Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
LisectAVT_2403002B_378.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\LisectAVT_2403002B_378.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmp712.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\IVsIyeJQN.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\IVsIyeJQN.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\IVsIyeJQN.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1ccb34kz.nxd.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ahnqglzn.00s.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bzdlkjwp.st3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_cf4iqlme.ord.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_e1onvepp.gtc.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_j4s0hg1m.itq.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tgwfs53v.zxt.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_v1mdkgfk.4nh.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp1599.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\LisectAVT_2403002B_378.exe
|
"C:\Users\user\Desktop\LisectAVT_2403002B_378.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\LisectAVT_2403002B_378.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\IVsIyeJQN.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\IVsIyeJQN" /XML "C:\Users\user\AppData\Local\Temp\tmp712.tmp"
|
|
|
|
C:\Users\user\Desktop\LisectAVT_2403002B_378.exe
|
"C:\Users\user\Desktop\LisectAVT_2403002B_378.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\IVsIyeJQN.exe
|
C:\Users\user\AppData\Roaming\IVsIyeJQN.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\IVsIyeJQN" /XML "C:\Users\user\AppData\Local\Temp\tmp1599.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\IVsIyeJQN.exe
|
"C:\Users\user\AppData\Roaming\IVsIyeJQN.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\IVsIyeJQN.exe
|
"C:\Users\user\AppData\Roaming\IVsIyeJQN.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\IVsIyeJQN.exe
|
"C:\Users\user\AppData\Roaming\IVsIyeJQN.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\IVsIyeJQN.exe
|
"C:\Users\user\AppData\Roaming\IVsIyeJQN.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\IVsIyeJQN.exe
|
"C:\Users\user\AppData\Roaming\IVsIyeJQN.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 7 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
fat221.ddns.net
|
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://www.chiark.greenend.org.uk/~sgtatham/putty/0
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
18.31.95.13.in-addr.arpa
|
unknown
|
|
|
|
fat221.ddns.net
|
unknown
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2F41000
|
trusted library allocation
|
page read and write
|
|
|
|
24D1000
|
trusted library allocation
|
page read and write
|
|
|
|
2FA8000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2538000
|
trusted library allocation
|
page read and write
|
|
|
|
4E90000
|
trusted library section
|
page read and write
|
|
|
|
FB2000
|
heap
|
page read and write
|
||
|
5840000
|
heap
|
page read and write
|
||
|
576D000
|
stack
|
page read and write
|
||
|
2EA0000
|
trusted library allocation
|
page read and write
|
||
|
B95000
|
trusted library allocation
|
page read and write
|
||
|
11AE000
|
stack
|
page read and write
|
||
|
1667000
|
heap
|
page read and write
|
||
|
45CC000
|
stack
|
page read and write
|
||
|
1689000
|
heap
|
page read and write
|
||
|
316E000
|
stack
|
page read and write
|
||
|
11F7000
|
trusted library allocation
|
page execute and read and write
|
||
|
161F000
|
stack
|
page read and write
|
||
|
2E3D000
|
stack
|
page read and write
|
||
|
B4B000
|
stack
|
page read and write
|
||
|
11F2000
|
trusted library allocation
|
page read and write
|
||
|
49B0000
|
trusted library allocation
|
page read and write
|
||
|
4F7000
|
stack
|
page read and write
|
||
|
B88E000
|
stack
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
9D1E000
|
stack
|
page read and write
|
||
|
1904000
|
trusted library allocation
|
page read and write
|
||
|
6EE0000
|
heap
|
page read and write
|
||
|
137D000
|
trusted library allocation
|
page read and write
|
||
|
977E000
|
stack
|
page read and write
|
||
|
583E000
|
stack
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page execute and read and write
|
||
|
66FE000
|
heap
|
page read and write
|
||
|
987E000
|
stack
|
page read and write
|
||
|
118E000
|
