Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
LisectAVT_2403002A_460.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Dalymore\Laddonia.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Laddonia.vbs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\My App.exe.log
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\aut1BC1.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut1C00.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut70BD.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut713B.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\autE716.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\autE755.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\kinematical
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\uppishly
|
ASCII text, with very long lines (29718), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\My App\My App.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
modified
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\LisectAVT_2403002A_460.exe
|
"C:\Users\user\Desktop\LisectAVT_2403002A_460.exe"
|
|
|
|
C:\Users\user\AppData\Local\Dalymore\Laddonia.exe
|
"C:\Users\user\Desktop\LisectAVT_2403002A_460.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Users\user\Desktop\LisectAVT_2403002A_460.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\My App\My App.exe
|
"C:\Users\user\AppData\Roaming\My App\My App.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\My App\My App.exe
|
"C:\Users\user\AppData\Roaming\My App\My App.exe"
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Laddonia.vbs"
|
|
|
|
C:\Users\user\AppData\Local\Dalymore\Laddonia.exe
|
"C:\Users\user\AppData\Local\Dalymore\Laddonia.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Users\user\AppData\Local\Dalymore\Laddonia.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.ipify.org/
|
104.26.13.205
|
||
|
https://api.ipify.org
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
http://mail.agrosparta.gr
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
https://api.ipify.org/t
|
unknown
|
||
|
http://agrosparta.gr
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
agrosparta.gr
|
78.46.216.122
|
|
|
|
mail.agrosparta.gr
|
unknown
|
|
|
|
api.ipify.org
|
104.26.13.205
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
78.46.216.122
|
agrosparta.gr
|
Germany
|
|
|
|
104.26.13.205
|
api.ipify.org
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
My App
|
There are 6 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
30F3000
|
trusted library allocation
|
page read and write
|
|
|
|
35D0000
|
direct allocation
|
page read and write
|
|
|
|
3B2000
|
system
|
page execute and read and write
|
|
|
|
1190000
|
direct allocation
|
page read and write
|
|
|
|
30B1000
|
trusted library allocation
|
page read and write
|
|
|
|
271C000
|
trusted library allocation
|
page read and write
|
|
|
|
26F1000
|
trusted library allocation
|
page read and write
|
|
|
|
12AC000
|
heap
|
page read and write
|
||
|
196D000
|
stack
|
page read and write
|
||
|
112F000
|
heap
|
page read and write
|
||
|
77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
700000
|
unkown
|
page readonly
|
||
|
1413000
|
heap
|
page read and write
|
||
|
261E000
|
trusted library allocation
|
page read and write
|
||
|
3C80000
|
direct allocation
|
page read and write
|
||
|
3610000
|
direct allocation
|
page read and write
|
||
|
10F9000
|
stack
|
page read and write
|
||
|
3061000
|
trusted library allocation
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
3D71000
|
direct allocation
|
page read and write
|
||
|
3E1E000
|
direct allocation
|
page read and write
|
||
|
112E000
|
heap
|
page read and write
|
||
|
4BCF000
|
stack
|
page read and write
|
||
|
36A4000
|
heap
|
page read and write
|
||
|
3AE0000
|
direct allocation
|
page read and write
|
||
|
1428000
|
heap
|
page read and write
|
||
|
3C80000
|
direct allocation
|
page read and write
|
||
|
13DB000
|
stack
|
page read and write
|
||
|
14EE000
|
heap
|
page read and write
|
||
|
3050000
|
heap
|
page execute and read and write
|
||
|
6A50000
|
trusted library allocation
|
page read and write
|
||
|
3BCD000
|
direct allocation
|
page read and write
|
||
|
3C3E000
|
direct allocation
|
page read and write
|
||
|
12C0000
|
trusted library allocation
|
page read and write
|
||
|
13FF000
|
stack
|
page read and write
|
||
|
12D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
3AE0000
|
