Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
LisectAVT_2403002C_173.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\LisectAVT_2403002C_173.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\server.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\server.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\LisectAVT_2403002C_173.exe
|
"C:\Users\user\Desktop\LisectAVT_2403002C_173.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\server.exe
|
"C:\Users\user\AppData\Local\Temp\server.exe"
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\AppData\Local\Temp\server.exe" "server.exe" ENABLE
|
|
|
|
C:\Users\user\AppData\Local\Temp\server.exe
|
"C:\Users\user\AppData\Local\Temp\server.exe" ..
|
|
|
|
C:\Users\user\AppData\Local\Temp\server.exe
|
"C:\Users\user\AppData\Local\Temp\server.exe" ..
|
|
|
|
C:\Users\user\AppData\Local\Temp\server.exe
|
"C:\Users\user\AppData\Local\Temp\server.exe" ..
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://go.microsoft.
|
unknown
|
||
|
http://go.microsoft.LinkId=42127
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
10.94.13.141
|
unknown
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER
|
di
|
|
|
|
HKEY_CURRENT_USER\Environment
|
SEE_MASK_NOZONECHECKS
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
9d7a86c885741f54de92d8420ac76ebf
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
|
9d7a86c885741f54de92d8420ac76ebf
|
||
|
HKEY_CURRENT_USER\SOFTWARE\9d7a86c885741f54de92d8420ac76ebf
|
[kl]
|
||
|
HKEY_CURRENT_USER\SOFTWARE\9d7a86c885741f54de92d8420ac76ebf
|
[kl]
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2D31000
|
trusted library allocation
|
page read and write
|
|
|
|
28B1000
|
trusted library allocation
|
page read and write
|
|
|
|
692000
|
unkown
|
page readonly
|
|
|
|
6B6000
|
heap
|
page read and write
|
||
|
1750000
|
heap
|
page execute and read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
764000
|
heap
|
page read and write
|
||
|
763000
|
heap
|
page read and write
|
||
|
F6E000
|
stack
|
page read and write
|
||
|
4FDE000
|
stack
|
page read and write
|
||
|
579F000
|
stack
|
page read and write
|
||
|
5120000
|
heap
|
page read and write
|
||
|
71F000
|
heap
|
page read and write
|
||
|
4B66000
|
heap
|
page read and write
|
||
|
6DB000
|
heap
|
page read and write
|
||
|
6EC000
|
heap
|
page read and write
|
||
|
6C8000
|
heap
|
page read and write
|
||
|
51BE000
|
stack
|
page read and write
|
||
|
6F8000
|
heap
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
4B65000
|
heap
|
page read and write
|
||
|
9A6000
|
heap
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
AE7000
|
trusted library allocation
|
page execute and read and write
|
||
|
70E000
|
heap
|
page read and write
|
||
|
BC7000
|
heap
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
10F6000
|
stack
|
page read and write
|
||
|
4B89000
|
stack
|
page read and write
|
||
|
F82000
|
trusted library allocation
|
page execute and read and write
|
||
|
70E000
|
heap
|
page read and write
|
||
|
10F9000
|
stack
|
page read and write
|
||
|
6CA000
|
heap
|
page read and write
|
||
|
4B63000
|
heap
|
page read and write
|
||
|
6AE000
|
heap
|
page read and write
|
||
|
4EE000
|
stack
|
page read and write
|
||
|
581D000
|
stack
|
page read and write
|
||
|
5B9F000
|
stack
|
page read and write
|
||
|
15F2000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FFF000
|
stack
|
page read and write
|
||
|
746000
|
heap
|
page read and write
|
||
|
52FE000
|
stack
|
page read and write
|
||
|
4B54000
|
heap
|
page read and write
|
||
|
15D0000
|
heap
|
page read and write
|
||
|
75F000
|
heap
|
page read and write
|
||
|
6E1000
|
heap
|
page read and write
|
||
|
6C8000
|
heap
|
page read and write
|
||
|
6B6000
|
heap
|
page read and write
