Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
BBVA Colombia__ Aviso de Pago.pdf.bat.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
||
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\BBVA Colombia__ Aviso de Pago.pdf.bat.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\tmpD1AB.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\yHGBBy.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\yHGBBy.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\yHGBBy.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\json[1].json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5flqtq2v.qvn.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bxj1bvfj.jrz.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_cofws0ls.4px.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ozdrl4zy.bwb.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qoqwg2ut.grj.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_um0fdzzt.was.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xw0l31z1.cij.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zraywgdw.r1k.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\tmp42F8.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 7 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\BBVA Colombia__ Aviso de Pago.pdf.bat.exe
|
"C:\Users\user\Desktop\BBVA Colombia__ Aviso de Pago.pdf.bat.exe"
|
||
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\BBVA Colombia__
Aviso de Pago.pdf.bat.exe"
|
||
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\yHGBBy.exe"
|
||
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\yHGBBy" /XML "C:\Users\user\AppData\Local\Temp\tmpD1AB.tmp"
|
||
C:\Users\user\Desktop\BBVA Colombia__ Aviso de Pago.pdf.bat.exe
|
"C:\Users\user\Desktop\BBVA Colombia__ Aviso de Pago.pdf.bat.exe"
|
||
C:\Users\user\AppData\Roaming\yHGBBy.exe
|
C:\Users\user\AppData\Roaming\yHGBBy.exe
|
||
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\yHGBBy" /XML "C:\Users\user\AppData\Local\Temp\tmp42F8.tmp"
|
||
C:\Users\user\AppData\Roaming\yHGBBy.exe
|
"C:\Users\user\AppData\Roaming\yHGBBy.exe"
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 3 hidden processes, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
204.10.160.230
|
|||
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
http://www.fontbureau.com
|
unknown
|
||
http://www.fontbureau.com/designersG
|
unknown
|
||
http://www.fontbureau.com/designers/?
|
unknown
|
||
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
http://geoplugin.net/json.gpPc
|
unknown
|
||
http://www.fontbureau.com/designers?
|
unknown
|
||
http://geoplugin.net/json.gpo
|
unknown
|
||
http://www.tiro.com
|
unknown
|
||
http://www.fontbureau.com/designers
|
unknown
|
||
http://www.goodfont.co.kr
|
unknown
|
||
https://www.chiark.greenend.org.uk/~sgtatham/putty/0
|
unknown
|
||
http://geoplugin.net/json.gpSystem32
|
unknown
|
||
http://www.carterandcone.coml
|
unknown
|
||
http://www.sajatypeworks.com
|
unknown
|
||
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
http://www.typography.netD
|
unknown
|
||
http://geoplugin.net/A
|
unknown
|
||
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
http://www.founder.com.cn/cn
|
unknown
|
||
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
http://geoplugin.net/json.gp/C
|
unknown
|
||
http://geoplugin.net/json.gpJ
|
unknown
|
||
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
http://geoplugin.net/p
|
unknown
|
||
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
http://www.fontbureau.com/designers8
|
unknown
|
||
http://www.fonts.com
|
unknown
|
||
http://www.sandoll.co.kr
|
unknown
|
||
http://www.urwpp.deDPlease
|
unknown
|
||
http://www.zhongyicts.com.cn
|
unknown
|
||
http://geoplugin.net/8
|
unknown
|
||
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
http://www.sakkal.com
|
unknown
|
There are 27 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
geoplugin.net
|
178.237.33.50
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
204.10.160.230
|
unknown
|
Canada
|
||
178.237.33.50
|
geoplugin.net
|
Netherlands
|
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_CURRENT_USER\SOFTWARE\Rmc-O7QOC3
|
exepath
|
||
HKEY_CURRENT_USER\SOFTWARE\Rmc-O7QOC3
