Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
z1QuotationSheetVSAA6656776.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\forskningsafdelingers\Dispergerer\Nondefinite\Fordelte\kitchen.und
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\forskningsafdelingers\Dispergerer\Nondefinite\Fordelte\svalebajers.lde
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\forskningsafdelingers\Dispergerer\Nondefinite\Gendigtningens.cab
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\forskningsafdelingers\Dispergerer\Nondefinite\Halmludningernes.Sur
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\forskningsafdelingers\Dispergerer\Nondefinite\Sammenbindende.Hos41
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\forskningsafdelingers\Dispergerer\Nondefinite\flyvesprings.afl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\forskningsafdelingers\Dispergerer\Nondefinite\halid.pre
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\forskningsafdelingers\Dispergerer\Nondefinite\indgives.ton
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\forskningsafdelingers\Dispergerer\Nondefinite\jf.can
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\forskningsafdelingers\Dispergerer\Nondefinite\kileskriften.kom
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsa9B23.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsl9DD3.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsl9DD3.tmp\nsExec.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\z1QuotationSheetVSAA6656776.exe
|
"C:\Users\user\Desktop\z1QuotationSheetVSAA6656776.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "250^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "244^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "227^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "255^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "244^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "253^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "130^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "131^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "139^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "139^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "242^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "195^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "212^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "208^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "197^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "212^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "247^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "216^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "221^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "212^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "240^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "153^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "220^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "145^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "195^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "133^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "145^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "157^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "145^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "216^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "145^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "129^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "201^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "137^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "129^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "129^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "129^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "129^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "129^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "129^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "129^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "157^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "145^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "216^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "145^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "129^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "157^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "145^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "193^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "145^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "129^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "157^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "145^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "216^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "145^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "133^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "157^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "145^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "216^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "145^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "129^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "201^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "137^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "129^177"
|
|
|
|
C:\Users\user\Desktop\z1QuotationSheetVSAA6656776.exe
|
"C:\Users\user\Desktop\z1QuotationSheetVSAA6656776.exe"
|
|
|
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 120 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://www.google.com
|
unknown
|
||
|
http://checkip.dyndns.org/
|
158.101.44.242
|
||
|
http://nsis.sf.net/NSIS_Error
|
unknown
|
||
|
https://drive.google.com/z
|
unknown
|
||
|
http://checkip.dyndns.comd
|
unknown
|
||
|
https://drive.google.com/
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/149.18.24.104$
|
unknown
|
||
|
http://reallyfreegeoip.orgd
|
unknown
|
||
|
http://reallyfreegeoip.org
|
unknown
|
||
|
http://checkip.dyndns.orgd
|
unknown
|
||
|
https://reallyfreegeoip.org
|
unknown
|
||
|
https://support.google.com/chrome/?p=plugin_flash
|
unknown
|
||
|
http://www.quovadis.bm0
|
unknown
|
||
|
https://drive.usercontent.google.com/
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
http://checkip.dyndns.com
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