stack
|
page read and write
|
||
|
B60F000
|
stack
|
page read and write
|
||
|
822000
|
trusted library allocation
|
page read and write
|
||
|
B20000
|
trusted library allocation
|
page read and write
|
||
|
11D0000
|
trusted library allocation
|
page read and write
|
||
|
7BA000
|
heap
|
page read and write
|
||
|
90000
|
unkown
|
page readonly
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
878B000
|
heap
|
page read and write
|
||
|
1903000
|
trusted library allocation
|
page execute and read and write
|
||
|
1240000
|
trusted library allocation
|
page read and write
|
||
|
312F000
|
unkown
|
page read and write
|
||
|
2EB0000
|
heap
|
page read and write
|
||
|
1011000
|
heap
|
page read and write
|
||
|
738E000
|
stack
|
page read and write
|
||
|
2DE9000
|
trusted library allocation
|
page read and write
|
||
|
700000
|
trusted library allocation
|
page read and write
|
||
|
66E9000
|
heap
|
page read and write
|
||
|
2582000
|
trusted library allocation
|
page read and write
|
||
|
B7A000
|
stack
|
page read and write
|
||
|
5CBE000
|
stack
|
page read and write
|
||
|
5380000
|
trusted library allocation
|
page read and write
|
||
|
827000
|
trusted library allocation
|
page execute and read and write
|
||
|
6AC0000
|
trusted library allocation
|
page read and write
|
||
|
2E71000
|
trusted library allocation
|
page read and write
|
||
|
4950000
|
trusted library allocation
|
page read and write
|
||
|
1207000
|
heap
|
page read and write
|
||
|
66D0000
|
trusted library allocation
|
page read and write
|
||
|
B90000
|
trusted library allocation
|
page read and write
|
||
|
2E7A000
|
stack
|
page read and write
|
||
|
4D00000
|
trusted library allocation
|
page read and write
|
||
|
1062000
|
trusted library allocation
|
page read and write
|
||
|
4971000
|
trusted library allocation
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
57E9000
|
trusted library allocation
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
8980000
|
trusted library allocation
|
page read and write
|
||
|
24B0000
|
trusted library allocation
|
page read and write
|
||
|
930B000
|
trusted library allocation
|
page read and write
|
||
|
3575000
|
trusted library allocation
|
page read and write
|
||
|
4F4E000
|
stack
|
page read and write
|
||
|
2DB1000
|
trusted library allocation
|
page read and write
|
||
|
2D6E000
|
stack
|
page read and write
|
||
|
1AF0000
|
heap
|
page read and write
|
||
|
2E5B000
|
trusted library allocation
|
page read and write
|
||
|
5336000
|
trusted library allocation
|
page read and write
|
||
|
B6D000
|
stack
|
page read and write
|
||
|
249C000
|
stack
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
533D000
|
trusted library allocation
|
page read and write
|
||
|
8AD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
496E000
|
trusted library allocation
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
3DD9000
|
trusted library allocation
|
page read and write
|
||
|
19AE000
|
stack
|
page read and write
|
||
|
81E000
|
stack
|
page read and write
|
||
|
5CD000
|
stack
|
page read and write
|
||
|
2F1B000
|
heap
|
page read and write
|
||
|
755000
|
heap
|
page read and write
|
||
|
1056000
|
trusted library allocation
|
page execute and read and write
|
||
|
5551000
|
trusted library allocation
|
page read and write
|
||
|
F64000
|
heap
|
page read and write
|
||
|
9ADE000
|
stack
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
6FEA000
|
trusted library allocation
|
page read and write
|
||
|
4990000
|
heap
|
page read and write
|
||
|
1210000
|
trusted library allocation
|
page read and write
|
||
|
145F000
|
stack
|
page read and write
|
||
|
34D9000
|
trusted library allocation
|
page read and write
|
||
|
4D40000
|
heap
|
page read and write
|
||
|
5645000
|
heap
|
page read and write
|
||
|
6701000
|
heap
|
page read and write
|
||
|
1515000
|
heap
|
page read and write
|
||
|
15C0000
|
heap
|
page read and write
|
||
|
9E9C000
|
stack
|
page read and write
|
||
|
B98F000
|
stack
|
page read and write
|
||
|
6F0000
|
trusted library allocation
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
6705000
|
heap
|
page read and write
|
||
|
897E000
|
stack
|
page read and write
|
||
|
2D80000
|
trusted library allocation
|
page read and write
|
||
|
137F000
|
trusted library allocation
|
page read and write
|
||
|
251F000
|
trusted library allocation
|
page read and write
