Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
80441fcf.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\7ZipSfx.000\5758\Apply.pif
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\7ZipSfx.000\5758\o
|
ASCII text, with very long lines (939), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7ZipSfx.000\Affordable
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7ZipSfx.000\Cookbook
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7ZipSfx.000\Increasingly
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7ZipSfx.000\Ink
|
ASCII text, with very long lines (939), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7ZipSfx.000\Inventory
|
ASCII text, with very long lines (1840), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7ZipSfx.000\Inventory.bat (copy)
|
ASCII text, with very long lines (1840), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7ZipSfx.000\Rounds
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\80441fcf.exe
|
"C:\Users\user\Desktop\80441fcf.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k move Inventory Inventory.bat & Inventory.bat & exit
|
|
|
|
C:\Windows\SysWOW64\findstr.exe
|
findstr /I "avastui.exe avgui.exe nswscsvc.exe sophoshealth.exe"
|
|
|
|
C:\Windows\SysWOW64\findstr.exe
|
findstr /I "wrsa.exe opssvc.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /c md 5758
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /c copy /b Cookbook + Increasingly + Rounds + Affordable 5758\Apply.pif
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /c copy /b Ink 5758\o
|
|
|
|
C:\Users\user\AppData\Local\Temp\7ZipSfx.000\5758\Apply.pif
|
5758\Apply.pif 5758\o
|
|
|
|
C:\Windows\SysWOW64\PING.EXE
|
ping -n 5 127.0.0.1
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\tasklist.exe
|
tasklist
|
||
|
C:\Windows\SysWOW64\tasklist.exe
|
tasklist
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
edurestunningcrackyow.fun
|
|
||
|
problemregardybuiwo.fun
|
|
||
|
technologyenterdo.shop
|
|
||
|
pooreveningfuseor.pw
|
|
||
|
associationokeo.shop
|
|
||
|
turkeyunlikelyofw.shop
|
|
||
|
detectordiscusser.shop
|
|
||
|
lighterepisodeheighte.fun
|
|
||
|
assumptionflattyou.shop
|
|
||
|
https://assumptionflattyou.shop/api
|
172.67.163.54
|
||
|
https://assumptionflattyou.shop/apir
|
unknown
|
||
|
https://assumptionflattyou.shop/os
|
unknown
|
||
|
https://assumptionflattyou.shop/4
|
unknown
|
||
|
http://crl.rootca1.amazontrust.com/rootca1.crl0
|
unknown
|
||
|
http://www.autoitscript.com/autoit3/X
|
unknown
|
||
|
https://assumptionflattyou.shop/apis
|
unknown
|
||
|
http://ocsp.rootca1.amazontrust.com0:
|
unknown
|
||
|
https://www.autoitscript.com/autoit3/
|
unknown
|
||
|
https://assumptionflattyou.shop/apiy
|
unknown
|
||
|
https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
|
unknown
|
||
|
https://assumptionflattyou.shop/Pa
|
unknown
|
||
|
http://x1.c.lencr.org/0
|
unknown
|
||
|
http://x1.i.lencr.org/0
|
unknown
|
||
|
http://crt.rootca1.amazontrust.com/rootca1.cer0?
