Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Server.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\Server.exe.log
|
ASCII text, with CRLF line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\73e4ea7af59bea49b79c8c5f799f272d.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\73e4ea7af59bea49b79c8c5f799f272d.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Roaming\server.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\server.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Server.exe
|
"C:\Users\user\Desktop\Server.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\server.exe
|
"C:\Users\user\AppData\Roaming\server.exe"
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\AppData\Roaming\server.exe" "server.exe" ENABLE
|
|
|
|
C:\Users\user\AppData\Roaming\server.exe
|
"C:\Users\user\AppData\Roaming\server.exe" ..
|
|
|
|
C:\Users\user\AppData\Roaming\server.exe
|
"C:\Users\user\AppData\Roaming\server.exe" ..
|
|
|
|
C:\Users\user\AppData\Roaming\server.exe
|
"C:\Users\user\AppData\Roaming\server.exe" ..
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
127.0.0.1
|
|
||
|
http://go.microsoft.
|
unknown
|
||
|
https://dl.dropbox.com/s/p84aaz28t0hepul/Pass.exe?dl=0
|
unknown
|
||
|
http://go.microsoft.LinkId=42127
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
127.0.0.1
|
unknown
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER
|
di
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
73e4ea7af59bea49b79c8c5f799f272d
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
|
73e4ea7af59bea49b79c8c5f799f272d
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
FD2000
|
unkown
|
page readonly
|
|
|
|
26C1000
|
trusted library allocation
|
page read and write
|
|
|
|
3842000
|
trusted library allocation
|
page read and write
|
||
|
F43000
|
heap
|
page read and write
|
||
|
F66000
|
heap
|
page read and write
|
||
|
4B3E000
|
stack
|
page read and write
|
||
|
F6F000
|
heap
|
page read and write
|
||
|
19AE000
|
stack
|
page read and write
|
||
|
543F000
|
heap
|
page read and write
|
||
|
FE5000
|
heap
|
page read and write
|
||
|
A62000
|
trusted library allocation
|
page execute and read and write
|
||
|
5CCE000
|
stack
|
page read and write
|
||
|
7CD000
|
heap
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
832000
|
trusted library allocation
|
page execute and read and write
|
||
|
59DE000
|
stack
|
page read and write
|
||
|
F8D000
|
heap
|
page read and write
|
||
|
4F9000
|
stack
|
page read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
ABE000
|
stack
|
page read and write
|
||
|
5431000
|
heap
|
page read and write
|
||
|
A60000
|
trusted library allocation
|
page execute and read and write
|
||
|
CF7000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B70000
|
trusted library allocation
|
page read and write
|
||
|
604E000
|
stack
|
page read and write
|
||
|
495C000
|
stack
|
page read and write
|
||
|
F9F000
|
heap
|
page read and write
|
||
|
F9D000
|
heap
|
page read and write
|
||
|
49D9000
|
stack
|
page read and write
|
||
|
F75000
|
heap
|
page read and write
|
||
|
18D2000
|
trusted library allocation
|
page execute and read and write
|
||
|
CC6000
|
trusted library allocation
|
page execute and read and write
|
||
|
524E000
|
stack
|
page read and write
|
||
|
4B80000
|
heap
|
page read and write
|
||
|
543F000
|
heap
|
page read and write
|
||
|
106D000
|
stack
|
page read and write
|
||
|
5F4E000
|
stack
|
page read and write
|
||
|
F5C000
|
heap
|
page read and write
|
||
|
F3D000
|
heap
|
page read and write
|
||
|
133F000
|
stack
|
page read and write
|
||
|
4D6E000
|
stack
|
page read and write
|
||
|
F9F000
|
heap
|
page read and write
|
||
|
14E0000
|
heap
|
page read and write
|
||
|
F74000
|
heap
|
page read and write
|
||
|
F76000
|
heap
|
page read and write
|
||
|
499C000
|
stack
|
page read and write
|
||
|
F7A000
|
heap
|
page read and write
|
||
|
49FE000
|
stack
|
page read and write
|
||
|
2A64000
|
trusted library allocation
|
page read and write
