Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Onvf4Tujuw.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\Onvf4Tujuw.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\sofftware.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0624860fa806af32d62c5910019216a8.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\sofftware.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Onvf4Tujuw.exe
|
"C:\Users\user\Desktop\Onvf4Tujuw.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\sofftware.exe
|
"C:\Users\user\AppData\Local\Temp\sofftware.exe"
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\AppData\Local\Temp\sofftware.exe" "sofftware.exe" ENABLE
|
|
|
|
C:\Users\user\AppData\Local\Temp\sofftware.exe
|
"C:\Users\user\AppData\Local\Temp\sofftware.exe" ..
|
|
|
|
C:\Users\user\AppData\Local\Temp\sofftware.exe
|
"C:\Users\user\AppData\Local\Temp\sofftware.exe" ..
|
|
|
|
C:\Users\user\AppData\Local\Temp\sofftware.exe
|
"C:\Users\user\AppData\Local\Temp\sofftware.exe" ..
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bg.microsoft.map.fastly.net
|
199.232.214.172
|
||
|
seznam.zapto.org
|
34.102.5.126
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
34.102.5.126
|
seznam.zapto.org
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER
|
di
|
|
|
|
HKEY_CURRENT_USER\Environment
|
SEE_MASK_NOZONECHECKS
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
0624860fa806af32d62c5910019216a8
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
|
0624860fa806af32d62c5910019216a8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\0624860fa806af32d62c5910019216a8
|
[kl]
|
||
|
HKEY_CURRENT_USER\SOFTWARE\0624860fa806af32d62c5910019216a8
|
[kl]
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7B2000
|
unkown
|
page readonly
|
|
|
|
3421000
|
trusted library allocation
|
page read and write
|
|
|
|
2D71000
|
trusted library allocation
|
page read and write
|
|
|
|
4D31000
|
heap
|
page read and write
|
||
|
555E000
|
stack
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
4BBE000
|
stack
|
page read and write
|
||
|
B1A000
|
heap
|
page read and write
|
||
|
165E000
|
stack
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
560C000
|
stack
|
page read and write
|
||
|
777000
|
trusted library allocation
|
page execute and read and write
|
||
|
10EE000
|
stack
|
page read and write
|
||
|
B16000
|
heap
|
page read and write
|
||
|
B03000
|
heap
|
page read and write
|
||
|
15A7000
|
trusted library allocation
|
page execute and read and write
|
||
|
592F000
|
stack
|
page read and write
|
||
|
15C0000
|
trusted library allocation
|
page read and write
|
||
|
6FE000
|
stack
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
15CE000
|
stack
|
page read and write
|
||
|
559E000
|
stack
|
page read and write
|
||
|
15AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
56AE000
|
stack
|
page read and write
|
||
|
555E000
|
stack
|
page read and write
|
||
|
B04000
|
heap
|
page read and write
|
||
|
12C0000
|
trusted library allocation
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
740000
|
trusted library allocation
|
page read and write
|
||
|
B0A000
|
heap
|
page read and write
|
||
|
92D000
|
heap
|
page read and write
|
||
|
4D31000
|
heap
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
8D5000
|
heap
|
page read and write
|
||
|
1650000
|
trusted library allocation
|
page read and write
|
||
|
DCB000
|
heap
|
page read and write
|
||
|
47C0000
|
heap
|
page read and write
|
||
|
D46000
|
heap
|
page read and write
|
||
|
56CE000
|
stack
|
page read and write
|
||
|
8D0000
|
trusted library allocation
|
page read and write
|
||
|
16AE000
|
stack
|
page read and write
|
||
|
5400000
|
trusted library allocation
|
page read and write
|
||
|
15BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
B62000
|
heap
|
page read and write
|
||
|
590F000
|
stack
|
page read and write
|
||
|
1435000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
55C0000
|
trusted library allocation
|
page read and write
|
||
|
B0D000
|
heap
|
page read and write
|
||
|
15FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D3A000
|
heap
|
page read and write
|
||
|
1778000
|
trusted library allocation
|
page read and write
|
||
|
5AAE000
|
stack
|
page read and write
|
||
|
1630000
|
trusted library allocation
|
