Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
cKAfpUFqZ7.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
||
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\sbietrcl.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\sbietrcl.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\sbietrcl_signed.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\mscorsvw1.exe
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\CastC\read.dat
|
SysEx File -
|
dropped
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\cKAfpUFqZ7.exe
|
"C:\Users\user\Desktop\cKAfpUFqZ7.exe"
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\sbietrcl.exe
|
"C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\sbietrcl.exe"
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\sbietrcl.exe
|
"C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\sbietrcl.exe"
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\sbietrcl.exe
|
"C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\sbietrcl.exe"
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\sbietrcl.exe
|
"C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\sbietrcl.exe"
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\sbietrcl.exe
|
"C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\sbietrcl.exe"
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\sbietrcl.exe
|
"C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\sbietrcl.exe"
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
213.183.58.19
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
213.183.58.19
|
unknown
|
Lithuania
|
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_CURRENT_USER\SOFTWARE\remcos_sccafsoidz
|
EXEpath
|
||
HKEY_CURRENT_USER\SOFTWARE\remcos_sccafsoidz
|
FR
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Application
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
3BDA000
|
trusted library allocation
|
page read and write
|
||
2F74000
|
trusted library allocation
|
page read and write
|
||
3F98000
|
trusted library allocation
|
page read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
2BB4000
|
trusted library allocation
|
page read and write
|
||
4558000
|
trusted library allocation
|
page read and write
|
||
33E4000
|
trusted library allocation
|
page read and write
|
||
3E21000
|
trusted library allocation
|
page read and write
|
||
65B0000
|
heap
|
page read and write
|
||
5210000
|
trusted library section
|
page read and write
|
||
6600000
|
heap
|
page read and write
|
||
95A000
|
trusted library allocation
|
page execute and read and write
|
||
C9F000
|
heap
|
page read and write
|
||
4A1E000
|
stack
|
page read and write
|
||
295A000
|
trusted library allocation
|
page read and write
|
||
10BD000
|
stack
|
page read and write
|
||
E30000
|
heap
|
page execute and read and write
|
||
4FB5000
|
heap
|
page read and write
|
||
9FE000
|
stack
|
page read and write
|
||
4E20000
|
heap
|
page read and write
|
||
C5B000
|
trusted library allocation
|
page execute and read and write
|
||
5470000
|
heap
|
page read and write
|
||
F3F000
|
stack
|
page read and write
|
||
A20000
|
heap
|
page read and write
|
||
C12000
|
trusted library allocation
|
page execute and read and write
|
||
2D8D000
|
trusted library allocation
|
page read and write
|
||
689E000
|
stack
|
page read and write
|
||
874000
|
heap
|
page read and write
|
||
1287000
|
trusted library allocation
|
page execute and read and write
|
||
2B65000
|
heap
|
page read and write
|
||
1500000
|
heap
|
page read and write
|
||
3AE2000
|
trusted library allocation
|
page read and write
|
||
DA8000
|
heap
|
page read and write
|
||
701E000
|
stack
|
page read and write
|
||
2BE8000
|
trusted library allocation
|
page read and write
|
||
3ED4000
|
trusted library allocation
|
page read and write
|
||
66C0000
|
heap
|
page read and write
|
||
C6C000
|
stack
|
page read and write
|
||
2D5A000
|
trusted library allocation
|
page read and write
|
||
331F000
|
trusted library allocation
|
page read and write
|
||
5155000
|
heap
|
page read and write
|
||
6176000
|
heap
|
page read and write
|
||
990000
|
trusted library allocation
|
page read and write
|
||
276D000
|
stack
|
page read and write
|
||
3D92000
|