|
||
|
F7C000
|
heap
|
page read and write
|
||
|
1BD0000
|
heap
|
page execute and read and write
|
||
|
F75000
|
heap
|
page read and write
|
||
|
195E000
|
stack
|
page read and write
|
||
|
1BC0000
|
heap
|
page read and write
|
||
|
F76000
|
heap
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
F8D000
|
heap
|
page read and write
|
||
|
7BD000
|
heap
|
page read and write
|
||
|
B30000
|
heap
|
page execute and read and write
|
||
|
A92000
|
trusted library allocation
|
page execute and read and write
|
||
|
1596000
|
heap
|
page read and write
|
||
|
FDD000
|
heap
|
page read and write
|
||
|
C40000
|
trusted library allocation
|
page read and write
|
||
|
491D000
|
stack
|
page read and write
|
||
|
F66000
|
heap
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
1509000
|
heap
|
page read and write
|
||
|
4E30000
|
heap
|
page read and write
|
||
|
A72000
|
trusted library allocation
|
page execute and read and write
|
||
|
D70000
|
heap
|
page execute and read and write
|
||
|
49B0000
|
heap
|
page read and write
|
||
|
54FE000
|
stack
|
page read and write
|
||
|
EE6000
|
heap
|
page read and write
|
||
|
161E000
|
stack
|
page read and write
|
||
|
F65000
|
heap
|
page read and write
|
||
|
CE2000
|
trusted library allocation
|
page execute and read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
170000
|
heap
|
page read and write
|
||
|
32EE000
|
stack
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
573E000
|
stack
|
page read and write
|
||
|
55FF000
|
stack
|
page read and write
|
||
|
4B1D000
|
stack
|
page read and write
|
||
|
FE6000
|
heap
|
page read and write
|
||
|
2FB1000
|
trusted library allocation
|
page read and write
|
||
|
87B000
|
trusted library allocation
|
page execute and read and write
|
||
|
78D000
|
heap
|
page read and write
|
||
|
FE3000
|
heap
|
page read and write
|
||
|
17B0000
|
heap
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
FE3000
|
heap
|
page read and write
|
||
|
F47000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
2A61000
|
trusted library allocation
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
872000
|
trusted library allocation
|
page read and write
|
||
|
F75000
|
heap
|
page read and write
|
||
|
5432000
|
heap
|
page read and write
|
||
|
14EE000
|
heap
|
page read and write
|
||
|
820000
|
trusted library allocation
|
page read and write
|
||
|
1902000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C2E000
|
stack
|
page read and write
|
||
|
F62000
|
heap
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
53BE000
|
stack
|
page read and write
|
||
|
FED000
|
heap
|
page read and write
|
||
|
4AFE000
|
stack
|
page read and write
|
||
|
4D7E000
|
stack
|
page read and write
|
||
|
329E000
|
stack
|
page read and write
|
||
|
F49000
|
heap
|
page read and write
|
||
|
F6D000
|
heap
|
page read and write
|
||
|
50EE000
|
stack
|
page read and write
|
||
|
1BA0000
|
trusted library allocation
|
page read and write
|
||
|
D3E000
|
stack
|
page read and write
|
||
|
2791000
|
trusted library allocation
|
page read and write
|
||
|
4E6E000
|
stack
|
page read and write
|
||
|
1369000
|
stack
|
page read and write
|
||
|
F49000
|
heap
|
page read and write
|
||
|
FE3000
|
heap
|
page read and write
|
||
|
F79000
|
heap
|
page read and write
|
||
|
4B60000
|
trusted library allocation
|
page execute and read and write
|
||
|
A70000
|
trusted library allocation
|
page read and write
|
||
|
F45000
|
heap
|
page read and write
|
||
|
F45000
|
heap
|
page read and write
|
||
|
543F000
|
heap
|
page read and write
|
||
|
F49000
|
heap
|
page read and write
|
||
|
D64000
|
stack
|
page read and write
|
||
|
3791000
|
trusted library allocation
|
page read and write
|
||
|
81D000
|
heap
|
page read and write
|
||
|
86A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5C8F000
|
stack
|
page read and write
|
||
|
4C20000
|
heap
|
page read and write
|
||
|
5431000
|
heap
|
page read and write
|
||
|
4DE0000
|
heap
|
page read and write
|
||
|
171F000
|
stack
|
