read and write
|
||
303D000
|
stack
|
page read and write
|
||
70CE000
|
stack
|
page read and write
|
||
7E5E000
|
stack
|
page read and write
|
||
1330000
|
heap
|
page read and write
|
||
7540000
|
trusted library allocation
|
page execute and read and write
|
||
AE8C000
|
stack
|
page read and write
|
||
588B000
|
stack
|
page read and write
|
||
32BE000
|
stack
|
page read and write
|
||
1360000
|
heap
|
page read and write
|
||
3291000
|
trusted library allocation
|
page read and write
|
||
162D000
|
trusted library allocation
|
page execute and read and write
|
||
319E000
|
stack
|
page read and write
|
||
4064000
|
trusted library allocation
|
page read and write
|
||
1680000
|
trusted library allocation
|
page execute and read and write
|
||
5554000
|
trusted library section
|
page readonly
|
||
3C8E000
|
stack
|
page read and write
|
||
5430000
|
trusted library allocation
|
page read and write
|
||
1652000
|
trusted library allocation
|
page read and write
|
||
1450000
|
heap
|
page read and write
|
||
5298000
|
trusted library allocation
|
page read and write
|
||
13E5000
|
heap
|
page read and write
|
||
A2EC000
|
stack
|
page read and write
|
||
3FEE000
|
trusted library allocation
|
page read and write
|
||
FF9000
|
stack
|
page read and write
|
||
298A000
|
stack
|
page read and write
|
||
7B90000
|
trusted library section
|
page read and write
|
||
128A000
|
heap
|
page read and write
|
||
1624000
|
trusted library allocation
|
page read and write
|
||
324E000
|
stack
|
page read and write
|
||
5550000
|
trusted library section
|
page readonly
|
||
1176000
|
trusted library allocation
|
page execute and read and write
|
||
2EC0000
|
trusted library allocation
|
page read and write
|
||
138F000
|
stack
|
page read and write
|
||
4211000
|
trusted library allocation
|
page read and write
|
||
3250000
|
trusted library allocation
|
page read and write
|
||
167E000
|
stack
|
page read and write
|
||
A2AF000
|
stack
|
page read and write
|
||
2E8E000
|
stack
|
page read and write
|
||
2C3E000
|
unkown
|
page read and write
|
||
542C000
|
stack
|
page read and write
|
||
1657000
|
trusted library allocation
|
page execute and read and write
|
||
3270000
|
trusted library allocation
|
page read and write
|
||
14FE000
|
stack
|
page read and write
|
||
414E000
|
trusted library allocation
|
page read and write
|
||
7DB4000
|
trusted library allocation
|
page read and write
|
||
506C000
|
stack
|
page read and write
|
||
5402000
|
trusted library allocation
|
page read and write
|
||
5800000
|
trusted library allocation
|
page read and write
|
||
7533000
|
trusted library allocation
|
page read and write
|
||
786E000
|
heap
|
page read and write
|
||
2E8E000
|
stack
|
page read and write
|
||
FB0000
|
heap
|
page read and write
|
||
171E000
|
heap
|
page read and write
|
||
116D000
|
trusted library allocation
|
page execute and read and write
|
||
115D000
|
trusted library allocation
|
page execute and read and write
|
||
E70000
|
unkown
|
page readonly
|
||
153E000
|
stack
|
page read and write
|
||
581D000
|
stack
|
page read and write
|
||
1209000
|
heap
|
page read and write
|
||
57E0000
|
heap
|
page read and write
|
||
9DEE000
|
stack
|
page read and write
|
||
165B000
|
trusted library allocation
|
page execute and read and write
|
||
5820000
|
heap
|
page read and write
|
||
1620000
|
trusted library allocation
|
page read and write
|
||
59F0000
|
trusted library allocation
|
page read and write
|
||
5920000
|
heap
|
page read and write
|
||
AD8C000
|
stack
|
page read and write
|
||
5700000
|
trusted library allocation
|
page execute and read and write
|
||
57F3000
|
heap
|
page read and write
|
||
16FF000
|
heap
|
page read and write
|
||
1630000
|
heap
|
page read and write
|
||
1400000
|
trusted library allocation
|
page read and write
|
||
119E000
|
heap
|
page read and write
|
||
71E0000
|
trusted library allocation
|
page read and write
|
||
307A000
|
stack
|
page read and write
|
||
76D0000
|
trusted library allocation
|
page read and write
|
||
5D70000
|
trusted library allocation
|
page execute and read and write
|
||
A85F000
|
stack
|
page read and write
|
||
14FC000
|
stack
|
page read and write
|
||
3D8F000
|
stack
|
page read and write
|
||
2C7F000
|
unkown
|
page read and write
|
||
32A9000
|
trusted library allocation
|
page read and write
|
||
E72000
|
unkown
|
page readonly
|
||
7A60000
|
heap
|
page read and write
|
||
16C0000
|
heap
|
page read and write
|
||