trusted library allocation
|
page read and write
|
||
3D28000
|
trusted library allocation
|
page read and write
|
||
3A6C000
|
trusted library allocation
|
page read and write
|
||
73DE000
|
stack
|
page read and write
|
||
7E5000
|
heap
|
page read and write
|
||
546E000
|
heap
|
page read and write
|
||
4BEE000
|
stack
|
page read and write
|
||
850000
|
heap
|
page read and write
|
||
5460000
|
heap
|
page read and write
|
||
52F4000
|
heap
|
page read and write
|
||
389000
|
unkown
|
page readonly
|
||
56F0000
|
heap
|
page read and write
|
||
29A2000
|
trusted library allocation
|
page read and write
|
||
3B33000
|
trusted library allocation
|
page read and write
|
||
C1F000
|
stack
|
page read and write
|
||
2D6000
|
unkown
|
page readonly
|
||
50F0000
|
heap
|
page read and write
|
||
33AD000
|
trusted library allocation
|
page read and write
|
||
1369000
|
heap
|
page read and write
|
||
960000
|
trusted library allocation
|
page read and write
|
||
F5F000
|
stack
|
page read and write
|
||
676E000
|
stack
|
page read and write
|
||
69F1000
|
heap
|
page read and write
|
||
3B2D000
|
trusted library allocation
|
page read and write
|
||
8F8000
|
heap
|
page read and write
|
||
C60000
|
heap
|
page read and write
|
||
6BA000
|
stack
|
page read and write
|
||
350000
|
unkown
|
page readonly
|
||
4D00000
|
trusted library allocation
|
page execute and read and write
|
||
3966000
|
trusted library allocation
|
page read and write
|
||
E20000
|
trusted library allocation
|
page read and write
|
||
2DBF000
|
trusted library allocation
|
page read and write
|
||
3DA6000
|
trusted library allocation
|
page read and write
|
||
519B000
|
stack
|
page read and write
|
||
BE0000
|
heap
|
page read and write
|
||
990000
|
heap
|
page read and write
|
||
3C92000
|
trusted library allocation
|
page read and write
|
||
4389000
|
trusted library allocation
|
page read and write
|
||
3B12000
|
trusted library allocation
|
page read and write
|
||
D40000
|
heap
|
page read and write
|
||
3B29000
|
trusted library allocation
|
page read and write
|
||
F00000
|
heap
|
page read and write
|
||
64C0000
|
trusted library allocation
|
page read and write
|
||
6360000
|
heap
|
page read and write
|
||
3DEA000
|
trusted library allocation
|
page read and write
|
||
128B000
|
trusted library allocation
|
page execute and read and write
|
||
C74000
|
heap
|
page read and write
|
||
3D66000
|
trusted library allocation
|
page read and write
|
||
328000
|
unkown
|
page readonly
|
||
1450000
|
heap
|
page read and write
|
||
A20000
|
heap
|
page read and write
|
||
298B000
|
trusted library allocation
|
page read and write
|
||
3D0000
|
heap
|
page read and write
|
||
548F000
|
heap
|
page read and write
|
||
4515000
|
trusted library allocation
|
page read and write
|
||
6AA0000
|
trusted library allocation
|
page execute and read and write
|
||
6EAE000
|
stack
|
page read and write
|
||
27AB000
|
stack
|
page read and write
|
||
3D84000
|
trusted library allocation
|
page read and write
|
||
5150000
|
heap
|
page read and write
|
||
4E40000
|
trusted library allocation
|
page execute and read and write
|
||
6FDE000
|
stack
|
page read and write
|
||
F7E000
|
stack
|
page read and write
|
||
EF9000
|
stack
|
page read and write
|
||
2DDB000
|
trusted library allocation
|
page read and write
|
||
751E000
|
stack
|
page read and write
|
||
2BA8000
|
trusted library allocation
|
page read and write
|
||
10F8000
|
heap
|
page read and write
|
||
3ED7000
|
trusted library allocation
|
page read and write
|
||
3C1B000
|
trusted library allocation
|
page read and write
|
||
3EEE000
|
trusted library allocation
|
page read and write
|
||
6168000
|
heap
|
page read and write
|
||
1282000
|
trusted library allocation
|
page read and write
|
||
3EF2000
|
trusted library allocation
|
page read and write
|
||
5710000
|
heap
|
page read and write
|
||
3F29000
|
trusted library allocation
|
page read and write
|
||
C48000
|
heap
|
page read and write
|
||
4C30000
|
trusted library allocation
|
page read and write
|
||
4C50000
|
heap
|
page read and write
|
||
9AA000
|
trusted library allocation
|
page execute and read and write
|
||
52A0000
|
heap
|
page read and write
|
||