direct allocation
|
page read and write
|
||
|
306C000
|
trusted library allocation
|
page read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
121D000
|
heap
|
page read and write
|
||
|
4061000
|
trusted library allocation
|
page read and write
|
||
|
92B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2919BFE000
|
stack
|
page read and write
|
||
|
123B000
|
heap
|
page read and write
|
||
|
BC2000
|
unkown
|
page readonly
|
||
|
D90000
|
heap
|
page read and write
|
||
|
2600000
|
trusted library allocation
|
page read and write
|
||
|
7C2000
|
unkown
|
page readonly
|
||
|
4D73000
|
heap
|
page read and write
|
||
|
7CA000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
FBF000
|
stack
|
page read and write
|
||
|
12DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2621000
|
trusted library allocation
|
page read and write
|
||
|
4F1F000
|
stack
|
page read and write
|
||
|
14EF000
|
stack
|
page read and write
|
||
|
3311000
|
trusted library allocation
|
page read and write
|
||
|
8F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
784000
|
trusted library allocation
|
page read and write
|
||
|
10CC000
|
heap
|
page read and write
|
||
|
3A23000
|
direct allocation
|
page read and write
|
||
|
3D7E000
|
direct allocation
|
page read and write
|
||
|
657F000
|
heap
|
page read and write
|
||
|
6B50000
|
trusted library allocation
|
page read and write
|
||
|
12F0000
|
heap
|
page read and write
|
||
|
27A0000
|
heap
|
page execute and read and write
|
||
|
7CC000
|
unkown
|
page read and write
|
||
|
A6E000
|
stack
|
page read and write
|
||
|
6B47000
|
trusted library allocation
|
page read and write
|
||
|
FDB000
|
stack
|
page read and write
|
||
|
1226000
|
heap
|
page read and write
|
||
|
4CDE000
|
stack
|
page read and write
|
||
|
14EF000
|
heap
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
24AC000
|
stack
|
page read and write
|
||
|
303D000
|
trusted library allocation
|
page read and write
|
||
|
4D6D000
|
trusted library allocation
|
page read and write
|
||
|
14FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
BCC000
|
unkown
|
page write copy
|
||
|
3BC9000
|
direct allocation
|
page read and write
|
||
|
291A2FE000
|
stack
|
page read and write
|
||
|
3016000
|
trusted library allocation
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
240B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5320000
|
trusted library allocation
|
page read and write
|
||
|
61D0000
|
trusted library allocation
|
page read and write
|
||
|
4D60000
|
trusted library allocation
|
page read and write
|
||
|
517E000
|
direct allocation
|
page read and write
|
||
|
4C0E000
|
stack
|
page read and write
|
||
|
13EF000
|
stack
|
page read and write
|
||
|
14AA000
|
heap
|
page read and write
|
||
|
5620000
|
heap
|
page read and write
|
||
|
7CC000
|
unkown
|
page read and write
|
||
|
129E000
|
heap
|
page read and write
|
||
|
12ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F30000
|
heap
|
page read and write
|
||
|
3AE0000
|
direct allocation
|
page read and write
|
||
|
2405000
|
trusted library allocation
|
page execute and read and write
|
||
|
3BC9000
|
direct allocation
|
page read and write
|
||
|
BCC000
|
unkown
|
page read and write
|
||
|
14F0000
|
heap
|
page read and write
|
||
|
3AE0000
|
direct allocation
|
page read and write
|
||
|
7D0000
|
unkown
|
page write copy
|
||
|
15C0000
|
trusted library allocation
|
page read and write
|
||
|
60F0000
|
trusted library allocation
|
page read and write
|
||
|
7F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1092000
|
heap
|
page read and write
|
||
|
1280000
|
heap
|
page read and write
|
||
|
3C80000
|
direct allocation
|
page read and write
|
||
|
5BC7000
|
trusted library allocation
|
page read and write
|
||
|
929000
|
stack
|
page read and write
|
||
|
68E000
|
stack
|
page read and write
|
||
|
103E000
|
stack
|
page read and write
|
||
|
1D6E000
|
stack
|
page read and write
|
||
|
192F000
|
stack
|
page read and write
|
||
|
580000
|
trusted library allocation
|
page read and write
|
||
|
7D8000
|
heap
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
780000
|
trusted library allocation
|
page read and write
|
||
|
3C3E000
|
direct allocation
|
page read and write
|
||
|
4CFE000
|
stack
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
700000
|
unkown
|
page readonly
|
||
|
4A4E000
|
stack
|
page read and write
|
||
|
19CF000
|
stack
|
page read and write
|
||
|
850000