|
unknown
|
||
|
https://assumptionflattyou.shop/
|
unknown
|
||
|
https://support.mozilla.org/products/firefoxgro.all
|
unknown
|
||
|
https://assumptionflattyou.shop:443/api
|
unknown
|
There are 17 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
assumptionflattyou.shop
|
172.67.163.54
|
|
|
|
qBnWsPFfTrJBhDSbGyd.qBnWsPFfTrJBhDSbGyd
|
unknown
|
||
|
198.187.3.20.in-addr.arpa
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.67.163.54
|
assumptionflattyou.shop
|
United States
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4EE7000
|
trusted library allocation
|
page read and write
|
|
|
|
4A04000
|
trusted library allocation
|
page read and write
|
|
|
|
3CF0000
|
heap
|
page read and write
|
|
|
|
851000
|
unkown
|
page execute read
|
||
|
4B2B000
|
trusted library allocation
|
page read and write
|
||
|
41C000
|
unkown
|
page readonly
|
||
|
539F000
|
stack
|
page read and write
|
||
|
4B32000
|
trusted library allocation
|
page read and write
|
||
|
3C40000
|
heap
|
page read and write
|
||
|
41C2000
|
heap
|
page read and write
|
||
|
1530000
|
heap
|
page read and write
|
||
|
2590000
|
direct allocation
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
643000
|
heap
|
page read and write
|
||
|
4B7D000
|
trusted library allocation
|
page read and write
|
||
|
3C02000
|
heap
|
page read and write
|
||
|
5B92000
|
trusted library allocation
|
page read and write
|
||
|
44AE000
|
stack
|
page read and write
|
||
|
5C8B000
|
trusted library allocation
|
page read and write
|
||
|
91D000
|
unkown
|
page read and write
|
||
|
4E0B000
|
trusted library allocation
|
page read and write
|
||
|
5C5A000
|
trusted library allocation
|
page read and write
|
||
|
4BC0000
|
trusted library allocation
|
page read and write
|
||
|
237E000
|
stack
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
4B40000
|
trusted library allocation
|
page read and write
|
||
|
156E000
|
heap
|
page read and write
|
||
|
4B71000
|
trusted library allocation
|
page read and write
|
||
|
48AD000
|
stack
|
page read and write
|
||
|
8DF000
|
stack
|
page read and write
|
||
|
71000
|
direct allocation
|
page execute and read and write
|
||
|
41C2000
|
heap
|
page read and write
|
||
|
41C2000
|
heap
|
page read and write
|
||
|
41C2000
|
heap
|
page read and write
|
||
|
925000
|
unkown
|
page readonly
|
||
|
19C000
|
stack
|
page read and write
|
||
|
91D000
|
unkown
|
page write copy
|
||
|
4B74000
|
trusted library allocation
|
page read and write
|
||
|
4B12000
|
trusted library allocation
|
page read and write
|
||
|
41C2000
|
heap
|
page read and write
|
||
|
41C2000
|
heap
|
page read and write
|
||
|
3B0C000
|
heap
|
page read and write
|
||
|
41C2000
|
heap
|
page read and write
|
||
|
541F000
|
stack
|
page read and write
|
||
|
3A00000
|
heap
|
page read and write
|
||
|
3A3C000
|
heap
|
page read and write
|
||
|
3CE7000
|
heap
|
page read and write
|
||
|
2706000
|
heap
|
page read and write
|
||
|
3CF5000
|
heap
|
page read and write
|
||
|
5B72000
|
trusted library allocation
|
page read and write
|
||
|
26B0000
|
heap
|
page read and write
|
||
|
4A67000
|
trusted library allocation
|
page read and write
|
||
|
4900000
|
remote allocation
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
26DE000
|
heap
|
page read and write
|
||
|
851000
|
unkown
|
page execute read
|
||
|
3BAC000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
41C2000
|
heap
|
page read and write
|
||
|
FC000
|
stack
|
page read and write
|
||
|
