Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
LisectAVT_2403002A_16.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\LisectAVT_2403002A_16.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmpB5CB.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\NxmtwwVGOtEdjd.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\NxmtwwVGOtEdjd.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\NxmtwwVGOtEdjd.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_40gz0kas.ain.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_iutd4lxs.fyj.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_j0zj4ktp.mr3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_l0jvrel1.rfo.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mbzb3ojr.e34.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mutlxdu2.sjn.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tislt1pd.oyq.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_waew54ts.0wj.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpCD2C.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\LisectAVT_2403002A_16.exe
|
"C:\Users\user\Desktop\LisectAVT_2403002A_16.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\LisectAVT_2403002A_16.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\NxmtwwVGOtEdjd.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\NxmtwwVGOtEdjd" /XML "C:\Users\user\AppData\Local\Temp\tmpB5CB.tmp"
|
|
|
|
C:\Users\user\Desktop\LisectAVT_2403002A_16.exe
|
"C:\Users\user\Desktop\LisectAVT_2403002A_16.exe"
|
|
|
|
C:\Users\user\Desktop\LisectAVT_2403002A_16.exe
|
"C:\Users\user\Desktop\LisectAVT_2403002A_16.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\NxmtwwVGOtEdjd.exe
|
C:\Users\user\AppData\Roaming\NxmtwwVGOtEdjd.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\NxmtwwVGOtEdjd" /XML "C:\Users\user\AppData\Local\Temp\tmpCD2C.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\NxmtwwVGOtEdjd.exe
|
"C:\Users\user\AppData\Roaming\NxmtwwVGOtEdjd.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\NxmtwwVGOtEdjd.exe
|
"C:\Users\user\AppData\Roaming\NxmtwwVGOtEdjd.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 5 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
||
|
http://mail.mbarieservicesltd.com
|
unknown
|
There are 17 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mail.mbarieservicesltd.com
|
199.79.62.115
|
|
|
|
171.39.242.20.in-addr.arpa
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
199.79.62.115
|
mail.mbarieservicesltd.com
|
United States
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2D3A000
|
trusted library allocation
|
page read and write
|
|
|
|
2CE1000
|
trusted library allocation
|
page read and write
|
|
|
|
2E71000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
41AF000
|
trusted library allocation
|
page read and write
|
|
|
|
2ECA000
|
trusted library allocation
|
page read and write
|
|
|
|
4500000
|
trusted library allocation
|
page read and write
|
|
|
|
F2A000
|
stack
|
page read and write
|
||
|
406E000
|
trusted library allocation
|
page read and write
|
||
|
5620000
|
trusted library allocation
|
page read and write
|
||
|
53CE000
|
trusted library allocation
|
page read and write
|
||
|
5630000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
972C000
|
stack
|
page read and write
|
||
|
54A3000
|
heap
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
145E000
|
stack
|
page read and write
|
||
|
75E1000
|
heap
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
757A000
|
heap
|
page read and write
|
||
|
10FE000
|
heap
|
page read and write
|
||
|
2BCC000
|
stack
|
page read and write
|
||
|
6210000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
2D48000
|
trusted library allocation
|
page read and write
|
||
|
5940000
|
heap
|
page read and write
|
||
|
53DD000
|
trusted library allocation
|
page read and write
|
||
|
56C0000
|
trusted library allocation
|
page read and write
|
||
|
12E7000
|
heap
|
page read and write
|
||
|
2CE0000
|
trusted library allocation
|
page read and write
|
||
|
44BD000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
777E000
|
stack
|
page read and write
|
||
|
5770000
|
trusted library allocation
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
1300000
|
trusted library allocation
|
page execute and read and write
|
||
|
5760000
|
trusted library allocation
