Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
LisectAVT_2403002B_242.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\MPGPH131\MPGPH131.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\RageMP131\RageMP131.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\RageMP131\RageMP131.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\rage131MP.tmp
|
ASCII text, with no line terminators
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\LisectAVT_2403002B_242.exe
|
"C:\Users\user\Desktop\LisectAVT_2403002B_242.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH131\MPGPH131.exe" /tn "MPGPH131 HR" /sc HOURLY /rl HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH131\MPGPH131.exe" /tn "MPGPH131 LG" /sc ONLOGON /rl HIGHEST
|
|
|
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
|
|
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
C:\ProgramData\MPGPH131\MPGPH131.exe
|
|
|
|
C:\Users\user\AppData\Local\RageMP131\RageMP131.exe
|
"C:\Users\user\AppData\Local\RageMP131\RageMP131.exe"
|
|
|
|
C:\Users\user\AppData\Local\RageMP131\RageMP131.exe
|
"C:\Users\user\AppData\Local\RageMP131\RageMP131.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://ipinfo.io/https://www.maxmind.com/en/locate-my-ip-addressWs2_32.dll
|
unknown
|
||
|
http://www.winimage.com/zLibDll
|
unknown
|
||
|
https://t.me/RiseProSUPPORT5
|
unknown
|
||
|
https://t.me/RiseProSUPPORT
|
unknown
|
||
|
https://ipinfo.io/
|
unknown
|
||
|
https://t.me/RiseProSUPPORTO
|
unknown
|
||
|
https://www.maxmind.com/en/locate-my-ip-address
|
unknown
|
||
|
https://t.me/RiseProSUPPORT2F
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
193.233.132.74
|
unknown
|
Russian Federation
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
RageMP131
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4E00000
|
direct allocation
|
page read and write
|
|
|
|
46C0000
|
direct allocation
|
page read and write
|
|
|
|
43E0000
|
direct allocation
|
page read and write
|
|
|
|
461000
|
unkown
|
page execute and read and write
|
|
|
|
461000
|
unkown
|
page execute and read and write
|
|
|
|
821000
|
unkown
|
page execute and read and write
|
|
|
|
4DC0000
|
direct allocation
|
page read and write
|
|
|
|
C21000
|
unkown
|
page execute and read and write
|
|
|
|
821000
|
unkown
|
page execute and read and write
|
|
|
|
4BF0000
|
direct allocation
|
page read and write
|
|
|
|
BFF000
|
stack
|
page read and write
|
||
|
46E0000
|
direct allocation
|
page execute and read and write
|
||
|
444E000
|
stack
|
page read and write
|
||
|
821000
|
unkown
|
page execute and write copy
|
||
|
593000
|
unkown
|
page write copy
|
||
|
378F000
|
stack
|
page read and write
|
||
|
4E40000
|
direct allocation
|
page execute and read and write
|
||
|
71E000
|
unkown
|
page execute and read and write
|
||
|
ADE000
|
unkown
|
page execute and read and write
|
||
|
46E0000
|
direct allocation
|
page execute and read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
14FE000
|
heap
|
page read and write
|
||
|
42FE000
|
stack
|
page read and write
|
||
|
410000
|
heap
|
page read and write
|
||
|
CF8000
|
heap
|
page read and write
|
||
|
58E000
|
unkown
|
page execute and read and write
|
||
|
4C5E000
|
stack
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
30CE000
|
stack
|
page read and write
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
4A3E000
|
stack
|
page read and write
|
||
|
368E000
|
stack
|
page read and write
|
||
|
418F000
|
stack
|
page read and write
|
||
|
4C30000
|
direct allocation
|
page execute and read and write
|
||
|
367E000
|
stack
|
page read and write
|
||
|
7FC000
|
unkown
|
page execute and write copy
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
297E000