57F0000
|
heap
|
page read and write
|
||
59D0000
|
heap
|
page read and write
|
||
3260000
|
trusted library allocation
|
page read and write
|
||
471000
|
remote allocation
|
page execute and read and write
|
||
2EF1000
|
trusted library allocation
|
page read and write
|
||
1227000
|
heap
|
page read and write
|
||
177F000
|
stack
|
page read and write
|
||
7C50000
|
trusted library allocation
|
page read and write
|
||
7860000
|
heap
|
page read and write
|
||
16C0000
|
heap
|
page read and write
|
||
12FC000
|
stack
|
page read and write
|
||
554B000
|
stack
|
page read and write
|
||
2F20000
|
trusted library allocation
|
page read and write
|
||
AB0E000
|
stack
|
page read and write
|
||
5570000
|
heap
|
page read and write
|
||
71E9000
|
trusted library allocation
|
page read and write
|
||
11B9000
|
heap
|
page read and write
|
||
1198000
|
heap
|
page read and write
|
||
1172000
|
trusted library allocation
|
page read and write
|
||
5830000
|
heap
|
page read and write
|
||
3210000
|
heap
|
page read and write
|
||
2F35000
|
trusted library allocation
|
page read and write
|
||
9F2E000
|
stack
|
page read and write
|
||
7C9E000
|
stack
|
page read and write
|
||
117A000
|
trusted library allocation
|
page execute and read and write
|
||
17CE000
|
stack
|
page read and write
|
||
A52E000
|
stack
|
page read and write
|
||
10E5000
|
heap
|
page read and write
|
||
198D000
|
trusted library allocation
|
page read and write
|
||
10BE000
|
stack
|
page read and write
|
||
1245000
|
heap
|
page read and write
|
||
1986000
|
trusted library allocation
|
page read and write
|
||
1154000
|
trusted library allocation
|
page read and write
|
||
29E0000
|
heap
|
page read and write
|
||
1153000
|
trusted library allocation
|
page execute and read and write
|
||
5CD5000
|
heap
|
page read and write
|
||
76F0000
|
heap
|
page read and write
|
||
AC4E000
|
stack
|
page read and write
|
||
5D50000
|
trusted library section
|
page read and write
|
||
722E000
|
stack
|
page read and write
|
||
7530000
|
trusted library allocation
|
page read and write
|
||
1150000
|
trusted library allocation
|
page read and write
|
||
7C59000
|
trusted library allocation
|
page read and write
|
||
5790000
|
trusted library allocation
|
page read and write
|
||
1725000
|
heap
|
page read and write
|
||
13BE000
|
stack
|
page read and write
|
||
1180000
|
trusted library allocation
|
page read and write
|
||
1499000
|
heap
|
page read and write
|
||
141E000
|
heap
|
page read and write
|
||
7800000
|
trusted library allocation
|
page read and write
|
||
163D000
|
trusted library allocation
|
page execute and read and write
|
||
19A7000
|
heap
|
page read and write
|
||
30B0000
|
heap
|
page read and write
|
||
2E90000
|
heap
|
page read and write
|
||
122D000
|
heap
|
page read and write
|
||
197E000
|
trusted library allocation
|
page read and write
|
||
1170000
|
trusted library allocation
|
page read and write
|
||
163E000
|
stack
|
page read and write
|
||
6379000
|
heap
|
page read and write
|
||
1508000
|
trusted library allocation
|
page read and write
|
||
5560000
|
heap
|
page read and write
|
||
5710000
|
heap
|
page read and write
|
||
11D2000
|
heap
|
page read and write
|
||
5810000
|
trusted library allocation
|
page execute and read and write
|
||
AF8E000
|
stack
|
page read and write
|
||
2F60000
|
heap
|
page execute and read and write
|
||
1140000
|
trusted library allocation
|
page read and write
|
||
1620000
|
heap
|
page read and write
|
||
31CE000
|
unkown
|
page read and write
|
||
46E000
|
remote allocation
|
page execute and read and write
|
||
14A0000
|
trusted library allocation
|
page read and write
|
||
5DA0000
|
trusted library allocation
|
page execute and read and write
|
||
2F16000
|
trusted library allocation
|
page read and write
|
||
11E0000
|
heap
|
page read and write
|
||
2EEE000
|
trusted library allocation
|
page read and write
|
||
1650000
|
trusted library allocation
|
page read and write
|
||
53F0000
|
heap
|
page read and write
|
||
18CE000
|
stack
|
page read and write
|
||
40B8000
|
trusted library allocation
|
page read and write
|
||
9EEE000
|
stack
|
page read and write
|
||
71E4000
|
trusted library allocation
|
page read and write
|
||
5715000
|
heap
|
page read and write
|
||
29F0000
|
heap
|
page read and write
|
||
A1AE000
|
stack
|
page read and write
|
||
7560000
|
trusted library allocation
|
page read and write
|
||
10E0000
|
heap
|
page read and write
|
||
