Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
LisectAVT_2403002A_348.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\LisectAVT_2403002A_348.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Profile Remcos\Update_Lock_Remcos.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Profile Remcos\Update_Lock_Remcos.exe.bat
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Profile Remcos\Update_Lock_Remcos.exe.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Thu Jul 25 00:17:17
2024, mtime=Thu Jul 25 00:17:17 2024, atime=Thu Jul 25 00:17:07 2024, length=18539223, window=showminimized
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Profile Remcos\Update_Lock_Remcos.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Temp\Remcos Professional Cracked By Alcatraz3222.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Profile
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\taskhost.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\LisectAVT_2403002A_348.exe
|
"C:\Users\user\Desktop\LisectAVT_2403002A_348.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Remcos Professional Cracked By Alcatraz3222.exe
|
"C:\Users\user\AppData\Local\Temp\Remcos Professional Cracked By Alcatraz3222.exe"
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
reg add "HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows" /v Load /t REG_SZ /d "C:\Users\user~1\AppData\Local\Temp\Profile
Remcos\Update_Lock_Remcos.exe.lnk" /f
|
|
|
|
C:\Users\user\AppData\Local\Temp\taskhost.exe
|
"C:\Users\user~1\AppData\Local\Temp\taskhost.exe"
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\AppData\Local\Temp\taskhost.exe" "taskhost.exe" ENABLE
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c copy "C:/Users/user/Desktop/LisectAVT_2403002A_348.exe" "%temp%\Profile Remcos\Update_Lock_Remcos.exe"
/Y
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c reg add "HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows" /v Load /t REG_SZ /d
"%temp%\Profile Remcos\Update_Lock_Remcos.exe.lnk" /f
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c echo [zoneTransfer]ZoneID = 2 > %temp%\Profile Remcos\Update_Lock_Remcos.exe:Zone.Identifier
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 2 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.geoplugin.net
|
unknown
|
||
|
https://Breaking-Security.netpf
|
unknown
|
||
|
https://breaking-security.net
|
unknown
|
||
|
http://www.geoplugin.net/json.gp?ip=
|
unknown
|
||
|
https://breaking-security.net/keylogger
|
unknown
|
||
|
https://breaking-security.netopenU
|
unknown
|
||
|
https://breaking-security.net/remcos/changelogopenCongratulations
|
unknown
|
||
|
https://breaking-security.net/remcos/manualopenU
|
unknown
|
||
|
https://breaking-security.net/remcosopenU
|
unknown
|
||
|
https://breaking-security.net/shop/remcos/
|
unknown
|
||
|
https://breaking-security.net/remcos
|
unknown
|
||
|
https://breaking-security.net/octopus
|
unknown
|
||
|
http://breakingsec02.co.nf/Remcos/logaccess.php?DATA=
|
unknown
|
||
|
https://breaking-security.net/viotto-binder
|
unknown
|
||
|
https://breaking-security.net/keyloggeropenU
|
unknown
|
||
|
https://breaking-security.net/meteorite-downloader
|
unknown
|
||
|
https://breaking-security.net/remcos/changelog
|
unknown
|
||
|
https://breaking-security.net/forum
|
unknown
|
||
|
http://breaking-security.net/terms
|
unknown
|
||
|
https://breaking-security.net/source-codes/delphisources
|
unknown
|
||
|
https://breaking-security.net/poseidon
|
unknown
|
||
|
https://breaking-security.net/viotto-binderopenU
|
unknown
|
||
|
http://breaking-security.net/termsopenU
|
unknown
|
||
|
https://breaking-security.net/shop/remcos/open
|
unknown
|
||
|
https://breaking-security.net/source-codes/delphisourcesopenU
|
unknown
|
||
|
https://breaking-security.net/clientarea/support
|
unknown
|
||
|
http://breakingsec02.co.nf/Remcos/upd_free.txtU
|
unknown
|
||
|
https://breaking-security.net/contactopenU
|
unknown
|
||
|
https://breaking-security.net/poseidonopenU
|
unknown
|
||
|
https://breaking-security.net/meteorite-downloaderopenU
|
unknown
|
||
|
http://www.geoplugin.netU
|
unknown
|
||
|
https://breaking-security.net/contact
|
unknown
|
||
|
https://breaking-security.net/remcos/manual
