Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
dkFx5VWeuM.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\dkFx5VWeuM.exe.log
|
ASCII text, with CRLF line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\435e5d62355646e5495fb86b5a8982b6.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\435e5d62355646e5495fb86b5a8982b6.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\svchost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\svchost.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\svchost.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\dkFx5VWeuM.exe
|
"C:\Users\user\Desktop\dkFx5VWeuM.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\svchost.exe
|
"C:\Users\user\AppData\Roaming\svchost.exe"
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\AppData\Roaming\svchost.exe" "svchost.exe" ENABLE
|
|
|
|
C:\Users\user\AppData\Roaming\svchost.exe
|
"C:\Users\user\AppData\Roaming\svchost.exe" ..
|
|
|
|
C:\Users\user\AppData\Roaming\svchost.exe
|
"C:\Users\user\AppData\Roaming\svchost.exe" ..
|
|
|
|
C:\Users\user\AppData\Roaming\svchost.exe
|
"C:\Users\user\AppData\Roaming\svchost.exe" ..
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalService -p -s LicenseManager
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://go.microsoft.
|
unknown
|
||
|
https://dl.dropbox.com/s/p84aaz28t0hepul/Pass.exe?dl=0
|
unknown
|
||
|
http://go.microsoft.LinkId=42127
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
45.83.207.67
|
unknown
|
Netherlands
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER
|
di
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
435e5d62355646e5495fb86b5a8982b6
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
|
435e5d62355646e5495fb86b5a8982b6
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
C82000
|
unkown
|
page readonly
|
|
|
|
3241000
|
trusted library allocation
|
page read and write
|
|
|
|
89A000
|
heap
|
page read and write
|
||
|
8A6000
|
heap
|
page read and write
|
||
|
4C54000
|
trusted library allocation
|
page read and write
|
||
|
5E60000
|
trusted library allocation
|
page read and write
|
||
|
1380000
|
trusted library allocation
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
1A10000
|
heap
|
page read and write
|
||
|
FF0000
|
heap
|
page execute and read and write
|
||
|
FCE000
|
stack
|
page read and write
|
||
|
1101000
|
heap
|
page read and write
|
||
|
C5A000
|
heap
|
page read and write
|
||
|
8F8000
|
heap
|
page read and write
|
||
|
5D2E000
|
stack
|
page read and write
|
||
|
13A2000
|
trusted library allocation
|
page execute and read and write
|
||
|
166E000
|
stack
|
page read and write
|
||
|
3C51000
|
trusted library allocation
|
page read and write
|
||
|
15CE000
|
stack
|
page read and write
|
||
|
8EF000
|
heap
|
page read and write
|
||
|
4267000
|
trusted library allocation
|
page read and write
|
||
|
26801A13000
|
heap
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
A18000
|
heap
|
page read and write
|
||
|
35B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
16CF000
|
stack
|
page read and write
|
||
|
36EE000
|
trusted library allocation
|
page read and write
|
||
|
1382000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C4F000
|
stack
|
page read and write
|
||
|
93B000
|
stack
|
page read and write
|
||
|
857000
|
heap
|
page read and write
|
||
|
2DEE000
|
stack
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
5E70000
|
trusted library allocation
|
page execute and read and write
|
||
|
104F000
|
heap
|
page read and write
|
||
|
5750000
|
trusted library allocation
|
page execute and read and write
|
||
|
44D4000
|
trusted library allocation
|
page read and write
|
||
|
5FAE000
|
stack
|
page read and write
|
||
|
A15000
|
heap
|
page read and write
|
||
|
30FE000
|
stack
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
62EE000
|
stack
|
page read and write
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
D32967D000
|
stack
|
page read and write
|
||
|
88F000
|
heap
|
page read and write
|
||
|
122E000
|
heap
|
page read and write
|
||
|
173A000
|
trusted library allocation
|
page execute and read and write
|
||
|
3841000
|
trusted library allocation
|
page read and write
|
||
|
8A5000
|
heap
|
page read and write