|
||
|
567E000
|
stack
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
A00000
|
trusted library allocation
|
page read and write
|
||
|
4F4000
|
stack
|
page read and write
|
||
|
936000
|
stack
|
page read and write
|
||
|
6F5000
|
heap
|
page read and write
|
||
|
742000
|
heap
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
893000
|
heap
|
page read and write
|
||
|
1607000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C00000
|
unclassified section
|
page read and write
|
||
|
A22000
|
trusted library allocation
|
page execute and read and write
|
||
|
F72000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B65000
|
heap
|
page read and write
|
||
|
4E9F000
|
stack
|
page read and write
|
||
|
AF9000
|
stack
|
page read and write
|
||
|
4B51000
|
heap
|
page read and write
|
||
|
6C3000
|
heap
|
page read and write
|
||
|
B48000
|
heap
|
page read and write
|
||
|
1520000
|
heap
|
page read and write
|
||
|
D4B000
|
stack
|
page read and write
|
||
|
6FD000
|
heap
|
page read and write
|
||
|
1325000
|
heap
|
page read and write
|
||
|
F8C000
|
trusted library allocation
|
page execute and read and write
|
||
|
3DA4000
|
trusted library allocation
|
page read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
591F000
|
stack
|
page read and write
|
||
|
6C9000
|
heap
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
6F4000
|
heap
|
page read and write
|
||
|
4B5D000
|
heap
|
page read and write
|
||
|
6E6000
|
heap
|
page read and write
|
||
|
4341000
|
trusted library allocation
|
page read and write
|
||
|
6F1000
|
heap
|
page read and write
|
||
|
6FB000
|
heap
|
page read and write
|
||
|
6F8000
|
heap
|
page read and write
|
||
|
6F4000
|
heap
|
page read and write
|
||
|
45B1000
|
trusted library allocation
|
page read and write
|
||
|
4B5C000
|
heap
|
page read and write
|
||
|
14BE000
|
stack
|
page read and write
|
||
|
591E000
|
stack
|
page read and write
|
||
|
5700000
|
trusted library allocation
|
page read and write
|
||
|
A0A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
53FE000
|
stack
|
page read and write
|
||
|
AB0000
|
trusted library allocation
|
page read and write
|
||
|
456E000
|
stack
|
page read and write
|
||
|
153F000
|
heap
|
page read and write
|
||
|
4A70000
|
trusted library allocation
|
page read and write
|
||
|
72B000
|
stack
|
page read and write
|
||
|
6DC000
|
heap
|
page read and write
|
||
|
57BC000
|
stack
|
page read and write
|
||
|
D9F000
|
trusted library allocation
|
page read and write
|
||
|
5A5E000
|
stack
|
page read and write
|
||
|
6EE000
|
heap
|
page read and write
|
||
|
6C5000
|
heap
|
page read and write
|
||
|
6EC000
|
heap
|
page read and write
|
||
|
6FE000
|
heap
|
page read and write
|
||
|
6F1000
|
heap
|
page read and write
|
||
|
1590000
|
heap
|
page read and write
|
||
|
16BE000
|
stack
|
page read and write
|
||
|
FEB000
|
stack
|
page read and write
|
||
|
B7C000
|
heap
|
page read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
4B58000
|
heap
|
page read and write
|
||
|
1667000
|
trusted library allocation
|
page execute and read and write
|
||
|
808000
|
heap
|
page read and write
|
||
|
4B2F000
|
stack
|
page read and write
|
||
|
FA2000
|
trusted library allocation
|
page execute and read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
6AF000
|
heap
|
page read and write
|
||
|
1622000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F5000
|
heap
|
page read and write
|
||
|
FAF000
|
stack
|
page read and write
|
||
|
A90000
|
trusted library allocation
|
page read and write
|
||
|
ABC000
|
trusted library allocation
|
page execute and read and write
|
||
|
75F000
|
heap
|
page read and write
|
||
|
45E0000
|
heap
|
page read and write
|
||
|
6EE000
|
heap
|
page read and write
|
||
|
6EC000