4326000
|
trusted library allocation
|
page read and write
|
||
3946000
|
trusted library allocation
|
page read and write
|
||
639000
|
stack
|
page read and write
|
||
A5E000
|
heap
|
page read and write
|
||
3E2C000
|
trusted library allocation
|
page read and write
|
||
2DD4000
|
trusted library allocation
|
page read and write
|
||
4DF0000
|
heap
|
page read and write
|
||
6DAD000
|
stack
|
page read and write
|
||
DA0000
|
heap
|
page read and write
|
||
7040000
|
trusted library allocation
|
page read and write
|
||
108C000
|
stack
|
page read and write
|
||
2D4B000
|
trusted library allocation
|
page read and write
|
||
63C0000
|
heap
|
page read and write
|
||
1030000
|
heap
|
page read and write
|
||
C4A000
|
trusted library allocation
|
page execute and read and write
|
||
9A2000
|
trusted library allocation
|
page execute and read and write
|
||
3C6E000
|
trusted library allocation
|
page read and write
|
||
C1C000
|
trusted library allocation
|
page execute and read and write
|
||
EF0000
|
heap
|
page read and write
|
||
4F4E000
|
stack
|
page read and write
|
||
D90000
|
heap
|
page read and write
|
||
C3A000
|
trusted library allocation
|
page execute and read and write
|
||
3DC1000
|
trusted library allocation
|
page read and write
|
||
919000
|
heap
|
page read and write
|
||
4FC0000
|
heap
|
page read and write
|
||
7EE000
|
stack
|
page read and write
|
||
CFC000
|
stack
|
page read and write
|
||
B10000
|
heap
|
page read and write
|
||
2D69000
|
trusted library allocation
|
page read and write
|
||
2D62000
|
trusted library allocation
|
page read and write
|
||
5240000
|
trusted library allocation
|
page execute and read and write
|
||
A2A000
|
heap
|
page read and write
|
||
5220000
|
trusted library section
|
page read and write
|
||
987000
|
trusted library allocation
|
page execute and read and write
|
||
581D000
|
stack
|
page read and write
|
||
357000
|
unkown
|
page readonly
|
||
7A1C000
|
stack
|
page read and write
|
||
3B41000
|
trusted library allocation
|
page read and write
|
||
EDE000
|
stack
|
page read and write
|
||
3A09000
|
trusted library allocation
|
page read and write
|
||
CF9000
|
heap
|
page read and write
|
||
29F6000
|
trusted library allocation
|
page read and write
|
||
29EF000
|
stack
|
page read and write
|
||
3E3C000
|
trusted library allocation
|
page read and write
|
||
343000
|
unkown
|
page readonly
|
||
4CE0000
|
trusted library allocation
|
page read and write
|
||
3B34000
|
trusted library allocation
|
page read and write
|
||
699E000
|
stack
|
page read and write
|
||
B15000
|
heap
|
page read and write
|
||
3EA1000
|
trusted library allocation
|
page read and write
|
||
313000
|
unkown
|
page readonly
|
||
2DAF000
|
trusted library allocation
|
page read and write
|
||
3CE000
|
stack
|
page read and write
|
||
F50000
|
heap
|
page read and write
|
||
C24000
|
heap
|
page execute and read and write
|
||
2AB1000
|
trusted library allocation
|
page read and write
|
||
2EC7000
|
trusted library allocation
|
page read and write
|
||
65A0000
|
trusted library allocation
|
page execute and read and write
|
||
4E10000
|
heap
|
page read and write
|
||
6500000
|
heap
|
page read and write
|
||
98A000
|
trusted library allocation
|
page execute and read and write
|
||
149E000
|
stack
|
page read and write
|
||
2AF9000
|
trusted library allocation
|
page read and write
|
||
2F1000
|
unkown
|
page readonly
|
||
3DCF000
|
trusted library allocation
|
page read and write
|
||
9A7000
|
trusted library allocation
|
page execute and read and write
|
||
3E92000
|
trusted library allocation
|
page read and write
|
||
3290000
|
heap
|
page read and write
|
||
C68000
|
heap
|
page read and write
|
||
50B0000
|
trusted library allocation
|
page execute and read and write
|
||
3AF7000
|
trusted library allocation
|
page read and write
|
||
2EA000
|
unkown
|
page readonly
|
||
502B000
|
stack
|
page read and write
|
||
33C000
|
unkown
|
page readonly
|
||
B6E000
|
stack
|
page read and write
|
||
2DA2000
|
trusted library allocation
|
page read and write
|
||
2A14000
|
trusted library allocation
|
page read and write
|
||
3D9F000
|
trusted library allocation
|
page read and write
|
||
29A9000
|
