Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
real-al-d7ya.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_real-al-d7ya.exe_8b8a742f78c3b3ba9d6ab9dc3f0483b183cda5d_d4ab0173_169ec0d9-760f-417d-853f-91af202d7383\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\real-al-d7ya.exe.log
|
CSV text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\real-al-d7ya.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8C7E.tmp.dmp
|
Mini DuMP crash report, 16 streams, Sun Jul 14 17:24:45 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8F00.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8F2F.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\real-al-d7ya.exe
|
"C:\Users\user\Desktop\real-al-d7ya.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /create /f /RL HIGHEST /sc minute /mo 1 /tn "real-al-d7ya" /tr "C:\Users\user\AppData\Roaming\real-al-d7ya.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\real-al-d7ya.exe
|
C:\Users\user\AppData\Roaming\real-al-d7ya.exe
|
|
|
|
C:\Users\user\AppData\Roaming\real-al-d7ya.exe
|
"C:\Users\user\AppData\Roaming\real-al-d7ya.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\real-al-d7ya.exe
|
"C:\Users\user\AppData\Roaming\real-al-d7ya.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\real-al-d7ya.exe
|
C:\Users\user\AppData\Roaming\real-al-d7ya.exe
|
|
|
|
C:\Users\user\AppData\Roaming\real-al-d7ya.exe
|
C:\Users\user\AppData\Roaming\real-al-d7ya.exe
|
|
|
|
C:\Users\user\AppData\Roaming\real-al-d7ya.exe
|
C:\Users\user\AppData\Roaming\real-al-d7ya.exe
|
|
|
|
C:\Windows\System32\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /create /f /RL HIGHEST /sc minute /mo 1 /tn "real-al-d7ya" /tr "C:\Users\user\AppData\Roaming\real-al-d7ya.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 7280 -s 2008
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 2 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
k-infectious.gl.at.ply.gg
|
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
k-infectious.gl.at.ply.gg
|
147.185.221.20
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
147.185.221.20
|
k-infectious.gl.at.ply.gg
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
real-al-d7ya
|
|
|
|
\REGISTRY\A\{02f8576b-b4f2-2357-e1eb-cc2b0e9b03b6}\Root\InventoryApplicationFile\real-al-d7ya.exe|83970697b5914a14
|
ProgramId
|
|
|
|
\REGISTRY\A\{02f8576b-b4f2-2357-e1eb-cc2b0e9b03b6}\Root\InventoryApplicationFile\real-al-d7ya.exe|83970697b5914a14
|
FileId
|
|
|
|
\REGISTRY\A\{02f8576b-b4f2-2357-e1eb-cc2b0e9b03b6}\Root\InventoryApplicationFile\real-al-d7ya.exe|83970697b5914a14
|
LowerCaseLongPath
|
|
|
|
\REGISTRY\A\{02f8576b-b4f2-2357-e1eb-cc2b0e9b03b6}\Root\InventoryApplicationFile\real-al-d7ya.exe|83970697b5914a14
|
LongPathHash
|
|
|
|
\REGISTRY\A\{02f8576b-b4f2-2357-e1eb-cc2b0e9b03b6}\Root\InventoryApplicationFile\real-al-d7ya.exe|83970697b5914a14
|
Name
|
|
|
|
\REGISTRY\A\{02f8576b-b4f2-2357-e1eb-cc2b0e9b03b6}\Root\InventoryApplicationFile\real-al-d7ya.exe|83970697b5914a14
|
OriginalFileName
|
|
|
|
\REGISTRY\A\{02f8576b-b4f2-2357-e1eb-cc2b0e9b03b6}\Root\InventoryApplicationFile\real-al-d7ya.exe|83970697b5914a14
|
Publisher
|
|
|
|
\REGISTRY\A\{02f8576b-b4f2-2357-e1eb-cc2b0e9b03b6}\Root\InventoryApplicationFile\real-al-d7ya.exe|83970697b5914a14
|
Version
|
|
|
|
\REGISTRY\A\{02f8576b-b4f2-2357-e1eb-cc2b0e9b03b6}\Root\InventoryApplicationFile\real-al-d7ya.exe|83970697b5914a14
|
BinFileVersion
|
|
|
|
\REGISTRY\A\{02f8576b-b4f2-2357-e1eb-cc2b0e9b03b6}\Root\InventoryApplicationFile\real-al-d7ya.exe|83970697b5914a14
|
BinaryType
|
|
|
|
\REGISTRY\A\{02f8576b-b4f2-2357-e1eb-cc2b0e9b03b6}\Root\InventoryApplicationFile\real-al-d7ya.exe|83970697b5914a14
|
ProductName
|
|
|
|
\REGISTRY\A\{02f8576b-b4f2-2357-e1eb-cc2b0e9b03b6}\Root\InventoryApplicationFile\real-al-d7ya.exe|83970697b5914a14
|
ProductVersion
|
|
|
|
\REGISTRY\A\{02f8576b-b4f2-2357-e1eb-cc2b0e9b03b6}\Root\InventoryApplicationFile\real-al-d7ya.exe|83970697b5914a14
|
LinkDate
|
|
|
|
\REGISTRY\A\{02f8576b-b4f2-2357-e1eb-cc2b0e9b03b6}\Root\InventoryApplicationFile\real-al-d7ya.exe|83970697b5914a14
|
BinProductVersion