|
||
|
6B6E000
|
stack
|
page read and write
|
||
|
4DB8000
|
trusted library allocation
|
page read and write
|
||
|
19EE000
|
stack
|
page read and write
|
||
|
4ED0000
|
trusted library section
|
page read and write
|
||
|
11CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
6FE0000
|
trusted library allocation
|
page read and write
|
||
|
6F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E1C000
|
trusted library allocation
|
page read and write
|
||
|
6CB2000
|
trusted library allocation
|
page read and write
|
||
|
748000
|
heap
|
page read and write
|
||
|
2F13000
|
heap
|
page read and write
|
||
|
4EB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D70000
|
trusted library allocation
|
page read and write
|
||
|
1040000
|
trusted library allocation
|
page read and write
|
||
|
66B0000
|
heap
|
page read and write
|
||
|
5650000
|
trusted library allocation
|
page execute and read and write
|
||
|
32A0000
|
heap
|
page execute and read and write
|
||
|
1370000
|
trusted library allocation
|
page read and write
|
||
|
1290000
|
trusted library allocation
|
page read and write
|
||
|
4EC0000
|
trusted library section
|
page read and write
|
||
|
B4CF000
|
stack
|
page read and write
|
||
|
B24E000
|
stack
|
page read and write
|
||
|
89C0000
|
trusted library allocation
|
page read and write
|
||
|
52CA000
|
stack
|
page read and write
|
||
|
53FB000
|
stack
|
page read and write
|
||
|
57E0000
|
trusted library allocation
|
page read and write
|
||
|
66E6000
|
heap
|
page read and write
|
||
|
4174000
|
trusted library allocation
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
6A70000
|
trusted library section
|
page read and write
|
||
|
2F30000
|
heap
|
page execute and read and write
|
||
|
410000
|
remote allocation
|
page execute and read and write
|
||
|
2E50000
|
trusted library allocation
|
page read and write
|
||
|
B64C000
|
stack
|
page read and write
|
||
|
761000
|
heap
|
page read and write
|
||
|
1A2E000
|
stack
|
page read and write
|
||
|
1960000
|
trusted library allocation
|
page read and write
|
||
|
FE5000
|
heap
|
page read and write
|
||
|
16D4000
|
heap
|
page read and write
|
||
|
150E000
|
stack
|
page read and write
|
||
|
5C3C000
|
stack
|
page read and write
|
||
|
9E5E000
|
stack
|
page read and write
|
||
|
3340000
|
heap
|
page read and write
|
||
|
F6F000
|
heap
|
page read and write
|
||
|
1388000
|
stack
|
page read and write
|
||
|
F71000
|
heap
|
page read and write
|
||
|
11E0000
|
trusted library allocation
|
page read and write
|
||
|
2DAE000
|
stack
|
page read and write
|
||
|
12E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
15AF000
|
stack
|
page read and write
|
||
|
18F0000
|
trusted library allocation
|
page read and write
|
||
|
1360000
|
trusted library allocation
|
page read and write
|
||
|
4033000
|
trusted library allocation
|
page read and write
|
||
|
2E6E000
|
trusted library allocation
|
page read and write
|
||
|
840000
|
trusted library allocation
|
page read and write
|
||
|
4AD0000
|
trusted library section
|
page readonly
|
||
|
5342000
|
trusted library allocation
|
page read and write
|
||
|
2DBA000
|
trusted library allocation
|
page read and write
|
||
|
B50E000
|
stack
|
page read and write
|
||
|
65B0000
|
heap
|
page read and write
|
||
|
87A8000
|
heap
|
page read and write
|
||
|
5C7B000
|
stack
|
page read and write
|
||
|
644D000
|
stack
|
page read and write
|
||
|
55AE000
|
stack
|
page read and write
|
||
|
6E0000
|
trusted library allocation
|
page read and write
|
||
|
35C3000
|
trusted library allocation
|
page read and write
|
||
|
11C0000
|
trusted library allocation
|
page read and write
|
||
|
1CA000
|
stack
|
page read and write
|
||
|
1B10000
|
heap
|
page read and write
|
||
|
495B000
|
trusted library allocation
|
page read and write
|
||
|
1246000
|
trusted library allocation
|
page read and write
|
||
|
B3CE000
|
stack
|
page read and write
|
||
|
7BE000
|
heap
|
page read and write
|
||
|
4D20000
|
trusted library allocation
|
page read and write
|
||
|
106E000
|
stack
|
page read and write
|
||
|
138A000
|
heap
|
page read and write
|
||
|
36AE000
|
trusted library allocation
|
page read and write
|
||
|
5DBE000
|
stack
|
page read and write
|
||
|
3F41000
|
trusted library allocation
|
page read and write
|
||
|
128B000
|
stack
|
page read and write
|
||
|
3264000
|
trusted library allocation
|
page read and write