|
||
|
894000
|
heap
|
page read and write
|
||
|
2B6B000
|
trusted library allocation
|
page execute and read and write
|
||
|
DDE000
|
stack
|
page read and write
|
||
|
847000
|
heap
|
page read and write
|
||
|
876000
|
heap
|
page read and write
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
1BDA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1253000
|
heap
|
page read and write
|
||
|
8F5000
|
heap
|
page read and write
|
||
|
2B67000
|
trusted library allocation
|
page execute and read and write
|
||
|
86F000
|
heap
|
page read and write
|
||
|
86D000
|
heap
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
89A000
|
heap
|
page read and write
|
||
|
3844000
|
trusted library allocation
|
page read and write
|
||
|
26801B02000
|
heap
|
page read and write
|
||
|
891000
|
heap
|
page read and write
|
||
|
2B47000
|
trusted library allocation
|
page execute and read and write
|
||
|
44AE000
|
trusted library allocation
|
page read and write
|
||
|
5E3C000
|
stack
|
page read and write
|
||
|
2B32000
|
trusted library allocation
|
page execute and read and write
|
||
|
125B000
|
stack
|
page read and write
|
||
|
1372000
|
trusted library allocation
|
page execute and read and write
|
||
|
606E000
|
stack
|
page read and write
|
||
|
1610000
|
heap
|
page read and write
|
||
|
5D3B000
|
stack
|
page read and write
|
||
|
155E000
|
stack
|
page read and write
|
||
|
897000
|
heap
|
page read and write
|
||
|
26801A2B000
|
heap
|
page read and write
|
||
|
4CDA000
|
heap
|
page read and write
|
||
|
3601000
|
heap
|
page execute and read and write
|
||
|
84D000
|
heap
|
page read and write
|
||
|
2C01000
|
heap
|
page execute and read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
2B40000
|
trusted library allocation
|
page read and write
|
||
|
5410000
|
trusted library allocation
|
page read and write
|
||
|
8AC000
|
heap
|
page read and write
|
||
|
1401000
|
heap
|
page read and write
|
||
|
2BFC000
|
stack
|
page read and write
|
||
|
1001000
|
heap
|
page read and write
|
||
|
4CCB000
|
heap
|
page read and write
|
||
|
35BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
5E2F000
|
stack
|
page read and write
|
||
|
C41000
|
heap
|
page read and write
|
||
|
1B60000
|
heap
|
page execute and read and write
|
||
|
2F01000
|
heap
|
page read and write
|
||
|
35FE000
|
stack
|
page read and write
|
||
|
57CE000
|
stack
|
page read and write
|
||
|
8A8000
|
heap
|
page read and write
|
||
|
133F000
|
stack
|
page read and write
|
||
|
62AE000
|
stack
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
174C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FB000
|
stack
|
page read and write
|
||
|
8AB000
|
heap
|
page read and write
|
||
|
86C000
|
heap
|
page read and write
|
||
|
898000
|
heap
|
page read and write
|
||
|
42BD000
|
trusted library allocation
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
C80000
|
unkown
|
page readonly
|
||
|
1801000
|
heap
|
page read and write
|
||
|
5BCE000
|
stack
|
page read and write
|
||
|
5D30000
|
heap
|
page read and write
|
||
|
5CD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F3000
|
stack
|
page read and write
|
||
|
85A000
|
heap
|
page read and write
|
||
|
855000
|
heap
|
page read and write
|
||
|
1BEC000
|
trusted library allocation
|
page execute and read and write
|
||
|
561C000
|
stack
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
53DE000
|
stack
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
80B000
|
heap
|
page read and write
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
15B0000
|
trusted library allocation
|
page read and write
|
||
|
1021000
|
heap
|
page read and write
|
||
|
1052000
|
heap
|
page read and write
|
||
|
1360000
|
trusted library allocation
|
page read and write
|
||
|
7F920000
|
trusted library allocation
|
page execute and read and write
|
||
|
5F4E000
|
stack
|
page read and write
|
||
|
4B4E000
|
stack
|
page read and write
|
||
|
4311000
|
trusted library allocation
|
page read and write
|
||
|
594E000
|
stack
|
page read and write
|
||
|
8A8000
|
heap
|
page read and write
|
||
|
5B8F000
|
stack
|
page read and write
|
||
|
8EF000
|
heap
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
897000
|
heap
|