|
|
|
|
\REGISTRY\A\{02f8576b-b4f2-2357-e1eb-cc2b0e9b03b6}\Root\InventoryApplicationFile\real-al-d7ya.exe|83970697b5914a14
|
AppxPackageFullName
|
|
|
|
\REGISTRY\A\{02f8576b-b4f2-2357-e1eb-cc2b0e9b03b6}\Root\InventoryApplicationFile\real-al-d7ya.exe|83970697b5914a14
|
AppxPackageRelativeId
|
|
|
|
\REGISTRY\A\{02f8576b-b4f2-2357-e1eb-cc2b0e9b03b6}\Root\InventoryApplicationFile\real-al-d7ya.exe|83970697b5914a14
|
Size
|
|
|
|
\REGISTRY\A\{02f8576b-b4f2-2357-e1eb-cc2b0e9b03b6}\Root\InventoryApplicationFile\real-al-d7ya.exe|83970697b5914a14
|
Language
|
|
|
|
\REGISTRY\A\{02f8576b-b4f2-2357-e1eb-cc2b0e9b03b6}\Root\InventoryApplicationFile\real-al-d7ya.exe|83970697b5914a14
|
Usn
|
|
There are 10 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
EC2000
|
unkown
|
page readonly
|
|
|
|
520000
|
heap
|
page read and write
|
||
|
D09000
|
heap
|
page read and write
|
||
|
5C6F679000
|
stack
|
page read and write
|
||
|
3287000
|
trusted library allocation
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
1CB0C000
|
stack
|
page read and write
|
||
|
A66000
|
heap
|
page read and write
|
||
|
C6F000
|
stack
|
page read and write
|
||
|
1CC4E000
|
stack
|
page read and write
|
||
|
ABB000
|
heap
|
page read and write
|
||
|
1206000
|
heap
|
page read and write
|
||
|
12968000
|
trusted library allocation
|
page read and write
|
||
|
1AFB0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
7FFD9B993000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B856000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B764000
|
trusted library allocation
|
page read and write
|
||
|
1B1DF000
|
stack
|
page read and write
|
||
|
2078A7F000
|
stack
|
page read and write
|
||
|
1AD1D000
|
stack
|
page read and write
|
||
|
1BA36E30000
|
heap
|
page read and write
|
||
|
C75000
|
heap
|
page read and write
|
||
|
1C3F4000
|
stack
|
page read and write
|
||
|
3230000
|
heap
|
page read and write
|
||
|
12FF3000
|
trusted library allocation
|
page read and write
|
||
|
2701000
|
trusted library allocation
|
page read and write
|
||
|
D11000
|
heap
|
page read and write
|
||
|
2D81000
|
trusted library allocation
|
page read and write
|
||
|
C43000
|
heap
|
page read and write
|
||
|
26EF000
|
stack
|
page read and write
|
||
|
2078769000
|
stack
|
page read and write
|
||
|
D48000
|
heap
|
page read and write
|
||
|
120C000
|
heap
|
page read and write
|
||
|
A2F000
|
heap
|
page read and write
|
||
|
55A000
|
heap
|
page read and write
|
||
|
1BD14000
|
stack
|
page read and write
|
||
|
1BA36E38000
|
heap
|
page read and write
|
||
|
7FFD9B782000
|
trusted library allocation
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
AA6000
|
heap
|
page read and write
|
||
|
7FFD9BA4C000
|
trusted library allocation
|
page execute and read and write
|
||
|
126F1000
|
trusted library allocation
|
page read and write
|
||
|
D1C000
|
heap
|
page read and write
|
||
|
7FFD9B890000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B99D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1320000
|
trusted library allocation
|
page read and write
|
||
|
5D8000
|
heap
|
page read and write
|
||
|
7FFD9B794000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
231F000
|
stack
|
page read and write
|
||
|
7FFD9B773000
|
trusted library allocation
|
page execute and read and write
|
||
|
12961000
|
trusted library allocation
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
7FFD9B7CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
885000
|
heap
|
page read and write
|
||
|
1B250000
|
heap
|
page execute and read and write
|
||
|
988000
|
heap
|
page read and write
|
||
|
7FFD9B9EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BB40000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BA46000
|
trusted library allocation
|
page read and write
|
||
|
9BA000
|
heap
|
page read and write
|
||
|
15C0000
|
heap
|
page execute and read and write
|
||
|
14599D90000
|
heap
|
page read and write
|
||
|
1241000
|
heap
|
page read and write
|
||
|
A08000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
122D000
|
heap
|
page read and write
|
||
|