|
unknown
|
||
|
https://Breaking-Security.net
|
unknown
|
||
|
https://breaking-security.net/octopusopenU
|
unknown
|
||
|
https://breaking-security.net/terms
|
unknown
|
||
|
https://breaking-security.net/termsopenU
|
unknown
|
||
|
https://breaking-security.net/forumopenU
|
unknown
|
||
|
https://breaking-security.net/clientarea/supportopenU
|
unknown
|
There are 29 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
dllsys.duckdns.org
|
84.220.8.178
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
84.220.8.178
|
dllsys.duckdns.org
|
Italy
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
|
Load
|
|
|
|
HKEY_CURRENT_USER
|
di
|
|
|
|
HKEY_CURRENT_USER\Environment
|
SEE_MASK_NOZONECHECKS
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\3b570ffeeb3d34249b9a5ce0ee58a328
|
[kl]
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3CE4000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2ED1000
|
trusted library allocation
|
page read and write
|
|
|
|
ECD000
|
heap
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
5A60000
|
heap
|
page read and write
|
||
|
E91000
|
heap
|
page read and write
|
||
|
29B8000
|
heap
|
page read and write
|
||
|
6250000
|
heap
|
page read and write
|
||
|
2A1E000
|
heap
|
page read and write
|
||
|
5426000
|
heap
|
page read and write
|
||
|
3B2E000
|
heap
|
page read and write
|
||
|
2F3E000
|
stack
|
page read and write
|
||
|
1012000
|
unkown
|
page readonly
|
||
|
2AF0000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
E2B000
|
heap
|
page read and write
|
||
|
29F1000
|
heap
|
page read and write
|
||
|
1E90000
|
trusted library allocation
|
page read and write
|
||
|
5420000
|
heap
|
page read and write
|
||
|
E56000
|
heap
|
page read and write
|
||
|
540C000
|
stack
|
page read and write
|
||
|
6ACE000
|
stack
|
page read and write
|
||
|
3B20000
|
heap
|
page read and write
|
||
|
298E000
|
unkown
|
page readonly
|
||
|
2A31000
|
heap
|
page read and write
|
||
|
E93000
|
heap
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
12A7000
|
heap
|
page read and write
|
||
|
10CE000
|
stack
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
2D30000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
2DAD000
|
trusted library allocation
|
page read and write
|
||
|
2FFE000
|
unkown
|
page read and write
|
||
|
2A0F000
|
heap
|
page read and write
|
||
|
2D84000
|
trusted library allocation
|
page read and write
|
||
|
2D46000
|
heap
|
page read and write
|
||
|
48B3000
|
direct allocation
|
page read and write
|
||
|
2D0C000
|
stack
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
E2C000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
5680000
|
trusted library allocation
|
page execute and read and write
|
||
|
E69000
|
heap
|
page read and write
|
||
|
485B000
|
direct allocation
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
E74000
|
heap
|
page read and write
|
||
|
2E3D000
|
stack
|
page read and write
|
||
|
E17000
|
heap
|
page read and write
|
||
|
2D86000
|
trusted library allocation
|
page read and write
|
||
|
2F0E000
|
stack
|
page read and write
|
||
|
E93000
|
heap
|
page read and write
|
||
|
610000
|
unkown
|
page readonly
|
||
|
340F000
|
stack
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
E73000
|
heap
|
page read and write
|
||
|
2D8E000
|
trusted library allocation
|
page read and write
|
||
|
1EA6000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B70000
|
heap
|
page read and write
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
E28000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
1E80000
|
trusted library allocation
|
page read and write
|
||
|
12A9000
|
heap
|
page read and write
|
||
|
37CF000
|
stack
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
E64000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
17B8000
|
unkown
|
page readonly
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
452E000
|
stack
|
page read and write
|
||
|
3B25000
|
heap
|
page read and write
|
||
|
2EFD000
|
stack
|
page read and write
|
||
|
3ED1000
|
trusted library allocation
|
page read and write
|
||
|
37D0000
|
heap
|
page read and write
|
||
|
E69000
|
heap
|
page read and write
|
||
|
E75000
|
heap
|
page read and write
|
||
|