page read and write
|
||
|
784000
|
heap
|
page read and write
|
||
|
29C3000
|
trusted library allocation
|
page read and write
|
||
|
F3E000
|
heap
|
page read and write
|
||
|
F3B000
|
heap
|
page read and write
|
||
|
518F000
|
stack
|
page read and write
|
||
|
36C1000
|
trusted library allocation
|
page read and write
|
||
|
4B50000
|
heap
|
page read and write
|
||
|
534E000
|
stack
|
page read and write
|
||
|
5ADE000
|
stack
|
page read and write
|
||
|
102D000
|
unkown
|
page read and write
|
||
|
FDC000
|
unkown
|
page readonly
|
||
|
508E000
|
stack
|
page read and write
|
||
|
A7C000
|
trusted library allocation
|
page execute and read and write
|
||
|
A50000
|
trusted library allocation
|
page read and write
|
||
|
4DBE000
|
stack
|
page read and write
|
||
|
4B70000
|
trusted library allocation
|
page read and write
|
||
|
190000
|
heap
|
page read and write
|
||
|
85A000
|
trusted library allocation
|
page execute and read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
110B000
|
trusted library allocation
|
page execute and read and write
|
||
|
F6D000
|
heap
|
page read and write
|
||
|
F48000
|
heap
|
page read and write
|
||
|
3A64000
|
trusted library allocation
|
page read and write
|
||
|
18EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
EC5000
|
heap
|
page read and write
|
||
|
32A0000
|
heap
|
page read and write
|
||
|
ADF000
|
stack
|
page read and write
|
||
|
37EB000
|
trusted library allocation
|
page read and write
|
||
|
F28000
|
heap
|
page read and write
|
||
|
1173000
|
heap
|
page read and write
|
||
|
736000
|
stack
|
page read and write
|
||
|
14E8000
|
heap
|
page read and write
|
||
|
C3E000
|
stack
|
page read and write
|
||
|
F63000
|
heap
|
page read and write
|
||
|
CBA000
|
trusted library allocation
|
page execute and read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
109000
|
stack
|
page read and write
|
||
|
18EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
51A0000
|
trusted library allocation
|
page read and write
|
||
|
F68000
|
heap
|
page read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
F34000
|
heap
|
page read and write
|
||
|
AEE000
|
stack
|
page read and write
|
||
|
4C3E000
|
stack
|
page read and write
|
||
|
61FD000
|
stack
|
page read and write
|
||
|
EFB000
|
heap
|
page read and write
|
||
|
107F000
|
stack
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
18BF000
|
stack
|
page read and write
|
||
|
F69000
|
heap
|
page read and write
|
||
|
FDF000
|
heap
|
page read and write
|
||
|
4B00000
|
heap
|
page read and write
|
||
|
1910000
|
trusted library allocation
|
page read and write
|
||
|
126B000
|
stack
|
page read and write
|
||
|
1366000
|
stack
|
page read and write
|
||
|
CFB000
|
trusted library allocation
|
page execute and read and write
|
||
|
F5F000
|
heap
|
page read and write
|
||
|
543F000
|
heap
|
page read and write
|
||
|
8C0000
|
heap
|
page read and write
|
||
|
F5F000
|
heap
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
B1E000
|
stack
|
page read and write
|
||
|
F66000
|
heap
|
page read and write
|
||
|
857000
|
trusted library allocation
|
page execute and read and write
|
||
|
F49000
|
heap
|
page read and write
|
||
|
F65000
|
heap
|
page read and write
|
||
|
5B8E000
|
stack
|
page read and write
|
||
|
F74000
|
heap
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
860000
|
trusted library allocation
|
page read and write
|
||
|
758000
|
heap
|
page read and write
|
||
|
CB2000
|
trusted library allocation
|
page execute and read and write
|
||
|
5F0E000
|
stack
|
page read and write
|
||
|
2794000
|
trusted library allocation
|
page read and write
|
||
|
F6D000
|
heap
|
page read and write
|
||
|
F5F000
|
heap
|
page read and write
|
||
|
5448000
|
heap
|
page read and write
|
||
|
877000
|
trusted library allocation
|
page execute and read and write
|
||
|
6CE000
|
stack
|
page read and write
|
||
|
271F000
|
stack
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
46C0000
|
trusted library allocation
|