126F3000
|
trusted library allocation
|
page read and write
|
||
|
126B000
|
heap
|
page read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
7FFD9B9A2000
|
trusted library allocation
|
page read and write
|
||
|
1BFFE000
|
stack
|
page read and write
|
||
|
1C063000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
A89000
|
heap
|
page read and write
|
||
|
32C9000
|
trusted library allocation
|
page read and write
|
||
|
C00000
|
trusted library allocation
|
page read and write
|
||
|
B66000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
FF0000
|
trusted library allocation
|
page read and write
|
||
|
914000
|
stack
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
1935000
|
heap
|
page read and write
|
||
|
1C33E000
|
stack
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B50F000
|
stack
|
page read and write
|
||
|
27DC000
|
trusted library allocation
|
page read and write
|
||
|
127D1000
|
trusted library allocation
|
page read and write
|
||
|
26FC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
11F0000
|
trusted library allocation
|
page read and write
|
||
|
2321000
|
trusted library allocation
|
page read and write
|
||
|
16C0000
|
heap
|
page execute and read and write
|
||
|
7FFD9BB30000
|
trusted library allocation
|
page read and write
|
||
|
1C830000
|
heap
|
page read and write
|
||
|
1C53A000
|
stack
|
page read and write
|
||
|
9E5000
|
heap
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
EC0000
|
unkown
|
page readonly
|
||
|
F15000
|
heap
|
page read and write
|
||
|
2FEF000
|
stack
|
page read and write
|
||
|
2791000
|
trusted library allocation
|
page read and write
|
||
|
1ACEE000
|
stack
|
page read and write
|
||
|
26F1000
|
trusted library allocation
|
page read and write
|
||
|
1310000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B792000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page read and write
|
||
|
A68000
|
heap
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
3289000
|
trusted library allocation
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
138F000
|
heap
|
page read and write
|
||
|
1BF5C000
|
stack
|
page read and write
|
||
|
1BCFF000
|
stack
|
page read and write
|
||
|
1C63B000
|
stack
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FFC000
|
trusted library allocation
|
page read and write
|
||
|
27CE000
|
stack
|
page read and write
|
||
|
13BE000
|
heap
|
page read and write
|
||
|
25D0000
|
heap
|
page execute and read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
1930000
|
heap
|
page read and write
|
||
|
A90000
|
trusted library allocation
|
page read and write
|
||
|
1ADB0000
|
heap
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B772000
|
trusted library allocation
|
page read and write
|
||
|
321F000
|
stack
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
7FFD9BA76000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
4F4000
|
stack
|
page read and write
|
||
|
1423000
|
heap
|
page read and write
|
||
|
100F000
|
stack
|
page read and write
|
||
|
D99000
|
heap
|
page read and write
|
||
|
1510000
|
heap
|
page read and write
|
||
|
ABD000
|
heap
|
page read and write
|
||
|
55C000
|
heap
|
page read and write
|
||
|
D1A000
|
heap
|
page read and write
|
||
|
1BBFE000
|
stack
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
BE0000
|
trusted library allocation
|
page read and write
|
||
|
27EB000
|
trusted library allocation
|
page read and write
|
||
|
1AEBE000
|
stack
|
page read and write
|
||
|
1BA36D60000
|
heap
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page execute and read and write
|
||
|
9E7000
|
heap
|
page read and write
|
||
|
17EC000
|
stack
|
page read and write
|
||
|
1BAF3000
|
heap
|
page read and write
|
||
|
7FFD9B856000
|
trusted library allocation
|
page execute and read and write
|
||
|
545000
|
heap
|
page read and write
|
||
|
7FFD9B9BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B270000
|
trusted library allocation
|
page read and write
|
||
|
1C2F9000
|
stack
|
page read and write
|
||
|
1B5EE000
|
stack
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