|
heap
|
page execute and read and write
|
||
|
155F000
|
heap
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
12D2000
|
heap
|
page read and write
|
||
|
FCE000
|
stack
|
page read and write
|
||
|
DC0000
|
direct allocation
|
page execute and read and write
|
||
|
3A23000
|
direct allocation
|
page read and write
|
||
|
505F000
|
stack
|
page read and write
|
||
|
3FA000
|
unkown
|
page readonly
|
||
|
ABE000
|
stack
|
page read and write
|
||
|
113E000
|
stack
|
page read and write
|
||
|
3C3E000
|
direct allocation
|
page read and write
|
||
|
14F0000
|
trusted library allocation
|
page read and write
|
||
|
291A1FD000
|
stack
|
page read and write
|
||
|
656D000
|
heap
|
page read and write
|
||
|
3900000
|
direct allocation
|
page read and write
|
||
|
1203000
|
heap
|
page read and write
|
||
|
977E000
|
direct allocation
|
page read and write
|
||
|
109A000
|
heap
|
page read and write
|
||
|
5AF2000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
36FE000
|
trusted library allocation
|
page read and write
|
||
|
3900000
|
direct allocation
|
page read and write
|
||
|
1DEA1736000
|
heap
|
page read and write
|
||
|
C2F000
|
stack
|
page read and write
|
||
|
3AA0000
|
direct allocation
|
page read and write
|
||
|
3AE0000
|
direct allocation
|
page read and write
|
||
|
250E000
|
stack
|
page read and write
|
||
|
668D000
|
stack
|
page read and write
|
||
|
6F40000
|
heap
|
page read and write
|
||
|
3DAD000
|
direct allocation
|
page read and write
|
||
|
B00000
|
unkown
|
page readonly
|
||
|
701000
|
unkown
|
page execute read
|
||
|
1068000
|
heap
|
page read and write
|
||
|
AB7E000
|
direct allocation
|
page read and write
|
||
|
1286000
|
heap
|
page read and write
|
||
|
2626000
|
trusted library allocation
|
page read and write
|
||
|
1505000
|
trusted library allocation
|
page execute and read and write
|
||
|
26A1000
|
trusted library allocation
|
page read and write
|
||
|
4A80000
|
heap
|
page execute and read and write
|
||
|
1366000
|
heap
|
page read and write
|
||
|
1420000
|
heap
|
page read and write
|
||
|
FCF000
|
stack
|
page read and write
|
||
|
7A8000
|
heap
|
page read and write
|
||
|
5609000
|
trusted library allocation
|
page read and write
|
||
|
150B000
|
trusted library allocation
|
page execute and read and write
|
||
|
900000
|
trusted library allocation
|
page read and write
|
||
|
262D000
|
trusted library allocation
|
page read and write
|
||
|
68C000
|
stack
|
page read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
14ED000
|
heap
|
page read and write
|
||
|
1286000
|
heap
|
page read and write
|
||
|
3900000
|
direct allocation
|
page read and write
|
||
|
640C000
|
stack
|
page read and write
|
||
|
2919AFA000
|
stack
|
page read and write
|
||
|
1500000
|
trusted library allocation
|
page read and write
|
||
|
3AE0000
|
direct allocation
|
page read and write
|
||
|
3B0000
|
system
|
page execute and read and write
|
||
|
36C9000
|
trusted library allocation
|
page read and write
|
||
|
30A1000
|
trusted library allocation
|
page read and write
|
||
|
1302000
|
heap
|
page read and write
|
||
|
7D4000
|
unkown
|
page readonly
|
||
|
3C03000
|
direct allocation
|
page read and write
|
||
|
24C0000
|
trusted library allocation
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
7C2000
|
unkown
|
page readonly
|
||
|
2402000
|
trusted library allocation
|
page read and write
|
||
|
1DEA189E000
|
heap
|
page read and write
|
||
|
10AE000
|
heap
|
page read and write
|
||
|
55A0000
|
heap
|
page execute and read and write
|
||
|
523D000
|
stack
|
page read and write
|
||
|
3C80000
|
direct allocation
|
page read and write
|
||
|
D0F000
|
stack
|
page read and write
|
||
|
16EE000
|
stack
|
page read and write
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
527E000
|
stack
|
page read and write
|
||
|
7BE000
|
heap
|
page read and write
|
||
|
3DAD000
|
direct allocation
|
page read and write
|
||
|
948000
|
heap
|
page read and write
|
||
|
1523000
|
heap
|
page read and write
|
||
|
14AA000
|
heap
|
page read and write
|
||
|
16C6000
|
heap
|
page read and write
|
||
|
3C80000
|
direct allocation
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
1126000
|
heap
|
page read and write
|
||
|
14D9000
|
heap
|
page read and write
|
||
|
15B6000
|
trusted library allocation
|
page read and write
|
||
|
1DEA1890000
|
heap
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
50FE000
|
stack
|
page read and write
|
||
|
