Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Dpz6E0Gll4.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\Dpz6E0Gll4.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\chargeable.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Dpz6E0Gll4.exe
|
"C:\Users\user\Desktop\Dpz6E0Gll4.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
"C:\Users\user\AppData\Roaming\confuse\chargeable.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\AppData\Roaming\confuse\chargeable.exe" "chargeable.exe" ENABLE
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 6820 -s 80
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
doddyfire.linkpc.net
|
|
||
|
http://go.microsoft.
|
unknown
|
||
|
http://go.microsoft.LinkId=42127
|
unknown
|
||
|
https://www.sysinternals.com0
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
doddyfire.linkpc.net
|
196.206.79.116
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
196.206.79.116
|
doddyfire.linkpc.net
|
Morocco
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
confuse
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
SysMain
|
|
|
|
HKEY_CURRENT_USER
|
di
|
|
|
|
HKEY_CURRENT_USER\Environment
|
SEE_MASK_NOZONECHECKS
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\e1a87040f2026369a233f9ae76301b7b
|
[kl]
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3031000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
D07000
|
trusted library allocation
|
page execute and read and write
|
||
|
90A000
|
stack
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
4F40000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E0F000
|
heap
|
page read and write
|
||
|
2D9F000
|
heap
|
page read and write
|
||
|
D6E000
|
stack
|
page read and write
|
||
|
2DA1000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
6AAE000
|
stack
|
page read and write
|
||
|
694F000
|
stack
|
page read and write
|
||
|
D0A000
|
trusted library allocation
|
page execute and read and write
|
||
|
69FE000
|
stack
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
4D50000
|
trusted library allocation
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
2DA2000
|
heap
|
page read and write
|
||
|
5210000
|
heap
|
page read and write
|
||
|
2DF2000
|
heap
|
page read and write
|
||
|
13B7000
|
heap
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
50E1000
|
heap
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
2D97000
|
heap
|
page read and write
|
||
|
D22000
|
trusted library allocation
|
page read and write
|
||
|
2D8E000
|
heap
|
page read and write
|
||
|
11B0000
|
trusted library allocation
|
page read and write
|
||
|
D27000
|
trusted library allocation
|
page execute and read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
69A000
|
stack
|
page read and write
|
||
|
2D96000
|
heap
|
page read and write
|
||
|
2CB1000
|
trusted library allocation
|
page read and write
|
||
|
5190000
|
trusted library allocation
|
page execute and read and write
|
||
|
C82000
|
heap
|
page read and write
|
||
|
EA6000
|
heap
|
page read and write
|
||
|
FEB000
|
stack
|
page read and write
|
||
|
2D76000
|
heap
|
page read and write
|
||
|
2DAE000
|
heap
|
page read and write
|
||
|
2DF5000
|
heap
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
5140000
|
trusted library section
|
page readonly
|
||
|
48FE000
|
stack
|
page read and write
|
||
|
2D31000
|
heap
|
page read and write
|
||
|
2CB8000
|
trusted library allocation
|
page read and write
|
||
|
E30000
|
heap
|
page read and write
|
||
|
508E000
|
stack
|
page read and write
|
||
|
2CAE000
|
trusted library allocation
|
page read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
82B0000
|
trusted library section
|
page read and write
|
||
|
2DCF000
|
heap
|
page read and write
|
||
|
799000
|
stack
|
page read and write
|
||
|
54D0000
|
heap
|
page read and write
|
||
|
E0B000
|
heap
|
page read and write
|
||
|
2D34000
|
heap
|
page read and write
|
||
|
301E000