7FFD9B774000
|
trusted library allocation
|
page read and write
|
||
|
1B4EE000
|
stack
|
page read and write
|
||
|
1050000
|
trusted library allocation
|
page read and write
|
||
|
1640000
|
heap
|
page read and write
|
||
|
1BBBE000
|
stack
|
page read and write
|
||
|
13241000
|
trusted library allocation
|
page read and write
|
||
|
12791000
|
trusted library allocation
|
page read and write
|
||
|
1B1BE000
|
stack
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page read and write
|
||
|
586000
|
heap
|
page read and write
|
||
|
137B000
|
heap
|
page read and write
|
||
|
C23000
|
trusted library allocation
|
page read and write
|
||
|
528000
|
heap
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
A25000
|
heap
|
page read and write
|
||
|
1AD6D000
|
stack
|
page read and write
|
||
|
12FF1000
|
trusted library allocation
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
1B3EE000
|
stack
|
page read and write
|
||
|
1BA36D90000
|
heap
|
page read and write
|
||
|
2971000
|
trusted library allocation
|
page read and write
|
||
|
10F4000
|
stack
|
page read and write
|
||
|
14D5000
|
heap
|
page read and write
|
||
|
1356000
|
heap
|
page read and write
|
||
|
3241000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
5A4000
|
stack
|
page read and write
|
||
|
12323000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
C45000
|
heap
|
page read and write
|
||
|
9A8000
|
heap
|
page read and write
|
||
|
1645000
|
heap
|
page read and write
|
||
|
25D0000
|
heap
|
page execute and read and write
|
||
|
1BDFE000
|
stack
|
page read and write
|
||
|
1350000
|
heap
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page read and write
|
||
|
58B000
|
heap
|
page read and write
|
||
|
1B890000
|
heap
|
page read and write
|
||
|
DA0000
|
unkown
|
page readonly
|
||
|
1BABF000
|
stack
|
page read and write
|
||
|
1CD4A000
|
stack
|
page read and write
|
||
|
1085000
|
heap
|
page read and write
|
||
|
7FFD9B7BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
2780000
|
heap
|
page read and write
|
||
|
7FF42B540000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BA371D0000
|
heap
|
page read and write
|
||
|
1BCBE000
|
stack
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page execute and read and write
|
||
|
12328000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B774000
|
trusted library allocation
|
page read and write
|
||
|
13C6000
|
heap
|
page read and write
|
||
|
12FF8000
|
trusted library allocation
|
page read and write
|
||
|
ABB000
|
heap
|
page read and write
|
||
|
A43000
|
heap
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
1412000
|
heap
|
page read and write
|
||
|
1392000
|
heap
|
page read and write
|
||
|
271E000
|
stack
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page read and write
|
||
|
CBE000
|
stack
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
12321000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
126D000
|
heap
|
page read and write
|
||
|
9B0000
|
trusted library allocation
|
page read and write
|
||
|
20F0000
|
heap
|
page read and write
|
||
|
295E000
|
stack
|
page read and write
|
||
|
7FFD9B82C000
|
trusted library allocation
|
page execute and read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
27DF000
|
trusted library allocation
|
page read and write
|
||
|
1C05E000
|
heap
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
2331000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AB1A000
|
heap
|
page read and write
|
||
|
7FFD9B782000
|
trusted library allocation
|
page read and write
|
||
|
7FF498380000
|
trusted library allocation
|
page execute and read and write
|
||
|
BB5000
|
heap
|
page read and write
|
||
|
7FFD9B782000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
1BAF0000
|
heap
|
page read and write
|
||
|
14599DE0000
|
heap
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
12C1000
|
heap
|
page read and write
|
||
|
9BC000
|
heap
|
page read and write
|
||
|
7EF000
|
stack
|
page read and write
|
||
|
BFE000
|
stack
|
page read and write
|
||
|
1B2FE000
|
stack
|
page read and write
|
||
|
1B1F0000