|
licence
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
400000
|
remote allocation
|
page execute and read and write
|
||
3ED0000
|
trusted library allocation
|
page read and write
|
||
44A1000
|
trusted library allocation
|
page read and write
|
||
B5A000
|
heap
|
page read and write
|
||
1707000
|
heap
|
page read and write
|
||
3E11000
|
trusted library allocation
|
page read and write
|
||
2C91000
|
trusted library allocation
|
page read and write
|
||
5423000
|
heap
|
page read and write
|
||
F0D000
|
stack
|
page read and write
|
||
D10000
|
heap
|
page read and write
|
||
8025000
|
trusted library allocation
|
page read and write
|
||
53A0000
|
trusted library allocation
|
page execute and read and write
|
||
7E82000
|
heap
|
page read and write
|
||
53E0000
|
heap
|
page read and write
|
||
2C9D000
|
trusted library allocation
|
page read and write
|
||
7FFD000
|
trusted library allocation
|
page read and write
|
||
597E000
|
stack
|
page read and write
|
||
D20000
|
heap
|
page read and write
|
||
DE0000
|
heap
|
page read and write
|
||
125E000
|
stack
|
page read and write
|
||
809E000
|
stack
|
page read and write
|
||
10D3000
|
heap
|
page read and write
|
||
9FE000
|
stack
|
page read and write
|
||
902000
|
unkown
|
page readonly
|
||
53E5000
|
heap
|
page read and write
|
||
B57E000
|
stack
|
page read and write
|
||
138C000
|
stack
|
page read and write
|
||
333E000
|
trusted library allocation
|
page read and write
|
||
5965000
|
trusted library allocation
|
page read and write
|
||
A80000
|
heap
|
page read and write
|
||
59BE000
|
stack
|
page read and write
|
||
11CD000
|
trusted library allocation
|
page execute and read and write
|
||
3320000
|
trusted library allocation
|
page read and write
|
||
5990000
|
trusted library allocation
|
page execute and read and write
|
||
12C0000
|
trusted library allocation
|
page read and write
|
||
806E000
|
stack
|
page read and write
|
||
15BE000
|
heap
|
page read and write
|
||
53F0000
|
heap
|
page read and write
|
||
1870000
|
heap
|
page read and write
|
||
12F5000
|
trusted library allocation
|
page read and write
|
||
832E000
|
stack
|
page read and write
|
||
32F0000
|
heap
|
page read and write
|
||
1700000
|
heap
|
page read and write
|
||
11F0000
|
trusted library allocation
|
page read and write
|
||
114F000
|
heap
|
page read and write
|
||
5270000
|
trusted library allocation
|
page execute and read and write
|
||
5870000
|
trusted library allocation
|
page read and write
|
||
B1A000
|
stack
|
page read and write
|
||
12E0000
|
trusted library allocation
|
page read and write
|
||
17C2000
|
trusted library allocation
|
page read and write
|
||
5860000
|
trusted library allocation
|
page execute and read and write
|
||
5A4E000
|
stack
|
page read and write
|
||
7F7D000
|
stack
|
page read and write
|
||
441D000
|
trusted library allocation
|
page read and write
|
||
47F000
|
unkown
|
page read and write
|
||
8430000
|
heap
|
page read and write
|
||
6966000
|
heap
|
page read and write
|
||
34E0000
|
trusted library allocation
|
page read and write
|
||
34E4000
|
trusted library allocation
|
page read and write
|
||
3E8F000
|
trusted library allocation
|
page read and write
|
||
60D7000
|
heap
|
page read and write
|
||
3360000
|
trusted library allocation
|
page read and write
|
||
834E000
|
stack
|
page read and write
|
||
87CF000
|
stack
|
page read and write
|
||
471000
|
remote allocation
|
page execute and read and write
|
||
B33C000
|
stack
|
page read and write
|
||
5420000
|
heap
|
page read and write
|
||
1580000
|
trusted library allocation
|
page read and write
|
||
2BED000
|
stack
|
page read and write
|
||
2C50000
|
trusted library allocation
|
page read and write
|
||
197E000
|
stack
|
page read and write
|
||
1300000
|
heap
|
page read and write
|
||
4437000
|
trusted library allocation
|
page read and write
|
||
5A03000
|
heap
|
page read and write
|
||
BB0000
|
heap
|
page read and write
|
||
2C4D000
|
stack
|
page read and write
|
||
5AE0000
|
trusted library allocation
|
page execute and read and write
|
||
186B000
|
stack
|
page read and write
|
||
52B5000
|
trusted library allocation
|
page read and write