|
||
|
5B3E000
|
stack
|
page read and write
|
||
|
49B2000
|
trusted library allocation
|
page read and write
|
||
|
324E000
|
stack
|
page read and write
|
||
|
4954000
|
trusted library allocation
|
page read and write
|
||
|
1940000
|
trusted library allocation
|
page read and write
|
||
|
5CF000
|
unkown
|
page read and write
|
||
|
6750000
|
trusted library allocation
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
2F8F000
|
trusted library allocation
|
page read and write
|
||
|
532E000
|
trusted library allocation
|
page read and write
|
||
|
194B000
|
trusted library allocation
|
page execute and read and write
|
||
|
8B0000
|
heap
|
page execute and read and write
|
||
|
11E6000
|
trusted library allocation
|
page execute and read and write
|
||
|
4943000
|
heap
|
page read and write
|
||
|
48D000
|
stack
|
page read and write
|
||
|
F3E000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
B2B000
|
trusted library allocation
|
page read and write
|
||
|
1309000
|
trusted library allocation
|
page read and write
|
||
|
1920000
|
trusted library allocation
|
page read and write
|
||
|
42C1000
|
trusted library allocation
|
page read and write
|
||
|
82B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5370000
|
heap
|
page read and write
|
||
|
103D000
|
trusted library allocation
|
page execute and read and write
|
||
|
728000
|
heap
|
page read and write
|
||
|
5B7E000
|
stack
|
page read and write
|
||
|
4B70000
|
heap
|
page execute and read and write
|
||
|
6B2D000
|
stack
|
page read and write
|
||
|
9DE000
|
stack
|
page read and write
|
||
|
55E0000
|
heap
|
page execute and read and write
|
||
|
2DF5000
|
trusted library allocation
|
page read and write
|
||
|
2DA0000
|
heap
|
page execute and read and write
|
||
|
BB7000
|
heap
|
page read and write
|
||
|
B750000
|
heap
|
page read and write
|
||
|
411E000
|
trusted library allocation
|
page read and write
|
||
|
587E000
|
stack
|
page read and write
|
||
|
1005000
|
heap
|
page read and write
|
||
|
4212000
|
trusted library allocation
|
page read and write
|
||
|
9F9C000
|
stack
|
page read and write
|
||
|
4976000
|
trusted library allocation
|
page read and write
|
||
|
69A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
EF7000
|
stack
|
page read and write
|
||
|
3260000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
72E000
|
heap
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
11E2000
|
trusted library allocation
|
page read and write
|
||
|
1620000
|
heap
|
page read and write
|
||
|
92000
|
unkown
|
page readonly
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
105A000
|
trusted library allocation
|
page execute and read and write
|
||
|
497D000
|
trusted library allocation
|
page read and write
|
||
|
11C4000
|
trusted library allocation
|
page read and write
|
||
|
70D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3010000
|
heap
|
page read and write
|
||
|
2D2E000
|
stack
|
page read and write
|
||
|
5309000
|
stack
|
page read and write
|
||
|
58CD000
|
stack
|
page read and write
|
||
|
11C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1230000
|
trusted library allocation
|
page read and write
|
||
|
B28E000
|
stack
|
page read and write
|
||
|
71A000
|
trusted library allocation
|
page execute and read and write
|
||
|
11BA000
|
heap
|
page read and write
|
||
|
11DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7C2000
|
heap
|
page read and write
|
||
|
5331000
|
trusted library allocation
|
page read and write
|
||
|
1510000
|
heap
|
page read and write
|
||
|
11C6000
|
heap
|
page read and write
|
||
|
804000
|
heap
|
page read and write
|
||
|
890000
|
trusted library allocation
|
page execute and read and write
|
||
|
1930000
|
heap
|
page read and write
|
||
|
5540000
|
heap
|
page read and write
|
||
|
11EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
11FB000
|
trusted library allocation
|
page execute and read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
2EC0000
|
trusted library allocation
|
page read and write
|
||
|
49C0000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
167D000
|
heap
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
135E000
|
stack
|
page read and write
|
||
|
5660000
|
heap
|
page execute and read and write
|
||
|
2D90000
|
trusted library allocation
|
page read and write
|
||
|
1198000
|
heap
|
page read and write
|
||
|
149E000
|