trusted library allocation
|
page read and write
|
||
3D99000
|
trusted library allocation
|
page read and write
|
||
791B000
|
stack
|
page read and write
|
||
69BE000
|
stack
|
page read and write
|
||
2947000
|
trusted library allocation
|
page read and write
|
||
2F8000
|
unkown
|
page readonly
|
||
32A1000
|
trusted library allocation
|
page read and write
|
||
739000
|
stack
|
page read and write
|
||
5850000
|
heap
|
page read and write
|
||
10F0000
|
heap
|
page read and write
|
||
2DFE000
|
trusted library allocation
|
page read and write
|
||
2DE9000
|
trusted library allocation
|
page read and write
|
||
6A06000
|
heap
|
page read and write
|
||
99A000
|
trusted library allocation
|
page execute and read and write
|
||
5200000
|
heap
|
page read and write
|
||
96A000
|
trusted library allocation
|
page execute and read and write
|
||
319000
|
stack
|
page read and write
|
||
6D3F000
|
stack
|
page read and write
|
||
A90000
|
unkown
|
page readonly
|
||
3DBD000
|
trusted library allocation
|
page read and write
|
||
3AFD000
|
trusted library allocation
|
page read and write
|
||
380000
|
heap
|
page read and write
|
||
E34000
|
heap
|
page execute and read and write
|
||
C48000
|
trusted library allocation
|
page read and write
|
||
4BAE000
|
stack
|
page read and write
|
||
97C000
|
stack
|
page read and write
|
||
3B1F000
|
trusted library allocation
|
page read and write
|
||
3F22000
|
trusted library allocation
|
page read and write
|
||
4BAE000
|
stack
|
page read and write
|
||
6C00000
|
trusted library allocation
|
page read and write
|
||
10F4000
|
heap
|
page read and write
|
||
2D0000
|
unkown
|
page readonly
|
||
53B0000
|
trusted library allocation
|
page read and write
|
||
3DB4000
|
trusted library allocation
|
page read and write
|
||
9BB000
|
trusted library allocation
|
page execute and read and write
|
||
716E000
|
stack
|
page read and write
|
||
56BC000
|
stack
|
page read and write
|
||
697E000
|
stack
|
page read and write
|
||
3C8D000
|
trusted library allocation
|
page read and write
|
||
3DD6000
|
trusted library allocation
|
page read and write
|
||
9AB000
|
trusted library allocation
|
page execute and read and write
|
||
3DAD000
|
trusted library allocation
|
page read and write
|
||
415000
|
remote allocation
|
page execute and read and write
|
||
FC0000
|
heap
|
page read and write
|
||
4F8E000
|
stack
|
page read and write
|
||
669E000
|
stack
|
page read and write
|
||
6240000
|
trusted library allocation
|
page execute and read and write
|
||
3CE1000
|
trusted library allocation
|
page read and write
|
||
84E000
|
stack
|
page read and write
|
||
AEE000
|
stack
|
page read and write
|
||
848000
|
heap
|
page read and write
|
||
299A000
|
trusted library allocation
|
page read and write
|
||
163E000
|
stack
|
page read and write
|
||
755E000
|
stack
|
page read and write
|
||
D8E000
|
stack
|
page read and write
|
||
82E000
|
stack
|
page read and write
|
||
A9C000
|
heap
|
page read and write
|
||
4E4E000
|
stack
|
page read and write
|
||
444F000
|
trusted library allocation
|
page read and write
|
||
4E00000
|
heap
|
page read and write
|
||
6700000
|
trusted library section
|
page read and write
|
||
3B5D000
|
trusted library allocation
|
page read and write
|
||
711E000
|
stack
|
page read and write
|
||
1510000
|
heap
|
page read and write
|
||
3BDD000
|
trusted library allocation
|
page read and write
|
||
3921000
|
trusted library allocation
|
page read and write
|
||
32D0000
|
trusted library allocation
|
page read and write
|
||
3382000
|
trusted library allocation
|
page read and write
|
||
9E0000
|
heap
|
page read and write
|
||
3DE3000
|
trusted library allocation
|
page read and write
|
||
2D53000
|
trusted library allocation
|
page read and write
|
||
C20000
|
heap
|
page read and write
|
||
3B4F000
|
trusted library allocation
|
page read and write
|
||
C20000
|
heap
|
page execute and read and write
|
||
1272000
|
trusted library allocation
|
page execute and read and write
|
||
5450000
|
heap
|
page read and write
|
||
77DE000
|
stack
|
page read and write
|
||
539E000
|
stack
|
page read and write
|
||
5460000
|
trusted library section
|
page readonly
|
||
72DE000
|
stack
|