2640000
|
trusted library allocation
|
page read and write
|
||
|
120E000
|
heap
|
page read and write
|
||
|
52BD000
|
stack
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
4FBD000
|
stack
|
page read and write
|
||
|
121E000
|
heap
|
page read and write
|
||
|
5B77000
|
heap
|
page read and write
|
||
|
59DB000
|
stack
|
page read and write
|
||
|
61E0000
|
trusted library allocation
|
page read and write
|
||
|
35B4000
|
heap
|
page read and write
|
||
|
23D4000
|
trusted library allocation
|
page read and write
|
||
|
1502000
|
trusted library allocation
|
page read and write
|
||
|
3AA0000
|
direct allocation
|
page read and write
|
||
|
B27000
|
heap
|
page read and write
|
||
|
15AE000
|
stack
|
page read and write
|
||
|
8E0000
|
trusted library allocation
|
page read and write
|
||
|
67E0000
|
heap
|
page read and write
|
||
|
1540000
|
trusted library allocation
|
page read and write
|
||
|
1328000
|
heap
|
page read and write
|
||
|
2740000
|
trusted library allocation
|
page read and write
|
||
|
1126000
|
heap
|
page read and write
|
||
|
120B000
|
heap
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
9F0000
|
direct allocation
|
page execute and read and write
|
||
|
4D49000
|
trusted library allocation
|
page read and write
|
||
|
2718000
|
trusted library allocation
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
9B9000
|
heap
|
page read and write
|
||
|
3DA9000
|
direct allocation
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
79E000
|
stack
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
148E000
|
heap
|
page read and write
|
||
|
1560000
|
heap
|
page read and write
|
||
|
14A8000
|
heap
|
page read and write
|
||
|
3C03000
|
direct allocation
|
page read and write
|
||
|
79C000
|
unkown
|
page readonly
|
||
|
14EE000
|
heap
|
page read and write
|
||
|
309F000
|
trusted library allocation
|
page read and write
|
||
|
3036000
|
trusted library allocation
|
page read and write
|
||
|
79C000
|
unkown
|
page readonly
|
||
|
690000
|
heap
|
page read and write
|
||
|
5F5E000
|
stack
|
page read and write
|
||
|
1202000
|
heap
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
1550000
|
trusted library allocation
|
page read and write
|
||
|
23E0000
|
trusted library allocation
|
page read and write
|
||
|
1DEA1789000
|
heap
|
page read and write
|
||
|
701000
|
unkown
|
page execute read
|
||
|
5BB7000
|
trusted library allocation
|
page read and write
|
||
|
26D6000
|
trusted library allocation
|
page read and write
|
||
|
43C000
|
system
|
page execute and read and write
|
||
|
DB4000
|
heap
|
page read and write
|
||
|
3C70000
|
direct allocation
|
page read and write
|
||
|
6A55000
|
trusted library allocation
|
page read and write
|
||
|
12D4000
|
trusted library allocation
|
page read and write
|
||
|
3F0000
|
unkown
|
page readonly
|
||
|
11A5000
|
heap
|
page read and write
|
||
|
40BF000
|
trusted library allocation
|
page read and write
|
||
|
A29000
|
stack
|
page read and write
|
||
|
15E0000
|
heap
|
page read and write
|
||
|
12D2000
|
heap
|
page read and write
|
||
|
700000
|
unkown
|
page readonly
|
||
|
1DEA1840000
|
heap
|
page read and write
|
||
|
7FC50000
|
trusted library allocation
|
page execute and read and write
|
||
|
3900000
|
direct allocation
|
page read and write
|
||
|
B01000
|
unkown
|
page execute read
|
||
|
8F4000
|
trusted library allocation
|
page read and write
|
||
|
904000
|
trusted library allocation
|
page read and write
|
||
|
302A000
|
trusted library allocation
|
page read and write
|
||
|
1331000
|
heap
|
page read and write
|
||
|
12B3000
|
heap
|
page read and write
|
||
|
B9C000
|
unkown
|
page readonly
|
||
|
3C03000
|
direct allocation
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
23ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
5630000
|
heap
|
page read and write
|
||
|
3BC9000
|
direct allocation
|
page read and write
|
||
|
16BC000
|
heap
|
page read and write
|
||
|
4CBC000
|
stack
|
page read and write
|
||
|
3C3E000
|
direct allocation
|
page read and write
|
||
|
5068000
|
trusted library allocation
|
page read and write
|
||
|
15BD000
|
heap
|
page read and write
|
||
|
2724000
|
trusted library allocation
|
page read and write
|
||
|
3DA9000
|
direct allocation
|
page read and write
|
||
|
3C03000
|
direct allocation
|
page read and write
|
||
|
5B65000
|
heap
|
page read and write
|
||
|
1EE000
|
stack
|
page read and write
|
||
|
595000
|
heap
|
page read and write