|
stack
|
page read and write
|
||
|
5F2000
|
unkown
|
page readonly
|
||
|
873C000
|
stack
|
page read and write
|
||
|
8F6000
|
stack
|
page read and write
|
||
|
3FA1000
|
trusted library allocation
|
page read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
52D0000
|
heap
|
page read and write
|
||
|
2DA6000
|
heap
|
page read and write
|
||
|
E6A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DA5000
|
heap
|
page read and write
|
||
|
BF0000
|
trusted library allocation
|
page read and write
|
||
|
2D8F000
|
heap
|
page read and write
|
||
|
E0E000
|
stack
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
6B52000
|
trusted library allocation
|
page read and write
|
||
|
E28000
|
heap
|
page read and write
|
||
|
4EFF000
|
stack
|
page read and write
|
||
|
E62000
|
trusted library allocation
|
page execute and read and write
|
||
|
537F000
|
stack
|
page read and write
|
||
|
2DA6000
|
heap
|
page read and write
|
||
|
31C0000
|
heap
|
page read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
2DAE000
|
heap
|
page read and write
|
||
|
85FF000
|
stack
|
page read and write
|
||
|
2DF5000
|
heap
|
page read and write
|
||
|
A3E000
|
stack
|
page read and write
|
||
|
2D76000
|
heap
|
page read and write
|
||
|
D1A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DCF000
|
heap
|
page read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
51C0000
|
heap
|
page read and write
|
||
|
2DCF000
|
heap
|
page read and write
|
||
|
105E000
|
heap
|
page read and write
|
||
|
50E9000
|
heap
|
page read and write
|
||
|
BF7000
|
trusted library allocation
|
page read and write
|
||
|
71B000
|
stack
|
page read and write
|
||
|
CE2000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DF5000
|
heap
|
page read and write
|
||
|
2D8C000
|
heap
|
page read and write
|
||
|
2D65000
|
heap
|
page read and write
|
||
|
2DCF000
|
heap
|
page read and write
|
||
|
31C6000
|
heap
|
page read and write
|
||
|
84BF000
|
stack
|
page read and write
|
||
|
66A0000
|
heap
|
page read and write
|
||
|
2B7E000
|
stack
|
page read and write
|
||
|
8030000
|
heap
|
page read and write
|
||
|
4E70000
|
heap
|
page read and write
|
||
|
2D5F000
|
heap
|
page read and write
|
||
|
E1A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D9C000
|
heap
|
page read and write
|
||
|
2DC3000
|
heap
|
page read and write
|
||
|
2D9E000
|
heap
|
page read and write
|
||
|
E60000
|
trusted library allocation
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
53C5000
|
heap
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
AE5000
|
heap
|
page read and write
|
||
|
2DA5000
|
heap
|
page read and write
|
||
|
105B000
|
heap
|
page read and write
|
||
|
2D76000
|
heap
|
page read and write
|
||
|
2BCB000
|
trusted library allocation
|
page read and write
|
||
|
6A3E000
|
stack
|
page read and write
|
||
|
2D75000
|
heap
|
page read and write
|
||
|
CEA000
|
trusted library allocation
|
page execute and read and write
|
||
|
50C0000
|
heap
|
page read and write
|
||
|
3075000
|
trusted library allocation
|
page read and write
|
||
|
BEE000
|
stack
|
page read and write
|
||
|
E5B000
|
trusted library allocation
|
page execute and read and write
|
||
|
D02000
|
trusted library allocation
|
page read and write
|
||
|
2D93000
|
heap
|
page read and write
|
||
|
6BAF000
|
stack
|
page read and write
|
||
|
5680000
|
heap
|
page read and write
|
||
|
2B84000
|
trusted library allocation
|
page read and write
|
||
|
E0F000
|
heap
|
page read and write
|
||
|
CE0000
|
trusted library allocation
|
page read and write
|
||
|
2D9C000
|
heap
|
page read and write
|
||
|
4DAC000
|
stack
|
page read and write
|
||
|
D2B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
2D8C000
|
heap
|
page read and write
|
||
|
E2A000
|
trusted library allocation
|
page execute and read and write
|
||
|
EAB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DC3000
|
heap
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