page read and write
|
||
|
8FC000
|
heap
|
page read and write
|
||
|
8B2000
|
heap
|
page read and write
|
||
|
84A000
|
heap
|
page read and write
|
||
|
55DE000
|
stack
|
page read and write
|
||
|
3444000
|
trusted library allocation
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
1402000
|
heap
|
page read and write
|
||
|
1BE2000
|
trusted library allocation
|
page execute and read and write
|
||
|
5F2E000
|
stack
|
page read and write
|
||
|
3301000
|
heap
|
page read and write
|
||
|
D32977E000
|
unkown
|
page readonly
|
||
|
897000
|
heap
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
26801980000
|
trusted library allocation
|
page read and write
|
||
|
1770000
|
trusted library allocation
|
page read and write
|
||
|
1600000
|
heap
|
page read and write
|
||
|
26802202000
|
trusted library allocation
|
page read and write
|
||
|
44B0000
|
trusted library allocation
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
4CD8000
|
heap
|
page read and write
|
||
|
1A5E000
|
stack
|
page read and write
|
||
|
585D000
|
stack
|
page read and write
|
||
|
1777000
|
trusted library allocation
|
page execute and read and write
|
||
|
4444000
|
trusted library allocation
|
page read and write
|
||
|
1BC0000
|
trusted library allocation
|
page read and write
|
||
|
602E000
|
stack
|
page read and write
|
||
|
117D000
|
heap
|
page read and write
|
||
|
5590000
|
heap
|
page read and write
|
||
|
2EFE000
|
stack
|
page read and write
|
||
|
A26000
|
heap
|
page read and write
|
||
|
5760000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1720000
|
heap
|
page execute and read and write
|
||
|
FDE000
|
stack
|
page read and write
|
||
|
836000
|
heap
|
page read and write
|
||
|
D329F7E000
|
unkown
|
page readonly
|
||
|
5420000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B3A000
|
trusted library allocation
|
page execute and read and write
|
||
|
145F000
|
stack
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
2E01000
|
heap
|
page execute and read and write
|
||
|
8AB000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
5D0E000
|
stack
|
page read and write
|
||
|
1701000
|
heap
|
page read and write
|
||
|
571F000
|
stack
|
page read and write
|
||
|
84A000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
1012000
|
heap
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
3EE000
|
stack
|
page read and write
|
||
|
C6B000
|
heap
|
page read and write
|
||
|
1285000
|
heap
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
58C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
13B0000
|
trusted library allocation
|
page read and write
|
||
|
CC6000
|
heap
|
page read and write
|
||
|
17BE000
|
stack
|
page read and write
|
||
|
8FB000
|
heap
|
page read and write
|
||
|
597E000
|
stack
|
page read and write
|
||
|
D01000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
5A8D000
|
stack
|
page read and write
|
||
|
B36000
|
heap
|
page read and write
|
||
|
8FA000
|
heap
|
page read and write
|
||
|
8D1000
|
heap
|
page read and write
|
||
|
111A000
|
heap
|
page read and write
|
||
|
2B60000
|
trusted library allocation
|
page read and write
|
||
|
858000
|
heap
|
page read and write
|
||
|
88F000
|
heap
|
page read and write
|
||
|
4CC3000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
2B52000
|
trusted library allocation
|
page execute and read and write
|
||
|
D329E7D000
|
stack
|
page read and write
|
||
|
133F000
|
stack
|
page read and write
|
||
|
43BF000
|
trusted library allocation
|
page read and write
|
||
|
CF6000
|
heap
|
page read and write
|
||
|
847000
|
heap
|
page read and write
|
||
|
85B000
|
heap
|
page read and write
|
||
|
1501000
|
heap
|
page read and write
|
||
|
4CCB000
|
heap
|
page read and write
|
||
|
1562000
|
trusted library allocation
|
page execute and read and write
|
||
|
568E000
|
stack
|
page read and write
|
||
|
5740000
|
trusted library allocation
|
page read and write
|
||
|
31E0000
|
trusted library allocation
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
EF6000
|
stack
|
page read and write
|
||
|
9F0000
|
heap
|
page execute and read and write
|
||
|
31F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8EF000
|
heap
|
page read and write
|
||
|
38FE000
|
stack
|
page read and write