|
stack
|
page read and write
|
||
|
3F8F000
|
stack
|
page read and write
|
||
|
3DBF000
|
stack
|
page read and write
|
||
|
33FE000
|
stack
|
page read and write
|
||
|
7AE000
|
unkown
|
page execute and read and write
|
||
|
4A4F000
|
stack
|
page read and write
|
||
|
467E000
|
stack
|
page read and write
|
||
|
D53000
|
unkown
|
page write copy
|
||
|
3A4E000
|
stack
|
page read and write
|
||
|
51F000
|
heap
|
page read and write
|
||
|
28DE000
|
stack
|
page read and write
|
||
|
467F000
|
stack
|
page read and write
|
||
|
4ADF000
|
stack
|
page read and write
|
||
|
4DE000
|
heap
|
page read and write
|
||
|
D34000
|
heap
|
page read and write
|
||
|
B6E000
|
unkown
|
page execute and read and write
|
||
|
44CE000
|
stack
|
page read and write
|
||
|
314F000
|
stack
|
page read and write
|
||
|
7ED000
|
unkown
|
page execute and read and write
|
||
|
4F2E000
|
stack
|
page read and write
|
||
|
3BFF000
|
stack
|
page read and write
|
||
|
516000
|
heap
|
page read and write
|
||
|
953000
|
unkown
|
page write copy
|
||
|
821000
|
unkown
|
page execute and write copy
|
||
|
3FFF000
|
stack
|
page read and write
|
||
|
4F2D000
|
direct allocation
|
page read and write
|
||
|
48FE000
|
stack
|
page read and write
|
||
|
36CF000
|
stack
|
page read and write
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
413E000
|
stack
|
page read and write
|
||
|
373F000
|
stack
|
page read and write
|
||
|
4B3F000
|
stack
|
page read and write
|
||
|
344F000
|
stack
|
page read and write
|
||
|
4DBF000
|
stack
|
page read and write
|
||
|
3A8F000
|
stack
|
page read and write
|
||
|
3BCF000
|
stack
|
page read and write
|
||
|
470F000
|
stack
|
page read and write
|
||
|
5110000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
36FF000
|
stack
|
page read and write
|
||
|
953000
|
unkown
|
page write copy
|
||
|
BAD000
|
unkown
|
page execute and read and write
|
||
|
337F000
|
stack
|
page read and write
|
||
|
460000
|
unkown
|
page readonly
|
||
|
3A0F000
|
stack
|
page read and write
|
||
|
4C30000
|
direct allocation
|
page execute and read and write
|
||
|
51E000
|
heap
|
page read and write
|
||
|
4E40000
|
direct allocation
|
page execute and read and write
|
||
|
46E0000
|
direct allocation
|
page execute and read and write
|
||
|
10FD000
|
stack
|
page read and write
|
||
|
38BF000
|
stack
|
page read and write
|
||
|
3A3E000
|
stack
|
page read and write
|
||
|
489E000
|
stack
|
page read and write
|
||
|
3EBF000
|
stack
|
page read and write
|
||
|
4420000
|
direct allocation
|
page execute and read and write
|
||
|
46C6000
|
heap
|
page read and write
|
||
|
387E000
|
stack
|
page read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
95C000
|
unkown
|
page execute and read and write
|
||
|
42BE000
|
stack
|
page read and write
|
||
|
327E000
|
stack
|
page read and write
|
||
|
46E0000
|
direct allocation
|
page execute and read and write
|
||
|
27FF000
|
stack
|
page read and write
|
||
|
4DD0000
|
direct allocation
|
page execute and read and write
|
||
|
D32000
|
heap
|
page read and write
|
||
|
14E0000
|
heap
|
page read and write
|
||
|
4E40000
|
direct allocation
|
page execute and read and write
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
29FF000
|
stack
|
page read and write
|
||
|
4C30000
|
direct allocation
|
page execute and read and write
|
||
|
353E000
|
stack
|
page read and write
|
||
|
B6E000
|
unkown
|
page execute and read and write
|
||
|
4420000
|
direct allocation
|
page execute and read and write
|
||
|
C07000
|
heap
|
page read and write
|
||
|
3DBE000
|
stack
|
page read and write
|
||
|
94E000
|
unkown
|
page execute and read and write
|
||
|
38CF000
|
stack
|
page read and write
|
||
|
FBC000
|
stack