https://ocsp.quovadisoffshore.com0
|
unknown
|
||
|
http://checkip.dyndns.org/d
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/149.18.24.104
|
172.67.177.134
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
There are 13 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
reallyfreegeoip.org
|
172.67.177.134
|
|
|
|
checkip.dyndns.org
|
unknown
|
|
|
|
drive.google.com
|
142.251.167.113
|
||
|
drive.usercontent.google.com
|
142.251.111.132
|
||
|
checkip.dyndns.com
|
158.101.44.242
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.67.177.134
|
reallyfreegeoip.org
|
United States
|
|
|
|
142.251.111.132
|
drive.usercontent.google.com
|
United States
|
||
|
142.251.167.113
|
drive.google.com
|
United States
|
||
|
158.101.44.242
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z1QuotationSheetVSAA6656776_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z1QuotationSheetVSAA6656776_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z1QuotationSheetVSAA6656776_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z1QuotationSheetVSAA6656776_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z1QuotationSheetVSAA6656776_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z1QuotationSheetVSAA6656776_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z1QuotationSheetVSAA6656776_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z1QuotationSheetVSAA6656776_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z1QuotationSheetVSAA6656776_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z1QuotationSheetVSAA6656776_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z1QuotationSheetVSAA6656776_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z1QuotationSheetVSAA6656776_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z1QuotationSheetVSAA6656776_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z1QuotationSheetVSAA6656776_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
57E000
|
heap
|
page read and write
|
|
|
|
5981000
|
direct allocation
|
page execute and read and write
|
|
|
|
34E4E000
|
trusted library allocation
|
page read and write
|
|
|
|
34CB1000
|
trusted library allocation
|
page read and write
|
|
|
|
37840000
|
trusted library allocation
|
page read and write
|
||
|
3260000
|
direct allocation
|
page read and write
|
||
|
34D69000
|
trusted library allocation
|
page read and write
|
||
|
37EB0000
|
trusted library allocation
|
page read and write
|
||
|
37BA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
349D0000
|
heap
|
page read and write
|
||
|
34E02000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
4577000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
34C80000
|
trusted library allocation
|
page read and write
|
||
|
37DD0000
|
trusted library allocation
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
37DB0000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
58E000
|
heap
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
44BD000
|
heap
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
3470F000
|
stack
|
page read and write
|
||
|
37DC0000
|
trusted library allocation
|
page read and write
|
||
|
4495000
|
heap
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37831000
|
trusted library allocation
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
37B20000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
35CB1000
|
trusted library allocation
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
37DB0000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37DA0000
|
trusted library allocation
|
page read and write
|
||
|
22EE000
|
stack
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37DA0000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
34DAF000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37B20000
|
trusted library allocation
|
page read and write
|
||
|
34C80000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
34C70000
|
trusted library allocation
|
page read and write
|
||
|
37DB0000
|
trusted library allocation
|
page read and write
|
||
|
37B20000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
34C36000
|
trusted library allocation
|
page read and write
|
||
|
34F4B000
|
trusted library allocation
|
page read and write
|
||
|
34720000
|
heap
|
page read and write
|
||
|
34C70000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
34930000
|
remote allocation
|
page read and write
|
||
|
34DBB000
|
trusted library allocation
|
page read and write
|
||
|
61D0000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
34C90000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
44C1000
|
heap
|
page read and write
|
||
|
37B60000
|
trusted library allocation
|
page read and write
|
||
|
C5000
|
trusted library allocation
|
page execute and read and write
|
||
|
36F01000
|
heap
|
page read and write
|
||
|
160000
|
trusted library allocation
|
page execute and read and write
|
||
|
37B20000
|
trusted library allocation
|
page read and write
|
||
|
3702D000
|
stack
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
1791000
|
remote allocation
|
page execute and read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
34C80000
|
trusted library allocation
|
page read and write
|
||
|
36EBD000
|
heap
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
6381000
|
direct allocation
|
page execute and read and write
|
||
|
34DEE000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
36F11000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
4575000
|
heap
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37DC0000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37840000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
34EA3000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
37DE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37B50000
|
trusted library allocation
|
page read and write
|
||
|
34DB3000
|
trusted library allocation
|
page read and write
|
||
|
2315000
|
heap
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
44C1000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
80F000
|
stack
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
37B20000
|
trusted library allocation
|
page read and write
|
||
|
34C90000
|
trusted library allocation
|
page read and write
|
||
|
34E42000
|
trusted library allocation
|