4CD0000
|
trusted library allocation
|
page read and write
|
||
|
9BE000
|
stack
|
page read and write
|
||
|
2DA0000
|
heap
|
page read and write
|
||
|
4E73000
|
heap
|
page read and write
|
||
|
4830000
|
heap
|
page read and write
|
||
|
2DC3000
|
heap
|
page read and write
|
||
|
2D97000
|
heap
|
page read and write
|
||
|
2D8C000
|
heap
|
page read and write
|
||
|
51A0000
|
heap
|
page read and write
|
||
|
EFC000
|
stack
|
page read and write
|
||
|
2D20000
|
heap
|
page read and write
|
||
|
877E000
|
stack
|
page read and write
|
||
|
2B7B000
|
stack
|
page read and write
|
||
|
2D9C000
|
heap
|
page read and write
|
||
|
3B31000
|
trusted library allocation
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
2B6E000
|
stack
|
page read and write
|
||
|
2DF5000
|
heap
|
page read and write
|
||
|
2D97000
|
heap
|
page read and write
|
||
|
2E14000
|
heap
|
page read and write
|
||
|
4F3E000
|
stack
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
2D64000
|
heap
|
page read and write
|
||
|
51C3000
|
heap
|
page read and write
|
||
|
55D0000
|
trusted library section
|
page readonly
|
||
|
50EC000
|
heap
|
page read and write
|
||
|
5CA000
|
stack
|
page read and write
|
||
|
4F60000
|
heap
|
page read and write
|
||
|
CBB000
|
heap
|
page read and write
|
||
|
3AC000
|
stack
|
page read and write
|
||
|
C18000
|
heap
|
page read and write
|
||
|
2DA9000
|
heap
|
page read and write
|
||
|
2E1C000
|
heap
|
page read and write
|
||
|
CF6000
|
stack
|
page read and write
|
||
|
27EF000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2E10000
|
heap
|
page read and write
|
||
|
CEC000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
11C0000
|
heap
|
page execute and read and write
|
||
|
2BEF000
|
trusted library allocation
|
page read and write
|
||
|
F3B000
|
stack
|
page read and write
|
||
|
CB6000
|
heap
|
page read and write
|
||
|
2DAE000
|
heap
|
page read and write
|
||
|
2D75000
|
heap
|
page read and write
|
||
|
E7A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
51DE000
|
stack
|
page read and write
|
||
|
1017000
|
heap
|
page read and write
|
||
|
513B000
|
stack
|
page read and write
|
||
|
53BC000
|
stack
|
page read and write
|
||
|
2E1D000
|
heap
|
page read and write
|
||
|
E9E000
|
stack
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
2E15000
|
heap
|
page read and write
|
||
|
795000
|
heap
|
page read and write
|
||
|
CC3000
|
heap
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
E07000
|
heap
|
page read and write
|
||
|
302E000
|
trusted library allocation
|
page read and write
|
||
|
4E2C000
|
stack
|
page read and write
|
||
|
4EE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
E5A000
|
trusted library allocation
|
page execute and read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
107E000
|
heap
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
2DC3000
|
heap
|
page read and write
|
||
|
E57000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
2B74000
|
stack
|
page read and write
|
||
|
28DE000
|
stack
|
page read and write
|
||
|
4EF0000
|
unclassified section
|
page read and write
|
||
|
53C0000
|
heap
|
page read and write
|
||
|
2DA9000
|
heap
|
page read and write
|
||
|
C0A000
|
trusted library allocation
|
page execute and read and write
|
||
|
50C1000
|
heap
|
page read and write
|
||
|
CC0000
|
trusted library allocation
|
page read and write
|
||
|
2E0F000
|
heap
|
page read and write
|
||
|
2DA9000
|
heap
|
page read and write
|
||
|
EA7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
C02000
|
trusted library allocation
|
page execute and read and write
|
||
|
FEB000
|
heap
|
page read and write
|
||
|
5400000
|
heap
|
page read and write
|
||
|
FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
50E9000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
2D64000
|
heap
|
page read and write
|
||
|
2D8C000
|
heap
|
page read and write
|
||
|