page read and write
|
||
306000
|
unkown
|
page readonly
|
||
E5E000
|
stack
|
page read and write
|
||
12FF000
|
heap
|
page read and write
|
||
529D000
|
stack
|
page read and write
|
||
508E000
|
stack
|
page read and write
|
||
4FD0000
|
heap
|
page read and write
|
||
C0A000
|
trusted library allocation
|
page execute and read and write
|
||
78DE000
|
stack
|
page read and write
|
||
16EE000
|
stack
|
page read and write
|
||
3AD0000
|
trusted library allocation
|
page read and write
|
||
687E000
|
stack
|
page read and write
|
||
64F0000
|
trusted library allocation
|
page execute and read and write
|
||
970000
|
trusted library allocation
|
page read and write
|
||
D00000
|
heap
|
page read and write
|
||
AC8000
|
heap
|
page read and write
|
||
11EC000
|
stack
|
page read and write
|
||
6B10000
|
trusted library allocation
|
page read and write
|
||
6F3E000
|
stack
|
page read and write
|
||
124A000
|
trusted library allocation
|
page execute and read and write
|
||
6F7E000
|
stack
|
page read and write
|
||
34A000
|
unkown
|
page readonly
|
||
127A000
|
trusted library allocation
|
page execute and read and write
|
||
C57000
|
trusted library allocation
|
page execute and read and write
|
||
265E000
|
stack
|
page read and write
|
||
53A0000
|
trusted library allocation
|
page read and write
|
||
25DF000
|
stack
|
page read and write
|
||
2660000
|
heap
|
page read and write
|
||
992000
|
trusted library allocation
|
page execute and read and write
|
||
6AE0000
|
heap
|
page read and write
|
||
C30000
|
heap
|
page read and write
|
||
977000
|
trusted library allocation
|
page execute and read and write
|
||
4C40000
|
trusted library allocation
|
page execute and read and write
|
||
5715000
|
heap
|
page read and write
|
||
97A000
|
trusted library allocation
|
page execute and read and write
|
||
665E000
|
stack
|
page read and write
|
||
29EF000
|
trusted library allocation
|
page read and write
|
||
D30000
|
heap
|
page execute and read and write
|
||
69AE000
|
stack
|
page read and write
|
||
8FB000
|
heap
|
page read and write
|
||
FBE000
|
stack
|
page read and write
|
||
382000
|
unkown
|
page readonly
|
||
615A000
|
heap
|
page read and write
|
||
5440000
|
heap
|
page read and write
|
||
3E8D000
|
trusted library allocation
|
page read and write
|
||
3F27000
|
trusted library allocation
|
page read and write
|
||
69FE000
|
stack
|
page read and write
|
||
4F5D000
|
stack
|
page read and write
|
||
6AD0000
|
trusted library allocation
|
page execute and read and write
|
||
9B7000
|
trusted library allocation
|
page execute and read and write
|
||
4DE0000
|
trusted library section
|
page readonly
|
||
9E0000
|
heap
|
page read and write
|
||
6BF0000
|
heap
|
page read and write
|
||
6AC2000
|
trusted library allocation
|
page read and write
|
||
2D2000
|
unkown
|
page readonly
|
||
1250000
|
trusted library allocation
|
page read and write
|
||
736000
|
stack
|
page read and write
|
||
64D0000
|
trusted library section
|
page read and write
|
||
335000
|
unkown
|
page readonly
|
||
50E0000
|
heap
|
page read and write
|
||
330E000
|
trusted library allocation
|
page read and write
|
||
16B0000
|
heap
|
page execute and read and write
|
||
C1F000
|
stack
|
page read and write
|
||
4E5E000
|
stack
|
page read and write
|
||
2F5E000
|
stack
|
page read and write
|
||
779F000
|
stack
|
page read and write
|
||
C70000
|
heap
|
page read and write
|
||
3160000
|
trusted library allocation
|
page read and write
|
||
2B30000
|
heap
|
page read and write
|
||
5860000
|
heap
|
page read and write
|
||
9A0000
|
trusted library allocation
|
page read and write
|
||
1382000
|
heap
|
page read and write
|
||
53C0000
|
trusted library allocation
|
page execute and read and write
|
||
950000
|
trusted library allocation
|
page read and write
|
||
50A0000
|
trusted library allocation
|
page read and write
|
||
1270000
|
trusted library allocation
|
page read and write
|
||
940000
|
trusted library allocation
|
page read and write
|
||
5030000
|
trusted library section
|
page readonly
|
||
4F5E000
|
stack
|
page read and write
|
||
1220000
|
trusted library allocation
|
page read and write
|
||
3E1D000
|
trusted library allocation
|
page read and write