|
||
|
EF9000
|
stack
|
page read and write
|
||
|
157A000
|
trusted library allocation
|
page execute and read and write
|
||
|
8F1000
|
heap
|
page read and write
|
||
|
CCC000
|
heap
|
page read and write
|
||
|
54DC000
|
stack
|
page read and write
|
||
|
575C000
|
stack
|
page read and write
|
||
|
86C000
|
heap
|
page read and write
|
||
|
858000
|
heap
|
page read and write
|
||
|
4241000
|
trusted library allocation
|
page read and write
|
||
|
3544000
|
trusted library allocation
|
page read and write
|
||
|
126A000
|
heap
|
page read and write
|
||
|
8A3000
|
heap
|
page read and write
|
||
|
939000
|
stack
|
page read and write
|
||
|
123A000
|
heap
|
page read and write
|
||
|
61AE000
|
stack
|
page read and write
|
||
|
16C0000
|
trusted library allocation
|
page read and write
|
||
|
13BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
4CC5000
|
heap
|
page read and write
|
||
|
7DD000
|
stack
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
8F1000
|
heap
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
3701000
|
heap
|
page read and write
|
||
|
2B2A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B10000
|
trusted library allocation
|
page read and write
|
||
|
5E01000
|
heap
|
page read and write
|
||
|
4844000
|
trusted library allocation
|
page read and write
|
||
|
86D000
|
heap
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
C84000
|
heap
|
page read and write
|
||
|
AFE000
|
stack
|
page read and write
|
||
|
8AD000
|
heap
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
5A4F000
|
stack
|
page read and write
|
||
|
1732000
|
trusted library allocation
|
page execute and read and write
|
||
|
88F000
|
heap
|
page read and write
|
||
|
4CD7000
|
heap
|
page read and write
|
||
|
31DE000
|
stack
|
page read and write
|
||
|
5CCE000
|
stack
|
page read and write
|
||
|
C8C000
|
unkown
|
page readonly
|
||
|
111E000
|
heap
|
page read and write
|
||
|
137A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4313000
|
trusted library allocation
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
8F3000
|
heap
|
page read and write
|
||
|
26801A02000
|
heap
|
page read and write
|
||
|
3FE000
|
stack
|
page read and write
|
||
|
8EF000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
1BE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
58CE000
|
stack
|
page read and write
|
||
|
8FE000
|
heap
|
page read and write
|
||
|
89A000
|
heap
|
page read and write
|
||
|
590E000
|
stack
|
page read and write
|
||
|
102E000
|
heap
|
page read and write
|
||
|
8AB000
|
heap
|
page read and write
|
||
|
16A0000
|
heap
|
page read and write
|
||
|
8F9000
|
heap
|
page read and write
|
||
|
2B62000
|
trusted library allocation
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
561E000
|
stack
|
page read and write
|
||
|
1742000
|
trusted library allocation
|
page execute and read and write
|
||
|
846000
|
heap
|
page read and write
|
||
|
1572000
|
trusted library allocation
|
page execute and read and write
|
||
|
138C000
|
trusted library allocation
|
page execute and read and write
|
||
|
46B0000
|
heap
|
page read and write
|
||
|
5ABE000
|
stack
|
page read and write
|
||
|
163B000
|
heap
|
page read and write
|
||
|
15A0000
|
heap
|
page read and write
|
||
|
35B0000
|
trusted library allocation
|
page read and write
|
||
|
755000
|
heap
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
C2C000
|
heap
|
page read and write
|
||
|
59DE000
|
stack
|
page read and write
|
||
|
8EF000
|
heap
|
page read and write
|
||
|
85A000
|
heap
|
page read and write
|
||
|
374B000
|
trusted library allocation
|
page read and write
|
||
|
1612000
|
heap
|
page read and write
|
||
|
839000
|
heap
|
page read and write
|
||
|
190E000
|
stack
|
page read and write
|
||
|
855000
|
heap
|
page read and write
|
||
|
8F7000
|
heap
|
page read and write
|
||
|
15BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
897000
|
heap
|
page read and write
|
||
|
1630000
|
heap
|
page read and write
|
||
|
1251000
|
heap
|
page read and write
|
||
|
84D000
|
heap
|
page read and write
|
||
|
5CCF000
|
stack
|
page read and write
|
||
|
89F000
|
heap
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
2D01000
|
heap
|
page read and write