|
||
53D0000
|
heap
|
page read and write
|
||
15A000
|
stack
|
page read and write
|
||
11DD000
|
trusted library allocation
|
page execute and read and write
|
||
52D5000
|
trusted library allocation
|
page read and write
|
||
13F0000
|
heap
|
page read and write
|
||
58BB000
|
trusted library allocation
|
page read and write
|
||
1455000
|
heap
|
page read and write
|
||
33B0000
|
trusted library allocation
|
page read and write
|
||
5770000
|
heap
|
page read and write
|
||
7EF1000
|
trusted library allocation
|
page read and write
|
||
5260000
|
trusted library allocation
|
page read and write
|
||
1644000
|
heap
|
page read and write
|
||
56CD000
|
stack
|
page read and write
|
||
11E0000
|
trusted library allocation
|
page read and write
|
||
6922000
|
heap
|
page read and write
|
||
3341000
|
trusted library allocation
|
page read and write
|
||
8020000
|
trusted library allocation
|
page read and write
|
||
325F000
|
stack
|
page read and write
|
||
11C0000
|
trusted library allocation
|
page read and write
|
||
15D7000
|
heap
|
page read and write
|
||
6210000
|
heap
|
page read and write
|
||
2C8E000
|
trusted library allocation
|
page read and write
|
||
B36D000
|
stack
|
page read and write
|
||
81AE000
|
stack
|
page read and write
|
||
11D0000
|
trusted library allocation
|
page read and write
|
||
59D0000
|
trusted library section
|
page read and write
|
||
BBA000
|
heap
|
page read and write
|
||
95C000
|
stack
|
page read and write
|
||
1594000
|
trusted library allocation
|
page read and write
|
||
ADD000
|
stack
|
page read and write
|
||
53B0000
|
trusted library allocation
|
page read and write
|
||
1450000
|
heap
|
page read and write
|
||
844E000
|
stack
|
page read and write
|
||
860E000
|
stack
|
page read and write
|
||
60A0000
|
heap
|
page read and write
|
||
7F680000
|
trusted library allocation
|
page execute and read and write
|
||
6928000
|
heap
|
page read and write
|
||
52B2000
|
trusted library allocation
|
page read and write
|
||
5852000
|
trusted library allocation
|
page read and write
|
||
864E000
|
stack
|
page read and write
|
||
11F2000
|
trusted library allocation
|
page read and write
|
||
900000
|
unkown
|
page readonly
|
||
5AC5000
|
heap
|
page read and write
|
||
570E000
|
stack
|
page read and write
|
||
587E000
|
trusted library allocation
|
page read and write
|
||
A60000
|
heap
|
page read and write
|
||
3370000
|
trusted library allocation
|
page read and write
|
||
30F0000
|
heap
|
page read and write
|
||
6959000
|
heap
|
page read and write
|
||
848E000
|
stack
|
page read and write
|
||
109E000
|
heap
|
page read and write
|
||
15F1000
|
heap
|
page read and write
|
||
52D0000
|
trusted library allocation
|
page read and write
|
||
1070000
|
heap
|
page read and write
|
||
6A90000
|
trusted library allocation
|
page read and write
|
||
80A0000
|
trusted library allocation
|
page read and write
|
||
43E1000
|
trusted library allocation
|
page read and write
|
||
B43C000
|
stack
|
page read and write
|
||
9B0000
|
heap
|
page read and write
|
||
1590000
|
trusted library allocation
|
page read and write
|
||
4F0B000
|
stack
|
page read and write
|
||
80ED000
|
stack
|
page read and write
|
||
5960000
|
trusted library allocation
|
page read and write
|
||
2E6A000
|
trusted library allocation
|
page read and write
|
||
5A90000
|
heap
|
page read and write
|
||
AFFF000
|
stack
|
page read and write
|
||
52E0000
|
trusted library allocation
|
page read and write
|
||
B80000
|
heap
|
page read and write
|
||
3346000
|
trusted library allocation
|
page read and write
|
||
6A3D000
|
stack
|
page read and write
|
||
AFA0000
|
trusted library allocation
|
page read and write
|
||
3390000
|
trusted library allocation
|
page read and write
|
||
334D000
|
trusted library allocation
|
page read and write
|
||
79F0000
|
trusted library allocation
|
page read and write
|
||
11EA000
|
trusted library allocation
|
page execute and read and write
|
||
15CF000
|
heap
|
page read and write
|
||
10D6000
|
heap
|
page read and write
|
||
B90000
|
heap
|
page read and write
|
||
5CFE000
|
stack
|
page read and write
|
||
31E0000
|
heap
|
page read and write
|
||
2C96000
|