page read and write
|
||
|
36EE8000
|
heap
|
page read and write
|
||
|
190000
|
trusted library allocation
|
page read and write
|
||
|
37DC0000
|
trusted library allocation
|
page read and write
|
||
|
34E0A000
|
trusted library allocation
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
3460E000
|
stack
|
page read and write
|
||
|
37DA0000
|
trusted library allocation
|
page read and write
|
||
|
34F53000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
34C70000
|
trusted library allocation
|
page read and write
|
||
|
34D93000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37B90000
|
trusted library allocation
|
page read and write
|
||
|
37030000
|
heap
|
page read and write
|
||
|
34C80000
|
trusted library allocation
|
page read and write
|
||
|
34A2A000
|
stack
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
34C80000
|
trusted library allocation
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
34C80000
|
trusted library allocation
|
page read and write
|
||
|
5A5000
|
heap
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
34930000
|
remote allocation
|
page read and write
|
||
|
61E0000
|
direct allocation
|
page read and write
|
||
|
37BC0000
|
trusted library allocation
|
page read and write
|
||
|
44AB000
|
heap
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37DC0000
|
trusted library allocation
|
page read and write
|
||
|
37DC0000
|
trusted library allocation
|
page read and write
|
||
|
6220000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
456E000
|
stack
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
B2000
|
trusted library allocation
|
page read and write
|
||
|
5AB000
|
heap
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
5A8000
|
heap
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
34F44000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
6D81000
|
direct allocation
|
page execute and read and write
|
||
|
35D18000
|
trusted library allocation
|
page read and write
|
||
|
474F000
|
stack
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
3591000
|
remote allocation
|
page execute and read and write
|
||
|
34E15000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
49E000
|
stack
|
page read and write
|
||
|
4438000
|
heap
|
page read and write
|
||
|
349C0000
|
direct allocation
|
page read and write
|
||
|
48D0000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37DC0000
|
trusted library allocation
|
page read and write
|
||
|
3F91000
|
remote allocation
|
page execute and read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37B20000
|
trusted library allocation
|
page read and write
|
||
|
37B70000
|
trusted library allocation
|
page read and write
|
||
|
37B20000
|
trusted library allocation
|
page read and write
|
||
|
37B20000
|
trusted library allocation
|
page read and write
|
||
|
37DC0000
|
trusted library allocation
|
page read and write
|
||
|
34C5D000
|
trusted library allocation
|
page read and write
|
||
|
37840000
|
trusted library allocation
|
page read and write
|
||
|
37B40000
|
trusted library allocation
|
page read and write
|
||
|
34F59000
|
trusted library allocation
|
page read and write
|
||
|
34C70000
|
trusted library allocation
|
page read and write
|
||
|
34E37000
|
trusted library allocation
|
page read and write
|
||
|
34EA7000
|
trusted library allocation
|
page read and write
|
||
|
37DC0000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
4E9C000
|
stack
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
37840000
|
trusted library allocation
|
page execute and read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
35D43000
|
trusted library allocation
|
page read and write
|
||
|
4890000
|
heap
|
page read and write
|
||
|
37DC0000
|
trusted library allocation
|
page read and write
|
||
|
32B0000
|
direct allocation
|
page read and write
|
||
|
431000
|
unkown
|
page read and write
|
||
|
44CA000
|
heap
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
4F81000
|
direct allocation
|
page execute and read and write
|
||
|
36E4E000
|
stack
|
page read and write
|
||
|
34C90000
|
trusted library allocation
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
15E000
|
stack
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
349E0000
|
direct allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37B20000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
32A0000
|
direct allocation
|
page read and write
|
||
|
10003000
|
unkown
|
page readonly
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
4D9C000
|
stack
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
4577000
|
heap
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37EA0000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37B20000
|
trusted library allocation
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
34C56000
|
trusted library allocation
|
page read and write
|
||
|
37D90000
|
trusted library allocation
|
page read and write
|
||
|
37DA0000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
428000
|
unkown
|
page read and write
|
||
|
36E50000
|
heap
|
page read and write
|
||
|
34C86000
|
trusted library allocation
|
page read and write
|
||
|
D0000
|
heap
|
page read and write
|
||
|
37840000
|
trusted library allocation
|
page read and write
|
||
|
44C9000
|
heap
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
A0000
|
trusted library allocation
|
page read and write
|
||
|
37B20000
|
trusted library allocation
|
page read and write
|
||
|
37B90000
|
trusted library allocation
|
page execute and read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
548000
|
heap
|
page read and write
|
||
|
6210000
|
direct allocation
|
page read and write
|
||
|
94E000
|
stack
|
page read and write
|
||
|
34C80000
|
trusted library allocation
|
page read and write
|
||
|
34E2C000
|
trusted library allocation
|
page read and write
|
||
|
170000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
44A4000
|
heap
|
page read and write
|
||
|
3795F000
|
stack
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
34C80000
|
trusted library allocation
|
page read and write
|
||
|
37B60000
|
trusted library allocation
|
page read and write
|
||
|
37BB0000
|
trusted library allocation
|
page read and write
|
||
|
C2000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
425000