DDB000
|
heap
|
page read and write
|
||
|
4631000
|
heap
|
page read and write
|
||
|
E83000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2EFD000
|
stack
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
47AA000
|
direct allocation
|
page read and write
|
||
|
E73000
|
heap
|
page read and write
|
||
|
2DA1000
|
trusted library allocation
|
page read and write
|
||
|
3118000
|
heap
|
page read and write
|
||
|
6D47000
|
direct allocation
|
page read and write
|
||
|
761000
|
unkown
|
page readonly
|
||
|
4BA0000
|
heap
|
page read and write
|
||
|
3C60000
|
trusted library allocation
|
page read and write
|
||
|
4BA3000
|
heap
|
page read and write
|
||
|
18D000
|
stack
|
page read and write
|
||
|
4790000
|
direct allocation
|
page read and write
|
||
|
8E0E000
|
stack
|
page read and write
|
||
|
1EE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
479A000
|
direct allocation
|
page read and write
|
||
|
40A000
|
remote allocation
|
page execute and read and write
|
||
|
E84000
|
heap
|
page read and write
|
||
|
2DA6000
|
trusted library allocation
|
page read and write
|
||
|
33E0000
|
heap
|
page read and write
|
||
|
EBE000
|
heap
|
page read and write
|
||
|
489D000
|
direct allocation
|
page read and write
|
||
|
6D88000
|
direct allocation
|
page read and write
|
||
|
5411000
|
heap
|
page read and write
|
||
|
47D9000
|
direct allocation
|
page read and write
|
||
|
7820000
|
trusted library allocation
|
page read and write
|
||
|
1F95000
|
heap
|
page read and write
|
||
|
E28000
|
heap
|
page read and write
|
||
|
B6E000
|
stack
|
page read and write
|
||
|
3ADC000
|
stack
|
page read and write
|
||
|
48C1000
|
direct allocation
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
14B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
8A90000
|
heap
|
page read and write
|
||
|
E72000
|
heap
|
page read and write
|
||
|
541F000
|
heap
|
page read and write
|
||
|
18F000
|
stack
|
page read and write
|
||
|
E2B000
|
heap
|
page read and write
|
||
|
2D50000
|
trusted library allocation
|
page read and write
|
||
|
E8A000
|
heap
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
2A13000
|
heap
|
page read and write
|
||
|
E9F1000
|
trusted library allocation
|
page read and write
|
||
|
14A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
298E000
|
unkown
|
page readonly
|
||
|
3CC1000
|
trusted library allocation
|
page read and write
|
||
|
132D000
|
heap
|
page read and write
|
||
|
309E000
|
stack
|
page read and write
|
||
|
29E5000
|
heap
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
2ECE000
|
stack
|
page read and write
|
||
|
34F0000
|
direct allocation
|
page read and write
|
||
|
4ED8000
|
trusted library allocation
|
page read and write
|
||
|
2C80000
|
trusted library allocation
|
page read and write
|
||
|
6D7A000
|
direct allocation
|
page read and write
|
||
|
1CDD000
|
stack
|
page read and write
|
||
|
5479000
|
stack
|
page read and write
|
||
|
2F3A000
|
trusted library allocation
|
page read and write
|
||
|
5430000
|
heap
|
page read and write
|
||
|
5412000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
9430000
|
trusted library allocation
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
1F18000
|
heap
|
page read and write
|
||
|
149D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A90000
|
heap
|
page read and write
|
||
|
4631000
|
heap
|
page read and write
|
||
|
E73000
|
heap
|
page read and write
|
||
|
E5F000
|
heap
|
page read and write
|
||
|
2A13000
|
heap
|
page read and write
|
||
|
29DD000
|
heap
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
155E000
|
stack
|
page read and write
|
||
|
1484000
|
trusted library allocation
|
page read and write
|
||
|
5433000
|
heap
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
E7F000
|
heap
|
page read and write
|
||
|
A7B000
|
stack
|
page read and write
|
||
|
E88000
|
heap
|
page read and write
|
||
|
3CB0000
|
heap
|
page execute and read and write
|
||
|
4844000
|
direct allocation
|
page read and write
|
||
|
8BF6000
|
heap
|
page read and write
|
||
|
32BE000
|
unkown
|
page read and write
|
||
|
E67000
|
heap
|
page read and write
|
||
|
2B3D000
|
stack
|
page read and write
|
||
|
1BB0000
|
heap
|