|
page read and write
|
||
|
3B4F000
|
stack
|
page read and write
|
||
|
AFE000
|
stack
|
page read and write
|
||
|
12FD000
|
stack
|
page read and write
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
4420000
|
direct allocation
|
page execute and read and write
|
||
|
4850000
|
heap
|
page read and write
|
||
|
47ED000
|
direct allocation
|
page read and write
|
||
|
BAD000
|
unkown
|
page execute and read and write
|
||
|
13CC000
|
heap
|
page read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
33BE000
|
stack
|
page read and write
|
||
|
4E40000
|
direct allocation
|
page execute and read and write
|
||
|
49EE000
|
stack
|
page read and write
|
||
|
957000
|
unkown
|
page execute and read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
2BBF000
|
stack
|
page read and write
|
||
|
4E40000
|
direct allocation
|
page execute and read and write
|
||
|
3B7E000
|
stack
|
page read and write
|
||
|
308F000
|
stack
|
page read and write
|
||
|
597000
|
unkown
|
page execute and read and write
|
||
|
39BE000
|
stack
|
page read and write
|
||
|
7B1000
|
unkown
|
page execute and read and write
|
||
|
F7C000
|
stack
|
page read and write
|
||
|
2B3E000
|
stack
|
page read and write
|
||
|
398E000
|
stack
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
50C000
|
heap
|
page read and write
|
||
|
413F000
|
stack
|
page read and write
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
38BE000
|
stack
|
page read and write
|
||
|
4420000
|
direct allocation
|
page execute and read and write
|
||
|
43BF000
|
stack
|
page read and write
|
||
|
13F3000
|
heap
|
page read and write
|
||
|
39FF000
|
stack
|
page read and write
|
||
|
3C7F000
|
stack
|
page read and write
|
||
|
1415000
|
heap
|
page read and write
|
||
|
494E000
|
stack
|
page read and write
|
||
|
4C30000
|
direct allocation
|
page execute and read and write
|
||
|
461000
|
unkown
|
page execute and write copy
|
||
|
C21000
|
unkown
|
page execute and write copy
|
||
|
37BE000
|
stack
|
page read and write
|
||
|
14F4000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
4C30000
|
direct allocation
|
page execute and read and write
|
||
|
3D7E000
|
stack
|
page read and write
|
||
|
593000
|
unkown
|
page write copy
|
||
|
373E000
|
stack
|
page read and write
|
||
|
820000
|
unkown
|
page readonly
|
||
|
503D000
|
stack
|
page read and write
|
||
|
13BA000
|
heap
|
page read and write
|
||
|
49DE000
|
stack
|
page read and write
|
||
|
363E000
|
stack
|
page read and write
|
||
|
347F000
|
stack
|
page read and write
|
||
|
4E40000
|
direct allocation
|
page execute and read and write
|
||
|
3B3E000
|
stack
|
page read and write
|
||
|
460E000
|
stack
|
page read and write
|
||
|
468F000
|
stack
|
page read and write
|
||
|
4A8E000
|
stack
|
page read and write
|
||
|
420F000
|
stack
|
page read and write
|
||
|
153F000
|
heap
|
page read and write
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
D1D000
|
unkown
|
page execute and write copy
|
||
|
3EFF000
|
stack
|
page read and write
|
||
|
4C1F000
|
stack
|
page read and write
|
||
|
434F000
|
stack
|
page read and write
|
||
|
597000
|
unkown
|
page execute and read and write
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
377F000
|
stack
|
page read and write
|
||
|
404F000
|
stack
|
page read and write
|
||
|
283E000
|
stack
|
page read and write
|
||
|
4C30000
|
direct allocation
|
page execute and read and write
|
||
|
4420000
|
direct allocation
|
page execute and read and write
|
||
|
390E000
|
stack
|
page read and write
|
||
|
CC5000
|
heap
|
page read and write
|
||
|
323F000
|
stack
|
page read and write
|
||
|
4CBE000
|
stack
|
page read and write
|
||
|
4C30000
|
direct allocation
|