stack
|
page read and write
|
||
|
1300000
|
trusted library allocation
|
page read and write
|
||
|
B74C000
|
stack
|
page read and write
|
||
|
5C80000
|
trusted library allocation
|
page read and write
|
||
|
703000
|
trusted library allocation
|
page read and write
|
||
|
1050000
|
trusted library allocation
|
page read and write
|
||
|
5640000
|
heap
|
page read and write
|
||
|
9C1E000
|
stack
|
page read and write
|
||
|
4E4D000
|
stack
|
page read and write
|
||
|
3F49000
|
trusted library allocation
|
page read and write
|
||
|
8990000
|
trusted library allocation
|
page execute and read and write
|
||
|
7B6000
|
heap
|
page read and write
|
||
|
2DED000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
12F0000
|
trusted library allocation
|
page read and write
|
||
|
2E4C000
|
stack
|
page read and write
|
||
|
1926000
|
trusted library allocation
|
page execute and read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
6F4000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
4940000
|
heap
|
page read and write
|
||
|
531B000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
5830000
|
heap
|
page read and write
|
||
|
ADE000
|
stack
|
page read and write
|
||
|
4EF0000
|
trusted library allocation
|
page read and write
|
||
|
1B20000
|
trusted library allocation
|
page read and write
|
||
|
FDC000
|
heap
|
page read and write
|
||
|
8740000
|
heap
|
page read and write
|
||
|
EF7000
|
stack
|
page read and write
|
||
|
11B0000
|
trusted library allocation
|
page read and write
|
||
|
8C0000
|
trusted library allocation
|
page read and write
|
||
|
85F000
|
stack
|
page read and write
|
||
|
BA0000
|
trusted library allocation
|
page read and write
|
||
|
BFE000
|
stack
|
page read and write
|
||
|
15C7000
|
heap
|
page read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
5310000
|
trusted library allocation
|
page read and write
|
||
|
4E8E000
|
stack
|
page read and write
|
||
|
2EFE000
|
unkown
|
page read and write
|
||
|
61A000
|
heap
|
page read and write
|
||
|
2DB0000
|
trusted library allocation
|
page read and write
|
||
|
104D000
|
trusted library allocation
|
page execute and read and write
|
||
|
997E000
|
stack
|
page read and write
|
||
|
6AD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
32C1000
|
trusted library allocation
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
56EB000
|
stack
|
page read and write
|
||
|
2E7D000
|
trusted library allocation
|
page read and write
|
||
|
58D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
763000
|
heap
|
page read and write
|
||
|
6FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
56F0000
|
heap
|
page read and write
|
||
|
421A000
|
trusted library allocation
|
page read and write
|
||
|
11D3000
|
trusted library allocation
|
page read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
2F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
1386000
|
heap
|
page read and write
|
||
|
1914000
|
trusted library allocation
|
page read and write
|
||
|
4D30000
|
heap
|
page read and write
|
||
|
5A3E000
|
stack
|
page read and write
|
||
|
68AF000
|
stack
|
page read and write
|
||
|
FD4000
|
heap
|
page read and write
|
||
|
135E000
|
stack
|
page read and write
|
||
|
1A30000
|
trusted library allocation
|
page execute and read and write
|
||
|
5520000
|
trusted library allocation
|
page execute and read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
41C3000
|
trusted library allocation
|
page read and write
|
||
|
2FF2000
|
trusted library allocation
|
page read and write
|
||
|
3527000
|
trusted library allocation
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
2E95000
|
trusted library allocation
|
page read and write
|
||
|
1910000
|
trusted library allocation
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
B14E000
|
stack
|
page read and write
|
||
|
95DE000
|
stack
|
page read and write
|
||
|
54B0000
|
heap
|
page read and write
|
||
|
1697000
|
heap
|
page read and write
|
||
|
1244000
|
trusted library allocation
|
page read and write
|
||
|
5820000
|
heap
|
page read and write
|
||
|
58E000
|
stack
|
page read and write
|
||
|
2DF1000
|
trusted library allocation
|
page read and write
|
||
|
1020000
|
trusted library allocation
|
page read and write
|
||
|
49A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
16D2000
|
heap
|
page read and write
|
||
|
5B3D000
|
stack
|
page read and write