page read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
218E000
|
stack
|
page read and write
|
||
|
1480000
|
trusted library allocation
|
page read and write
|
||
|
14D0000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
54C0000
|
trusted library allocation
|
page read and write
|
||
|
2CFF000
|
stack
|
page read and write
|
||
|
2D40000
|
heap
|
page execute and read and write
|
||
|
4770000
|
trusted library allocation
|
page read and write
|
||
|
EC6000
|
heap
|
page read and write
|
||
|
2A07000
|
heap
|
page read and write
|
||
|
3AE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
9FF1000
|
trusted library allocation
|
page read and write
|
||
|
181E000
|
unkown
|
page execute read
|
||
|
97000
|
stack
|
page read and write
|
||
|
165F000
|
stack
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
D36000
|
heap
|
page read and write
|
||
|
E3D000
|
heap
|
page read and write
|
||
|
1FA9000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
E2B000
|
heap
|
page read and write
|
||
|
E7C000
|
heap
|
page read and write
|
||
|
482C000
|
direct allocation
|
page read and write
|
||
|
584F000
|
stack
|
page read and write
|
||
|
6100000
|
heap
|
page read and write
|
||
|
2A07000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
35D0000
|
heap
|
page read and write
|
||
|
E83000
|
heap
|
page read and write
|
||
|
4BBB000
|
heap
|
page read and write
|
||
|
1EA0000
|
trusted library allocation
|
page read and write
|
||
|
2A09000
|
heap
|
page read and write
|
||
|
2F4D000
|
stack
|
page read and write
|
||
|
1EB7000
|
trusted library allocation
|
page execute and read and write
|
||
|
E2A000
|
heap
|
page read and write
|
||
|
1B57000
|
stack
|
page read and write
|
||
|
908E000
|
stack
|
page read and write
|
||
|
2D9E000
|
trusted library allocation
|
page read and write
|
||
|
E76000
|
heap
|
page read and write
|
||
|
54C7000
|
trusted library allocation
|
page read and write
|
||
|
11EE000
|
stack
|
page read and write
|
||
|
2A31000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
E7B000
|
heap
|
page read and write
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
14B0000
|
trusted library allocation
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
30DF000
|
stack
|
page read and write
|
||
|
E3D000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
56C1000
|
trusted library allocation
|
page read and write
|
||
|
2A09000
|
heap
|
page read and write
|
||
|
FCE000
|
unkown
|
page read and write
|
||
|
E3D000
|
heap
|
page read and write
|
||
|
53D1000
|
heap
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
1F44000
|
heap
|
page read and write
|
||
|
1D35000
|
heap
|
page read and write
|
||
|
6EDF1000
|
unkown
|
page execute read
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
1364000
|
heap
|
page read and write
|
||
|
53B0000
|
trusted library allocation
|
page read and write
|
||
|
4862000
|
direct allocation
|
page read and write
|
||
|
E94000
|
heap
|
page read and write
|
||
|
1F3B000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
6090000
|
heap
|
page execute and read and write
|
||
|
2A0C000
|
heap
|
page read and write
|
||
|
2F4E000
|
stack
|
page read and write
|
||
|
B7E000
|
stack
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
5416000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
54BC000
|
stack
|
page read and write
|
||
|
6D71000
|
direct allocation
|
page read and write
|
||
|
1E84000
|
trusted library allocation
|
page read and write
|
||
|
3C2E000
|
stack
|
page read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
E6C000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
E75000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
38D1000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
92CE000
|
stack
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
E17000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
4CDE000
|
stack
|
page read and write
|
||
|
48AC000
|
direct allocation
|
page read and write
|
||
|
1E40000
|
heap
|
page read and write
|
||
|
6EE0D000
|
unkown
|
page read and write
|
||
|
1F91000
|
heap
|
page read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
1E70000
|
trusted library allocation
|
page read and write
|
||
|
1EB0000
|
trusted library allocation