424000
|
unkown
|
page readonly
|
||
|
4B85000
|
trusted library allocation
|
page read and write
|
||
|
4534000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2708000
|
heap
|
page read and write
|
||
|
4B54000
|
trusted library allocation
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
56DF000
|
stack
|
page read and write
|
||
|
56E000
|
stack
|
page read and write
|
||
|
21C0000
|
heap
|
page read and write
|
||
|
41C2000
|
heap
|
page read and write
|
||
|
4AEE000
|
trusted library allocation
|
page read and write
|
||
|
5EA000
|
heap
|
page read and write
|
||
|
4A73000
|
trusted library allocation
|
page read and write
|
||
|
41D1000
|
heap
|
page read and write
|
||
|
515000
|
heap
|
page read and write
|
||
|
4B36000
|
trusted library allocation
|
page read and write
|
||
|
4B07000
|
trusted library allocation
|
page read and write
|
||
|
41C2000
|
heap
|
page read and write
|
||
|
41C2000
|
heap
|
page read and write
|
||
|
D9A000
|
stack
|
page read and write
|
||
|
25CE000
|
stack
|
page read and write
|
||
|
4B0F000
|
trusted library allocation
|
page read and write
|
||
|
4B2C000
|
trusted library allocation
|
page read and write
|
||
|
267E000
|
stack
|
page read and write
|
||
|
5FEC000
|
trusted library allocation
|
page read and write
|
||
|
3B10000
|
heap
|
page read and write
|
||
|
5BBA000
|
trusted library allocation
|
page read and write
|
||
|
850000
|
unkown
|
page readonly
|
||
|
5B22000
|
trusted library allocation
|
page read and write
|
||
|
4900000
|
remote allocation
|
page read and write
|
||
|
45BF000
|
stack
|
page read and write
|
||
|
421000
|
unkown
|
page read and write
|
||
|
41C2000
|
heap
|
page read and write
|
||
|
41C2000
|
heap
|
page read and write
|
||
|
39B0000
|
trusted library allocation
|
page read and write
|
||
|
4A2F000
|
trusted library allocation
|
page read and write
|
||
|
5BC2000
|
trusted library allocation
|
page read and write
|
||
|
8ED000
|
unkown
|
page readonly
|
||
|
45D0000
|
heap
|
page read and write
|
||
|
41C2000
|
heap
|
page read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
4AEE000
|
trusted library allocation
|
page read and write
|
||
|
3990000
|
heap
|
page read and write
|
||
|
925000
|
unkown
|
page readonly
|
||
|
4B44000
|
trusted library allocation
|
page read and write
|
||
|
5AE4000
|
trusted library allocation
|
page read and write
|
||
|
5ADE000
|
stack
|
page read and write
|
||
|
545E000
|
stack
|
page read and write
|
||
|
4A65000
|
trusted library allocation
|
page read and write
|
||
|
240000
|
heap
|
page read and write
|
||
|
54D0000
|
heap
|
page read and write
|
||
|
22F0000
|
heap
|
page read and write
|
||
|
4971000
|
trusted library allocation
|
page read and write
|
||
|
34DE000
|
heap
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
3CF5000
|
heap
|
page read and write
|
||
|
26E8000
|
heap
|
page read and write
|
||
|
921000
|
unkown
|
page write copy
|
||
|
3A2A000
|
heap
|
page read and write
|
||
|
233E000
|
stack
|
page read and write
|
||
|
4D70000
|
trusted library allocation
|
page read and write
|
||
|
39B0000
|
trusted library allocation
|
page read and write
|
||
|
3A7F000
|
heap
|
page read and write
|
||
|
41C2000
|
heap
|
page read and write
|
||
|
4A66000
|
trusted library allocation
|
page read and write
|
||
|
2B7F000
|
stack
|
page read and write
|
||
|
3C98000
|
heap
|
page read and write
|
||
|
5AE9000
|
trusted library allocation
|
page read and write
|
||
|
4AFA000
|
trusted library allocation