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
12C2000
|
trusted library allocation
|
page read and write
|
||
|
8D5E000
|
stack
|
page read and write
|
||
|
547E000
|
stack
|
page read and write
|
||
|
10CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
43A000
|
stack
|
page read and write
|
||
|
59E0000
|
heap
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
562F000
|
stack
|
page read and write
|
||
|
565D000
|
trusted library allocation
|
page read and write
|
||
|
10A0000
|
trusted library allocation
|
page read and write
|
||
|
2CDE000
|
stack
|
page read and write
|
||
|
14B0000
|
trusted library allocation
|
page read and write
|
||
|
5450000
|
heap
|
page read and write
|
||
|
949E000
|
stack
|
page read and write
|
||
|
62CD000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
trusted library allocation
|
page read and write
|
||
|
75EB000
|
heap
|
page read and write
|
||
|
1348000
|
heap
|
page read and write
|
||
|
A2FE000
|
stack
|
page read and write
|
||
|
7540000
|
heap
|
page read and write
|
||
|
55EE000
|
stack
|
page read and write
|
||
|
B30000
|
unkown
|
page readonly
|
||
|
59E5000
|
heap
|
page read and write
|
||
|
149A000
|
trusted library allocation
|
page execute and read and write
|
||
|
BDA000
|
unkown
|
page readonly
|
||
|
EAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
666F000
|
stack
|
page read and write
|
||
|
51FE000
|
stack
|
page read and write
|
||
|
54D3000
|
heap
|
page read and write
|
||
|
578E000
|
stack
|
page read and write
|
||
|
7310000
|
heap
|
page read and write
|
||
|
FB0000
|
trusted library allocation
|
page read and write
|
||
|
B32000
|
unkown
|
page readonly
|
||
|
2B20000
|
heap
|
page execute and read and write
|
||
|
FD7000
|
heap
|
page read and write
|
||
|
2E16000
|
trusted library allocation
|
page read and write
|
||
|
42D3000
|
trusted library allocation
|
page read and write
|
||
|
11D7000
|
heap
|
page read and write
|
||
|
12FE000
|
stack
|
page read and write
|
||
|
68F000
|
stack
|
page read and write
|
||
|
EEB000
|
trusted library allocation
|
page execute and read and write
|
||
|
F67000
|
stack
|
page read and write
|
||
|
89E6000
|
trusted library allocation
|
page read and write
|
||
|
5990000
|
heap
|
page read and write
|
||
|
54B0000
|
trusted library section
|
page readonly
|
||
|
5674000
|
trusted library allocation
|
page read and write
|
||
|
A680000
|
heap
|
page read and write
|
||
|
5710000
|
trusted library allocation
|
page read and write
|
||
|
1ED000
|
stack
|
page read and write
|
||
|
1005000
|
heap
|
page read and write
|
||
|
2B3E000
|
trusted library allocation
|
page read and write
|
||
|
7040000
|
trusted library allocation
|
page read and write
|
||
|
2DEE000
|
stack
|
page read and write
|
||
|
A80D000
|
stack
|
page read and write
|
||
|
5440000
|
trusted library allocation
|
page read and write
|
||
|
137C000
|
stack
|
page read and write
|
||
|
2840000
|
heap
|
page read and write
|
||
|
1474000
|
trusted library allocation
|
page read and write
|
||
|
ADCC000
|
stack
|
page read and write
|
||
|
4DDD000
|
stack
|
page read and write
|
||
|
5680000
|
trusted library allocation
|
page read and write
|
||
|
EE2000
|
trusted library allocation
|
page read and write
|
||
|
6B7E000
|
stack
|
page read and write
|
||
|
5670000
|
trusted library allocation
|
page read and write
|
||
|
5670000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
trusted library allocation
|
page read and write
|
||
|
190000
|
heap
|
page read and write
|
||
|
3CE1000
|
trusted library allocation
|
page read and write
|
||
|
3220000
|
trusted library allocation
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
506C000
|
stack
|
page read and write
|
||
|
1492000
|
trusted library allocation
|
page read and write
|
||
|
11C8000
|
heap
|
page read and write
|
||
|
6600000
|
trusted library allocation
|
page execute and read and write
|
||
|
5223000
|
heap
|
page read and write
|
||
|
EC0000
|
trusted library allocation
|
page read and write
|
||
|
2B62000
|
trusted library allocation
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
7550000
|
heap
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
6340000
|
trusted library allocation
|
page execute and read and write
|
||
|
45E7000
|
trusted library allocation
|
page read and write
|
||
|
EE5000
|
trusted library allocation
|