|
page read and write
|
||
|
744000
|
unkown
|
page read and write
|
||
|
1F1E000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
109F1000
|
trusted library allocation
|
page read and write
|
||
|
8BE6000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
48BA000
|
direct allocation
|
page read and write
|
||
|
2A11000
|
heap
|
page read and write
|
||
|
E6A000
|
heap
|
page read and write
|
||
|
E2B000
|
heap
|
page read and write
|
||
|
55B9000
|
stack
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
E66000
|
heap
|
page read and write
|
||
|
2D60000
|
trusted library allocation
|
page read and write
|
||
|
E88000
|
heap
|
page read and write
|
||
|
940C000
|
stack
|
page read and write
|
||
|
33C0000
|
heap
|
page read and write
|
||
|
47D2000
|
direct allocation
|
page read and write
|
||
|
91CE000
|
stack
|
page read and write
|
||
|
1E3E000
|
stack
|
page read and write
|
||
|
29C2000
|
heap
|
page read and write
|
||
|
6EDF0000
|
unkown
|
page readonly
|
||
|
1483000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C90000
|
heap
|
page read and write
|
||
|
4631000
|
heap
|
page read and write
|
||
|
E9A000
|
heap
|
page read and write
|
||
|
4B6E000
|
stack
|
page read and write
|
||
|
53CF000
|
stack
|
page read and write
|
||
|
E08000
|
heap
|
page read and write
|
||
|
1470000
|
trusted library allocation
|
page read and write
|
||
|
E56000
|
heap
|
page read and write
|
||
|
221E000
|
unkown
|
page execute read
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
214E000
|
stack
|
page read and write
|
||
|
E96000
|
heap
|
page read and write
|
||
|
1EF0000
|
trusted library allocation
|
page read and write
|
||
|
2E7D000
|
stack
|
page read and write
|
||
|
8271000
|
trusted library allocation
|
page read and write
|
||
|
3134000
|
heap
|
page read and write
|
||
|
16D0000
|
heap
|
page read and write
|
||
|
2D10000
|
heap
|
page read and write
|
||
|
E5B000
|
heap
|
page read and write
|
||
|
E88000
|
heap
|
page read and write
|
||
|
ECD000
|
heap
|
page read and write
|
||
|
8DCE000
|
stack
|
page read and write
|
||
|
6110000
|
heap
|
page read and write
|
||
|
918E000
|
stack
|
page read and write
|
||
|
E7C000
|
heap
|
page read and write
|
||
|
2D30000
|
trusted library allocation
|
page execute and read and write
|
||
|
48A4000
|
direct allocation
|
page read and write
|
||
|
2A13000
|
heap
|
page read and write
|
||
|
6810000
|
trusted library allocation
|
page read and write
|
||
|
2FFC000
|
heap
|
page read and write
|
||
|
4765000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
E5E000
|
heap
|
page read and write
|
||
|
B73000
|
stack
|
page read and write
|
||
|
294A000
|
unkown
|
page readonly
|
||
|
E5E000
|
heap
|
page read and write
|
||
|
29EE000
|
heap
|
page read and write
|
||
|
4630000
|
heap
|
page read and write
|
||
|
4878000
|
direct allocation
|
page read and write
|
||
|
E5E000
|
heap
|
page read and write
|
||
|
12E1000
|
heap
|
page read and write
|
||
|
612000
|
unkown
|
page readonly
|
||
|
698E000
|
stack
|
page read and write
|
||
|
29DD000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
5425000
|
heap
|
page read and write
|
||
|
34C0000
|
heap
|
page read and write
|
||
|
6EE0F000
|
unkown
|
page readonly
|
||
|
75A000
|
unkown
|
page read and write
|
||
|
1A5B000
|
stack
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
480E000
|
direct allocation
|
page read and write
|
||
|
2BCD000
|
stack
|
page read and write
|
||
|
1493000
|
trusted library allocation
|
page read and write
|
||
|
6D81000
|
direct allocation
|
page read and write
|
||
|
355E000
|
stack
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
5424000
|
heap
|
page read and write
|
||
|
30CE000
|
stack
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
E7C000
|
heap
|
page read and write
|
||
|
35DC000
|
heap
|
page read and write
|
||
|
397F000
|
heap
|
page read and write
|
||
|
47C9000
|
direct allocation
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
53B9000
|
trusted library allocation
|
page read and write
|
||
|
E8F000
|
heap
|
page read and write
|
||
|
118D000
|
unkown
|
page execute read
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
B82000
|
unkown
|
page readonly
|
||
|
4AF0000
|
heap