4DEB000
|
stack
|
page read and write
|
||
|
101F000
|
heap
|
page read and write
|
||
|
2D97000
|
heap
|
page read and write
|
||
|
4CE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
887E000
|
stack
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
2D9C000
|
heap
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
2DA1000
|
heap
|
page read and write
|
||
|
2D9D000
|
heap
|
page read and write
|
||
|
2FA1000
|
trusted library allocation
|
page read and write
|
||
|
2D73000
|
heap
|
page read and write
|
||
|
E85000
|
heap
|
page read and write
|
||
|
E52000
|
trusted library allocation
|
page read and write
|
||
|
684E000
|
stack
|
page read and write
|
||
|
2E1D000
|
heap
|
page read and write
|
||
|
691E000
|
stack
|
page read and write
|
||
|
4DFE000
|
stack
|
page read and write
|
||
|
A90000
|
heap
|
page execute and read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
796000
|
stack
|
page read and write
|
||
|
2D76000
|
heap
|
page read and write
|
||
|
CDA000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D77000
|
heap
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
5304000
|
heap
|
page read and write
|
||
|
A3D000
|
stack
|
page read and write
|
||
|
6450000
|
heap
|
page read and write
|
||
|
8F9000
|
stack
|
page read and write
|
||
|
6CA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BA8000
|
trusted library allocation
|
page read and write
|
||
|
E52000
|
trusted library allocation
|
page execute and read and write
|
||
|
82A0000
|
heap
|
page read and write
|
||
|
2E0F000
|
heap
|
page read and write
|
||
|
2D6A000
|
heap
|
page read and write
|
||
|
7EE30000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DCF000
|
heap
|
page read and write
|
||
|
670E000
|
stack
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
2D67000
|
heap
|
page read and write
|
||
|
5F0000
|
unkown
|
page readonly
|
||
|
2E0F000
|
heap
|
page read and write
|
||
|
4F5F000
|
stack
|
page read and write
|
||
|
4E69000
|
stack
|
page read and write
|
||
|
2C5E000
|
stack
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
2D58000
|
heap
|
page read and write
|
||
|
2BFB000
|
trusted library allocation
|
page read and write
|
||
|
2D77000
|
heap
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
2D2B000
|
heap
|
page read and write
|
||
|
E72000
|
trusted library allocation
|
page read and write
|
||
|
863C000
|
stack
|
page read and write
|
||
|
83BE000
|
stack
|
page read and write
|
||
|
E9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
E6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
54CD000
|
stack
|
page read and write
|
||
|
E4A000
|
trusted library allocation
|
page execute and read and write
|
||
|
6A5E000
|
stack
|
page read and write
|
||
|
D12000
|
trusted library allocation
|
page execute and read and write
|
||
|
11DF000
|
stack
|
page read and write
|
||
|
B8E000
|
stack
|
page read and write
|
||
|
2E0F000
|
heap
|
page read and write
|
||
|
519F000
|
stack
|
page read and write
|
||
|
509E000
|
stack
|
page read and write
|
||
|
4F50000
|
trusted library allocation
|
page read and write
|
||
|
680E000
|
stack
|
page read and write
|
||
|
2D6C000
|
heap
|
page read and write
|
||
|
4D60000
|
trusted library allocation
|
page read and write
|
||
|
2E16000
|
heap
|
page read and write
|
||
|
2DF5000
|
heap
|
page read and write
|
||
|
2D9D000
|
heap
|
page read and write
|
||
|
E27000
|
trusted library allocation
|
page execute and read and write
|
||
|
B4E000
|
stack
|
page read and write
|
||
|
2D6A000
|
heap
|
page read and write
|
||
|
C46000
|
heap
|
page read and write
|
||
|
51A5000
|
heap
|
page read and write
|
||
|
2C21000
|
trusted library allocation
|
page read and write
|
||
|
CD2000
|
trusted library allocation
|
page execute and read and write
|
||
|
C9E000
|
stack
|
page read and write
|
||
|
1380000
|
trusted library allocation
|
page read and write
|
||
|
2D8E000
|
heap
|
page read and write
|