page read and write
|
||
|
2C6E000
|
stack
|
page read and write
|
||
|
10F2000
|
trusted library allocation
|
page execute and read and write
|
||
|
53BF000
|
stack
|
page read and write
|
||
|
FD0000
|
unkown
|
page readonly
|
||
|
5440000
|
heap
|
page read and write
|
||
|
F11000
|
heap
|
page read and write
|
||
|
840000
|
trusted library allocation
|
page read and write
|
||
|
5DCE000
|
stack
|
page read and write
|
||
|
F5E000
|
heap
|
page read and write
|
||
|
57CE000
|
stack
|
page read and write
|
||
|
5E0E000
|
stack
|
page read and write
|
||
|
A6A000
|
trusted library allocation
|
page execute and read and write
|
||
|
814000
|
heap
|
page read and write
|
||
|
4B5E000
|
stack
|
page read and write
|
||
|
F7A000
|
heap
|
page read and write
|
||
|
319E000
|
unkown
|
page read and write
|
||
|
3FB1000
|
trusted library allocation
|
page read and write
|
||
|
9DE000
|
stack
|
page read and write
|
||
|
F5B000
|
heap
|
page read and write
|
||
|
F40000
|
heap
|
page execute and read and write
|
||
|
F49000
|
heap
|
page read and write
|
||
|
11AC000
|
heap
|
page read and write
|
||
|
18DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
FDE000
|
heap
|
page read and write
|
||
|
4EAE000
|
stack
|
page read and write
|
||
|
F66000
|
heap
|
page read and write
|
||
|
F72000
|
heap
|
page read and write
|
||
|
63B000
|
stack
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
F8D000
|
heap
|
page read and write
|
||
|
5448000
|
heap
|
page read and write
|
||
|
F69000
|
heap
|
page read and write
|
||
|
190A000
|
trusted library allocation
|
page execute and read and write
|
||
|
A70000
|
heap
|
page execute and read and write
|
||
|
FE9000
|
heap
|
page read and write
|
||
|
BBE000
|
stack
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
F9D000
|
heap
|
page read and write
|
||
|
B7E000
|
stack
|
page read and write
|
||
|
F7A000
|
heap
|
page read and write
|
||
|
7E3000
|
heap
|
page read and write
|
||
|
B80000
|
trusted library allocation
|
page read and write
|
||
|
A76000
|
trusted library allocation
|
page execute and read and write
|
||
|
373E000
|
trusted library allocation
|
page read and write
|
||
|
FDD000
|
heap
|
page read and write
|
||
|
544B000
|
heap
|
page read and write
|
||
|
F45000
|
heap
|
page read and write
|
||
|
52BE000
|
stack
|
page read and write
|
||
|
4EBE000
|
stack
|
page read and write
|
||
|
F67000
|
heap
|
page read and write
|
||
|
575000
|
heap
|
page read and write
|
||
|
CC0000
|
trusted library allocation
|
page read and write
|
||
|
4F6000
|
stack
|
page read and write
|
||
|
FE1000
|
heap
|
page read and write
|
||
|
2FB4000
|
trusted library allocation
|
page read and write
|
||
|
F25000
|
heap
|
page read and write
|
||
|
F6A000
|
heap
|
page read and write
|
||
|
1F5000
|
heap
|
page read and write
|
||
|
48C0000
|
trusted library allocation
|
page read and write
|
||
|
AAB000
|
trusted library allocation
|
page execute and read and write
|
||
|
CC2000
|
trusted library allocation
|
page execute and read and write
|
||
|
F7B000
|
heap
|
page read and write
|
||
|
F5E000
|
heap
|
page read and write
|
||
|
4FEE000
|
stack
|
page read and write
|
||
|
1100000
|
trusted library allocation
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
F67000
|
heap
|
page read and write
|
||
|
F62000
|
trusted library allocation
|
page execute and read and write
|
||
|
153E000
|
stack
|
page read and write
|
||
|
D66000
|
stack
|
page read and write
|
||
|
7B8000
|
heap
|
page read and write
|
||
|
1917000
|
trusted library allocation
|
page execute and read and write
|
||
|
F6E000
|
heap
|
page read and write
|
||
|
84A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BE0000
|
heap
|
page read and write
|
||
|
18E0000
|
trusted library allocation
|
page read and write
|
||
|
F28000
|
heap
|
page read and write
|
||
|
48D0000
|
heap
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
CA0000
|
trusted library allocation
|
page read and write
|
||
|
F66000
|
heap
|
page read and write
|
||
|