|
||
28AF000
|
stack
|
page read and write
|
||
11DF000
|
stack
|
page read and write
|
||
B00000
|
heap
|
page read and write
|
||
2665000
|
heap
|
page read and write
|
||
4A60000
|
heap
|
page read and write
|
||
42C6000
|
trusted library allocation
|
page read and write
|
||
51FD000
|
stack
|
page read and write
|
||
1280000
|
trusted library allocation
|
page read and write
|
||
87C000
|
stack
|
page read and write
|
||
2D13000
|
trusted library allocation
|
page read and write
|
||
2D3C000
|
trusted library allocation
|
page read and write
|
||
2AEA000
|
trusted library allocation
|
page read and write
|
||
765E000
|
stack
|
page read and write
|
||
69B0000
|
trusted library section
|
page read and write
|
||
736E000
|
stack
|
page read and write
|
||
12C0000
|
heap
|
page read and write
|
||
840000
|
heap
|
page read and write
|
||
2A67000
|
trusted library allocation
|
page read and write
|
||
C37000
|
trusted library allocation
|
page execute and read and write
|
||
2D98000
|
trusted library allocation
|
page read and write
|
||
EF6000
|
stack
|
page read and write
|
||
299F000
|
stack
|
page read and write
|
||
4DDE000
|
stack
|
page read and write
|
||
2F68000
|
trusted library allocation
|
page read and write
|
||
18FE000
|
stack
|
page read and write
|
||
AFE000
|
stack
|
page read and write
|
||
2ADB000
|
trusted library allocation
|
page read and write
|
||
10E0000
|
heap
|
page read and write
|
||
C2E000
|
stack
|
page read and write
|
||
881000
|
heap
|
page read and write
|
||
B20000
|
heap
|
page read and write
|
||
BEF000
|
stack
|
page read and write
|
||
C02000
|
trusted library allocation
|
page execute and read and write
|
||
1267000
|
trusted library allocation
|
page execute and read and write
|
||
7B6000
|
stack
|
page read and write
|
||
69FF000
|
heap
|
page read and write
|
||
C40000
|
trusted library allocation
|
page read and write
|
||
7A0000
|
heap
|
page read and write
|
||
68AE000
|
stack
|
page read and write
|
||
9B2000
|
trusted library allocation
|
page read and write
|
||
2AF1000
|
trusted library allocation
|
page read and write
|
||
2921000
|
trusted library allocation
|
page read and write
|
||
3ADB000
|
trusted library allocation
|
page read and write
|
||
3DC8000
|
trusted library allocation
|
page read and write
|
||
2E27000
|
trusted library allocation
|
page read and write
|
||
3F2F000
|
trusted library allocation
|
page read and write
|
||
30C000
|
unkown
|
page readonly
|
||
6F9000
|
stack
|
page read and write
|
||
2D10000
|
trusted library allocation
|
page read and write
|
||
3C8F000
|
trusted library allocation
|
page read and write
|
||
C94000
|
heap
|
page read and write
|
||
4DF4000
|
heap
|
page read and write
|
||
6140000
|
heap
|
page read and write
|
||
14FE000
|
stack
|
page read and write
|
||
4E54000
|
heap
|
page read and write
|
||
121E000
|
stack
|
page read and write
|
||
66D0000
|
trusted library allocation
|
page read and write
|
||
29CD000
|
trusted library allocation
|
page read and write
|
||
3EE6000
|
trusted library allocation
|
page read and write
|
||
97C000
|
trusted library allocation
|
page execute and read and write
|
||
8DC000
|
heap
|
page read and write
|
||
10A0000
|
heap
|
page read and write
|
||
BE9000
|
stack
|
page read and write
|
||
4A5E000
|
stack
|
page read and write
|
||
12CE000
|
heap
|
page read and write
|
||
69F8000
|
heap
|
page read and write
|
||
3DF1000
|
trusted library allocation
|
page read and write
|
||
3E35000
|
trusted library allocation
|
page read and write
|
||
3F55000
|
trusted library allocation
|
page read and write
|
||
125C000
|
trusted library allocation
|
page execute and read and write
|
||
616F000
|
heap
|
page read and write
|
||
3B0B000
|
trusted library allocation
|
page read and write
|
||
63CE000
|
heap
|
page read and write
|
||
4F80000
|
trusted library allocation
|
page read and write
|
||
1260000
|
trusted library allocation
|
page read and write
|
||
12A0000
|
heap
|
page read and write
|
||
2A29000
|
trusted library allocation
|
page read and write
|
||
2993000
|
trusted library allocation
|
page read and write
|
||
15E0000
|
heap
|
page read and write
|
||
3D70000
|
trusted library allocation