|
heap
|
page read and write
|
||
|
768000
|
heap
|
page read and write
|
||
|
6FB000
|
heap
|
page read and write
|
||
|
BCF000
|
stack
|
page read and write
|
||
|
4AFB000
|
stack
|
page read and write
|
||
|
570F000
|
trusted library allocation
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
741000
|
heap
|
page read and write
|
||
|
4E30000
|
trusted library allocation
|
page execute and read and write
|
||
|
762000
|
heap
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
546F000
|
trusted library allocation
|
page read and write
|
||
|
83E000
|
heap
|
page read and write
|
||
|
6FE000
|
heap
|
page read and write
|
||
|
6C5000
|
heap
|
page read and write
|
||
|
746000
|
heap
|
page read and write
|
||
|
501E000
|
stack
|
page read and write
|
||
|
1620000
|
heap
|
page read and write
|
||
|
11E5000
|
heap
|
page read and write
|
||
|
4B61000
|
heap
|
page read and write
|
||
|
6A5000
|
heap
|
page read and write
|
||
|
581E000
|
stack
|
page read and write
|
||
|
4ABC000
|
stack
|
page read and write
|
||
|
681000
|
heap
|
page read and write
|
||
|
F80000
|
trusted library allocation
|
page read and write
|
||
|
AEB000
|
trusted library allocation
|
page execute and read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
E6F000
|
stack
|
page read and write
|
||
|
7FE000
|
stack
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
174E000
|
stack
|
page read and write
|
||
|
6F8000
|
heap
|
page read and write
|
||
|
741000
|
heap
|
page read and write
|
||
|
517E000
|
stack
|
page read and write
|
||
|
BA8000
|
heap
|
page read and write
|
||
|
5470000
|
trusted library allocation
|
page execute and read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
49EE000
|
stack
|
page read and write
|
||
|
92E000
|
stack
|
page read and write
|
||
|
6B6000
|
heap
|
page read and write
|
||
|
A2D000
|
stack
|
page read and write
|
||
|
52BE000
|
stack
|
page read and write
|
||
|
1080000
|
trusted library allocation
|
page read and write
|
||
|
1630000
|
trusted library allocation
|
page read and write
|
||
|
5010000
|
heap
|
page read and write
|
||
|
49F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
71F000
|
heap
|
page read and write
|
||
|
166B000
|
trusted library allocation
|
page execute and read and write
|
||
|
15C2000
|
trusted library allocation
|
page execute and read and write
|
||
|
45F0000
|
heap
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
557E000
|
stack
|
page read and write
|
||
|
16E0000
|
heap
|
page read and write
|
||
|
6E6000
|
heap
|
page read and write
|
||
|
71F000
|
heap
|
page read and write
|
||
|
57D0000
|
heap
|
page read and write
|
||
|
6F3000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
6F4000
|
heap
|
page read and write
|
||
|
BAE000
|
heap
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
38D7000
|
trusted library allocation
|
page read and write
|
||
|
6F4000
|
heap
|
page read and write
|
||
|
528E000
|
stack
|
page read and write
|
||
|
166E000
|
stack
|
page read and write
|
||
|
3D31000
|
trusted library allocation
|
page read and write
|
||
|
538E000
|
stack
|
page read and write
|
||
|
15BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
F7A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5320000
|
heap
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
15B000
|
stack
|
page read and write
|
||
|
5220000
|
heap
|
page read and write
|
||
|
1050000
|
trusted library allocation
|
page execute and read and write
|
||
|
70E000
|
heap
|
page read and write
|
||
|
326E000
|
stack
|
page read and write
|
||
|
56EE000
|
stack
|
page read and write
|
||
|
48EC000
|
stack
|
page read and write
|
||
|
4B30000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
6EC000
|
heap
|
page read and write
|
||
|
6E7000
|
heap
|
page read and write