page execute and read and write
|
||
|
53BB000
|
trusted library allocation
|
page read and write
|
||
|
12A000
|
stack
|
page read and write
|
||
|
60A0000
|
heap
|
page read and write
|
||
|
6200000
|
trusted library allocation
|
page read and write
|
||
|
3E71000
|
trusted library allocation
|
page read and write
|
||
|
52DD000
|
trusted library allocation
|
page read and write
|
||
|
14E5000
|
heap
|
page read and write
|
||
|
7062000
|
trusted library allocation
|
page read and write
|
||
|
1108000
|
heap
|
page read and write
|
||
|
2D70000
|
trusted library allocation
|
page read and write
|
||
|
61C0000
|
trusted library allocation
|
page read and write
|
||
|
1470000
|
trusted library allocation
|
page read and write
|
||
|
562E000
|
stack
|
page read and write
|
||
|
597C000
|
stack
|
page read and write
|
||
|
939E000
|
stack
|
page read and write
|
||
|
976D000
|
stack
|
page read and write
|
||
|
5A80000
|
trusted library allocation
|
page execute and read and write
|
||
|
588E000
|
stack
|
page read and write
|
||
|
620B000
|
trusted library allocation
|
page read and write
|
||
|
5730000
|
trusted library allocation
|
page execute and read and write
|
||
|
CF9000
|
stack
|
page read and write
|
||
|
A780000
|
trusted library allocation
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
1356000
|
heap
|
page read and write
|
||
|
662E000
|
trusted library allocation
|
page read and write
|
||
|
597E000
|
heap
|
page read and write
|
||
|
1125000
|
heap
|
page read and write
|
||
|
5400000
|
heap
|
page execute and read and write
|
||
|
52C2000
|
trusted library allocation
|
page read and write
|
||
|
12C0000
|
trusted library allocation
|
page read and write
|
||
|
113C000
|
heap
|
page read and write
|
||
|
2EEE000
|
trusted library allocation
|
page read and write
|
||
|
75BF000
|
stack
|
page read and write
|
||
|
43BE000
|
trusted library allocation
|
page read and write
|
||
|
4432000
|
trusted library allocation
|
page read and write
|
||
|
5A50000
|
trusted library allocation
|
page read and write
|
||
|
8D9E000
|
stack
|
page read and write
|
||
|
EA3000
|
trusted library allocation
|
page execute and read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
FA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8C5E000
|
stack
|
page read and write
|
||
|
AB3E000
|
stack
|
page read and write
|
||
|
55E000
|
stack
|
page read and write
|
||
|
911D000
|
stack
|
page read and write
|
||
|
62E0000
|
trusted library allocation
|
page read and write
|
||
|
5651000
|
trusted library allocation
|
page read and write
|
||
|
5700000
|
heap
|
page read and write
|
||
|
544B000
|
trusted library allocation
|
page read and write
|
||
|
12B2000
|
trusted library allocation
|
page read and write
|
||
|
1328000
|
heap
|
page read and write
|
||
|
5700000
|
trusted library section
|
page read and write
|
||
|
E6A000
|
stack
|
page read and write
|
||
|
10D5000
|
trusted library allocation
|
page execute and read and write
|
||
|
1361000
|
heap
|
page read and write
|
||
|
4DE000
|
unkown
|
page read and write
|
||
|
1540000
|
heap
|
page read and write
|
||
|
16BE000
|
stack
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
1294000
|
trusted library allocation
|
page read and write
|
||
|
54A0000
|
heap
|
page read and write
|
||
|
4F6E000
|
stack
|
page read and write
|
||
|
54D0000
|
heap
|
page read and write
|
||
|
99B0000
|
trusted library allocation
|
page read and write
|
||
|
8EAE000
|
stack
|
page read and write
|
||
|
1090000
|
trusted library allocation
|
page read and write
|
||
|
564E000
|
trusted library allocation
|
page read and write
|
||
|
56B0000
|
heap
|
page read and write
|
||
|
5676000
|
trusted library allocation
|
page read and write
|
||
|
A830000
|
trusted library allocation
|
page execute and read and write
|
||
|
1293000
|
trusted library allocation
|
page execute and read and write
|
||
|
A3FF000
|
stack
|
page read and write
|
||
|
6620000
|
trusted library allocation
|
page read and write
|
||
|
10DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
32EF000
|
trusted library allocation
|
page read and write
|
||
|
62C9000
|
trusted library allocation
|
page read and write
|
||
|
5A40000
|
trusted library allocation
|
page execute and read and write
|
||
|
56F0000
|
trusted library allocation
|
page read and write
|
||
|
2B3B000
|