|
page read and write
|
||
28EC000
|
stack
|
page read and write
|
||
5090000
|
trusted library allocation
|
page read and write
|
||
14EE000
|
stack
|
page read and write
|
||
42A1000
|
trusted library allocation
|
page read and write
|
||
BAE000
|
stack
|
page read and write
|
||
2DD000
|
unkown
|
page readonly
|
||
335C000
|
trusted library allocation
|
page read and write
|
||
6C3E000
|
stack
|
page read and write
|
||
2A46000
|
trusted library allocation
|
page read and write
|
||
A2E000
|
heap
|
page read and write
|
||
56E0000
|
heap
|
page read and write
|
||
69D0000
|
heap
|
page read and write
|
||
741E000
|
stack
|
page read and write
|
||
1110000
|
heap
|
page read and write
|
||
952000
|
trusted library allocation
|
page execute and read and write
|
||
31A000
|
unkown
|
page readonly
|
||
567F000
|
stack
|
page read and write
|
||
4C2E000
|
stack
|
page read and write
|
||
6FD0000
|
trusted library allocation
|
page execute and read and write
|
||
2950000
|
trusted library allocation
|
page read and write
|
||
3F0E000
|
trusted library allocation
|
page read and write
|
||
2D6C000
|
trusted library allocation
|
page read and write
|
||
3E71000
|
trusted library allocation
|
page read and write
|
||
D3A000
|
heap
|
page read and write
|
||
B25000
|
heap
|
page read and write
|
||
10EC000
|
stack
|
page read and write
|
||
5844000
|
heap
|
page read and write
|
||
D32000
|
heap
|
page read and write
|
||
7B9000
|
stack
|
page read and write
|
||
3B48000
|
trusted library allocation
|
page read and write
|
||
415000
|
remote allocation
|
page execute and read and write
|
||
9C0000
|
heap
|
page read and write
|
||
16B4000
|
heap
|
page execute and read and write
|
||
3D76000
|
trusted library allocation
|
page read and write
|
||
2B07000
|
trusted library allocation
|
page read and write
|
||
6B30000
|
heap
|
page execute and read and write
|
||
32E000
|
unkown
|
page readonly
|
||
52D0000
|
heap
|
page read and write
|
||
3D6B000
|
trusted library allocation
|
page read and write
|
||
4FB0000
|
heap
|
page read and write
|
||
4E50000
|
heap
|
page read and write
|
||
3AF0000
|
trusted library allocation
|
page read and write
|
||
6370000
|
trusted library allocation
|
page read and write
|
||
96C000
|
trusted library allocation
|
page execute and read and write
|
||
2DB6000
|
trusted library allocation
|
page read and write
|
||
BF0000
|
trusted library allocation
|
page read and write
|
||
52B5000
|
heap
|
page read and write
|
||
10DE000
|
stack
|
page read and write
|
||
3B19000
|
trusted library allocation
|
page read and write
|
||
C40000
|
heap
|
page read and write
|
||
1252000
|
trusted library allocation
|
page execute and read and write
|
||
43EC000
|
trusted library allocation
|
page read and write
|
||
3D7E000
|
trusted library allocation
|
page read and write
|
||
3AB1000
|
trusted library allocation
|
page read and write
|
||
C10000
|
trusted library allocation
|
page read and write
|
||
2D07000
|
trusted library allocation
|
page read and write
|
||
3D26000
|
trusted library allocation
|
page read and write
|
||
4B6E000
|
stack
|
page read and write
|
||
3DDD000
|
trusted library allocation
|
page read and write
|
||
3B04000
|
trusted library allocation
|
page read and write
|
||
2A3E000
|
trusted library allocation
|
page read and write
|
||
5140000
|
trusted library section
|
page readonly
|
||
6161000
|
heap
|
page read and write
|
||
33DB000
|
trusted library allocation
|
page read and write
|
||
39A6000
|
trusted library allocation
|
page read and write
|
||
14A0000
|
heap
|
page read and write
|
||
1700000
|
heap
|
page read and write
|
||
5481000
|
heap
|
page read and write
|
||
5840000
|
heap
|
page read and write
|
||
2ACB000
|
trusted library allocation
|
page read and write
|
||
3D06000
|
trusted library allocation
|
page read and write
|
||
1090000
|
heap
|
page read and write
|
||
B00000
|
heap
|
page read and write
|
||
2E06000
|
trusted library allocation
|
page read and write
|
||
3E94000
|
trusted library allocation
|
page read and write
|
||
6EDE000
|
stack
|
page read and write
|
||
4CAE000
|
stack
|
page read and write
|
||
15DB000
|
stack
|
page read and write
|
||
4FA0000
|
heap
|