|
||
|
AD2000
|
trusted library allocation
|
page execute and read and write
|
||
|
3DA1000
|
trusted library allocation
|
page read and write
|
||
|
4B5C000
|
heap
|
page read and write
|
||
|
4B4C000
|
stack
|
page read and write
|
||
|
557E000
|
stack
|
page read and write
|
||
|
FFE000
|
stack
|
page read and write
|
||
|
5A9E000
|
stack
|
page read and write
|
||
|
1190000
|
heap
|
page execute and read and write
|
||
|
6BB000
|
heap
|
page read and write
|
||
|
4F9E000
|
stack
|
page read and write
|
||
|
6FB000
|
heap
|
page read and write
|
||
|
6F1000
|
heap
|
page read and write
|
||
|
57DE000
|
stack
|
page read and write
|
||
|
76E000
|
heap
|
page read and write
|
||
|
54F0000
|
trusted library allocation
|
page read and write
|
||
|
70E000
|
heap
|
page read and write
|
||
|
6BA000
|
heap
|
page read and write
|
||
|
16C0000
|
heap
|
page read and write
|
||
|
6BF000
|
heap
|
page read and write
|
||
|
A02000
|
trusted library allocation
|
page execute and read and write
|
||
|
741000
|
heap
|
page read and write
|
||
|
BDF000
|
heap
|
page read and write
|
||
|
595E000
|
stack
|
page read and write
|
||
|
8BD000
|
heap
|
page read and write
|
||
|
AF6000
|
stack
|
page read and write
|
||
|
60E000
|
unkown
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
6DB000
|
heap
|
page read and write
|
||
|
7F2000
|
trusted library allocation
|
page execute and read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
741000
|
heap
|
page read and write
|
||
|
B90000
|
trusted library allocation
|
page read and write
|
||
|
55EE000
|
stack
|
page read and write
|
||
|
160B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5710000
|
trusted library allocation
|
page execute and read and write
|
||
|
75F000
|
heap
|
page read and write
|
||
|
F8A000
|
trusted library allocation
|
page execute and read and write
|
||
|
15C0000
|
trusted library allocation
|
page read and write
|
||
|
543E000
|
stack
|
page read and write
|
||
|
FBB000
|
trusted library allocation
|
page execute and read and write
|
||
|
AB2000
|
trusted library allocation
|
page execute and read and write
|
||
|
6C7000
|
heap
|
page read and write
|
||
|
4BF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
A37000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E2F000
|
stack
|
page read and write
|
||
|
1660000
|
trusted library allocation
|
page read and write
|
||
|
6C9000
|
heap
|
page read and write
|
||
|
7F610000
|
trusted library allocation
|
page execute and read and write
|
||
|
761000
|
heap
|
page read and write
|
||
|
6C8000
|
heap
|
page read and write
|
||
|
4B52000
|
heap
|
page read and write
|
||
|
431E000
|
stack
|
page read and write
|
||
|
1528000
|
heap
|
page read and write
|
||
|
AA2000
|
trusted library allocation
|
page execute and read and write
|
||
|
6A8000
|
heap
|
page read and write
|
||
|
5790000
|
trusted library allocation
|
page read and write
|
||
|
71F000
|
heap
|
page read and write
|
||
|
A17000
|
trusted library allocation
|
page execute and read and write
|
||
|
7D0000
|
trusted library allocation
|
page read and write
|
||
|
6EF000
|
heap
|
page read and write
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
5CDE000
|
stack
|
page read and write
|
||
|
7FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
A32000
|
trusted library allocation
|
page read and write
|
||
|
6C1000
|
heap
|
page read and write
|
||
|
75F000
|
heap
|
page read and write
|
||
|
6C5000
|
heap
|
page read and write
|
||
|
4EB0000
|
trusted library allocation
|
page read and write
|
||
|
9EE000
|
stack
|
page read and write
|
||
|
EAF000
|
stack
|
page read and write
|
||
|
4B5C000
|
heap
|
page read and write
|
||
|
553E000
|
stack
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
75F000
|
heap
|