|
page read and write
|
||
|
47F9000
|
direct allocation
|
page read and write
|
||
|
EBB000
|
heap
|
page read and write
|
||
|
21F0000
|
heap
|
page read and write
|
||
|
E93000
|
heap
|
page read and write
|
||
|
1277000
|
heap
|
page read and write
|
||
|
10E5000
|
heap
|
page read and write
|
||
|
330F000
|
unkown
|
page read and write
|
||
|
E94000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
E7E000
|
heap
|
page read and write
|
||
|
1FF7000
|
heap
|
page read and write
|
||
|
E5B000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
E9A000
|
heap
|
page read and write
|
||
|
95F1000
|
trusted library allocation
|
page read and write
|
||
|
2AEE000
|
stack
|
page read and write
|
||
|
33D0000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
258D000
|
unkown
|
page execute read
|
||
|
D7E000
|
stack
|
page read and write
|
||
|
75F000
|
unkown
|
page readonly
|
||
|
294A000
|
unkown
|
page readonly
|
||
|
4770000
|
trusted library allocation
|
page read and write
|
||
|
2A0F000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
E63000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
E7F000
|
heap
|
page read and write
|
||
|
78D000
|
unkown
|
page execute read
|
||
|
E7E000
|
heap
|
page read and write
|
||
|
E1E000
|
heap
|
page read and write
|
||
|
2A19000
|
heap
|
page read and write
|
||
|
5A70000
|
trusted library allocation
|
page read and write
|
||
|
B80000
|
unkown
|
page readonly
|
||
|
2A07000
|
heap
|
page read and write
|
||
|
E04000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
484C000
|
direct allocation
|
page read and write
|
||
|
694F000
|
stack
|
page read and write
|
||
|
2F43000
|
trusted library allocation
|
page read and write
|
||
|
2A31000
|
heap
|
page read and write
|
||
|
E2B000
|
heap
|
page read and write
|
||
|
1475000
|
trusted library allocation
|
page read and write
|
||
|
3936000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
898F000
|
stack
|
page read and write
|
||
|
2A18000
|
heap
|
page read and write
|
||
|
56A0000
|
heap
|
page execute and read and write
|
||
|
5420000
|
heap
|
page read and write
|
||
|
E66000
|
heap
|
page read and write
|
||
|
2A0C000
|
heap
|
page read and write
|
||
|
3110000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
C271000
|
trusted library allocation
|
page read and write
|
||
|
8BA2000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
34EF000
|
unkown
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
5C26000
|
trusted library allocation
|
page read and write
|
||
|
E96000
|
heap
|
page read and write
|
||
|
E91000
|
heap
|
page read and write
|
||
|
3A9E000
|
stack
|
page read and write
|
||
|
48C8000
|
direct allocation
|
page read and write
|
||
|
4D80000
|
heap
|
page read and write
|
||
|
2A09000
|
heap
|
page read and write
|
||
|
5424000
|
heap
|
page read and write
|
||
|
E2A000
|
heap
|
page read and write
|
||
|
E2A000
|
heap
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
EC6000
|
heap
|
page read and write
|
||
|
6C85000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4834000
|
direct allocation
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
F57000
|
stack
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
6BCF000
|
stack
|
page read and write
|
||
|
E8F000
|
heap
|
page read and write
|
||
|
D870000
|
trusted library section
|
page read and write
|
||
|
EBB000
|
heap
|
page read and write
|
||
|
3975000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
E7E000
|
heap
|
page read and write
|
||
|
3510000
|
heap
|
page read and write
|
||
|
12E8000
|
heap
|
page read and write
|
||
|
E72000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
E2A000
|
heap
|
page read and write
|
||
|
FFDF0000
|
direct allocation
|
page read and write
|
||
|
E5B000
|
heap
|
page read and write
|
||
|
14E0000
|
heap
|
page read and write
|
||
|
E9A000
|
heap
|
page read and write
|
||
|
14BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
8BB0000
|
heap
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
EBB000
|
heap
|
page read and write
|
||
|
29A0000
|
heap
|
page read and write
|
||
|
6EE06000
|
unkown
|
page readonly
|
||
|
E28000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
930B000
|
stack
|
page read and write