page execute and read and write
|
||
E0E000
|
stack
|
page read and write
|
||
651E000
|
stack
|
page read and write
|
||
69EA000
|
heap
|
page read and write
|
||
972000
|
trusted library allocation
|
page execute and read and write
|
||
2FF000
|
unkown
|
page readonly
|
||
855000
|
heap
|
page read and write
|
||
69DE000
|
heap
|
page read and write
|
||
3B56000
|
trusted library allocation
|
page read and write
|
||
2AD3000
|
trusted library allocation
|
page read and write
|
||
52B0000
|
heap
|
page read and write
|
||
2953000
|
trusted library allocation
|
page read and write
|
||
12CB000
|
heap
|
page read and write
|
||
790000
|
heap
|
page read and write
|
||
52C0000
|
heap
|
page read and write
|
||
3B88000
|
trusted library allocation
|
page read and write
|
||
5496000
|
heap
|
page read and write
|
||
3E8F000
|
trusted library allocation
|
page read and write
|
||
32F7000
|
trusted library allocation
|
page read and write
|
||
33D2000
|
trusted library allocation
|
page read and write
|
||
6F6000
|
stack
|
page read and write
|
||
297C000
|
trusted library allocation
|
page read and write
|
||
3B97000
|
trusted library allocation
|
page read and write
|
||
686E000
|
stack
|
page read and write
|
||
107D000
|
stack
|
page read and write
|
||
C78000
|
heap
|
page read and write
|
||
2D1A000
|
trusted library allocation
|
page read and write
|
||
4CF0000
|
trusted library allocation
|
page read and write
|
||
2CE1000
|
trusted library allocation
|
page read and write
|
||
547A000
|
heap
|
page read and write
|
||
726F000
|
stack
|
page read and write
|
||
7E0000
|
heap
|
page read and write
|
||
3B3B000
|
trusted library allocation
|
page read and write
|
||
6250000
|
heap
|
page read and write
|
||
3393000
|
trusted library allocation
|
page read and write
|
||
167E000
|
stack
|
page read and write
|
||
10E8000
|
heap
|
page read and write
|
||
661E000
|
stack
|
page read and write
|
||
AD7000
|
heap
|
page read and write
|
||
7060000
|
heap
|
page execute and read and write
|
||
D34000
|
heap
|
page execute and read and write
|
||
9DC000
|
stack
|
page read and write
|
||
1230000
|
heap
|
page read and write
|
||
3B8D000
|
trusted library allocation
|
page read and write
|
||
4D5F000
|
stack
|
page read and write
|
||
3E3A000
|
trusted library allocation
|
page read and write
|
||
3AEA000
|
trusted library allocation
|
page read and write
|
||
14BE000
|
stack
|
page read and write
|
||
2B60000
|
heap
|
page read and write
|
||
29FF000
|
trusted library allocation
|
page read and write
|
||
3DC9000
|
trusted library allocation
|
page read and write
|
||
962000
|
trusted library allocation
|
page execute and read and write
|
||
1115000
|
heap
|
page read and write
|
||
2A1B000
|
trusted library allocation
|
page read and write
|
||
2E5000
|
unkown
|
page readonly
|
||
AE5000
|
heap
|
page read and write
|
||
5488000
|
heap
|
page read and write
|
||
C42000
|
trusted library allocation
|
page execute and read and write
|
||
769E000
|
stack
|
page read and write
|
||
D11000
|
heap
|
page read and write
|
||
29AC000
|
trusted library allocation
|
page read and write
|
||
44B2000
|
trusted library allocation
|
page read and write
|
||
3D8B000
|
trusted library allocation
|
page read and write
|
||
6EFE000
|
stack
|
page read and write
|
||
126A000
|
trusted library allocation
|
page execute and read and write
|
||
998000
|
heap
|
page read and write
|
||
3295000
|
heap
|
page read and write
|
||
F9E000
|
stack
|
page read and write
|
||
1708000
|
heap
|
page read and write
|
||
138E000
|
heap
|
page read and write
|
||
980000
|
heap
|
page read and write
|
||
323000
|
unkown
|
page readonly
|
||
557E000
|
stack
|
page read and write
|
||
662C000
|
heap
|
page read and write
|
||
6720000
|
trusted library allocation
|
page read and write
|
||
962000
|
trusted library allocation
|
page execute and read and write
|
||
64E0000
|
heap
|
page execute and read and write
|
||
29D8000
|
trusted library allocation
|
page read and write
|
||
52B0000
|
heap
|
page read and write
|
||
4DDB000
|
stack
|
page read and write
|
||
1242000
|
trusted library allocation
|
page execute and read and write
|
There are 592 hidden memdumps, click here to show them.