|
||
|
131A000
|
heap
|
page read and write
|
||
|
5310000
|
trusted library allocation
|
page execute and read and write
|
||
|
BD4000
|
unkown
|
page readonly
|
||
|
797E000
|
direct allocation
|
page read and write
|
||
|
3BCD000
|
direct allocation
|
page read and write
|
||
|
84E000
|
stack
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
12BE000
|
heap
|
page read and write
|
||
|
85E000
|
stack
|
page read and write
|
||
|
13DB000
|
heap
|
page read and write
|
||
|
13E6000
|
heap
|
page read and write
|
||
|
8FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3BC9000
|
direct allocation
|
page read and write
|
||
|
52FE000
|
stack
|
page read and write
|
||
|
FDB000
|
stack
|
page read and write
|
||
|
3AA0000
|
direct allocation
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
112E000
|
heap
|
page read and write
|
||
|
12F8000
|
heap
|
page read and write
|
||
|
8D7E000
|
direct allocation
|
page read and write
|
||
|
3C03000
|
direct allocation
|
page read and write
|
||
|
260B000
|
trusted library allocation
|
page read and write
|
||
|
270C000
|
stack
|
page read and write
|
||
|
4089000
|
trusted library allocation
|
page read and write
|
||
|
7C2000
|
unkown
|
page readonly
|
||
|
3C80000
|
direct allocation
|
page read and write
|
||
|
4D30000
|
heap
|
page execute and read and write
|
||
|
4D10000
|
heap
|
page execute and read and write
|
||
|
260E000
|
trusted library allocation
|
page read and write
|
||
|
678E000
|
stack
|
page read and write
|
||
|
7D4000
|
unkown
|
page readonly
|
||
|
3A23000
|
direct allocation
|
page read and write
|
||
|
5B7E000
|
direct allocation
|
page read and write
|
||
|
3DAD000
|
direct allocation
|
page read and write
|
||
|
129E000
|
heap
|
page read and write
|
||
|
2407000
|
trusted library allocation
|
page execute and read and write
|
||
|
5DA000
|
stack
|
page read and write
|
||
|
86B000
|
heap
|
page read and write
|
||
|
5BAE000
|
stack
|
page read and write
|
||
|
15B4000
|
trusted library allocation
|
page read and write
|
||
|
23F6000
|
trusted library allocation
|
page execute and read and write
|
||
|
33DF000
|
stack
|
page read and write
|
||
|
5ADC000
|
stack
|
page read and write
|
||
|
3A23000
|
direct allocation
|
page read and write
|
||
|
773000
|
trusted library allocation
|
page execute and read and write
|
||
|
60A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
48AD000
|
stack
|
page read and write
|
||
|
4D40000
|
trusted library allocation
|
page read and write
|
||
|
12D0000
|
trusted library allocation
|
page read and write
|
||
|
13B4000
|
heap
|
page read and write
|
||
|
1530000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E1E000
|
direct allocation
|
page read and write
|
||
|
1507000
|
trusted library allocation
|
page execute and read and write
|
||
|
1296000
|
heap
|
page read and write
|
||
|
95F000
|
heap
|
page read and write
|
||
|
23F0000
|
trusted library allocation
|
page read and write
|
||
|
1A0000
|
heap
|
page read and write
|
||
|
129E000
|
heap
|
page read and write
|
||
|
136D000
|
heap
|
page read and write
|
||
|
5BC0000
|
trusted library allocation
|
page read and write
|
||
|
6F7E000
|
direct allocation
|
page read and write
|
||
|
3BC9000
|
direct allocation
|
page read and write
|
||
|
112E000
|
heap
|
page read and write
|
||
|
300E000
|
stack
|
page read and write
|
||
|
130E000
|
heap
|
page read and write
|
||
|
1143000
|
heap
|
page read and write
|
||
|
1DEA16D0000
|
heap
|
page read and write
|
||
|
690E000
|
stack
|
page read and write
|
||
|
1504000
|
heap
|
page read and write
|
||
|
B00000
|
unkown
|
page readonly
|
||
|
4D0E000
|
stack
|
page read and write
|
||
|
129F000
|
heap
|
page read and write
|
||
|
10E7000
|
heap
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
5AE0000
|
heap
|
page read and write
|
||
|
3BCD000
|
direct allocation
|
page read and write
|
||
|
56E000
|
stack
|
page read and write
|
||
|
964000
|
heap
|
page read and write
|
||
|
2420000
|
trusted library allocation
|
page read and write
|
||
|
3BCD000
|
direct allocation
|
page read and write
|
||
|
A17E000
|
direct allocation
|
page read and write
|
||
|
172C000
|
stack
|
page read and write
|
||
|
6550000
|
heap
|
page read and write
|
||
|
7C2000
|
unkown
|
page readonly
|
||
|
8BE000
|
stack
|
page read and write
|
||
|
3CB0000
|
direct allocation
|
page read and write
|
||
|
2732000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
unkown
|
page write copy