trusted library allocation
|
page read and write
|
||
11B0000
|
trusted library allocation
|
page read and write
|
||
32EE000
|
stack
|
page read and write
|
||
802F000
|
trusted library allocation
|
page read and write
|
||
3352000
|
trusted library allocation
|
page read and write
|
||
55C0000
|
heap
|
page execute and read and write
|
||
59EB000
|
stack
|
page read and write
|
||
596D000
|
trusted library allocation
|
page read and write
|
||
86CE000
|
stack
|
page read and write
|
||
26AF000
|
stack
|
page read and write
|
||
5262000
|
trusted library allocation
|
page read and write
|
||
52BD000
|
trusted library allocation
|
page read and write
|
||
128C000
|
stack
|
page read and write
|
||
842D000
|
stack
|
page read and write
|
||
1674000
|
heap
|
page read and write
|
||
9E8000
|
unkown
|
page readonly
|
||
1268000
|
heap
|
page read and write
|
||
574E000
|
stack
|
page read and write
|
||
B1FE000
|
stack
|
page read and write
|
||
5DFF000
|
stack
|
page read and write
|
||
55A0000
|
trusted library allocation
|
page execute and read and write
|
||
140E000
|
stack
|
page read and write
|
||
B9D000
|
heap
|
page read and write
|
||
B14E000
|
stack
|
page read and write
|
||
1367000
|
stack
|
page read and write
|
||
B8D000
|
heap
|
page read and write
|
||
15A3000
|
trusted library allocation
|
page read and write
|
||
3385000
|
trusted library allocation
|
page read and write
|
||
475000
|
remote allocation
|
page execute and read and write
|
||
3720000
|
trusted library allocation
|
page read and write
|
||
471000
|
remote allocation
|
page execute and read and write
|
||
AE2E000
|
stack
|
page read and write
|
||
17C0000
|
trusted library allocation
|
page read and write
|
||
31E0000
|
heap
|
page read and write
|
||
7A12000
|
trusted library allocation
|
page read and write
|
||
5850000
|
trusted library allocation
|
page read and write
|
||
17AE000
|
stack
|
page read and write
|
||
5969000
|
trusted library allocation
|
page read and write
|
||
7E74000
|
heap
|
page read and write
|
||
598A000
|
trusted library allocation
|
page read and write
|
||
2D00000
|
heap
|
page read and write
|
||
587F000
|
stack
|
page read and write
|
||
8050000
|
trusted library allocation
|
page read and write
|
||
81F0000
|
heap
|
page read and write
|
||
1090000
|
heap
|
page read and write
|
||
B81000
|
heap
|
page read and write
|
||
555B000
|
stack
|
page read and write
|
||
31EB000
|
heap
|
page read and write
|
||
8620000
|
trusted library section
|
page read and write
|
||
12AC000
|
stack
|
page read and write
|
||
8040000
|
trusted library allocation
|
page execute and read and write
|
||
5BF0000
|
heap
|
page read and write
|
||
315E000
|
stack
|
page read and write
|
||
816E000
|
stack
|
page read and write
|
||
445F000
|
trusted library allocation
|
page read and write
|
||
4434000
|
trusted library allocation
|
page read and write
|
||
5985000
|
trusted library allocation
|
page read and write
|
||
ACD000
|
stack
|
page read and write
|
||
5AB0000
|
trusted library allocation
|
page read and write
|
||
3380000
|
trusted library allocation
|
page read and write
|
||
AA35000
|
trusted library allocation
|
page read and write
|
||
1510000
|
heap
|
page read and write
|
||
C7A000
|
stack
|
page read and write
|
||
3366000
|
trusted library allocation
|
page read and write
|
||
5250000
|
heap
|
page read and write
|
||
7DF6000
|
heap
|
page read and write
|
||
8010000
|
trusted library allocation
|
page read and write
|
||
1269000
|
stack
|
page read and write
|
||
2EBB000
|
trusted library allocation
|
page read and write
|
||
33E1000
|
trusted library allocation
|
page read and write
|
||
B22B000
|
stack
|
page read and write
|
||
B2FF000
|
stack
|
page read and write
|
||
10B7000
|
heap
|
page read and write
|
||
2F4F000
|
unkown
|
page read and write
|
||
868E000
|
stack
|
page read and write
|
||
899E000
|
stack
|
page read and write
|
||
B4AE000
|
stack
|
page read and write
|
||
8000000
|
trusted library allocation
|
page read and write
|
||
53C0000
|
trusted library section
|
page readonly
|
||
68E0000
|
heap
|
page read and write
|
||
B0FE000
|
stack
|
page read and write
|
||
33D0000
|
heap
|
page execute and read and write