page execute and read and write
|
||
|
953000
|
unkown
|
page write copy
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
3C8F000
|
stack
|
page read and write
|
||
|
44FF000
|
stack
|
page read and write
|
||
|
34BE000
|
stack
|
page read and write
|
||
|
FBC000
|
unkown
|
page execute and write copy
|
||
|
387F000
|
stack
|
page read and write
|
||
|
B71000
|
unkown
|
page execute and read and write
|
||
|
4420000
|
direct allocation
|
page execute and read and write
|
||
|
4420000
|
direct allocation
|
page execute and read and write
|
||
|
460000
|
unkown
|
page read and write
|
||
|
437F000
|
stack
|
page read and write
|
||
|
4C30000
|
direct allocation
|
page execute and read and write
|
||
|
303E000
|
stack
|
page read and write
|
||
|
33CF000
|
stack
|
page read and write
|
||
|
1460000
|
heap
|
page read and write
|
||
|
394F000
|
stack
|
page read and write
|
||
|
FB5000
|
heap
|
page read and write
|
||
|
C20000
|
unkown
|
page readonly
|
||
|
4E13000
|
heap
|
page read and write
|
||
|
370E000
|
stack
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
26FE000
|
stack
|
page read and write
|
||
|
2ABE000
|
stack
|
page read and write
|
||
|
49F0000
|
heap
|
page read and write
|
||
|
D57000
|
unkown
|
page execute and read and write
|
||
|
4420000
|
direct allocation
|
page execute and read and write
|
||
|
7FB000
|
unkown
|
page execute and read and write
|
||
|
41CD000
|
stack
|
page read and write
|
||
|
3DFE000
|
stack
|
page read and write
|
||
|
354E000
|
stack
|
page read and write
|
||
|
71E000
|
unkown
|
page execute and read and write
|
||
|
D1C000
|
unkown
|
page execute and read and write
|
||
|
28F7000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
F6E000
|
unkown
|
page execute and read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
BBB000
|
unkown
|
page execute and write copy
|
||
|
3137000
|
heap
|
page read and write
|
||
|
3E8E000
|
stack
|
page read and write
|
||
|
30FE000
|
stack
|
page read and write
|
||
|
363F000
|
stack
|
page read and write
|
||
|
454F000
|
stack
|
page read and write
|
||
|
7ED000
|
unkown
|
page execute and read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
BBC000
|
unkown
|
page execute and write copy
|
||
|
340E000
|
stack
|
page read and write
|
||
|
513E000
|
stack
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
490F000
|
stack
|
page read and write
|
||
|
474E000
|
stack
|
page read and write
|
||
|
D2A000
|
heap
|
page read and write
|
||
|
34FE000
|
stack
|
page read and write
|
||
|
31FF000
|
stack
|
page read and write
|
||
|
7FC000
|
unkown
|
page execute and write copy
|
||
|
2F7F000
|
stack
|
page read and write
|
||
|
47CF000
|
stack
|
page read and write
|
||
|
380F000
|
stack
|
page read and write
|
||
|
7FB000
|
unkown
|
page execute and read and write
|
||
|
3AFF000
|
stack
|
page read and write
|
||
|
300F000
|
stack
|
page read and write
|
||
|
14BA000
|
heap
|
page read and write
|
||
|
458E000
|
stack
|
page read and write
|
||
|
4E10000
|
direct allocation
|
page execute and read and write
|
||
|
3CCE000
|
stack
|
page read and write
|
||
|
2F8E000
|
stack
|
page read and write
|
||
|
3CBE000
|
stack
|
page read and write
|
||
|
2D7F000
|
stack
|
page read and write
|
||
|
4E40000
|
direct allocation
|
page execute and read and write
|
||
|
FBB000
|
unkown
|
page execute and write copy
|
||
|
3ABE000
|
stack
|
page read and write
|
||
|
35FF000
|
stack
|
page read and write
|
||
|
337E000
|
stack
|
page read and write
|
||
|
47BE000
|
stack
|
page read and write
|
||
|
28E0000
|
direct allocation
|
page execute and read and write
|
||
|
FBB000
|
unkown
|
page execute and read and write
|
||
|
3FCE000
|
stack
|
page read and write
|
||
|
403E000
|
stack
|