|
||
|
2B5A000
|
trusted library allocation
|
page execute and read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
5E0F000
|
stack
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
85A000
|
heap
|
page read and write
|
||
|
2BAE000
|
stack
|
page read and write
|
||
|
3449000
|
trusted library allocation
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
26801A22000
|
heap
|
page read and write
|
||
|
16E0000
|
heap
|
page read and write
|
||
|
1C01000
|
heap
|
page read and write
|
||
|
3C54000
|
trusted library allocation
|
page read and write
|
||
|
616E000
|
stack
|
page read and write
|
||
|
578E000
|
stack
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
3311000
|
trusted library allocation
|
page read and write
|
||
|
876000
|
heap
|
page read and write
|
||
|
4CD9000
|
heap
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
1901000
|
heap
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3441000
|
trusted library allocation
|
page read and write
|
||
|
5BCE000
|
stack
|
page read and write
|
||
|
4C51000
|
trusted library allocation
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
1654000
|
heap
|
page read and write
|
||
|
1002000
|
heap
|
page read and write
|
||
|
177B000
|
trusted library allocation
|
page execute and read and write
|
||
|
4441000
|
trusted library allocation
|
page read and write
|
||
|
1356000
|
stack
|
page read and write
|
||
|
5719000
|
stack
|
page read and write
|
||
|
4CCC000
|
heap
|
page read and write
|
||
|
F9E000
|
stack
|
page read and write
|
||
|
156A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1212000
|
heap
|
page read and write
|
||
|
1762000
|
trusted library allocation
|
page execute and read and write
|
||
|
1101000
|
heap
|
page read and write
|
||
|
1746000
|
trusted library allocation
|
page execute and read and write
|
||
|
59E0000
|
trusted library allocation
|
page read and write
|
||
|
15B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
876000
|
heap
|
page read and write
|
||
|
5F00000
|
heap
|
page read and write
|
||
|
15FE000
|
stack
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
846000
|
heap
|
page read and write
|
||
|
1B5F000
|
stack
|
page read and write
|
||
|
58D0000
|
trusted library allocation
|
page read and write
|
||
|
114E000
|
heap
|
page read and write
|
||
|
1039000
|
heap
|
page read and write
|
||
|
4CCE000
|
heap
|
page read and write
|
||
|
8F5000
|
heap
|
page read and write
|
||
|
1BE0000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
1B80000
|
heap
|
page read and write
|
||
|
856000
|
heap
|
page read and write
|
||
|
855000
|
heap
|
page read and write
|
||
|
26801950000
|
heap
|
page read and write
|
||
|
898000
|
heap
|
page read and write
|
||
|
2B22000
|
trusted library allocation
|
page execute and read and write
|
||
|
CF6000
|
stack
|
page read and write
|
||
|
894000
|
heap
|
page read and write
|
||
|
58E0000
|
unclassified section
|
page read and write
|
||
|
26801A2E000
|
heap
|
page read and write
|
||
|
13FE000
|
stack
|
page read and write
|
||
|
1221000
|
heap
|
page read and write
|
||
|
54AE000
|
stack
|
page read and write
|
||
|
4CA0000
|
heap
|
page read and write
|
||
|
4415000
|
trusted library allocation
|
page read and write
|
||
|
1623000
|
heap
|
page read and write
|
||
|
13B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
CF9000
|
stack
|
page read and write
|
||
|
846000
|
heap
|
page read and write
|
||
|
353C000
|
trusted library allocation
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
C7A000
|
heap
|
page read and write
|
||
|
88F000
|
heap
|
page read and write
|
||
|
C0B000
|
heap
|
page read and write
|
||
|
1386000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BD2000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B4A000
|
trusted library allocation
|
page execute and read and write
|
||
|
10F6000
|
stack
|
page read and write
|
||
|
936000
|
stack
|
page read and write
|
||
|
1592000
|
trusted library allocation
|
page execute and read and write
|
||
|
8A8000
|
heap
|
page read and write
|
||
|
CD7000
|
heap
|
page read and write
|
||
|
5E80000
|
trusted library allocation
|
page read and write
|
||
|
3201000
|
heap
|
page execute and read and write
|
||
|
1A0F000
|
stack