|
heap
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
27E6000
|
trusted library allocation
|
page read and write
|
||
|
1B1EE000
|
stack
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
1B300000
|
heap
|
page read and write
|
||
|
1C63C000
|
stack
|
page read and write
|
||
|
1B2EE000
|
stack
|
page read and write
|
||
|
AE7000
|
heap
|
page read and write
|
||
|
1BBBE000
|
stack
|
page read and write
|
||
|
14599FE0000
|
heap
|
page read and write
|
||
|
1530000
|
heap
|
page execute and read and write
|
||
|
12963000
|
trusted library allocation
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
D07000
|
heap
|
page read and write
|
||
|
7FFD9B866000
|
trusted library allocation
|
page execute and read and write
|
||
|
A9B000
|
heap
|
page read and write
|
||
|
CE8000
|
heap
|
page read and write
|
||
|
1BA36D70000
|
heap
|
page read and write
|
||
|
16E5000
|
heap
|
page read and write
|
||
|
7FFD9B9AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
27D1000
|
trusted library allocation
|
page read and write
|
||
|
14599DB0000
|
heap
|
page read and write
|
||
|
1B3FE000
|
stack
|
page read and write
|
||
|
2850000
|
heap
|
page execute and read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page execute and read and write
|
||
|
25E0000
|
heap
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
127D3000
|
trusted library allocation
|
page read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1383000
|
heap
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
27E2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page execute and read and write
|
||
|
2210000
|
heap
|
page execute and read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B2DE000
|
stack
|
page read and write
|
||
|
7FFD9B890000
|
trusted library allocation
|
page execute and read and write
|
||
|
296C000
|
trusted library allocation
|
page read and write
|
||
|
1AC7D000
|
stack
|
page read and write
|
||
|
12D1000
|
heap
|
page read and write
|
||
|
1C000000
|
heap
|
page read and write
|
||
|
34FF000
|
trusted library allocation
|
page read and write
|
||
|
155F000
|
unkown
|
page read and write
|
||
|
1BA10000
|
heap
|
page read and write
|
||
|
1330000
|
heap
|
page execute and read and write
|
||
|
D4E000
|
stack
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
1B8C4000
|
heap
|
page read and write
|
||
|
1B0D0000
|
heap
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
1B6BC000
|
stack
|
page read and write
|
||
|
1A7C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
A3C000
|
heap
|
page read and write
|
||
|
1B9BF000
|
stack
|
page read and write
|
||
|
DA5000
|
heap
|
page read and write
|
||
|
1AEED000
|
stack
|
page read and write
|
||
|
54F000
|
heap
|
page read and write
|
||
|
14CF000
|
stack
|
page read and write
|
||
|
1BB7A000
|
stack
|
page read and write
|
||
|
14599DE8000
|
heap
|
page read and write
|
||
|
5C6F77F000
|
stack
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
1B9BE000
|
stack
|
page read and write
|
||
|
232C000
|
trusted library allocation
|
page read and write
|
||
|
1B8ED000
|
heap
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
2580000
|
heap
|
page execute and read and write
|
||
|
5C6F6FF000
|
unkown
|
page read and write
|
||
|
1C077000
|
heap
|
page read and write
|
||
|
1B8E0000
|
heap
|
page read and write
|
||
|
12798000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
135C000
|
heap
|
page read and write
|
||
|
1B40F000
|
stack
|
page read and write
|
||
|
B65000
|
heap
|
page read and write
|
||
|
1C080000
|
heap
|
page read and write
|
||
|
D6F000
|
stack
|
page read and write
|
||
|
20787EE000
|
unkown
|
page read and write
|
||
|
1B0E0000
|
heap
|
page execute and read and write
|
||
|
C20000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page execute and read and write
|
||
|
5D4000
|
stack
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
232F000
|
trusted library allocation
|
page read and write
|
||
|
990000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B774000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B60E000
|
stack