F11000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
EEE000
|
stack
|
page read and write
|
||
|
151F000
|
heap
|
page read and write
|
||
|
5440000
|
heap
|
page read and write
|
||
|
29D5000
|
trusted library allocation
|
page read and write
|
||
|
10D6000
|
trusted library allocation
|
page execute and read and write
|
||
|
6DE000
|
heap
|
page read and write
|
||
|
1FB000
|
stack
|
page read and write
|
||
|
485F000
|
stack
|
page read and write
|
||
|
842000
|
trusted library allocation
|
page execute and read and write
|
||
|
F9D000
|
heap
|
page read and write
|
||
|
83A000
|
trusted library allocation
|
page execute and read and write
|
||
|
D6B000
|
stack
|
page read and write
|
||
|
F8D000
|
heap
|
page read and write
|
||
|
F34000
|
heap
|
page read and write
|
||
|
F79000
|
heap
|
page read and write
|
||
|
5433000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
3899000
|
trusted library allocation
|
page read and write
|
||
|
F46000
|
heap
|
page read and write
|
||
|
CCC000
|
trusted library allocation
|
page execute and read and write
|
||
|
F64000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
6BE000
|
stack
|
page read and write
|
||
|
3795000
|
trusted library allocation
|
page read and write
|
||
|
36E7000
|
trusted library allocation
|
page read and write
|
||
|
C6B000
|
stack
|
page read and write
|
||
|
F11000
|
heap
|
page read and write
|
||
|
4631000
|
trusted library allocation
|
page read and write
|
||
|
FE2000
|
heap
|
page read and write
|
||
|
FDF000
|
heap
|
page read and write
|
||
|
F4A000
|
heap
|
page read and write
|
||
|
F49000
|
heap
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
76D000
|
heap
|
page read and write
|
||
|
F05000
|
heap
|
page read and write
|
||
|
F34000
|
heap
|
page read and write
|
||
|
54BE000
|
stack
|
page read and write
|
||
|
5449000
|
heap
|
page read and write
|
||
|
543F000
|
heap
|
page read and write
|
||
|
4D2F000
|
stack
|
page read and write
|
||
|
F41000
|
heap
|
page read and write
|
||
|
3FB4000
|
trusted library allocation
|
page read and write
|
||
|
1B90000
|
heap
|
page read and write
|
||
|
F9E000
|
heap
|
page read and write
|
||
|
F50000
|
trusted library allocation
|
page read and write
|
||
|
F7A000
|
heap
|
page read and write
|
||
|
543F000
|
heap
|
page read and write
|
||
|
F7B000
|
heap
|
page read and write
|
||
|
3631000
|
trusted library allocation
|
page read and write
|
||
|
5445000
|
heap
|
page read and write
|
||
|
F67000
|
heap
|
page read and write
|
||
|
F3C000
|
heap
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
4FAE000
|
stack
|
page read and write
|
||
|
1DE000
|
stack
|
page read and write
|
||
|
11AA000
|
heap
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
AA7000
|
trusted library allocation
|
page execute and read and write
|
||
|
F41000
|
heap
|
page read and write
|
||
|
4A1C000
|
stack
|
page read and write
|
||
|
F66000
|
heap
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
8C5000
|
heap
|
page read and write
|
||
|
F28000
|
heap
|
page read and write
|
||
|
C6B000
|
stack
|
page read and write
|
||
|
175E000
|
stack
|
page read and write
|
||
|
86C000
|
trusted library allocation
|
page execute and read and write
|
||
|
563E000
|
stack
|
page read and write
|
||
|
62FE000
|
stack
|
page read and write
|
||
|
F6A000
|
trusted library allocation
|
page execute and read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
B90000
|
trusted library allocation
|
page execute and read and write
|
||
|
115D000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
608B000
|
stack
|
page read and write
|
||
|
618C000
|
stack
|
page read and write
|
||
|
19D0000
|
heap
|
page read and write
|
||
|
6DA000
|
heap
|
page read and write
|
||
|
F38000
|
heap
|
page read and write
|
||
|
F6F000
|
heap
|
page read and write
|
||
|
F5B000
|
heap
|
page read and write
|
||
|
4C80000
|
unclassified section
|
page read and write
|
||
|
D5E000
|
stack
|
page read and write
|
||
|
5370000
|
heap
|
page read and write
|
||
|