trusted library allocation
|
page read and write
|
||
|
FED000
|
stack
|
page read and write
|
||
|
53B4000
|
trusted library allocation
|
page read and write
|
||
|
E15000
|
heap
|
page read and write
|
||
|
126E000
|
stack
|
page read and write
|
||
|
60D8000
|
heap
|
page read and write
|
||
|
5695000
|
trusted library allocation
|
page read and write
|
||
|
542F000
|
stack
|
page read and write
|
||
|
8EDE000
|
stack
|
page read and write
|
||
|
6250000
|
trusted library allocation
|
page read and write
|
||
|
517E000
|
stack
|
page read and write
|
||
|
99AF000
|
stack
|
page read and write
|
||
|
14A8000
|
trusted library allocation
|
page read and write
|
||
|
12A3000
|
trusted library allocation
|
page read and write
|
||
|
53D1000
|
trusted library allocation
|
page read and write
|
||
|
563B000
|
trusted library allocation
|
page read and write
|
||
|
E0E000
|
stack
|
page read and write
|
||
|
52D6000
|
trusted library allocation
|
page read and write
|
||
|
449D000
|
trusted library allocation
|
page read and write
|
||
|
10A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
60BC000
|
heap
|
page read and write
|
||
|
132E000
|
heap
|
page read and write
|
||
|
12F0000
|
trusted library allocation
|
page read and write
|
||
|
59F000
|
stack
|
page read and write
|
||
|
6680000
|
trusted library allocation
|
page execute and read and write
|
||
|
10D2000
|
trusted library allocation
|
page read and write
|
||
|
10C6000
|
trusted library allocation
|
page execute and read and write
|
||
|
614D000
|
stack
|
page read and write
|
||
|
3CE9000
|
trusted library allocation
|
page read and write
|
||
|
62C7000
|
trusted library allocation
|
page read and write
|
||
|
61F0000
|
trusted library allocation
|
page read and write
|
||
|
118D000
|
heap
|
page read and write
|
||
|
EF9000
|
stack
|
page read and write
|
||
|
52B6000
|
trusted library allocation
|
page read and write
|
||
|
5690000
|
trusted library allocation
|
page read and write
|
||
|
56C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
56E0000
|
trusted library section
|
page read and write
|
||
|
2F60000
|
trusted library allocation
|
page read and write
|
||
|
14E0000
|
heap
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
5BD0000
|
heap
|
page read and write
|
||
|
14BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
652F000
|
stack
|
page read and write
|
||
|
62E4000
|
trusted library allocation
|
page read and write
|
||
|
2820000
|
heap
|
page read and write
|
||
|
5656000
|
trusted library allocation
|
page read and write
|
||
|
5740000
|
trusted library allocation
|
page read and write
|
||
|
10BE000
|
heap
|
page read and write
|
||
|
30D0000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
5712000
|
trusted library allocation
|
page read and write
|
||
|
9120000
|
heap
|
page read and write
|
||
|
2CF0000
|
trusted library allocation
|
page read and write
|
||
|
99C0000
|
trusted library allocation
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
959000
|
stack
|
page read and write
|
||
|
BD0000
|
unkown
|
page readonly
|
||
|
51F000
|
unkown
|
page read and write
|
||
|
10C0000
|
trusted library allocation
|
page read and write
|
||
|
52E2000
|
trusted library allocation
|
page read and write
|
||
|
5A10000
|
heap
|
page read and write
|
||
|
744E000
|
heap
|
page read and write
|
||
|
EA0000
|
trusted library allocation
|
page read and write
|
||
|
152F000
|
stack
|
page read and write
|
||
|
5A60000
|
trusted library allocation
|
page read and write
|
||
|
2FAE000
|
stack
|
page read and write
|
||
|
1460000
|
trusted library allocation
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
2E30000
|
heap
|
page execute and read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
5980000
|
heap
|
page read and write
|
||
|
6257000
|
trusted library allocation
|
page read and write
|
||
|
FC0000
|
trusted library allocation
|
page read and write
|
||
|
5680000
|
heap
|
page execute and read and write
|
||
|
13D5000
|
heap
|
page read and write
|
||
|
61D0000
|
trusted library allocation
|
page read and write
|
||
|
EB0000
|
trusted library allocation
|
page read and write
|
||
|
8FDF000
|
stack
|
page read and write
|
||
|
61D7000
|
trusted library allocation
|
page read and write
|
||
|
5950000
|
heap
|
page read and write
|
||
|
2E91000
|
trusted library allocation
|
page read and write
