Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.Win32.RATX-gen.20281.29649.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\SecuriteInfo.com.Win32.RATX-gen.20281.29649.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_etzjvjg0.wmm.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jiyp3wbu.rth.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_n2r2dr4j.nie.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_oogphext.xhn.psm1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win32.RATX-gen.20281.29649.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win32.RATX-gen.20281.29649.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\SecuriteInfo.com.Win32.RATX-gen.20281.29649.exe"
|
|
|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win32.RATX-gen.20281.29649.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win32.RATX-gen.20281.29649.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://checkip.dyndns.orgp
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33p
|
unknown
|
||
|
http://checkip.dyndns.org/
|
158.101.44.242
|
||
|
http://erkanlarofis.com.tr
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33$
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
http://reallyfreegeoip.org
|
unknown
|
||
|
https://reallyfreegeoip.org
|
unknown
|
||
|
http://mail.erkanlarofis.com.tr
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
http://checkip.dyndns.com
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33
|
188.114.97.3
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
There are 4 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
erkanlarofis.com.tr
|
77.245.159.7
|
|
|
|
reallyfreegeoip.org
|
188.114.97.3
|
|
|
|
mail.erkanlarofis.com.tr
|
unknown
|
|
|
|
checkip.dyndns.org
|
unknown
|
|
|
|
checkip.dyndns.com
|
158.101.44.242
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.97.3
|
reallyfreegeoip.org
|
European Union
|
|
|
|
77.245.159.7
|
erkanlarofis.com.tr
|
Turkey
|
|
|
|
158.101.44.242
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
29C1000
|
trusted library allocation
|
page read and write
|
|
|
|
2C7D000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2B89000
|
trusted library allocation
|
page read and write
|
|
|
|
3706000
|
trusted library allocation
|
page read and write
|
|
|
|
4F52000
|
trusted library allocation
|
page read and write
|
||
|
6876000
|
trusted library allocation
|
page read and write
|
||
|
C5E000
|
stack
|
page read and write
|
||
|
4D25000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
4F10000
|
heap
|
page read and write
|
||
|
6750000
|
trusted library allocation
|
page read and write
|
||
|
83A2000
|
heap
|
page read and write
|
||
|
B6ED000
|
stack
|
page read and write
|
||
|
2AC3000
|
trusted library allocation
|
page read and write
|
||
|
2B32000
|
trusted library allocation
|
page read and write
|
||
|
50DD000
|
stack
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
D55000
|
trusted library allocation
|
page execute and read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
5CFF000
|
stack
|
page read and write
|
||
|
2C05000
|
trusted library allocation
|
page read and write
|
||
|
942000
|
heap
|
page read and write
|
||
|
800000
|
trusted library allocation
|
page read and write
|
||
|
5360000
|
trusted library allocation
|
page read and write
|
||
|
8380000
|
heap
|
page read and write
|
||
|
653E000
|
stack
|
page read and write
|
||
|
842000
|
trusted library allocation
|
page read and write
|
||
|
938000
|
heap
|
page read and write
|
||
|
2A78000
|
trusted library allocation
|
page read and write
|
||
|
8D1000
|
heap
|
page read and write
|
||
|
5FFE000
|
stack
|
page read and write
|
||
|
4BB0000
|
heap
|
page read and write
|
||
|
2A9D000
|
trusted library allocation
|
page read and write
|
||
|
39C1000
|
trusted library allocation
|
page read and write
|
||
|
5000000
|
heap
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
2B17000
|
trusted library allocation
|
page read and write
|
||
|
823000
|
trusted library allocation
|
page read and write
|
||
|
810000
|
trusted library allocation
|
page read and write
|
||
|
5620000
|
trusted library allocation
|
page read and write
|
||
|
2C93000
|
trusted library allocation
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
D17000
|
heap
|
page read and write
|
||
|
36A1000
|
trusted library allocation
|
page read and write
|
||
|
6439000
|
heap
|
page read and write
|
||
|
CF1000
|
trusted library allocation