|
||
|
2919EFE000
|
stack
|
page read and write
|
||
|
55EE000
|
stack
|
page read and write
|
||
|
3DA9000
|
direct allocation
|
page read and write
|
||
|
14C9000
|
heap
|
page read and write
|
||
|
13CD000
|
heap
|
page read and write
|
||
|
875000
|
heap
|
page read and write
|
||
|
11D8000
|
heap
|
page read and write
|
||
|
1F20000
|
direct allocation
|
page execute and read and write
|
||
|
14EF000
|
heap
|
page read and write
|
||
|
7D5000
|
heap
|
page read and write
|
||
|
6A0E000
|
stack
|
page read and write
|
||
|
C0F000
|
stack
|
page read and write
|
||
|
16F7000
|
heap
|
page read and write
|
||
|
3900000
|
direct allocation
|
page read and write
|
||
|
B10000
|
trusted library allocation
|
page read and write
|
||
|
5BB5000
|
trusted library allocation
|
page read and write
|
||
|
131D000
|
heap
|
page read and write
|
||
|
55F0000
|
heap
|
page read and write
|
||
|
26CE000
|
stack
|
page read and write
|
||
|
6580000
|
trusted library allocation
|
page execute and read and write
|
||
|
2919FFF000
|
stack
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
44EE000
|
stack
|
page read and write
|
||
|
3E1E000
|
direct allocation
|
page read and write
|
||
|
1257000
|
heap
|
page read and write
|
||
|
6530000
|
heap
|
page read and write
|
||
|
118E000
|
stack
|
page read and write
|
||
|
4F7E000
|
stack
|
page read and write
|
||
|
14F6000
|
trusted library allocation
|
page execute and read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
774000
|
trusted library allocation
|
page read and write
|
||
|
3900000
|
direct allocation
|
page read and write
|
||
|
3AA0000
|
direct allocation
|
page read and write
|
||
|
B01000
|
unkown
|
page execute read
|
||
|
16D9000
|
heap
|
page read and write
|
||
|
1454000
|
heap
|
page read and write
|
||
|
5BD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
14EF000
|
heap
|
page read and write
|
||
|
125C000
|
heap
|
page read and write
|
||
|
48E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
14D9000
|
heap
|
page read and write
|
||
|
837E000
|
direct allocation
|
page read and write
|
||
|
96F000
|
stack
|
page read and write
|
||
|
1DEA1706000
|
heap
|
page read and write
|
||
|
630E000
|
stack
|
page read and write
|
||
|
14EE000
|
heap
|
page read and write
|
||
|
291A4FF000
|
stack
|
page read and write
|
||
|
301B000
|
trusted library allocation
|
page read and write
|
||
|
12E0000
|
trusted library allocation
|
page read and write
|
||
|
68CE000
|
stack
|
page read and write
|
||
|
24D0000
|
trusted library allocation
|
page read and write
|
||
|
129D000
|
heap
|
page read and write
|
||
|
3DA9000
|
direct allocation
|
page read and write
|
||
|
79C000
|
unkown
|
page readonly
|
||
|
1694000
|
heap
|
page read and write
|
||
|
1162000
|
heap
|
page read and write
|
||
|
FFF000
|
stack
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
927000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A6F000
|
stack
|
page read and write
|
||
|
15B0000
|
trusted library allocation
|
page read and write
|
||
|
1DEA15F0000
|
heap
|
page read and write
|
||
|
1382000
|
heap
|
page read and write
|
||
|
3E1E000
|
direct allocation
|
page read and write
|
||
|
3BC9000
|
direct allocation
|
page read and write
|
||
|
1767000
|
heap
|
page read and write
|
||
|
26ED000
|
trusted library allocation
|
page read and write
|
||
|
4E1F000
|
stack
|
page read and write
|
||
|
60EE000
|
stack
|
page read and write
|
||
|
3E1E000
|
direct allocation
|
page read and write
|
||
|
112D000
|
heap
|
page read and write
|
||
|
51FE000
|
stack
|
page read and write
|
||
|
477E000
|
direct allocation
|
page read and write
|
||
|
7D0000
|
unkown
|
page write copy
|
||
|
302E000
|
trusted library allocation
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
3EE000
|
system
|
page execute and read and write
|
||
|
4830000
|
trusted library allocation
|
page read and write
|
||
|
3DAD000
|
direct allocation
|
page read and write
|
||
|
109F000
|
heap
|
page read and write
|
||
|
6AFF000
|
stack
|
page read and write
|
||
|
5300000
|
trusted library allocation
|
page read and write
|
||
|
60F7000
|
trusted library allocation
|
page read and write
|
||
|
6ED000
|
heap
|
page read and write
|
||
|
BD4000
|
unkown
|
page readonly
|
||
|
557C000
|
stack
|
page read and write
|
||
|
14EF000
|
heap
|
page read and write
|
||
|
2612000
|
trusted library allocation
|
page read and write
|
||
|
2311000
|
trusted library allocation
|