|
page read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
28E000
|
stack
|
page read and write
|
||
|
4BA0000
|
trusted library allocation
|
page read and write
|
||
|
4A2F000
|
trusted library allocation
|
page read and write
|
||
|
36F0000
|
heap
|
page read and write
|
||
|
41C2000
|
heap
|
page read and write
|
||
|
3C6C000
|
heap
|
page read and write
|
||
|
913000
|
unkown
|
page readonly
|
||
|
2919000
|
heap
|
page read and write
|
||
|
52DE000
|
stack
|
page read and write
|
||
|
2BBC000
|
stack
|
page read and write
|
||
|
4B21000
|
trusted library allocation
|
page read and write
|
||
|
41C2000
|
heap
|
page read and write
|
||
|
3A10000
|
heap
|
page read and write
|
||
|
4B39000
|
trusted library allocation
|
page read and write
|
||
|
4DBE000
|
stack
|
page read and write
|
||
|
2810000
|
heap
|
page read and write
|
||
|
26CE000
|
stack
|
page read and write
|
||
|
4B3C000
|
trusted library allocation
|
page read and write
|
||
|
21C8000
|
heap
|
page read and write
|
||
|
17EC000
|
heap
|
page read and write
|
||
|
70000
|
direct allocation
|
page read and write
|
||
|
28F0000
|
heap
|
page read and write
|
||
|
4A2F000
|
trusted library allocation
|
page read and write
|
||
|
41C2000
|
heap
|
page read and write
|
||
|
26DE000
|
heap
|
page read and write
|
||
|
DD7000
|
heap
|
page read and write
|
||
|
3C7E000
|
heap
|
page read and write
|
||
|
13EF000
|
stack
|
page read and write
|
||
|
41C000
|
unkown
|
page readonly
|
||
|
3CB5000
|
heap
|
page read and write
|
||
|
2710000
|
direct allocation
|
page read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4D78000
|
trusted library allocation
|
page read and write
|
||
|
3504000
|
heap
|
page read and write
|
||
|
4473000
|
trusted library allocation
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
280F000
|
stack
|
page read and write
|
||
|
4AEC000
|
trusted library allocation
|
page read and write
|
||
|
DD7000
|
heap
|
page read and write
|
||
|
263F000
|
stack
|
page read and write
|
||
|
39B0000
|
trusted library allocation
|
page read and write
|
||
|
34F4000
|
heap
|
page read and write
|
||
|
41C2000
|
heap
|
page read and write
|
||
|
26BE000
|
heap
|
page read and write
|
||
|
4AEE000
|
trusted library allocation
|
page read and write
|
||
|
5AE000
|
stack
|
page read and write
|
||
|
186E000
|
heap
|
page read and write
|
||
|
34E9000
|
heap
|
page read and write
|
||
|
18A8000
|
heap
|
page read and write
|
||
|
152E000
|
stack
|
page read and write
|
||
|
457E000
|
stack
|
page read and write
|
||
|
34F5000
|
heap
|
page read and write
|
||
|
41C1000
|
heap
|
page read and write
|
||
|
48ED000
|
stack
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
35B0000
|
heap
|
page read and write
|
||
|
913000
|
unkown
|
page readonly
|
||
|
39E0000
|
direct allocation
|
page execute and read and write
|
||
|
49FA000
|
trusted library allocation
|
page read and write
|
||
|
4AFA000
|
trusted library allocation
|
page read and write
|
||
|
41C2000
|
heap
|
page read and write
|
||
|
270E000
|
stack
|
page read and write
|
||
|
34BF000
|
heap
|
page read and write
|
||
|
3B5A000
|
heap
|
page read and write
|
||
|
2700000
|
heap
|
page read and write
|
||
|
26FE000
|
heap
|
page read and write
|
||
|
4A5B000
|
trusted library allocation
|
page read and write
|
||
|
3A04000
|
heap
|
page read and write
|
||
|
41C2000
|
heap
|
page read and write
|
||
|
41C2000
|
heap
|
page read and write
|
||
|
34E8000
|
heap
|
page read and write
|
||