1540000
|
trusted library allocation
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
10D2000
|
trusted library allocation
|
page execute and read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
F9D000
|
heap
|
page read and write
|
||
|
18C0000
|
trusted library allocation
|
page read and write
|
||
|
F9D000
|
heap
|
page read and write
|
||
|
1107000
|
trusted library allocation
|
page execute and read and write
|
||
|
FBF000
|
heap
|
page read and write
|
||
|
3794000
|
trusted library allocation
|
page read and write
|
||
|
F62000
|
heap
|
page read and write
|
||
|
4930000
|
trusted library allocation
|
page read and write
|
||
|
5448000
|
heap
|
page read and write
|
||
|
46C8000
|
trusted library allocation
|
page read and write
|
||
|
180000
|
heap
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
3A61000
|
trusted library allocation
|
page read and write
|
||
|
D6E000
|
stack
|
page read and write
|
||
|
1148000
|
heap
|
page read and write
|
||
|
10DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
5190000
|
trusted library allocation
|
page execute and read and write
|
||
|
70E000
|
heap
|
page read and write
|
||
|
862000
|
trusted library allocation
|
page execute and read and write
|
||
|
F69000
|
heap
|
page read and write
|
||
|
1550000
|
heap
|
page read and write
|
||
|
F34000
|
heap
|
page read and write
|
||
|
94E000
|
stack
|
page read and write
|
||
|
F62000
|
heap
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
F76000
|
heap
|
page read and write
|
||
|
543F000
|
heap
|
page read and write
|
||
|
5410000
|
heap
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
543E000
|
heap
|
page read and write
|
||
|
FEB000
|
heap
|
page read and write
|
||
|
154D000
|
heap
|
page read and write
|
||
|
F5B000
|
heap
|
page read and write
|
||
|
F79000
|
heap
|
page read and write
|
||
|
492E000
|
stack
|
page read and write
|
||
|
F65000
|
heap
|
page read and write
|
||
|
F34000
|
heap
|
page read and write
|
||
|
F6B000
|
heap
|
page read and write
|
||
|
F75000
|
heap
|
page read and write
|
||
|
F77000
|
heap
|
page read and write
|
||
|
F69000
|
heap
|
page read and write
|
||
|
18E2000
|
trusted library allocation
|
page execute and read and write
|
||
|
FBD000
|
heap
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
FED000
|
heap
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
10CE000
|
stack
|
page read and write
|
||
|
4F6000
|
stack
|
page read and write
|
||
|
191B000
|
trusted library allocation
|
page execute and read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
E60000
|
trusted library allocation
|
page read and write
|
||
|
F79000
|
heap
|
page read and write
|
||
|
1584000
|
heap
|
page read and write
|
||
|
F5B000
|
heap
|
page read and write
|
||
|
4F9000
|
stack
|
page read and write
|
||
|
FDD000
|
heap
|
page read and write
|
||
|
F9E000
|
heap
|
page read and write
|
||
|
48B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
A4F000
|
stack
|
page read and write
|
||
|
F7E000
|
heap
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
C7F000
|
stack
|
page read and write
|
||
|
4C7E000
|
stack
|
page read and write
|
||
|
E5E000
|
stack
|
page read and write
|
||
|
5432000
|
heap
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
F43000
|
heap
|
page read and write
|
||
|
F9F000
|
heap
|
page read and write
|
||
|
1B80000
|
trusted library allocation
|
page execute and read and write
|
||
|
F01000
|
heap
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
FEC000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
1770000
|
heap
|
page read and write
|
||
|
A50000
|
trusted library allocation
|
page read and write
|
||
|
544A000
|
heap
|
page read and write
|
||
|
13F5000
|
heap
|
page read and write
|
||
|
1575000
|
heap
|
page read and write
|
||
|
FE3000
|
heap
|
page read and write
|
||
|
F67000
|
heap
|
page read and write
|
||
|
244F000
|
stack
|
page read and write
|
||
|
6FE000
|
stack
|
page read and write
|
There are 464 hidden memdumps, click here to show them.