|
unkown
|
page read and write
|
||
|
37B20000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
34DA6000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
36EF1000
|
heap
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
34C80000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
36FF0000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37B20000
|
trusted library allocation
|
page read and write
|
||
|
34C2F000
|
stack
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
450B000
|
heap
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37B20000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
375F1000
|
heap
|
page read and write
|
||
|
450E000
|
heap
|
page read and write
|
||
|
36ED1000
|
heap
|
page read and write
|
||
|
37DB0000
|
trusted library allocation
|
page read and write
|
||
|
37850000
|
heap
|
page execute and read and write
|
||
|
16C0000
|
remote allocation
|
page execute and read and write
|
||
|
34C70000
|
trusted library allocation
|
page read and write
|
||
|
37BB0000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
44BD000
|
heap
|
page read and write
|
||
|
44BE000
|
heap
|
page read and write
|
||
|
34C70000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37DB0000
|
trusted library allocation
|
page read and write
|
||
|
34C90000
|
trusted library allocation
|
page read and write
|
||
|
37B5F000
|
trusted library allocation
|
page read and write
|
||
|
28CF000
|
stack
|
page read and write
|
||
|
3280000
|
direct allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37B20000
|
trusted library allocation
|
page read and write
|
||
|
34F28000
|
trusted library allocation
|
page read and write
|
||
|
44AB000
|
heap
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37BB7000
|
trusted library allocation
|
page read and write
|
||
|
37BB0000
|
trusted library allocation
|
page read and write
|
||
|
34C70000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
2760000
|
heap
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
34C80000
|
trusted library allocation
|
page read and write
|
||
|
34D78000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
90F000
|
stack
|
page read and write
|
||
|
37B20000
|
trusted library allocation
|
page read and write
|
||
|
37B20000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37DB0000
|
trusted library allocation
|
page read and write
|
||
|
35CD9000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
35DBC000
|
trusted library allocation
|
page read and write
|
||
|
275F000
|
stack
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
34C3E000
|
trusted library allocation
|
page read and write
|
||
|
6330000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
37DA0000
|
trusted library allocation
|
page read and write
|
||
|
37B70000
|
trusted library allocation
|
page read and write
|
||
|
34C80000
|
trusted library allocation
|
page read and write
|
||
|
37840000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
28D2000
|
heap
|
page read and write
|
||
|
37DB0000
|
trusted library allocation
|
page read and write
|
||
|
32C0000
|
direct allocation
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
37D9B000
|
trusted library allocation
|
page read and write
|
||
|
34C70000
|
trusted library allocation
|
page read and write
|
||
|
37B1F000
|
stack
|
page read and write
|
||
|
44A4000
|
heap
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37DB0000
|
trusted library allocation
|
page read and write
|
||
|
37B20000
|
trusted library allocation
|
page read and write
|
||
|
34EB2000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
44C9000
|
heap
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
36E97000
|
heap
|
page read and write
|
||
|
34C70000
|
trusted library allocation
|
page read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
4570000
|
heap
|
page read and write
|
||
|
37831000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
32E0000
|
direct allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
44C9000
|
heap
|
page read and write
|
||
|
4F5000
|
heap
|
page read and write
|
||
|
58C000
|
heap
|
page read and write
|
||
|
5AC000
|
heap
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
61F0000
|
direct allocation
|
page read and write
|
||
|
2B91000
|
remote allocation
|
page execute and read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37DA0000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37DB0000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
34C4A000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
34C80000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
34C30000
|
trusted library allocation
|
page read and write
|
||
|
4DE000
|
stack
|
page read and write
|
||
|
6260000
|
direct allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37BB0000
|
trusted library allocation
|
page read and write
|
||
|
10005000
|
unkown
|
page readonly
|
||
|
35D3A000
|
trusted library allocation
|
page read and write
|
||
|
37DC0000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
58B000
|
heap
|
page read and write
|
||
|
22A4000
|
heap
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37E90000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
34DFA000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37B50000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37DC0000
|
trusted library allocation
|
page read and write
|
||
|
34C80000
|
trusted library allocation
|
page read and write
|
||
|
37DC0000
|
trusted library allocation
|
page read and write
|
||
|
35D30000
|
trusted library allocation
|
page read and write
|
||
|
34C51000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
44C1000
|
heap
|
page read and write
|
||
|
35DC9000
|
trusted library allocation
|
page read and write
|
||
|
36EE8000
|
heap
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
34D76000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37840000
|
trusted library allocation
|
page read and write
|
||
|
4508000
|
heap
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37840000
|
trusted library allocation
|
page read and write
|
||
|
34C80000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37B20000
|
trusted library allocation
|
page read and write
|
||
|
34B27000
|
stack
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
34930000