|
4B7D000
|
trusted library allocation
|
page read and write
|
||
|
3CD8000
|
heap
|
page read and write
|
||
|
41C2000
|
heap
|
page read and write
|
||
|
49FE000
|
trusted library allocation
|
page read and write
|
||
|
41C2000
|
heap
|
page read and write
|
||
|
4A8D000
|
trusted library allocation
|
page read and write
|
||
|
4B38000
|
trusted library allocation
|
page read and write
|
||
|
5B0A000
|
trusted library allocation
|
page read and write
|
||
|
5B42000
|
trusted library allocation
|
page read and write
|
||
|
34B0000
|
heap
|
page read and write
|
||
|
2CE000
|
stack
|
page read and write
|
||
|
5BCA000
|
trusted library allocation
|
page read and write
|
||
|
549F000
|
stack
|
page read and write
|
||
|
3CF6000
|
heap
|
page read and write
|
||
|
3CA4000
|
heap
|
page read and write
|
||
|
160000
|
heap
|
page read and write
|
||
|
26DB000
|
heap
|
page read and write
|
||
|
BC000
|
stack
|
page read and write
|
||
|
4A8E000
|
trusted library allocation
|
page read and write
|
||
|
4B2B000
|
trusted library allocation
|
page read and write
|
||
|
4971000
|
trusted library allocation
|
page read and write
|
||
|
4B00000
|
trusted library allocation
|
page read and write
|
||
|
13D7000
|
stack
|
page read and write
|
||
|
32F9000
|
heap
|
page read and write
|
||
|
4A65000
|
trusted library allocation
|
page read and write
|
||
|
421000
|
unkown
|
page write copy
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
3B02000
|
heap
|
page read and write
|
||
|
4542000
|
trusted library allocation
|
page read and write
|
||
|
4B1B000
|
trusted library allocation
|
page read and write
|
||
|
249000
|
heap
|
page read and write
|
||
|
27B0000
|
heap
|
page read and write
|
||
|
4A5E000
|
trusted library allocation
|
page read and write
|
||
|
424000
|
unkown
|
page readonly
|
||
|
4B2B000
|
trusted library allocation
|
page read and write
|
||
|
344E000
|
stack
|
page read and write
|
||
|
4971000
|
trusted library allocation
|
page read and write
|
||
|
26E9000
|
heap
|
page read and write
|
||
|
535E000
|
stack
|
page read and write
|
||
|
4B21000
|
trusted library allocation
|
page read and write
|
||
|
1597000
|
heap
|
page read and write
|
||
|
13BE000
|
stack
|
page read and write
|
||
|
8ED000
|
unkown
|
page readonly
|
||
|
4B33000
|
trusted library allocation
|
page read and write
|
||
|
4B0A000
|
trusted library allocation
|
page read and write
|
||
|
3280000
|
heap
|
page read and write
|
||
|
49A0000
|
trusted library allocation
|
page read and write
|
||
|
2707000
|
heap
|
page read and write
|
||
|
4B81000
|
trusted library allocation
|
page read and write
|
||
|
178E000
|
heap
|
page read and write
|
||
|
3CF5000
|
heap
|
page read and write
|
||
|
4A60000
|
trusted library allocation
|
page read and write
|
||
|
36F9000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
49CF000
|
trusted library allocation
|
page read and write
|
||
|
B4000
|
direct allocation
|
page execute and read and write
|
||
|
5AEB000
|
trusted library allocation
|
page read and write
|
||
|
4AD3000
|
trusted library allocation
|
page read and write
|
||
|
4970000
|
trusted library allocation
|
page read and write
|
||
|
5AF1000
|
trusted library allocation
|
page read and write
|
||
|
1D5D000
|
stack
|
page read and write
|
||
|
270A000
|
heap
|
page read and write
|
||
|
54A0000
|
heap
|
page read and write
|
||
|
4AF0000
|
trusted library allocation
|
page read and write
|
||
|
348F000
|
stack
|
page read and write
|
||
|
18FE000