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
5CFF000
|
stack
|
page read and write
|
||
|
C3B000
|
heap
|
page read and write
|
||
|
858000
|
heap
|
page read and write
|
||
|
5430000
|
trusted library allocation
|
page read and write
|
||
|
9FE000
|
unkown
|
page read and write
|
||
|
1301000
|
heap
|
page read and write
|
||
|
9EE000
|
stack
|
page read and write
|
||
|
1740000
|
trusted library allocation
|
page read and write
|
||
|
5EAE000
|
stack
|
page read and write
|
||
|
BBB000
|
stack
|
page read and write
|
||
|
446B000
|
trusted library allocation
|
page read and write
|
||
|
895000
|
heap
|
page read and write
|
||
|
123E000
|
stack
|
page read and write
|
||
|
5E4E000
|
stack
|
page read and write
|
||
|
63EE000
|
stack
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
4369000
|
trusted library allocation
|
page read and write
|
||
|
CED000
|
heap
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
157C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D01000
|
heap
|
page read and write
|
||
|
8A3000
|
heap
|
page read and write
|
||
|
876000
|
heap
|
page read and write
|
||
|
26801A00000
|
heap
|
page read and write
|
||
|
5BBE000
|
stack
|
page read and write
|
||
|
8F6000
|
heap
|
page read and write
|
||
|
849000
|
heap
|
page read and write
|
||
|
1280000
|
heap
|
page read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
857000
|
heap
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
2B50000
|
trusted library allocation
|
page read and write
|
||
|
4841000
|
trusted library allocation
|
page read and write
|
||
|
4CC2000
|
heap
|
page read and write
|
||
|
8A5000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
5B8E000
|
stack
|
page read and write
|
||
|
53E0000
|
heap
|
page read and write
|
||
|
10F9000
|
stack
|
page read and write
|
||
|
848000
|
heap
|
page read and write
|
||
|
FD0000
|
heap
|
page execute and read and write
|
||
|
E02000
|
heap
|
page read and write
|
||
|
5240000
|
trusted library allocation
|
page read and write
|
||
|
44B4000
|
trusted library allocation
|
page read and write
|
||
|
84A000
|
heap
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
55DB000
|
stack
|
page read and write
|
||
|
35A2000
|
trusted library allocation
|
page execute and read and write
|
||
|
5E30000
|
heap
|
page read and write
|
||
|
85B000
|
heap
|
page read and write
|
||
|
1720000
|
trusted library allocation
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
84A000
|
heap
|
page read and write
|
||
|
26801A43000
|
heap
|
page read and write
|
||
|
A28000
|
heap
|
page read and write
|
||
|
1650000
|
heap
|
page read and write
|
||
|
79D000
|
unkown
|
page read and write
|
||
|
896000
|
heap
|
page read and write
|
||
|
3FB000
|
stack
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
8A8000
|
heap
|
page read and write
|
||
|
5BFE000
|
stack
|
page read and write
|
||
|
A2E000
|
heap
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
85A000
|
heap
|
page read and write
|
||
|
17D0000
|
heap
|
page read and write
|
||
|
D1B000
|
stack
|
page read and write
|
||
|
1663000
|
heap
|
page read and write
|
||
|
5A7E000
|
stack
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
8A2000
|
heap
|
page read and write
|
||
|
1136000
|
heap
|
page read and write
|
||
|
86C000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
26801850000
|
heap
|
page read and write
|
||
|
4CCC000
|
heap
|
page read and write
|
||
|
580E000
|
stack
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
124E000
|
stack
|
page read and write
|
||
|
5248000
|
trusted library allocation
|
page read and write
|
||
|
34FE000
|
stack
|
page read and write
|
||
|
C12000
|
heap
|
page read and write
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
5A8E000
|
stack
|
page read and write
|
||
|
123E000
|
stack
|
page read and write
|
||
|
3548000
|
trusted library allocation
|
page read and write
|
||
|
2B5C000
|
trusted library allocation
|
page execute and read and write
|
||
|
D32909B000
|
stack
|
page read and write
|
||
|
83A000
|
stack
|
page read and write
|
||
|
354E000
|
trusted library allocation
|
page read and write
|
||
|
26801870000
|
heap
|
page read and write
|
There are 507 hidden memdumps, click here to show them.