|
||
|
E17000
|
heap
|
page read and write
|
||
|
E8A000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
E88000
|
heap
|
page read and write
|
||
|
148D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A0C000
|
heap
|
page read and write
|
||
|
5420000
|
heap
|
page read and write
|
||
|
E558000
|
trusted library section
|
page read and write
|
||
|
E76000
|
heap
|
page read and write
|
||
|
EBC000
|
heap
|
page read and write
|
||
|
55FE000
|
stack
|
page read and write
|
||
|
8F0E000
|
stack
|
page read and write
|
||
|
E69000
|
heap
|
page read and write
|
||
|
2A0F000
|
heap
|
page read and write
|
||
|
E77000
|
heap
|
page read and write
|
||
|
53F0000
|
heap
|
page read and write
|
||
|
5413000
|
heap
|
page read and write
|
||
|
29F2000
|
heap
|
page read and write
|
||
|
47E0000
|
direct allocation
|
page read and write
|
||
|
4760000
|
heap
|
page read and write
|
||
|
EBB000
|
heap
|
page read and write
|
||
|
53D0000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
E21000
|
heap
|
page read and write
|
||
|
134E000
|
heap
|
page read and write
|
||
|
1F00000
|
trusted library allocation
|
page read and write
|
||
|
2BEE000
|
unkown
|
page read and write
|
||
|
21F7000
|
heap
|
page read and write
|
||
|
1E83000
|
trusted library allocation
|
page execute and read and write
|
||
|
E26000
|
heap
|
page read and write
|
||
|
E8F000
|
heap
|
page read and write
|
||
|
1EBB000
|
trusted library allocation
|
page execute and read and write
|
||
|
680F000
|
stack
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
5426000
|
heap
|
page read and write
|
||
|
1EAA000
|
trusted library allocation
|
page execute and read and write
|
||
|
ECD000
|
heap
|
page read and write
|
||
|
3133000
|
heap
|
page read and write
|
||
|
3188000
|
heap
|
page read and write
|
||
|
210F000
|
stack
|
page read and write
|
||
|
E56000
|
heap
|
page read and write
|
||
|
5410000
|
trusted library allocation
|
page read and write
|
||
|
E0E000
|
heap
|
page read and write
|
||
|
32FB000
|
stack
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
2F7E000
|
unkown
|
page read and write
|
||
|
E18000
|
heap
|
page read and write
|
||
|
21DE000
|
stack
|
page read and write
|
||
|
B7B000
|
stack
|
page read and write
|
||
|
1774000
|
unkown
|
page readonly
|
||
|
EBB000
|
heap
|
page read and write
|
||
|
EC57000
|
trusted library allocation
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
6261000
|
trusted library allocation
|
page read and write
|
||
|
6CC5000
|
direct allocation
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
EBB000
|
heap
|
page read and write
|
||
|
E95000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
E75000
|
heap
|
page read and write
|
||
|
E83000
|
heap
|
page read and write
|
||
|
14B2000
|
trusted library allocation
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
47BA000
|
direct allocation
|
page read and write
|
||
|
1D1E000
|
stack
|
page read and write
|
||
|
1ED0000
|
trusted library allocation
|
page read and write
|
||
|
ECD000
|
heap
|
page read and write
|
||
|
9470000
|
trusted library allocation
|
page execute and read and write
|
||
|
E61000
|
heap
|
page read and write
|
||
|
FFC40000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
E5A000
|
stack
|
page read and write
|
||
|
2F50000
|
heap
|
page read and write
|
||
|
29EB000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
3AF0000
|
trusted library allocation
|
page read and write
|
||
|
33BF000
|
stack
|
page read and write
|
||
|
8990000
|
heap
|
page read and write
|
||
|
29CD000
|
heap
|
page read and write
|
||
|
E94000
|
heap
|
page read and write
|
||
|
29E5000
|
heap
|
page read and write
|
||
|
8B90000
|
heap
|
page read and write
|
||
|
53C0000
|
trusted library allocation
|
page read and write
|
||
|
2D9A000
|
trusted library allocation
|
page read and write
|
||
|
EBB000
|
heap
|
page read and write
|
||
|
2CCE000
|
stack
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
E8B000
|
heap
|
page read and write
|
||
|
E6B000
|
heap
|
page read and write
|
||
|
B871000
|
trusted library allocation
|
page read and write
|
||
|
14AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B8D000
|
unkown
|
page execute read
|
||
|
5B00000
|