||
|
7DD000
|
unkown
|
page read and write
|
||
|
DCF000
|
heap
|
page read and write
|
||
|
2D96000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
55DF000
|
trusted library section
|
page readonly
|
||
|
13A0000
|
heap
|
page execute and read and write
|
||
|
5213000
|
heap
|
page read and write
|
||
|
2D75000
|
heap
|
page read and write
|
||
|
C7B000
|
heap
|
page read and write
|
||
|
84FE000
|
stack
|
page read and write
|
||
|
4DBE000
|
stack
|
page read and write
|
||
|
E40000
|
trusted library allocation
|
page read and write
|
||
|
CF9000
|
stack
|
page read and write
|
||
|
6690000
|
heap
|
page read and write
|
||
|
2DF5000
|
heap
|
page read and write
|
||
|
67A0000
|
trusted library allocation
|
page read and write
|
||
|
B95000
|
heap
|
page read and write
|
||
|
4B38000
|
trusted library allocation
|
page read and write
|
||
|
E62000
|
heap
|
page read and write
|
||
|
2E0F000
|
heap
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
2B31000
|
trusted library allocation
|
page read and write
|
||
|
E92000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E1D000
|
heap
|
page read and write
|
||
|
2DAF000
|
heap
|
page read and write
|
||
|
54E0000
|
heap
|
page read and write
|
||
|
E10000
|
trusted library allocation
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
2DAE000
|
heap
|
page read and write
|
||
|
FCE000
|
stack
|
page read and write
|
||
|
2F1E000
|
unkown
|
page read and write
|
||
|
2DC3000
|
heap
|
page read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
2D73000
|
heap
|
page read and write
|
||
|
50E1000
|
heap
|
page read and write
|
||
|
2D66000
|
heap
|
page read and write
|
||
|
2D55000
|
heap
|
page read and write
|
||
|
50E2000
|
heap
|
page read and write
|
||
|
2D91000
|
heap
|
page read and write
|
||
|
1056000
|
heap
|
page read and write
|
||
|
2D95000
|
heap
|
page read and write
|
||
|
E42000
|
trusted library allocation
|
page execute and read and write
|
||
|
6FD000
|
stack
|
page read and write
|
||
|
50E7000
|
heap
|
page read and write
|
||
|
5370000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
2DA9000
|
heap
|
page read and write
|
||
|
52E0000
|
heap
|
page read and write
|
||
|
2D76000
|
heap
|
page read and write
|
||
|
3C21000
|
trusted library allocation
|
page read and write
|
||
|
E12000
|
trusted library allocation
|
page execute and read and write
|
||
|
681E000
|
stack
|
page read and write
|
||
|
2DAC000
|
heap
|
page read and write
|
||
|
4910000
|
heap
|
page read and write
|
||
|
2DA2000
|
heap
|
page read and write
|
||
|
50EA000
|
heap
|
page read and write
|
||
|
2D9C000
|
heap
|
page read and write
|
||
|
2DA7000
|
heap
|
page read and write
|
||
|
2D64000
|
heap
|
page read and write
|
||
|
2DEF000
|
heap
|
page read and write
|
||
|
2DEF000
|
heap
|
page read and write
|
||
|
F8E000
|
stack
|
page read and write
|
||
|
4F80000
|
heap
|
page read and write
|
||
|
12DF000
|
stack
|
page read and write
|
||
|
5360000
|
heap
|
page read and write
|
||
|
C76000
|
heap
|
page read and write
|
||
|
2D6A000
|
heap
|
page read and write
|
||
|
2D98000
|
heap
|
page read and write
|
||
|
2D73000
|
heap
|
page read and write
|
||
|
50EB000
|
heap
|
page read and write
|
||
|
2D93000
|
heap
|
page read and write
|
||
|
5170000
|
heap
|
page read and write
|
||
|
F70000
|
trusted library allocation
|
page read and write
|
||
|
5270000
|
heap
|
page read and write
|
||
|
695E000
|
stack
|
page read and write
|
||
|
E77000
|
trusted library allocation
|
page execute and read and write
|
||
|
5180000
|
heap
|
page read and write
|
||
|
52E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
EEE000
|
stack
|
page read and write
|
||
|
2D9F000
|
heap
|
page read and write
|
||
|
52CD000
|
stack
|
page read and write
|
||
|
D9E000
|
heap
|
page read and write
|
||
|
4CCE000
|
stack
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
There are 388 hidden memdumps, click here to show them.