|
heap
|
page read and write
|
||
|
2FDC000
|
stack
|
page read and write
|
||
|
3CE6000
|
heap
|
page read and write
|
||
|
13CE000
|
stack
|
page read and write
|
||
|
4A5B000
|
trusted library allocation
|
page read and write
|
||
|
4B50000
|
trusted library allocation
|
page read and write
|
||
|
4A61000
|
trusted library allocation
|
page read and write
|
||
|
496E000
|
stack
|
page read and write
|
||
|
4B52000
|
trusted library allocation
|
page read and write
|
||
|
4B8F000
|
trusted library allocation
|
page read and write
|
||
|
4B3B000
|
trusted library allocation
|
page read and write
|
||
|
26F5000
|
heap
|
page read and write
|
||
|
41C2000
|
heap
|
page read and write
|
||
|
3506000
|
heap
|
page read and write
|
||
|
340E000
|
stack
|
page read and write
|
||
|
219E000
|
stack
|
page read and write
|
||
|
4AFB000
|
trusted library allocation
|
page read and write
|
||
|
270A000
|
heap
|
page read and write
|
||
|
18B4000
|
heap
|
page read and write
|
||
|
41C2000
|
heap
|
page read and write
|
||
|
4A8D000
|
trusted library allocation
|
page read and write
|
||
|
4A60000
|
trusted library allocation
|
page read and write
|
||
|
4A74000
|
trusted library allocation
|
page read and write
|
||
|
4900000
|
remote allocation
|
page read and write
|
||
|
2910000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
26E9000
|
heap
|
page read and write
|
||
|
39B0000
|
heap
|
page read and write
|
||
|
2690000
|
direct allocation
|
page read and write
|
||
|
4B23000
|
trusted library allocation
|
page read and write
|
||
|
5EE000
|
heap
|
page read and write
|
||
|
32CE000
|
stack
|
page read and write
|
||
|
2A7E000
|
stack
|
page read and write
|
||
|
5C15000
|
trusted library allocation
|
page read and write
|
||
|
4B48000
|
trusted library allocation
|
page read and write
|
||
|
5B83000
|
trusted library allocation
|
page read and write
|
||
|
64FA000
|
trusted library allocation
|
page read and write
|
||
|
26F6000
|
heap
|
page read and write
|
||
|
26E9000
|
heap
|
page read and write
|
||
|
270A000
|
heap
|
page read and write
|
||
|
7DF000
|
stack
|
page read and write
|
||
|
4A74000
|
trusted library allocation
|
page read and write
|
||
|
1620000
|
heap
|
page read and write
|
||
|
323C000
|
stack
|
page read and write
|
||
|
23FE000
|
stack
|
page read and write
|
||
|
41C1000
|
heap
|
page read and write
|
||
|
4AF2000
|
trusted library allocation
|
page read and write
|
||
|
1597000
|
heap
|
page read and write
|
||
|
850000
|
unkown
|
page readonly
|
||
|
41C1000
|
heap
|
page read and write
|
||
|
53DE000
|
stack
|
page read and write
|
||
|
1D9E000
|
stack
|
page read and write
|
||
|
2580000
|
heap
|
page read and write
|
||
|
2CBC000
|
stack
|
page read and write
|
||
|
4B18000
|
trusted library allocation
|
page read and write
|
||
|
4A67000
|
trusted library allocation
|
page read and write
|
||
|
4A65000
|
trusted library allocation
|
page read and write
|
||
|
4B6C000
|
trusted library allocation
|
page read and write
|
||
|
13FF000
|
stack
|
page read and write
|
||
|
1560000
|
heap
|
page read and write
|
||
|
4B2C000
|
trusted library allocation
|
page read and write
|
||
|
28EF000
|
stack
|
page read and write
|
||
|
4B00000
|
trusted library allocation
|
page read and write
|
||
|
27A7000
|
direct allocation
|
page read and write
|
||
|
34DA000
|
heap
|
page read and write
|
||
|
4B43000
|
trusted library allocation
|
page read and write
|
There are 324 hidden memdumps, click here to show them.