11F0000
|
heap
|
page read and write
|
||
7460000
|
trusted library allocation
|
page read and write
|
||
A16F000
|
stack
|
page read and write
|
||
475000
|
remote allocation
|
page execute and read and write
|
||
1190000
|
heap
|
page read and write
|
||
7FA00000
|
trusted library allocation
|
page execute and read and write
|
||
173E000
|
heap
|
page read and write
|
||
63B0000
|
heap
|
page read and write
|
||
5D4E000
|
stack
|
page read and write
|
||
7482000
|
trusted library allocation
|
page read and write
|
||
1747000
|
heap
|
page read and write
|
||
2F10000
|
heap
|
page read and write
|
||
4437000
|
trusted library allocation
|
page read and write
|
||
76BE000
|
stack
|
page read and write
|
||
32AE000
|
trusted library allocation
|
page read and write
|
||
4380000
|
trusted library allocation
|
page read and write
|
||
15E0000
|
heap
|
page read and write
|
||
59C0000
|
heap
|
page read and write
|
||
2ED0000
|
heap
|
page read and write
|
||
33D0000
|
heap
|
page read and write
|
||
471000
|
remote allocation
|
page execute and read and write
|
||
42C9000
|
trusted library allocation
|
page read and write
|
||
1680000
|
heap
|
page read and write
|
||
2ED0000
|
trusted library allocation
|
page read and write
|
||
164A000
|
trusted library allocation
|
page execute and read and write
|
||
2F14000
|
trusted library allocation
|
page read and write
|
||
5820000
|
trusted library allocation
|
page read and write
|
||
118B000
|
trusted library allocation
|
page execute and read and write
|
||
2EB0000
|
trusted library allocation
|
page execute and read and write
|
||
339F000
|
stack
|
page read and write
|
||
5410000
|
trusted library allocation
|
page execute and read and write
|
||
11D4000
|
heap
|
page read and write
|
||
2F80000
|
heap
|
page read and write
|
||
F80000
|
heap
|
page read and write
|
||
7060000
|
trusted library allocation
|
page read and write
|
||
7DFD000
|
stack
|
page read and write
|
||
3670000
|
heap
|
page read and write
|
||
7DA0000
|
trusted library allocation
|
page read and write
|
||
1070000
|
heap
|
page read and write
|
||
5400000
|
trusted library allocation
|
page read and write
|
||
1960000
|
trusted library allocation
|
page read and write
|
||
54F0000
|
heap
|
page read and write
|
||
1370000
|
heap
|
page read and write
|
||
5BFD000
|
stack
|
page read and write
|
||
1690000
|
heap
|
page read and write
|
||
A3EC000
|
stack
|
page read and write
|
||
40CF000
|
trusted library allocation
|
page read and write
|
||
1410000
|
heap
|
page read and write
|
||
190E000
|
stack
|
page read and write
|
||
54F3000
|
heap
|
page read and write
|
||
3275000
|
trusted library allocation
|
page read and write
|
||
15E7000
|
heap
|
page read and write
|
||
3F71000
|
trusted library allocation
|
page read and write
|
||
A9CE000
|
stack
|
page read and write
|
||
7A5F000
|
stack
|
page read and write
|
||
32FF000
|
stack
|
page read and write
|
||
1640000
|
trusted library allocation
|
page read and write
|
||
592E000
|
heap
|
page read and write
|
||
AACE000
|
stack
|
page read and write
|
||
33DB000
|
heap
|
page read and write
|
||
2C8B000
|
heap
|
page read and write
|
||
1337000
|
heap
|
page read and write
|
||
AD4E000
|
stack
|
page read and write
|
||
5580000
|
heap
|
page read and write
|
||
194B000
|
stack
|
page read and write
|
||
75BE000
|
stack
|
page read and write
|
||
11C7000
|
heap
|
page read and write
|
||
59E0000
|
trusted library allocation
|
page execute and read and write
|
||
6360000
|
heap
|
page read and write
|
||
196B000
|
trusted library allocation
|
page read and write
|
||
2F40000
|
trusted library allocation
|
page read and write
|
||
5A00000
|
heap
|
page execute and read and write
|
||
6370000
|
heap
|
page read and write
|
||
7726000
|
heap
|
page read and write
|
||
AC0E000
|
stack
|
page read and write
|
||
A75E000
|
stack
|
page read and write
|
||
7D9E000
|
stack
|
page read and write
|
||
7FE0000
|
heap
|
page read and write
|
||
AFA0000
|
trusted library allocation
|
page execute and read and write
|
||
1642000
|
trusted library allocation
|
page read and write
|
||
294D000
|
stack
|
page read and write
|
||
320F000
|
unkown
|
page read and write
|
||
14D3000
|
heap
|
page read and write
|
||
5890000
|
trusted library section
|
page readonly
|
||
329F000
|
stack
|
page read and write
|
||
2C80000
|
heap
|
page read and write
|
||
117C000
|
stack
|
page read and write
|
There are 323 hidden memdumps, click here to show them.