trusted library allocation
|
page execute and read and write
|
||
|
462F000
|
stack
|
page read and write
|
||
|
E65000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
34D0000
|
heap
|
page read and write
|
||
|
33E0000
|
heap
|
page read and write
|
||
|
5C62000
|
trusted library allocation
|
page read and write
|
||
|
E77000
|
heap
|
page read and write
|
||
|
E2A000
|
heap
|
page read and write
|
||
|
CFD000
|
unkown
|
page read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
2D92000
|
trusted library allocation
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
787000
|
unkown
|
page read and write
|
||
|
4B00000
|
direct allocation
|
page execute and read and write
|
||
|
3180000
|
heap
|
page read and write
|
||
|
4888000
|
direct allocation
|
page read and write
|
||
|
2D80000
|
trusted library allocation
|
page read and write
|
||
|
1490000
|
trusted library allocation
|
page read and write
|
||
|
EBE000
|
heap
|
page read and write
|
||
|
1F52000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
E17000
|
heap
|
page read and write
|
||
|
506E000
|
stack
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
14A0000
|
trusted library allocation
|
page read and write
|
||
|
D05000
|
heap
|
page read and write
|
||
|
10CF000
|
stack
|
page read and write
|
||
|
E3F000
|
heap
|
page read and write
|
||
|
E93000
|
heap
|
page read and write
|
||
|
684E000
|
stack
|
page read and write
|
||
|
8CCD000
|
stack
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
904E000
|
stack
|
page read and write
|
||
|
E6A000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6A8F000
|
stack
|
page read and write
|
||
|
94BD000
|
stack
|
page read and write
|
||
|
E6D000
|
heap
|
page read and write
|
||
|
8B9C000
|
heap
|
page read and write
|
||
|
95EF000
|
stack
|
page read and write
|
||
|
6C61000
|
trusted library allocation
|
page read and write
|
||
|
2A11000
|
heap
|
page read and write
|
||
|
762000
|
unkown
|
page execute read
|
||
|
2A11000
|
heap
|
page read and write
|
||
|
E7B000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
4800000
|
direct allocation
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
47CB000
|
direct allocation
|
page read and write
|
||
|
734000
|
unkown
|
page read and write
|
||
|
E7E000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
383F000
|
heap
|
page read and write
|
||
|
E270000
|
trusted library section
|
page read and write
|
||
|
E64000
|
heap
|
page read and write
|
||
|
1F10000
|
heap
|
page read and write
|
||
|
5AE0000
|
heap
|
page read and write
|
||
|
2D4B000
|
heap
|
page read and write
|
||
|
5414000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
2D70000
|
trusted library allocation
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
E79000
|
heap
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
2D8B000
|
trusted library allocation
|
page read and write
|
||
|
8F4E000
|
stack
|
page read and write
|
||
|
F657000
|
trusted library allocation
|
page read and write
|
||
|
E93000
|
heap
|
page read and write
|
||
|
1EB2000
|
trusted library allocation
|
page read and write
|
||
|
5420000
|
trusted library allocation
|
page read and write
|
||
|
EBB000
|
heap
|
page read and write
|
||
|
8B99000
|
heap
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
E5E000
|
heap
|
page read and write
|
||
|
E5E000
|
heap
|
page read and write
|
||
|
E94000
|
heap
|
page read and write
|
||
|
E91000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
4CC1000
|
trusted library allocation
|
page read and write
|
||
|
E3D000
|
heap
|
page read and write
|
||
|
19B000
|
stack
|
page read and write
|
||
|
1D30000
|
heap
|
page read and write
|
||
|
E3D000
|
heap
|
page read and write
|
||
|
29B0000
|
heap
|
page read and write
|
||
|
4E90000
|
heap
|
page read and write
|
||
|
E2A000
|
heap
|
page read and write
|
||
|
6CD6000
|
direct allocation
|
page read and write
|
||
|
E1B000
|
heap
|
page read and write
|
||
|
EBB000
|
heap
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
2BA0000
|
heap
|
page read and write
|
||
|
47E7000
|
direct allocation
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
21E0000
|
heap
|
page read and write
|
There are 667 hidden memdumps, click here to show them.