page read and write
|
||
|
1600000
|
trusted library allocation
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
541F000
|
stack
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
558E000
|
stack
|
page read and write
|
||
|
EB6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1292000
|
trusted library allocation
|
page execute and read and write
|
||
|
5610000
|
trusted library allocation
|
page read and write
|
||
|
2A2E000
|
stack
|
page read and write
|
||
|
157E000
|
stack
|
page read and write
|
||
|
B09000
|
heap
|
page read and write
|
||
|
5E90000
|
heap
|
page read and write
|
||
|
91E000
|
stack
|
page read and write
|
||
|
B1E000
|
heap
|
page read and write
|
||
|
15E0000
|
heap
|
page execute and read and write
|
||
|
B41000
|
heap
|
page read and write
|
||
|
B82000
|
heap
|
page read and write
|
||
|
E50000
|
heap
|
page execute and read and write
|
||
|
74C000
|
trusted library allocation
|
page execute and read and write
|
||
|
159A000
|
trusted library allocation
|
page execute and read and write
|
||
|
168F000
|
trusted library allocation
|
page read and write
|
||
|
3D74000
|
trusted library allocation
|
page read and write
|
||
|
705000
|
heap
|
page read and write
|
||
|
32B000
|
stack
|
page read and write
|
||
|
ADE000
|
heap
|
page read and write
|
||
|
56DE000
|
stack
|
page read and write
|
||
|
AE7000
|
heap
|
page read and write
|
||
|
4D10000
|
heap
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
47D0000
|
heap
|
page read and write
|
||
|
4E4E000
|
stack
|
page read and write
|
||
|
F56000
|
stack
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
13F1000
|
heap
|
page read and write
|
||
|
732000
|
trusted library allocation
|
page execute and read and write
|
||
|
EBC000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FF0000
|
trusted library allocation
|
page read and write
|
||
|
B0A000
|
heap
|
page read and write
|
||
|
4D2F000
|
stack
|
page read and write
|
||
|
2FAE000
|
stack
|
page read and write
|
||
|
4B7E000
|
stack
|
page read and write
|
||
|
EB0000
|
trusted library allocation
|
page read and write
|
||
|
53EE000
|
stack
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
E5E000
|
stack
|
page read and write
|
||
|
D82000
|
heap
|
page read and write
|
||
|
CEE000
|
stack
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
77B000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C20000
|
heap
|
page read and write
|
||
|
92F000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
3944000
|
trusted library allocation
|
page read and write
|
||
|
568E000
|
stack
|
page read and write
|
||
|
1582000
|
trusted library allocation
|
page execute and read and write
|
||
|
15F2000
|
trusted library allocation
|
page execute and read and write
|
||
|
7EEC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
1830000
|
heap
|
page read and write
|
||
|
1680000
|
trusted library allocation
|
page read and write
|
||
|
AEB000
|
heap
|
page read and write
|
||
|
57CE000
|
stack
|
page read and write
|
||
|
189F000
|
trusted library allocation
|
page read and write
|
||
|
6F3000
|
stack
|
page read and write
|
||
|
AC9000
|
heap
|
page read and write
|
||
|
B18000
|
heap
|
page read and write
|
||
|
110E000
|
stack
|
page read and write
|
||
|
56AC000
|
stack
|
page read and write
|
||
|
1A70000
|
heap
|
page read and write
|
||
|
4A3F000
|
stack
|
page read and write
|
||
|
AEC000
|
heap
|
page read and write
|
||
|
15B2000
|
trusted library allocation
|
page execute and read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
73A000
|
trusted library allocation
|
page execute and read and write
|
||
|
AD6000
|
heap
|
page read and write
|
||
|
292E000
|
stack
|
page read and write
|
||
|
3D71000
|
trusted library allocation
|
page read and write
|
||
|
12C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
ADC000
|
heap
|
page read and write
|
||
|
B16000
|
heap
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
67E000
|
stack
|
page read and write
|
||
|
1637000
|
trusted library allocation
|
page execute and read and write
|
||
|
1245000
|
heap
|
page read and write
|
||
|
1FB000
|
stack
|
page read and write
|
||
|
1139000
|
stack
|
page read and write
|
||
|
AEF000
|
stack
|
page read and write
|
||
|
AFF000
|
heap
|
page read and write
|
||
|
13F5000
|
heap
|