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
F05000
|
heap
|
page read and write
|
||
|
1B0BF000
|
stack
|
page read and write
|
||
|
ECC000
|
unkown
|
page readonly
|
||
|
D1E000
|
heap
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
30E7000
|
heap
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
A3A000
|
heap
|
page read and write
|
||
|
7FFD9B772000
|
trusted library allocation
|
page read and write
|
||
|
8D5000
|
heap
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B76D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C900000
|
heap
|
page read and write
|
||
|
EDF000
|
stack
|
page read and write
|
||
|
14599CB0000
|
heap
|
page read and write
|
||
|
7FFD9B774000
|
trusted library allocation
|
page read and write
|
||
|
27E9000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B994000
|
trusted library allocation
|
page read and write
|
||
|
14599FE5000
|
heap
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
5E8000
|
heap
|
page read and write
|
||
|
7FFD9B7CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EEE000
|
stack
|
page read and write
|
||
|
1B8E3000
|
heap
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
126F8000
|
trusted library allocation
|
page read and write
|
||
|
1A8AD000
|
stack
|
page read and write
|
||
|
C10000
|
heap
|
page execute and read and write
|
||
|
18EF000
|
stack
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
26C0000
|
heap
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
D97000
|
heap
|
page read and write
|
||
|
1B902000
|
heap
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B1AE000
|
stack
|
page read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B826000
|
trusted library allocation
|
page read and write
|
||
|
1B1D0000
|
heap
|
page execute and read and write
|
||
|
965000
|
heap
|
page read and write
|
||
|
D21000
|
heap
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
9A5000
|
heap
|
page read and write
|
||
|
27E1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
2A2F000
|
trusted library allocation
|
page read and write
|
||
|
11D0000
|
trusted library allocation
|
page read and write
|
||
|
2961000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
16E0000
|
heap
|
page read and write
|
||
|
AAD000
|
heap
|
page read and write
|
||
|
1BA371D5000
|
heap
|
page read and write
|
||
|
547000
|
heap
|
page read and write
|
||
|
1323000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page execute and read and write
|
||
|
1CE4C000
|
stack
|
page read and write
|
||
|
21FE000
|
stack
|
page read and write
|
||
|
860000
|
trusted library allocation
|
page read and write
|
||
|
12F4000
|
stack
|
page read and write
|
||
|
1B0BE000
|
stack
|
page read and write
|
||
|
970000
|
trusted library allocation
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
26FF000
|
trusted library allocation
|
page read and write
|
||
|
1235000
|
heap
|
page read and write
|
||
|
7FFD9B794000
|
trusted library allocation
|
page read and write
|
||
|
588000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
D9C000
|
heap
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
123F000
|
heap
|
page read and write
|
||
|
127D8000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B890000
|
trusted library allocation
|
page execute and read and write
|
||
|
296F000
|
trusted library allocation
|
page read and write
|
||
|
13BC000
|
heap
|
page read and write
|
||
|
7FFD9B76D000
|
trusted library allocation
|
page execute and read and write
|
||
|
14D0000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
5DC000
|
heap
|
page read and write
|
||
|
964000
|
stack
|
page read and write
|
||
|
13248000
|
trusted library allocation
|
page read and write
|
||
|
890000
|
trusted library allocation
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
1610000
|
heap
|
page read and write
|
||
|
1C130000
|
heap
|
page read and write
|
||
|
7FFD9B856000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FF1000
|
trusted library allocation
|
page read and write
|
||
|
1B57D000
|
stack
|
page read and write
|
There are 439 hidden memdumps, click here to show them.