page read and write
|
||
|
397F000
|
stack
|
page read and write
|
||
|
3C7E000
|
stack
|
page read and write
|
||
|
820000
|
unkown
|
page read and write
|
||
|
30BF000
|
stack
|
page read and write
|
||
|
35CE000
|
stack
|
page read and write
|
||
|
35FE000
|
stack
|
page read and write
|
||
|
2CFF000
|
stack
|
page read and write
|
||
|
37CE000
|
stack
|
page read and write
|
||
|
F71000
|
unkown
|
page execute and read and write
|
||
|
377E000
|
stack
|
page read and write
|
||
|
41BE000
|
stack
|
page read and write
|
||
|
14FC000
|
heap
|
page read and write
|
||
|
2EBF000
|
stack
|
page read and write
|
||
|
14BE000
|
heap
|
page read and write
|
||
|
11D5000
|
heap
|
page read and write
|
||
|
43FD000
|
heap
|
page read and write
|
||
|
427F000
|
stack
|
page read and write
|
||
|
94E000
|
unkown
|
page execute and read and write
|
||
|
34BF000
|
stack
|
page read and write
|
||
|
3B3F000
|
stack
|
page read and write
|
||
|
400000
|
heap
|
page read and write
|
||
|
1467000
|
heap
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
4420000
|
direct allocation
|
page execute and read and write
|
||
|
450D000
|
direct allocation
|
page read and write
|
||
|
957000
|
unkown
|
page execute and read and write
|
||
|
408E000
|
stack
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
457E000
|
stack
|
page read and write
|
||
|
46E0000
|
direct allocation
|
page execute and read and write
|
||
|
D1D000
|
unkown
|
page execute and write copy
|
||
|
4E40000
|
direct allocation
|
page execute and read and write
|
||
|
4C01000
|
heap
|
page read and write
|
||
|
3ACE000
|
stack
|
page read and write
|
||
|
11B7000
|
heap
|
page read and write
|
||
|
45D000
|
stack
|
page read and write
|
||
|
427E000
|
stack
|
page read and write
|
||
|
318E000
|
stack
|
page read and write
|
||
|
384E000
|
stack
|
page read and write
|
||
|
2D3E000
|
stack
|
page read and write
|
||
|
4C30000
|
direct allocation
|
page execute and read and write
|
||
|
DAC000
|
stack
|
page read and write
|
||
|
14B0000
|
heap
|
page read and write
|
||
|
43FE000
|
stack
|
page read and write
|
||
|
424E000
|
stack
|
page read and write
|
||
|
153F000
|
heap
|
page read and write
|
||
|
2C3F000
|
stack
|
page read and write
|
||
|
13EB000
|
heap
|
page read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
480E000
|
stack
|
page read and write
|
||
|
463F000
|
stack
|
page read and write
|
||
|
4C30000
|
direct allocation
|
page execute and read and write
|
||
|
7FB000
|
unkown
|
page execute and write copy
|
||
|
440F000
|
stack
|
page read and write
|
||
|
58E000
|
unkown
|
page execute and read and write
|
||
|
4C00000
|
direct allocation
|
page execute and read and write
|
||
|
320E000
|
stack
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
2FFF000
|
stack
|
page read and write
|
||
|
2DBE000
|
stack
|
page read and write
|
||
|
40FF000
|
stack
|
page read and write
|
||
|
2C7E000
|
stack
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
438D000
|
stack
|
page read and write
|
||
|
510E000
|
stack
|
page read and write
|
||
|
407E000
|
stack
|
page read and write
|
||
|
111C000
|
unkown
|
page execute and read and write
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
499F000
|
stack
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
460000
|
unkown
|
page read and write
|
||
|
4C30000
|
direct allocation
|
page execute and read and write
|
||
|
2EFE000
|
stack
|
page read and write
|
||
|
820000
|
unkown
|
page readonly
|
||
|
289E000
|
stack
|
page read and write
|
||
|
2E3F000
|
stack
|
page read and write
|
||
|
31CF000
|
stack
|
page read and write
|
||
|
593000
|
unkown
|
page write copy
|
||
|
3EBE000
|
stack
|
page read and write
|
||
|
820000
|
unkown
|