page read and write
|
||
|
5B70000
|
heap
|
page read and write
|
||
|
550E000
|
stack
|
page read and write
|
||
|
15E0000
|
trusted library allocation
|
page read and write
|
||
|
B41000
|
heap
|
page read and write
|
||
|
B62000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
581B000
|
stack
|
page read and write
|
||
|
154E000
|
stack
|
page read and write
|
||
|
B8B000
|
heap
|
page read and write
|
||
|
AFF000
|
heap
|
page read and write
|
||
|
4F70000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B3E000
|
stack
|
page read and write
|
||
|
1388000
|
heap
|
page read and write
|
||
|
113F000
|
heap
|
page read and write
|
||
|
4D45000
|
heap
|
page read and write
|
||
|
1265000
|
heap
|
page read and write
|
||
|
4D45000
|
heap
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
136E000
|
stack
|
page read and write
|
||
|
1282000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B40000
|
trusted library allocation
|
page execute and read and write
|
||
|
129C000
|
trusted library allocation
|
page execute and read and write
|
||
|
42F4000
|
trusted library allocation
|
page read and write
|
||
|
CD6000
|
heap
|
page read and write
|
||
|
B8E000
|
heap
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
B02000
|
heap
|
page read and write
|
||
|
566B000
|
stack
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
B1E000
|
heap
|
page read and write
|
||
|
AEC000
|
heap
|
page read and write
|
||
|
DB0000
|
trusted library allocation
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
B16000
|
heap
|
page read and write
|
||
|
1622000
|
trusted library allocation
|
page execute and read and write
|
||
|
AEA000
|
heap
|
page read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
5CC0000
|
heap
|
page read and write
|
||
|
51DD000
|
stack
|
page read and write
|
||
|
A1E000
|
stack
|
page read and write
|
||
|
596E000
|
stack
|
page read and write
|
||
|
ED2000
|
trusted library allocation
|
page execute and read and write
|
||
|
B0C000
|
heap
|
page read and write
|
||
|
569E000
|
stack
|
page read and write
|
||
|
B1B000
|
heap
|
page read and write
|
||
|
B15000
|
heap
|
page read and write
|
||
|
4D3A000
|
heap
|
page read and write
|
||
|
AFF000
|
heap
|
page read and write
|
||
|
163B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5BAE000
|
stack
|
page read and write
|
||
|
560F000
|
stack
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
B0C000
|
heap
|
page read and write
|
||
|
124F000
|
heap
|
page read and write
|
||
|
4D46000
|
heap
|
page read and write
|
||
|
1296000
|
trusted library allocation
|
page execute and read and write
|
||
|
B8E000
|
heap
|
page read and write
|
||
|
AE9000
|
heap
|
page read and write
|
||
|
B0F000
|
heap
|
page read and write
|
||
|
B1B000
|
heap
|
page read and write
|
||
|
44D1000
|
trusted library allocation
|
page read and write
|
||
|
160C000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A5E000
|
stack
|
page read and write
|
||
|
5A6F000
|
stack
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
118A000
|
heap
|
page read and write
|
||
|
B87000
|
heap
|
page read and write
|
||
|
B8C000
|
heap
|
page read and write
|
||
|
11DE000
|
stack
|
page read and write
|
||
|
B15000
|
heap
|
page read and write
|
||
|
32F1000
|
trusted library allocation
|
page read and write
|
||
|
1670000
|
heap
|
page read and write
|
||
|
B13000
|
heap
|
page read and write
|
||
|
1810000
|
trusted library allocation
|
page execute and read and write
|
||
|
50F0000
|
heap
|
page read and write
|
||
|
B82000
|
heap
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
544E000
|
stack
|
page read and write
|
||
|
128A000
|
trusted library allocation
|
page execute and read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
42F1000
|
trusted library allocation
|
page read and write
|
||
|
4D48000
|
heap
|
page read and write
|
||
|
B1A000
|
heap
|
page read and write
|
||
|
6FB000
|
stack
|
page read and write
|
||
|
595E000
|
stack
|
page read and write
|
||
|
1550000
|
heap
|
page read and write
|
||
|
B0C000
|
heap
|
page read and write
|
||
|
5D80000
|
heap
|
page read and write
|
||
|
AEB000
|
heap
|
page read and write
|
||
|
7B0000
|
unkown
|
page readonly
|
||
|
545E000
|
stack
|
page read and write
|
||
|
103A000
|
stack
|
page read and write
|
||
|
D5E000
|
heap
|