page read and write
|
||
|
128E000
|
heap
|
page read and write
|
||
|
553E000
|
stack
|
page read and write
|
||
|
4B5D000
|
heap
|
page read and write
|
||
|
6FD000
|
heap
|
page read and write
|
||
|
56BB000
|
stack
|
page read and write
|
||
|
A45000
|
heap
|
page read and write
|
||
|
6FE000
|
heap
|
page read and write
|
||
|
746000
|
heap
|
page read and write
|
||
|
75F000
|
heap
|
page read and write
|
||
|
741000
|
heap
|
page read and write
|
||
|
6FE000
|
heap
|
page read and write
|
||
|
70E000
|
heap
|
page read and write
|
||
|
6F8000
|
heap
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
190E000
|
stack
|
page read and write
|
||
|
76A000
|
heap
|
page read and write
|
||
|
6E2000
|
heap
|
page read and write
|
||
|
C44000
|
heap
|
page read and write
|
||
|
15B2000
|
trusted library allocation
|
page execute and read and write
|
||
|
73F000
|
heap
|
page read and write
|
||
|
2A5E000
|
stack
|
page read and write
|
||
|
6DF000
|
heap
|
page read and write
|
||
|
1652000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C9000
|
stack
|
page read and write
|
||
|
543E000
|
stack
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
6BD000
|
heap
|
page read and write
|
||
|
76E000
|
heap
|
page read and write
|
||
|
6B9000
|
heap
|
page read and write
|
||
|
5070000
|
heap
|
page read and write
|
||
|
4B00000
|
heap
|
page read and write
|
||
|
1340000
|
heap
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
2DA1000
|
trusted library allocation
|
page read and write
|
||
|
1510000
|
trusted library allocation
|
page read and write
|
||
|
1A0000
|
heap
|
page read and write
|
||
|
6DB000
|
heap
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
38B1000
|
trusted library allocation
|
page read and write
|
||
|
569E000
|
stack
|
page read and write
|
||
|
4FE000
|
stack
|
page read and write
|
||
|
4B5A000
|
heap
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
6BC000
|
heap
|
page read and write
|
||
|
6EE000
|
heap
|
page read and write
|
||
|
5590000
|
heap
|
page read and write
|
||
|
746000
|
heap
|
page read and write
|
||
|
83B000
|
stack
|
page read and write
|
||
|
86F000
|
unkown
|
page read and write
|
||
|
15CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
A7E000
|
stack
|
page read and write
|
||
|
122E000
|
stack
|
page read and write
|
||
|
45B4000
|
trusted library allocation
|
page read and write
|
||
|
1556000
|
heap
|
page read and write
|
||
|
4FB000
|
stack
|
page read and write
|
||
|
6FE000
|
heap
|
page read and write
|
||
|
4420000
|
heap
|
page read and write
|
||
|
C28000
|
trusted library allocation
|
page read and write
|
||
|
4B5C000
|
heap
|
page read and write
|
||
|
19C0000
|
heap
|
page execute and read and write
|
||
|
741000
|
heap
|
page read and write
|
||
|
FB7000
|
trusted library allocation
|
page execute and read and write
|
||
|
6DC000
|
heap
|
page read and write
|
||
|
12A4000
|
heap
|
page read and write
|
||
|
6DB000
|
heap
|
page read and write
|
||
|
6F8000
|
heap
|
page read and write
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
690000
|
unkown
|
page readonly
|
||
|
A2A000
|
trusted library allocation
|
page execute and read and write
|
||
|
6DF000
|
heap
|
page read and write
|
||
|
684000
|
heap
|
page read and write
|
||
|
A1A000
|
trusted library allocation
|
page execute and read and write
|
||
|
156F000
|
heap
|
page read and write
|
||
|
C39000
|
heap
|
page read and write
|
||
|
C0C000
|
heap
|
page read and write
|
||
|
6E7000
|
heap
|
page read and write
|
||
|
76E000
|
heap
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
6BF000
|
heap
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
29EF000
|
stack
|
page read and write
|
||
|
1636000
|
trusted library allocation
|
page execute and read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