|
||
|
5460000
|
trusted library allocation
|
page execute and read and write
|
||
|
5490000
|
trusted library allocation
|
page read and write
|
||
|
74BE000
|
stack
|
page read and write
|
||
|
935E000
|
stack
|
page read and write
|
||
|
31DF000
|
stack
|
page read and write
|
||
|
F5E000
|
stack
|
page read and write
|
||
|
11EC000
|
heap
|
page read and write
|
||
|
1280000
|
trusted library allocation
|
page read and write
|
||
|
A783000
|
trusted library allocation
|
page read and write
|
||
|
2B51000
|
trusted library allocation
|
page read and write
|
||
|
98AD000
|
stack
|
page read and write
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
5490000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
610A000
|
heap
|
page read and write
|
||
|
56AB000
|
stack
|
page read and write
|
||
|
5990000
|
trusted library allocation
|
page execute and read and write
|
||
|
4ECE000
|
stack
|
page read and write
|
||
|
60C8000
|
heap
|
page read and write
|
||
|
115F000
|
heap
|
page read and write
|
||
|
5720000
|
heap
|
page execute and read and write
|
||
|
51BE000
|
stack
|
page read and write
|
||
|
A9FE000
|
stack
|
page read and write
|
||
|
2E60000
|
heap
|
page read and write
|
||
|
2F9F000
|
trusted library allocation
|
page read and write
|
||
|
52D1000
|
trusted library allocation
|
page read and write
|
||
|
5D40000
|
trusted library allocation
|
page read and write
|
||
|
309E000
|
stack
|
page read and write
|
||
|
1161000
|
heap
|
page read and write
|
||
|
133E000
|
stack
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
8E9E000
|
stack
|
page read and write
|
||
|
53B0000
|
trusted library allocation
|
page read and write
|
||
|
57D0000
|
trusted library allocation
|
page read and write
|
||
|
31E1000
|
trusted library allocation
|
page read and write
|
||
|
5930000
|
heap
|
page read and write
|
||
|
2E14000
|
trusted library allocation
|
page read and write
|
||
|
11A2000
|
heap
|
page read and write
|
||
|
52BE000
|
trusted library allocation
|
page read and write
|
||
|
5748000
|
trusted library allocation
|
page read and write
|
||
|
8C17000
|
trusted library allocation
|
page read and write
|
||
|
5A20000
|
trusted library allocation
|
page read and write
|
||
|
2CD0000
|
trusted library allocation
|
page read and write
|
||
|
11B4000
|
heap
|
page read and write
|
||
|
1068000
|
heap
|
page read and write
|
||
|
EBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
542C000
|
stack
|
page read and write
|
||
|
63B0000
|
heap
|
page read and write
|
||
|
2B4A000
|
trusted library allocation
|
page read and write
|
||
|
2E10000
|
trusted library allocation
|
page read and write
|
||
|
AECE000
|
stack
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
142F000
|
stack
|
page read and write
|
||
|
3F83000
|
trusted library allocation
|
page read and write
|
||
|
58AE000
|
stack
|
page read and write
|
||
|
12AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
10B0000
|
trusted library allocation
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
52CE000
|
trusted library allocation
|
page read and write
|
||
|
EE7000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E99000
|
trusted library allocation
|
page read and write
|
||
|
10A4000
|
trusted library allocation
|
page read and write
|
||
|
1132000
|
heap
|
page read and write
|
||
|
5784000
|
trusted library section
|
page readonly
|
||
|
284A000
|
heap
|
page read and write
|
||
|
7B90000
|
trusted library section
|
page read and write
|
||
|
6150000
|
heap
|
page read and write
|
||
|
2A78000
|
trusted library allocation
|
page read and write
|
||
|
B7A000
|
stack
|
page read and write
|
||
|
552E000
|
stack
|
page read and write
|
||
|
490000
|
heap
|
page read and write
|
||
|
10C2000
|
trusted library allocation
|
page read and write
|
||
|
75C0000
|
heap
|
page read and write
|
||
|
5BBD000
|
stack
|
page read and write
|
||
|
14B2000
|
trusted library allocation
|
page read and write
|
||
|
A53E000
|
stack
|
page read and write
|
||
|
64ED000
|
stack
|
page read and write
|
||
|
5442000
|
trusted library allocation
|
page read and write
|
||
|
4F6C000
|
stack
|
page read and write
|
||
|
6208000
|
trusted library allocation
|
page read and write
|
||
|
52BB000
|
trusted library allocation
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
10D7000
|
trusted library allocation
|