page read and write
|
||
|
1590000
|
trusted library allocation
|
page read and write
|
||
|
8CE000
|
unkown
|
page read and write
|
||
|
1370000
|
trusted library allocation
|
page read and write
|
||
|
AEB000
|
heap
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
B0E000
|
heap
|
page read and write
|
||
|
A5B000
|
stack
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
30DE000
|
stack
|
page read and write
|
||
|
13AE000
|
stack
|
page read and write
|
||
|
4447000
|
trusted library allocation
|
page read and write
|
||
|
1154000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
1602000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F60000
|
trusted library allocation
|
page read and write
|
||
|
1128000
|
heap
|
page read and write
|
||
|
3DE000
|
unkown
|
page read and write
|
||
|
1136000
|
stack
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
EA2000
|
trusted library allocation
|
page execute and read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
B0F000
|
heap
|
page read and write
|
||
|
E3E000
|
stack
|
page read and write
|
||
|
1606000
|
trusted library allocation
|
page execute and read and write
|
||
|
EBB000
|
stack
|
page read and write
|
||
|
CEE000
|
stack
|
page read and write
|
||
|
3E0000
|
heap
|
page read and write
|
||
|
B0C000
|
heap
|
page read and write
|
||
|
AFD000
|
heap
|
page read and write
|
||
|
52DE000
|
stack
|
page read and write
|
||
|
390000
|
heap
|
page read and write
|
||
|
4D49000
|
heap
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
AE7000
|
heap
|
page read and write
|
||
|
B43000
|
heap
|
page read and write
|
||
|
100F000
|
stack
|
page read and write
|
||
|
EAA000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D32000
|
heap
|
page read and write
|
||
|
B09000
|
heap
|
page read and write
|
||
|
B13000
|
heap
|
page read and write
|
||
|
DFE000
|
stack
|
page read and write
|
||
|
5D90000
|
heap
|
page read and write
|
||
|
44D4000
|
trusted library allocation
|
page read and write
|
||
|
1700000
|
heap
|
page read and write
|
||
|
F59000
|
stack
|
page read and write
|
||
|
AC6000
|
heap
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
AEB000
|
heap
|
page read and write
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
B0E000
|
heap
|
page read and write
|
||
|
B1F000
|
heap
|
page read and write
|
||
|
D9F000
|
heap
|
page read and write
|
||
|
57DE000
|
stack
|
page read and write
|
||
|
150E000
|
stack
|
page read and write
|
||
|
B82000
|
heap
|
page read and write
|
||
|
D28000
|
heap
|
page read and write
|
||
|
AD8000
|
heap
|
page read and write
|
||
|
4D47000
|
heap
|
page read and write
|
||
|
AD8000
|
heap
|
page read and write
|
||
|
1660000
|
heap
|
page read and write
|
||
|
BD5000
|
heap
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
15C2000
|
trusted library allocation
|
page read and write
|
||
|
7DE000
|
stack
|
page read and write
|
||
|
B17000
|
heap
|
page read and write
|
||
|
D5E000
|
stack
|
page read and write
|
||
|
56E9000
|
stack
|
page read and write
|
||
|
B1A000
|
heap
|
page read and write
|
||
|
B03000
|
heap
|
page read and write
|
||
|
15CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
746000
|
trusted library allocation
|
page execute and read and write
|
||
|
129A000
|
heap
|
page read and write
|
||
|
1666000
|
heap
|
page read and write
|
||
|
5623000
|
heap
|
page read and write
|
||
|
B05000
|
heap
|
page read and write
|
||
|
1140000
|
heap
|
page execute and read and write
|
||
|
925000
|
heap
|
page read and write
|
||
|
1290000
|
trusted library allocation
|
page read and write
|
||
|
90E000
|
heap
|
page read and write
|
||
|
A97000
|
heap
|
page read and write
|
||
|
AE7000
|
heap
|
page read and write
|
||
|
140F000
|
stack
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
AE7000
|
heap
|
page read and write
|
||
|
1660000
|
heap
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
138E000
|
heap
|
page read and write
|
||
|
B03000
|
heap
|
page read and write
|
||
|
531D000
|
stack
|
page read and write
|
||
|
4D45000
|
heap
|
page read and write
|
||
|
1404000
|
heap
|
page read and write
|
||
|
4F6000
|
stack
|
page read and write
|
||
|
B1E000
|
heap
|
page read and write
|
||
|
AEA000
|
heap
|
page read and write
|
||
|
B8E000
|
heap
|
page read and write
|
||
|
B1A000
|
heap