|
||
17B0000
|
trusted library allocation
|
page read and write
|
||
7FF1000
|
trusted library allocation
|
page read and write
|
||
1260000
|
heap
|
page read and write
|
||
59A0000
|
trusted library allocation
|
page read and write
|
||
1B17000
|
heap
|
page read and write
|
||
7E42000
|
heap
|
page read and write
|
||
8000000
|
trusted library allocation
|
page execute and read and write
|
||
6090000
|
heap
|
page read and write
|
||
3310000
|
trusted library allocation
|
page read and write
|
||
52DA000
|
trusted library allocation
|
page read and write
|
||
1C0000
|
heap
|
page read and write
|
||
B590000
|
trusted library allocation
|
page execute and read and write
|
||
5410000
|
trusted library allocation
|
page read and write
|
||
1540000
|
heap
|
page read and write
|
||
5A00000
|
heap
|
page read and write
|
||
3364000
|
trusted library allocation
|
page read and write
|
||
B5AE000
|
stack
|
page read and write
|
||
1570000
|
heap
|
page read and write
|
||
7E80000
|
heap
|
page read and write
|
||
5980000
|
trusted library allocation
|
page read and write
|
||
27D0000
|
heap
|
page read and write
|
||
4402000
|
trusted library allocation
|
page read and write
|
||
7E9E000
|
heap
|
page read and write
|
||
5AC0000
|
heap
|
page read and write
|
||
2E0E000
|
stack
|
page read and write
|
||
7F120000
|
trusted library allocation
|
page execute and read and write
|
||
54DC000
|
stack
|
page read and write
|
||
59C0000
|
trusted library allocation
|
page read and write
|
||
5840000
|
heap
|
page read and write
|
||
F15000
|
heap
|
page read and write
|
||
2C60000
|
heap
|
page execute and read and write
|
||
58B0000
|
trusted library allocation
|
page read and write
|
||
52DF000
|
trusted library allocation
|
page read and write
|
||
B46E000
|
stack
|
page read and write
|
||
850E000
|
stack
|
page read and write
|
||
31D0000
|
trusted library allocation
|
page execute and read and write
|
||
142E000
|
stack
|
page read and write
|
||
17B6000
|
trusted library allocation
|
page execute and read and write
|
||
699E000
|
heap
|
page read and write
|
||
81ED000
|
stack
|
page read and write
|
||
52B9000
|
trusted library allocation
|
page read and write
|
||
528B000
|
trusted library allocation
|
page read and write
|
||
EC0000
|
heap
|
page read and write
|
||
693F000
|
heap
|
page read and write
|
||
AF90000
|
heap
|
page read and write
|
||
81EF000
|
stack
|
page read and write
|
||
156D000
|
stack
|
page read and write
|
||
2E11000
|
trusted library allocation
|
page read and write
|
||
1D0000
|
heap
|
page read and write
|
||
11FB000
|
trusted library allocation
|
page execute and read and write
|
||
2CC0000
|
trusted library allocation
|
page read and write
|
||
871E000
|
stack
|
page read and write
|
||
13E0000
|
heap
|
page read and write
|
||
15E5000
|
heap
|
page read and write
|
||
17CB000
|
trusted library allocation
|
page execute and read and write
|
||
105E000
|
stack
|
page read and write
|
||
10C4000
|
heap
|
page read and write
|
||
5400000
|
trusted library allocation
|
page read and write
|
||
490000
|
heap
|
page read and write
|
||
6974000
|
heap
|
page read and write
|
||
B580000
|
trusted library allocation
|
page read and write
|
||
539B000
|
trusted library allocation
|
page read and write
|
||
49A000
|
heap
|
page read and write
|
||
15F3000
|
heap
|
page read and write
|
||
A85000
|
heap
|
page read and write
|
||
A00000
|
heap
|
page read and write
|
||
822E000
|
stack
|
page read and write
|
||
80A5000
|
trusted library allocation
|
page read and write
|
||
11E6000
|
trusted library allocation
|
page execute and read and write
|
||
7F00000
|
trusted library allocation
|
page read and write
|
||
5A8E000
|
stack
|
page read and write
|
||
101F000
|
stack
|
page read and write
|
||
2C70000
|
trusted library allocation
|
page read and write
|
||
52C8000
|
trusted library allocation
|
page read and write
|
||
5AD0000
|
trusted library allocation
|
page read and write
|
||
85C000
|
stack
|
page read and write
|
||
69E000
|
stack
|
page read and write
|
||
6680000
|
heap
|
page read and write
|
||
159D000
|
trusted library allocation
|
page execute and read and write
|
||
80AF000
|