page execute and read and write
|
||
|
75CF000
|
heap
|
page read and write
|
||
|
12A0000
|
trusted library allocation
|
page read and write
|
||
|
5430000
|
heap
|
page read and write
|
||
|
7FCA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
41E9000
|
trusted library allocation
|
page read and write
|
||
|
3F35000
|
trusted library allocation
|
page read and write
|
||
|
52B0000
|
trusted library allocation
|
page read and write
|
||
|
5210000
|
heap
|
page execute and read and write
|
||
|
962B000
|
stack
|
page read and write
|
||
|
416D000
|
trusted library allocation
|
page read and write
|
||
|
3E79000
|
trusted library allocation
|
page read and write
|
||
|
5470000
|
trusted library allocation
|
page read and write
|
||
|
64E000
|
stack
|
page read and write
|
||
|
1008000
|
heap
|
page read and write
|
||
|
11CE000
|
stack
|
page read and write
|
||
|
100C000
|
heap
|
page read and write
|
||
|
147D000
|
trusted library allocation
|
page execute and read and write
|
||
|
EA4000
|
trusted library allocation
|
page read and write
|
||
|
EC2000
|
trusted library allocation
|
page read and write
|
||
|
14A7000
|
heap
|
page read and write
|
||
|
99B2000
|
trusted library allocation
|
page read and write
|
||
|
671E000
|
stack
|
page read and write
|
||
|
117B000
|
heap
|
page read and write
|
||
|
A43E000
|
stack
|
page read and write
|
||
|
1096000
|
heap
|
page read and write
|
||
|
7A3E000
|
stack
|
page read and write
|
||
|
2B42000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
6090000
|
heap
|
page read and write
|
||
|
10AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
6220000
|
trusted library allocation
|
page read and write
|
||
|
1496000
|
trusted library allocation
|
page execute and read and write
|
||
|
694E000
|
stack
|
page read and write
|
||
|
1380000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B5D000
|
trusted library allocation
|
page read and write
|
||
|
A8FD000
|
stack
|
page read and write
|
||
|
AFCE000
|
stack
|
page read and write
|
||
|
5BC0000
|
heap
|
page read and write
|
||
|
5A24000
|
trusted library allocation
|
page read and write
|
||
|
6314000
|
trusted library allocation
|
page read and write
|
||
|
ED0000
|
heap
|
page read and write
|
||
|
ED000
|
stack
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
6310000
|
trusted library allocation
|
page read and write
|
||
|
1191000
|
heap
|
page read and write
|
||
|
2ED0000
|
trusted library allocation
|
page read and write
|
||
|
ACCB000
|
stack
|
page read and write
|
||
|
5718000
|
trusted library allocation
|
page read and write
|
||
|
2D4E000
|
stack
|
page read and write
|
||
|
111E000
|
heap
|
page read and write
|
||
|
1310000
|
trusted library allocation
|
page read and write
|
||
|
571B000
|
trusted library allocation
|
page read and write
|
||
|
2B70000
|
trusted library allocation
|
page read and write
|
||
|
F9C000
|
stack
|
page read and write
|
||
|
61E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
62C0000
|
trusted library allocation
|
page read and write
|
||
|
1139000
|
heap
|
page read and write
|
||
|
F3E000
|
stack
|
page read and write
|
||
|
42C000
|
remote allocation
|
page execute and read and write
|
||
|
2B56000
|
trusted library allocation
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
41E1000
|
trusted library allocation
|
page read and write
|
||
|
10BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
6280000
|
trusted library allocation
|
page execute and read and write
|
||
|
6225000
|
trusted library allocation
|
page read and write
|
||
|
532C000
|
stack
|
page read and write
|
||
|
2D50000
|
trusted library allocation
|
page read and write
|
||
|
2E8F000
|
stack
|
page read and write
|
||
|
EC6000
|
trusted library allocation
|
page execute and read and write
|
||
|
12B0000
|
trusted library allocation
|
page read and write
|
||
|
282B000
|
heap
|
page read and write
|
||
|
5780000
|
trusted library section
|
page readonly
|
||
|
51F000
|
unkown
|
page read and write
|
||
|
140D000
|
heap
|
page read and write
|
||
|
3E91000
|
trusted library allocation
|
page read and write
|
||
|
59C0000
|
trusted library allocation
|
page read and write
|
||
|
5A0B000
|
trusted library allocation
|
page read and write
|
||
|
54C0000
|
heap
|
page read and write
|
||
|
2810000
|
heap
|
page read and write
|
||
|
1117000
|
heap