page read and write
|
||
|
50BE000
|
stack
|
page read and write
|
||
|
1DEA1895000
|
heap
|
page read and write
|
||
|
3AA0000
|
direct allocation
|
page read and write
|
||
|
1520000
|
trusted library allocation
|
page read and write
|
||
|
3010000
|
trusted library allocation
|
page read and write
|
||
|
817000
|
heap
|
page read and write
|
||
|
27B1000
|
trusted library allocation
|
page read and write
|
||
|
FEF000
|
stack
|
page read and write
|
||
|
1296000
|
heap
|
page read and write
|
||
|
1209000
|
heap
|
page read and write
|
||
|
5307000
|
trusted library allocation
|
page read and write
|
||
|
3E1E000
|
direct allocation
|
page read and write
|
||
|
582C000
|
stack
|
page read and write
|
||
|
6EC0000
|
trusted library allocation
|
page read and write
|
||
|
145C000
|
heap
|
page read and write
|
||
|
25C0000
|
heap
|
page read and write
|
||
|
10AE000
|
heap
|
page read and write
|
||
|
1116000
|
heap
|
page read and write
|
||
|
1326000
|
heap
|
page read and write
|
||
|
1286000
|
heap
|
page read and write
|
||
|
3097000
|
trusted library allocation
|
page read and write
|
||
|
24F0000
|
heap
|
page read and write
|
||
|
130E000
|
heap
|
page read and write
|
||
|
13BF000
|
stack
|
page read and write
|
||
|
23DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3022000
|
trusted library allocation
|
page read and write
|
||
|
3E1E000
|
direct allocation
|
page read and write
|
||
|
700000
|
unkown
|
page readonly
|
||
|
2919CFE000
|
stack
|
page read and write
|
||
|
1294000
|
heap
|
page read and write
|
||
|
271A000
|
trusted library allocation
|
page read and write
|
||
|
158D000
|
heap
|
page read and write
|
||
|
1116000
|
heap
|
page read and write
|
||
|
978000
|
heap
|
page read and write
|
||
|
90D000
|
trusted library allocation
|
page execute and read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
129E000
|
heap
|
page read and write
|
||
|
4ACE000
|
stack
|
page read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
2690000
|
heap
|
page execute and read and write
|
||
|
4D20000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
67CE000
|
stack
|
page read and write
|
||
|
46A8000
|
trusted library allocation
|
page read and write
|
||
|
68F000
|
heap
|
page read and write
|
||
|
5AAD000
|
stack
|
page read and write
|
||
|
7CC000
|
unkown
|
page write copy
|
||
|
B20000
|
heap
|
page read and write
|
||
|
1DEA17D0000
|
heap
|
page read and write
|
||
|
14EF000
|
heap
|
page read and write
|
||
|
3DAD000
|
direct allocation
|
page read and write
|
||
|
D8A000
|
stack
|
page read and write
|
||
|
25FE000
|
stack
|
page read and write
|
||
|
1760000
|
heap
|
page read and write
|
||
|
13CE000
|
stack
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
7CC000
|
unkown
|
page write copy
|
||
|
112E000
|
heap
|
page read and write
|
||
|
5600000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
6F9000
|
stack
|
page read and write
|
||
|
25B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3DA9000
|
direct allocation
|
page read and write
|
||
|
24B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3DAD000
|
direct allocation
|
page read and write
|
||
|
14F2000
|
trusted library allocation
|
page read and write
|
||
|
9B3000
|
heap
|
page read and write
|
||
|
FFF000
|
stack
|
page read and write
|
||
|
301E000
|
trusted library allocation
|
page read and write
|
||
|
FEF000
|
stack
|
page read and write
|
||
|
1498000
|
heap
|
page read and write
|
||
|
10E7000
|
heap
|
page read and write
|
||
|
78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5E1F000
|
stack
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
592F000
|
stack
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
36A0000
|
heap
|
page read and write
|
||
|
261A000
|
trusted library allocation
|
page read and write
|
||
|
3BCD000
|
direct allocation
|
page read and write
|
||
|
1DEA17F0000
|
heap
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
120E000
|
heap
|
page read and write
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
24C0000
|
trusted library allocation
|
page read and write
|
||
|
483E000
|
stack
|
page read and write
|
||
|
62CB000
|
stack
|
page read and write
|
||
|
605E000
|
stack
|
page read and write
|
||
|
37A000
|
stack
|
page read and write
|
||
|
1461000
|
heap
|
page read and write
|
||
|
4840000
|
trusted library allocation
|
page read and write
|
||
|
6EF0000
|
heap
|
page read and write
|
||
|
1276000
|
heap
|
page read and write
|