|
||
|
15B0000
|
trusted library allocation
|
page read and write
|
||
|
4A2B000
|
stack
|
page read and write
|
||
|
B80000
|
trusted library allocation
|
page read and write
|
||
|
54C0000
|
heap
|
page read and write
|
||
|
1B30000
|
heap
|
page read and write
|
||
|
34D1000
|
trusted library allocation
|
page read and write
|
||
|
B1E000
|
stack
|
page read and write
|
||
|
4D35000
|
heap
|
page read and write
|
||
|
53BF000
|
stack
|
page read and write
|
||
|
24C0000
|
heap
|
page read and write
|
||
|
32B0000
|
heap
|
page execute and read and write
|
||
|
2E76000
|
trusted library allocation
|
page read and write
|
||
|
1095000
|
heap
|
page read and write
|
||
|
1947000
|
trusted library allocation
|
page execute and read and write
|
||
|
54E0000
|
heap
|
page read and write
|
||
|
245E000
|
stack
|
page read and write
|
||
|
88E000
|
stack
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
734E000
|
stack
|
page read and write
|
||
|
11F4000
|
heap
|
page read and write
|
||
|
503C000
|
stack
|
page read and write
|
||
|
710000
|
trusted library allocation
|
page read and write
|
||
|
F3A000
|
heap
|
page read and write
|
||
|
4268000
|
trusted library allocation
|
page read and write
|
||
|
5940000
|
heap
|
page read and write
|
||
|
1682000
|
heap
|
page read and write
|
||
|
4CA000
|
stack
|
page read and write
|
||
|
F57000
|
heap
|
page read and write
|
||
|
5382000
|
trusted library allocation
|
page read and write
|
||
|
5630000
|
heap
|
page read and write
|
||
|
54BE000
|
stack
|
page read and write
|
||
|
1030000
|
trusted library allocation
|
page read and write
|
||
|
887E000
|
stack
|
page read and write
|
||
|
5930000
|
trusted library allocation
|
page read and write
|
||
|
712000
|
trusted library allocation
|
page read and write
|
||
|
2F10000
|
heap
|
page read and write
|
||
|
5373000
|
heap
|
page read and write
|
||
|
2F10000
|
heap
|
page read and write
|
||
|
9BDF000
|
stack
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
2DEB000
|
trusted library allocation
|
page read and write
|
||
|
57E000
|
unkown
|
page read and write
|
||
|
5400000
|
trusted library section
|
page readonly
|
||
|
7240000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C70000
|
heap
|
page read and write
|
||
|
1033000
|
trusted library allocation
|
page execute and read and write
|
||
|
11F0000
|
trusted library allocation
|
page read and write
|
||
|
4EE0000
|
trusted library allocation
|
page read and write
|
||
|
11B1000
|
heap
|
page read and write
|
||
|
4C80000
|
trusted library allocation
|
page execute and read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
9D5E000
|
stack
|
page read and write
|
||
|
B06E000
|
stack
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
791000
|
heap
|
page read and write
|
||
|
5410000
|
heap
|
page read and write
|
||
|
706B000
|
trusted library allocation
|
page read and write
|
||
|
4B60000
|
heap
|
page read and write
|
||
|
2DEF000
|
trusted library allocation
|
page read and write
|
||
|
5519000
|
stack
|
page read and write
|
||
|
5C7F000
|
stack
|
page read and write
|
||
|
31AF000
|
stack
|
page read and write
|
||
|
106B000
|
trusted library allocation
|
page execute and read and write
|
||
|
8781000
|
heap
|
page read and write
|
||
|
2E90000
|
trusted library allocation
|
page read and write
|
||
|
3DB1000
|
trusted library allocation
|
page read and write
|
||
|
1002000
|
heap
|
page read and write
|
||
|
2E80000
|
trusted library allocation
|
page read and write
|
||
|
1034000
|
trusted library allocation
|
page read and write
|
||
|
3007000
|
trusted library allocation
|
page read and write
|
||
|
1060000
|
trusted library allocation
|
page read and write
|
||
|
540F000
|
trusted library section
|
page readonly
|
||
|
1660000
|
heap
|
page read and write
|
||
|
1067000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A40000
|
heap
|
page read and write
|
||
|
B38E000
|
stack
|
page read and write
|
||
|
2DF3000
|
trusted library allocation
|
page read and write
|
||
|
716000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E82000
|
trusted library allocation
|
page read and write
|
||
|
192A000
|
trusted library allocation
|
page execute and read and write
|
||
|
8A0000
|
trusted library allocation
|
page read and write
|
||
|
7040000
|
trusted library allocation
|
page read and write
|
There are 444 hidden memdumps, click here to show them.