|
page read and write
|
||
|
1592000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F4F000
|
stack
|
page read and write
|
||
|
ADB000
|
heap
|
page read and write
|
||
|
1A40000
|
trusted library allocation
|
page execute and read and write
|
||
|
AD6000
|
heap
|
page read and write
|
||
|
394D000
|
trusted library allocation
|
page read and write
|
||
|
16C0000
|
heap
|
page read and write
|
||
|
10A5000
|
heap
|
page read and write
|
||
|
17D0000
|
heap
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
B11000
|
heap
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
17CE000
|
stack
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
580E000
|
stack
|
page read and write
|
||
|
FB6000
|
stack
|
page read and write
|
||
|
B04000
|
heap
|
page read and write
|
||
|
13BF000
|
heap
|
page read and write
|
||
|
EE7000
|
trusted library allocation
|
page execute and read and write
|
||
|
ADC000
|
heap
|
page read and write
|
||
|
15C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
582E000
|
stack
|
page read and write
|
||
|
4D0F000
|
stack
|
page read and write
|
||
|
B0C000
|
heap
|
page read and write
|
||
|
6EE000
|
stack
|
page read and write
|
||
|
EBA000
|
trusted library allocation
|
page execute and read and write
|
||
|
762000
|
trusted library allocation
|
page execute and read and write
|
||
|
476E000
|
stack
|
page read and write
|
||
|
6BE000
|
stack
|
page read and write
|
||
|
8F8000
|
heap
|
page read and write
|
||
|
57EE000
|
stack
|
page read and write
|
||
|
1237000
|
heap
|
page read and write
|
||
|
56E0000
|
heap
|
page read and write
|
||
|
742000
|
trusted library allocation
|
page execute and read and write
|
||
|
EB2000
|
trusted library allocation
|
page execute and read and write
|
||
|
158A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E2E000
|
stack
|
page read and write
|
||
|
ADA000
|
heap
|
page read and write
|
||
|
1610000
|
heap
|
page execute and read and write
|
||
|
12B2000
|
trusted library allocation
|
page execute and read and write
|
||
|
1690000
|
trusted library allocation
|
page execute and read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
ADD000
|
heap
|
page read and write
|
||
|
EEB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1890000
|
trusted library allocation
|
page read and write
|
||
|
15A0000
|
trusted library allocation
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
34D1000
|
trusted library allocation
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
B13000
|
heap
|
page read and write
|
||
|
4D45000
|
heap
|
page read and write
|
||
|
B11000
|
heap
|
page read and write
|
||
|
E5B000
|
stack
|
page read and write
|
||
|
2941000
|
trusted library allocation
|
page read and write
|
||
|
B13000
|
heap
|
page read and write
|
||
|
591C000
|
stack
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
318F000
|
stack
|
page read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
8E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
AB1000
|
heap
|
page read and write
|
||
|
18A0000
|
heap
|
page execute and read and write
|
||
|
554E000
|
stack
|
page read and write
|
||
|
12CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
B8C000
|
heap
|
page read and write
|
||
|
5660000
|
trusted library allocation
|
page read and write
|
||
|
BEF000
|
stack
|
page read and write
|
||
|
B09000
|
heap
|
page read and write
|
||
|
B56000
|
stack
|
page read and write
|
||
|
162E000
|
stack
|
page read and write
|
||
|
3941000
|
trusted library allocation
|
page read and write
|
||
|
D2E000
|
heap
|
page read and write
|
||
|
125E000
|
stack
|
page read and write
|
||
|
720000
|
trusted library allocation
|
page read and write
|
||
|
AE5000
|
heap
|
page read and write
|
||
|
5750000
|
unclassified section
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B81000
|
heap
|
page read and write
|
||
|
5620000
|
heap
|
page read and write
|
||
|
4421000
|
trusted library allocation
|
page read and write
|
||
|
4D38000
|
heap
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
4F2E000
|
stack
|
page read and write
|
||
|
AE9000
|
heap
|
page read and write
|
||
|
545C000
|
stack
|
page read and write
|
||
|
8DF000
|
trusted library allocation
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
There are 419 hidden memdumps, click here to show them.