||
|
4B80000
|
heap
|
page read and write
|
||
|
3DA9000
|
direct allocation
|
page read and write
|
||
|
657E000
|
direct allocation
|
page read and write
|
||
|
6A4D000
|
stack
|
page read and write
|
||
|
291A3FE000
|
stack
|
page read and write
|
||
|
745000
|
heap
|
page read and write
|
||
|
7D4000
|
unkown
|
page readonly
|
||
|
6A60000
|
trusted library allocation
|
page execute and read and write
|
||
|
13C000
|
stack
|
page read and write
|
||
|
129E000
|
heap
|
page read and write
|
||
|
3C3E000
|
direct allocation
|
page read and write
|
||
|
3BCD000
|
direct allocation
|
page read and write
|
||
|
6F3000
|
heap
|
page read and write
|
||
|
4F9000
|
stack
|
page read and write
|
||
|
7AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F5E000
|
stack
|
page read and write
|
||
|
2730000
|
trusted library allocation
|
page read and write
|
||
|
6B40000
|
trusted library allocation
|
page read and write
|
||
|
5BBD000
|
trusted library allocation
|
page read and write
|
||
|
701000
|
unkown
|
page execute read
|
||
|
14A9000
|
heap
|
page read and write
|
||
|
79C000
|
unkown
|
page readonly
|
||
|
291A5FC000
|
stack
|
page read and write
|
||
|
37B1000
|
trusted library allocation
|
page read and write
|
||
|
30AD000
|
trusted library allocation
|
page read and write
|
||
|
112E000
|
heap
|
page read and write
|
||
|
23F2000
|
trusted library allocation
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
B9C000
|
unkown
|
page readonly
|
||
|
3C80000
|
direct allocation
|
page read and write
|
||
|
3F2000
|
unkown
|
page readonly
|
||
|
92E000
|
stack
|
page read and write
|
||
|
3C03000
|
direct allocation
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
494E000
|
stack
|
page read and write
|
||
|
3AA0000
|
direct allocation
|
page read and write
|
||
|
4E7C000
|
stack
|
page read and write
|
||
|
678000
|
heap
|
page read and write
|
||
|
43EC000
|
stack
|
page read and write
|
||
|
BC2000
|
unkown
|
page readonly
|
||
|
3DAD000
|
direct allocation
|
page read and write
|
||
|
1461000
|
heap
|
page read and write
|
||
|
23D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A23000
|
direct allocation
|
page read and write
|
||
|
609E000
|
stack
|
page read and write
|
||
|
5BB0000
|
trusted library allocation
|
page read and write
|
||
|
5F1E000
|
stack
|
page read and write
|
||
|
1257000
|
heap
|
page read and write
|
||
|
5623000
|
heap
|
page read and write
|
||
|
35B0000
|
heap
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
7A7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2716000
|
trusted library allocation
|
page read and write
|
||
|
1F00000
|
heap
|
page read and write
|
||
|
A6F000
|
stack
|
page read and write
|
||
|
1106000
|
heap
|
page read and write
|
||
|
4D70000
|
heap
|
page read and write
|
||
|
FBF000
|
stack
|
page read and write
|
||
|
2710000
|
heap
|
page read and write
|
||
|
3031000
|
trusted library allocation
|
page read and write
|
||
|
1453000
|
heap
|
page read and write
|
||
|
7FDF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
3C03000
|
direct allocation
|
page read and write
|
||
|
230E000
|
stack
|
page read and write
|
||
|
137C000
|
heap
|
page read and write
|
||
|
701000
|
unkown
|
page execute read
|
||
|
26DF000
|
trusted library allocation
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
1093000
|
heap
|
page read and write
|
||
|
246E000
|
stack
|
page read and write
|
||
|
144B000
|
heap
|
page read and write
|
||
|
78A000
|
stack
|
page read and write
|
||
|
23D0000
|
trusted library allocation
|
page read and write
|
||
|
4C9E000
|
stack
|
page read and write
|
||
|
23FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
3DA9000
|
direct allocation
|
page read and write
|
||
|
6F00000
|
trusted library allocation
|
page execute and read and write
|
||
|
51FE000
|
stack
|
page read and write
|
||
|
109F000
|
heap
|
page read and write
|
||
|
3AE0000
|
direct allocation
|
page read and write
|
||
|
7D4000
|
unkown
|
page readonly
|
||
|
61CE000
|
stack
|
page read and write
|
||
|
596E000
|
stack
|
page read and write
|
||
|
36A1000
|
trusted library allocation
|
page read and write
|
||
|
129E000
|
heap
|
page read and write
|
||
|
4C30000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C3E000
|
direct allocation
|
page read and write
|
||
|
9AB000
|
heap
|
page read and write
|
||
|
3A23000
|
direct allocation
|
page read and write
|
There are 656 hidden memdumps, click here to show them.