6BA000
|
heap
|
page read and write
|
||
|
5BDE000
|
stack
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
4B03000
|
heap
|
page read and write
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
1278000
|
heap
|
page read and write
|
||
|
5080000
|
heap
|
page read and write
|
||
|
AB0000
|
trusted library allocation
|
page read and write
|
||
|
518E000
|
stack
|
page read and write
|
||
|
146F000
|
stack
|
page read and write
|
||
|
147E000
|
stack
|
page read and write
|
||
|
6FE000
|
heap
|
page read and write
|
||
|
4B5C000
|
heap
|
page read and write
|
||
|
AB6000
|
trusted library allocation
|
page execute and read and write
|
||
|
DFE000
|
stack
|
page read and write
|
||
|
6A5000
|
heap
|
page read and write
|
||
|
75F000
|
heap
|
page read and write
|
||
|
1600000
|
trusted library allocation
|
page read and write
|
||
|
4B60000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page execute and read and write
|
||
|
4344000
|
trusted library allocation
|
page read and write
|
||
|
507D000
|
stack
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
D1E000
|
stack
|
page read and write
|
||
|
6EF000
|
heap
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
8A4000
|
heap
|
page read and write
|
||
|
741000
|
heap
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
F86000
|
trusted library allocation
|
page execute and read and write
|
||
|
116E000
|
stack
|
page read and write
|
||
|
746000
|
heap
|
page read and write
|
||
|
3D34000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
heap
|
page read and write
|
||
|
746000
|
heap
|
page read and write
|
||
|
6DE000
|
heap
|
page read and write
|
||
|
156F000
|
stack
|
page read and write
|
||
|
71F000
|
heap
|
page read and write
|
||
|
6FD000
|
heap
|
page read and write
|
||
|
B18000
|
heap
|
page read and write
|
||
|
163C000
|
trusted library allocation
|
page execute and read and write
|
||
|
15A0000
|
trusted library allocation
|
page read and write
|
||
|
6DB000
|
heap
|
page read and write
|
||
|
58DF000
|
stack
|
page read and write
|
||
|
6FD000
|
heap
|
page read and write
|
||
|
15C6000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C6000
|
stack
|
page read and write
|
||
|
761000
|
heap
|
page read and write
|
||
|
D5E000
|
stack
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
162A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B51000
|
heap
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
5460000
|
trusted library allocation
|
page read and write
|
||
|
80E000
|
heap
|
page read and write
|
||
|
12BE000
|
stack
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
1700000
|
heap
|
page read and write
|
||
|
1632000
|
trusted library allocation
|
page execute and read and write
|
||
|
180F000
|
stack
|
page read and write
|
||
|
A3B000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A60000
|
trusted library allocation
|
page read and write
|
||
|
35B1000
|
trusted library allocation
|
page read and write
|
||
|
12C0000
|
trusted library allocation
|
page read and write
|
||
|
6E6000
|
heap
|
page read and write
|
||
|
12F6000
|
stack
|
page read and write
|
||
|
AAA000
|
trusted library allocation
|
page execute and read and write
|
||
|
6E3000
|
heap
|
page read and write
|
||
|
6FC000
|
heap
|
page read and write
|
||
|
6DF000
|
heap
|
page read and write
|
||
|
12D0000
|
heap
|
page execute and read and write
|
||
|
3341000
|
trusted library allocation
|
page read and write
|
||
|
1A5000
|
heap
|
page read and write
|
||
|
746000
|
heap
|
page read and write
|
||
|
2D8C000
|
trusted library allocation
|
page read and write
|
||
|
1670000
|
heap
|
page read and write
|
||
|
112D000
|
stack
|
page read and write
|
There are 438 hidden memdumps, click here to show them.