page read and write
|
||
|
42CF000
|
stack
|
page read and write
|
||
|
14FC000
|
heap
|
page read and write
|
||
|
423F000
|
stack
|
page read and write
|
||
|
43F0000
|
direct allocation
|
page execute and read and write
|
||
|
111D000
|
unkown
|
page execute and write copy
|
||
|
461000
|
unkown
|
page execute and write copy
|
||
|
3DCF000
|
stack
|
page read and write
|
||
|
12FD000
|
stack
|
page read and write
|
||
|
13F3000
|
heap
|
page read and write
|
||
|
2BFE000
|
stack
|
page read and write
|
||
|
3FFE000
|
stack
|
page read and write
|
||
|
3AFE000
|
stack
|
page read and write
|
||
|
95D000
|
unkown
|
page execute and write copy
|
||
|
4B7E000
|
stack
|
page read and write
|
||
|
2E7E000
|
stack
|
page read and write
|
||
|
32BE000
|
stack
|
page read and write
|
||
|
4E40000
|
direct allocation
|
page execute and read and write
|
||
|
4F30000
|
heap
|
page read and write
|
||
|
7FB000
|
unkown
|
page execute and write copy
|
||
|
48ED000
|
stack
|
page read and write
|
||
|
313F000
|
stack
|
page read and write
|
||
|
4B1E000
|
stack
|
page read and write
|
||
|
3C3E000
|
stack
|
page read and write
|
||
|
403F000
|
stack
|
page read and write
|
||
|
EDE000
|
unkown
|
page execute and read and write
|
||
|
443E000
|
stack
|
page read and write
|
||
|
4D1D000
|
direct allocation
|
page read and write
|
||
|
3E7F000
|
stack
|
page read and write
|
||
|
358F000
|
stack
|
page read and write
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
7B1000
|
unkown
|
page execute and read and write
|
||
|
B71000
|
unkown
|
page execute and read and write
|
||
|
293F000
|
stack
|
page read and write
|
||
|
4EED000
|
direct allocation
|
page read and write
|
||
|
3FBF000
|
stack
|
page read and write
|
||
|
D53000
|
unkown
|
page write copy
|
||
|
3D0F000
|
stack
|
page read and write
|
||
|
1537000
|
heap
|
page read and write
|
||
|
4420000
|
direct allocation
|
page execute and read and write
|
||
|
7DE000
|
unkown
|
page execute and read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
40CF000
|
stack
|
page read and write
|
||
|
14FA000
|
heap
|
page read and write
|
||
|
49FF000
|
stack
|
page read and write
|
||
|
334E000
|
stack
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
383F000
|
stack
|
page read and write
|
||
|
453E000
|
stack
|
page read and write
|
||
|
462D000
|
stack
|
page read and write
|
||
|
4B8F000
|
stack
|
page read and write
|
||
|
35BF000
|
stack
|
page read and write
|
||
|
328F000
|
stack
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
5140000
|
heap
|
page read and write
|
||
|
330F000
|
stack
|
page read and write
|
||
|
3C3F000
|
stack
|
page read and write
|
||
|
323E000
|
stack
|
page read and write
|
||
|
34FF000
|
stack
|
page read and write
|
||
|
43FF000
|
stack
|
page read and write
|
||
|
3E0E000
|
stack
|
page read and write
|
||
|
3B8E000
|
stack
|
page read and write
|
||
|
7AE000
|
unkown
|
page execute and read and write
|
||
|
4E40000
|
direct allocation
|
page execute and read and write
|
||
|
2AFF000
|
stack
|
page read and write
|
||
|
BBB000
|
unkown
|
page execute and read and write
|
||
|
350F000
|
stack
|
page read and write
|
||
|
D32000
|
heap
|
page read and write
|
||
|
4E40000
|
direct allocation
|
page execute and read and write
|
||
|
46E0000
|
direct allocation
|
page execute and read and write
|
||
|
410E000
|
stack
|
page read and write
|
||
|
953000
|
unkown
|
page write copy
|
||
|
46E0000
|
direct allocation
|
page execute and read and write
|
||
|
417F000
|
stack
|
page read and write
|
||
|
D34000
|
heap
|
page read and write
|
||
|
50C000
|
heap
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
46E0000
|
direct allocation
|
page execute and read and write
|
||
|