|
page read and write
|
||
|
4F0E000
|
stack
|
page read and write
|
||
|
12F7000
|
stack
|
page read and write
|
||
|
662E000
|
stack
|
page read and write
|
||
|
61CE000
|
trusted library allocation
|
page read and write
|
||
|
6270000
|
trusted library allocation
|
page read and write
|
||
|
7F4B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
925E000
|
stack
|
page read and write
|
||
|
532C000
|
stack
|
page read and write
|
||
|
1473000
|
trusted library allocation
|
page execute and read and write
|
||
|
1483000
|
trusted library allocation
|
page read and write
|
||
|
621C000
|
trusted library allocation
|
page read and write
|
||
|
6260000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
1480000
|
trusted library allocation
|
page read and write
|
||
|
1490000
|
trusted library allocation
|
page read and write
|
||
|
615B000
|
heap
|
page read and write
|
||
|
FFB000
|
heap
|
page read and write
|
||
|
12BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
55AF000
|
stack
|
page read and write
|
||
|
2CF5000
|
trusted library allocation
|
page read and write
|
||
|
986E000
|
stack
|
page read and write
|
||
|
148D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5790000
|
heap
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
7440000
|
heap
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
305E000
|
stack
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
12C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
52DC000
|
stack
|
page read and write
|
||
|
2D80000
|
heap
|
page read and write
|
||
|
10C3000
|
heap
|
page read and write
|
||
|
767E000
|
stack
|
page read and write
|
||
|
457D000
|
trusted library allocation
|
page read and write
|
||
|
57A3000
|
heap
|
page read and write
|
||
|
5A00000
|
trusted library allocation
|
page read and write
|
||
|
5935000
|
heap
|
page read and write
|
||
|
30C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
AA3E000
|
stack
|
page read and write
|
||
|
56A0000
|
trusted library allocation
|
page read and write
|
||
|
62B0000
|
heap
|
page read and write
|
||
|
27E0000
|
heap
|
page read and write
|
||
|
1290000
|
trusted library allocation
|
page read and write
|
||
|
52B4000
|
trusted library allocation
|
page read and write
|
||
|
122E000
|
stack
|
page read and write
|
||
|
53D6000
|
trusted library allocation
|
page read and write
|
||
|
2FEC000
|
stack
|
page read and write
|
||
|
2B4E000
|
trusted library allocation
|
page read and write
|
||
|
3010000
|
heap
|
page execute and read and write
|
||
|
12CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
323E000
|
trusted library allocation
|
page read and write
|
||
|
14B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
129D000
|
trusted library allocation
|
page execute and read and write
|
||
|
57A0000
|
heap
|
page read and write
|
||
|
12B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1DE000
|
unkown
|
page read and write
|
||
|
6400000
|
heap
|
page read and write
|
||
|
7950000
|
trusted library allocation
|
page execute and read and write
|
||
|
59F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
A67D000
|
stack
|
page read and write
|
||
|
2ED8000
|
trusted library allocation
|
page read and write
|
||
|
2DF0000
|
trusted library allocation
|
page read and write
|
||
|
ECA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1364000
|
heap
|
page read and write
|
||
|
901D000
|
stack
|
page read and write
|
||
|
10F0000
|
trusted library allocation
|
page read and write
|
||
|
2E20000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
heap
|
page execute and read and write
|
||
|
5220000
|
heap
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
5634000
|
trusted library allocation
|
page read and write
|
||
|
5662000
|
trusted library allocation
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
2B10000
|
trusted library allocation
|
page read and write
|
||
|
3EE7000
|
trusted library allocation
|
page read and write
|
||
|
A820000
|
trusted library allocation
|
page read and write
|
||
|
A57D000
|
stack
|
page read and write
|
||
|
2EF3000
|
trusted library allocation
|
page read and write
|
||
|
A7CE000
|
stack
|
page read and write
|
||
|
17BE000
|
stack
|
page read and write
|
||
|
6300000
|
trusted library allocation
|
page execute and read and write
|
There are 514 hidden memdumps, click here to show them.