trusted library allocation
|
page read and write
|
||
7FD0000
|
trusted library allocation
|
page execute and read and write
|
||
12D0000
|
trusted library allocation
|
page read and write
|
||
13D0000
|
heap
|
page read and write
|
||
6934000
|
heap
|
page read and write
|
||
11D000
|
stack
|
page read and write
|
||
12B0000
|
trusted library allocation
|
page execute and read and write
|
||
1B10000
|
heap
|
page read and write
|
||
B47000
|
heap
|
page read and write
|
||
6670000
|
heap
|
page read and write
|
||
5AA0000
|
heap
|
page read and write
|
||
46E000
|
remote allocation
|
page execute and read and write
|
||
559E000
|
stack
|
page read and write
|
||
5EFF000
|
stack
|
page read and write
|
||
2FCF000
|
stack
|
page read and write
|
||
AE30000
|
heap
|
page read and write
|
||
17B2000
|
trusted library allocation
|
page read and write
|
||
64A0000
|
trusted library allocation
|
page execute and read and write
|
||
3138000
|
trusted library allocation
|
page read and write
|
||
52B0000
|
trusted library allocation
|
page read and write
|
||
11E2000
|
trusted library allocation
|
page read and write
|
||
2FE0000
|
heap
|
page read and write
|
||
52E4000
|
trusted library allocation
|
page read and write
|
||
5280000
|
trusted library allocation
|
page read and write
|
||
5962000
|
trusted library allocation
|
page read and write
|
||
7FBE000
|
stack
|
page read and write
|
||
7DF0000
|
heap
|
page read and write
|
||
59F4000
|
trusted library section
|
page readonly
|
||
1210000
|
trusted library allocation
|
page read and write
|
||
480000
|
heap
|
page read and write
|
||
15BA000
|
heap
|
page read and write
|
||
D77000
|
stack
|
page read and write
|
||
881E000
|
stack
|
page read and write
|
||
11C4000
|
trusted library allocation
|
page read and write
|
||
2F8E000
|
stack
|
page read and write
|
||
15B0000
|
heap
|
page read and write
|
||
666E000
|
stack
|
page read and write
|
||
6770000
|
heap
|
page read and write
|
||
11D3000
|
trusted library allocation
|
page read and write
|
||
B32C000
|
stack
|
page read and write
|
||
12F0000
|
trusted library allocation
|
page read and write
|
||
B47E000
|
stack
|
page read and write
|
||
58A0000
|
trusted library allocation
|
page read and write
|
||
6B0000
|
heap
|
page read and write
|
||
11C3000
|
trusted library allocation
|
page execute and read and write
|
||
B0E000
|
stack
|
page read and write
|
||
64B0000
|
trusted library section
|
page read and write
|
||
17E0000
|
trusted library allocation
|
page read and write
|
||
528E000
|
trusted library allocation
|
page read and write
|
||
15AD000
|
trusted library allocation
|
page execute and read and write
|
||
27AF000
|
stack
|
page read and write
|
||
608E000
|
stack
|
page read and write
|
||
10D0000
|
heap
|
page read and write
|
||
15A0000
|
trusted library allocation
|
page read and write
|
||
182E000
|
stack
|
page read and write
|
||
5F3E000
|
stack
|
page read and write
|
||
B40000
|
heap
|
page read and write
|
||
5390000
|
trusted library allocation
|
page read and write
|
||
43E000
|
unkown
|
page read and write
|
||
1307000
|
heap
|
page read and write
|
||
BAC000
|
heap
|
page read and write
|
||
17BA000
|
trusted library allocation
|
page execute and read and write
|
||
1593000
|
trusted library allocation
|
page execute and read and write
|
||
6A7E000
|
stack
|
page read and write
|
||
A3F000
|
stack
|
page read and write
|
||
28DF000
|
stack
|
page read and write
|
||
8208000
|
heap
|
page read and write
|
||
5AF0000
|
heap
|
page execute and read and write
|
||
2F0E000
|
unkown
|
page read and write
|
||
F10000
|
heap
|
page read and write
|
||
5978000
|
trusted library allocation
|
page read and write
|
||
4614000
|
trusted library allocation
|
page read and write
|
||
11F7000
|
trusted library allocation
|
page execute and read and write
|
||
598F000
|
trusted library allocation
|
page read and write
|
||
59F0000
|
trusted library section
|
page readonly
|
||
17C7000
|
trusted library allocation
|
page execute and read and write
|
||
649F000
|
stack
|
page read and write
|
||
58A4000
|
trusted library allocation
|
page read and write
|
There are 388 hidden memdumps, click here to show them.