|
remote allocation
|
page read and write
|
||
|
37DC0000
|
trusted library allocation
|
page read and write
|
||
|
90000
|
trusted library allocation
|
page read and write
|
||
|
C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
80000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
3A40000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37B24000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
37B30000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37840000
|
trusted library allocation
|
page read and write
|
||
|
37B20000
|
trusted library allocation
|
page read and write
|
||
|
32F0000
|
direct allocation
|
page read and write
|
||
|
4EB0000
|
direct allocation
|
page execute and read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
48D0000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
35DC7000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
433000
|
unkown
|
page readonly
|
||
|
37B20000
|
trusted library allocation
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
180000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37B20000
|
trusted library allocation
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
597000
|
heap
|
page read and write
|
||
|
44BD000
|
heap
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37DD0000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
A4F000
|
stack
|
page read and write
|
||
|
34DFE000
|
trusted library allocation
|
page read and write
|
||
|
7781000
|
direct allocation
|
page execute and read and write
|
||
|
2191000
|
remote allocation
|
page execute and read and write
|
||
|
5A7000
|
heap
|
page read and write
|
||
|
451A000
|
heap
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37840000
|
trusted library allocation
|
page read and write
|
||
|
37B40000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
94000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37BC0000
|
trusted library allocation
|
page read and write
|
||
|
345C0000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
421000
|
unkown
|
page read and write
|
||
|
34DB7000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
2310000
|
heap
|
page read and write
|
||
|
35DD5000
|
trusted library allocation
|
page read and write
|
||
|
36EC2000
|
heap
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37B20000
|
trusted library allocation
|
page read and write
|
||
|
37B30000
|
trusted library allocation
|
page read and write
|
||
|
37EA0000
|
trusted library allocation
|
page read and write
|
||
|
34C80000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
34C3B000
|
trusted library allocation
|
page read and write
|
||
|
37DD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
32D0000
|
direct allocation
|
page read and write
|
||
|
34DF6000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37ADD000
|
stack
|
page read and write
|
||
|
37DA0000
|
trusted library allocation
|
page read and write
|
||
|
37BB9000
|
trusted library allocation
|
page read and write
|
||
|
34EAE000
|
trusted library allocation
|
page read and write
|
||
|
9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6250000
|
direct allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
34C80000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
11E000
|
stack
|
page read and write
|
||
|
4475000
|
heap
|
page read and write
|
||
|
34C90000
|
trusted library allocation
|
page read and write
|
||
|
37DC0000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37D94000
|
trusted library allocation
|
page read and write
|
||
|
226E000
|
stack
|
page read and write
|
||
|
37B20000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
6200000
|
direct allocation
|
page read and write
|
||
|
37B20000
|
trusted library allocation
|
page read and write
|
||
|
35D3D000
|
trusted library allocation
|
page read and write
|
||
|
37BBD000
|
trusted library allocation
|
page read and write
|
||
|
3496E000
|
stack
|
page read and write
|
||
|
34E06000
|
trusted library allocation
|
page read and write
|
||
|
6230000
|
direct allocation
|
page read and write
|
||
|
37DD0000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
22A0000
|
heap
|
page read and write
|
||
|
6240000
|
direct allocation
|
page read and write
|
||
|
37B20000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
93000
|
trusted library allocation
|
page execute and read and write
|
||
|
375F1000
|
heap
|
page read and write
|
||
|
349AF000
|
stack
|
page read and write
|
||
|
37B20000
|
trusted library allocation
|
page read and write
|
||
|
37B90000
|
trusted library allocation
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
34C90000
|
trusted library allocation
|
page read and write
|
||
|
3300000
|
direct allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
36ED1000
|
heap
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
3270000
|
direct allocation
|
page read and write
|
||
|
37DC0000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
3250000
|
direct allocation
|
page read and write
|
||
|
34CA0000
|
heap
|
page execute and read and write
|
||
|
34DF2000
|
trusted library allocation
|
page read and write
|
||
|
34C4E000
|
trusted library allocation
|
page read and write
|
||
|
4430000
|
heap
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
34C80000
|
trusted library allocation
|
page read and write
|
||
|
37DC0000
|
trusted library allocation
|
page read and write
|
||
|
37B80000
|
trusted library allocation
|
page read and write
|
||
|
4D20000
|
heap
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
B0000
|
trusted library allocation
|
page read and write
|
||
|
37BB0000
|
trusted library allocation
|
page read and write
|
||
|
37DC0000
|
trusted library allocation
|
page read and write
|
||
|
36EF1000
|
heap
|
page read and write
|
||
|
375F0000
|
heap
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
58B000
|
heap
|
page read and write
|
||
|
34C80000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
579000
|
heap
|
page read and write
|
||
|
37DB0000
|
trusted library allocation
|
page read and write
|
||
|
37830000
|
trusted library allocation
|
page read and write
|
||
|
34C80000
|
trusted library allocation
|
page read and write
|
||
|
3290000
|
direct allocation
|
page read and write
|
There are 579 hidden memdumps, click here to show them.