3D7F000
|
stack
|
page read and write
|
||
|
3D4E000
|
stack
|
page read and write
|
||
|
D1C000
|
unkown
|
page execute and read and write
|
||
|
3EFE000
|
stack
|
page read and write
|
||
|
95D000
|
unkown
|
page execute and write copy
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
48BF000
|
stack
|
page read and write
|
||
|
14FD000
|
heap
|
page read and write
|
||
|
448F000
|
stack
|
page read and write
|
||
|
4C7F000
|
stack
|
page read and write
|
||
|
4E40000
|
direct allocation
|
page execute and read and write
|
||
|
3F4E000
|
stack
|
page read and write
|
||
|
BBC000
|
unkown
|
page execute and write copy
|
||
|
477F000
|
stack
|
page read and write
|
||
|
317E000
|
stack
|
page read and write
|
||
|
46E0000
|
direct allocation
|
page execute and read and write
|
||
|
348E000
|
stack
|
page read and write
|
||
|
32CE000
|
stack
|
page read and write
|
||
|
453F000
|
stack
|
page read and write
|
||
|
2ECF000
|
stack
|
page read and write
|
||
|
3F0F000
|
stack
|
page read and write
|
||
|
460000
|
unkown
|
page readonly
|
||
|
500E000
|
stack
|
page read and write
|
||
|
4C30000
|
direct allocation
|
page execute and read and write
|
||
|
BBB000
|
unkown
|
page execute and read and write
|
||
|
417E000
|
stack
|
page read and write
|
||
|
42BF000
|
stack
|
page read and write
|
||
|
D4E000
|
unkown
|
page execute and read and write
|
||
|
593000
|
unkown
|
page write copy
|
||
|
46E0000
|
direct allocation
|
page execute and read and write
|
||
|
28F0000
|
heap
|
page read and write
|
||
|
3E4F000
|
stack
|
page read and write
|
||
|
327F000
|
stack
|
page read and write
|
||
|
4D5F000
|
stack
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
95C000
|
unkown
|
page execute and read and write
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
4DD8000
|
heap
|
page read and write
|
||
|
3F3E000
|
stack
|
page read and write
|
||
|
3D3F000
|
stack
|
page read and write
|
||
|
4DA000
|
heap
|
page read and write
|
||
|
4E2E000
|
stack
|
page read and write
|
||
|
333F000
|
stack
|
page read and write
|
||
|
2DCE000
|
stack
|
page read and write
|
||
|
4420000
|
direct allocation
|
page execute and read and write
|
||
|
B9E000
|
unkown
|
page execute and read and write
|
||
|
46E0000
|
direct allocation
|
page execute and read and write
|
||
|
304E000
|
stack
|
page read and write
|
||
|
39BF000
|
stack
|
page read and write
|
||
|
2FBE000
|
stack
|
page read and write
|
||
|
7DE000
|
unkown
|
page execute and read and write
|
||
|
FAD000
|
unkown
|
page execute and read and write
|
||
|
3C0E000
|
stack
|
page read and write
|
||
|
364F000
|
stack
|
page read and write
|
||
|
2F0E000
|
stack
|
page read and write
|
||
|
484F000
|
stack
|
page read and write
|
||
|
4420000
|
direct allocation
|
page execute and read and write
|
||
|
2A7F000
|
stack
|
page read and write
|
||
|
ADE000
|
unkown
|
page execute and read and write
|
||
|
30CF000
|
stack
|
page read and write
|
||
|
14F0000
|
heap
|
page read and write
|
||
|
46E0000
|
direct allocation
|
page execute and read and write
|
||
|
F9E000
|
unkown
|
page execute and read and write
|
||
|
33BF000
|
stack
|
page read and write
|
||
|
14FE000
|
heap
|
page read and write
|
||
|
38FE000
|
stack
|
page read and write
|
||
|
430E000
|
stack
|
page read and write
|
||
|
35C000
|
stack
|
page read and write
|
||
|
46CE000
|
stack
|
page read and write
|
||
|
39FE000
|
stack
|
page read and write
|
||
|
B9E000
|
unkown
|
page execute and read and write
|
||
|
C20000
|
unkown
|
page read and write
|
||
|
472E000
|
stack
|
page read and write
|
||
|
BBB000
|
unkown
|
page execute and write copy
|
||
|
45CF000
|
stack
|
page read and write
|
There are 495 hidden memdumps, click here to show them.