|
page read and write
|
||
|
4F2E000
|
trusted library allocation
|
page read and write
|
||
|
4F4D000
|
trusted library allocation
|
page read and write
|
||
|
D52000
|
trusted library allocation
|
page read and write
|
||
|
4ED0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BFB000
|
trusted library allocation
|
page read and write
|
||
|
6740000
|
trusted library allocation
|
page read and write
|
||
|
2C13000
|
trusted library allocation
|
page read and write
|
||
|
2735000
|
trusted library allocation
|
page read and write
|
||
|
4A9D000
|
stack
|
page read and write
|
||
|
4F00000
|
heap
|
page read and write
|
||
|
2AFB000
|
trusted library allocation
|
page read and write
|
||
|
6BDF000
|
stack
|
page read and write
|
||
|
26A1000
|
trusted library allocation
|
page read and write
|
||
|
6A5000
|
heap
|
page read and write
|
||
|
3E7000
|
stack
|
page read and write
|
||
|
2ABF000
|
trusted library allocation
|
page read and write
|
||
|
2680000
|
trusted library allocation
|
page read and write
|
||
|
1D2000
|
unkown
|
page readonly
|
||
|
2690000
|
heap
|
page read and write
|
||
|
B800000
|
trusted library allocation
|
page read and write
|
||
|
6860000
|
trusted library allocation
|
page read and write
|
||
|
6760000
|
trusted library section
|
page read and write
|
||
|
D30000
|
trusted library allocation
|
page read and write
|
||
|
CEE000
|
trusted library allocation
|
page read and write
|
||
|
AF10000
|
heap
|
page read and write
|
||
|
2B40000
|
trusted library allocation
|
page read and write
|
||
|
682E000
|
stack
|
page read and write
|
||
|
820000
|
trusted library allocation
|
page read and write
|
||
|
2C4C000
|
trusted library allocation
|
page read and write
|
||
|
6A7D000
|
stack
|
page read and write
|
||
|
2CD0000
|
trusted library allocation
|
page read and write
|
||
|
7FE000
|
stack
|
page read and write
|
||
|
4D40000
|
heap
|
page execute and read and write
|
||
|
2670000
|
trusted library allocation
|
page execute and read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
26E6000
|
trusted library allocation
|
page read and write
|
||
|
683D000
|
stack
|
page read and write
|
||
|
10CE000
|
stack
|
page read and write
|
||
|
4F26000
|
trusted library allocation
|
page read and write
|
||
|
AE0E000
|
stack
|
page read and write
|
||
|
6910000
|
heap
|
page read and write
|
||
|
2610000
|
trusted library allocation
|
page read and write
|
||
|
5370000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E4E000
|
stack
|
page read and write
|
||
|
B56F000
|
stack
|
page read and write
|
||
|
E5D000
|
heap
|
page read and write
|
||
|
4F41000
|
trusted library allocation
|
page read and write
|
||
|
4D20000
|
heap
|
page read and write
|
||
|
6850000
|
trusted library allocation
|
page execute and read and write
|
||
|
D46000
|
trusted library allocation
|
page execute and read and write
|
||
|
B6AC000
|
stack
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
4F20000
|
trusted library allocation
|
page read and write
|
||
|
CAE000
|
stack
|
page read and write
|
||
|
F9E000
|
stack
|
page read and write
|
||
|
2B24000
|
trusted library allocation
|
page read and write
|
||
|
814000
|
trusted library allocation
|
page read and write
|
||
|
2662000
|
trusted library allocation
|
page read and write
|
||
|
3793000
|
trusted library allocation
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
860000
|
trusted library allocation
|
page read and write
|
||
|
D4A000
|
trusted library allocation
|
page execute and read and write
|
||
|
6770000
|
trusted library allocation
|
page read and write
|
||
|
B5AB000
|
stack
|
page read and write
|
||
|
3A4B000
|
trusted library allocation
|
page read and write
|
||
|
63BE000
|
stack
|
page read and write
|
||
|
847000
|
trusted library allocation
|
page execute and read and write
|
||
|
983000
|
heap
|
page read and write
|
||
|
51E0000
|
heap
|
page read and write
|
||
|
3A57000
|
trusted library allocation
|
page read and write
|
||
|
617E000
|
stack
|
page read and write
|
||
|
29B0000
|
heap
|
page read and write
|
||
|
4D30000
|
trusted library allocation
|
page read and write
|
||
|
2C46000
|
trusted library allocation
|
page read and write
|
||
|
81D000
|
trusted library allocation
|
page execute and read and write
|
||
|
9BE000
|
stack
|
page read and write
|
||
|
D5B000
|
trusted library allocation
|
page execute and read and write
|
||
|
55DF000
|
stack
|
page read and write
|
||
|
4F3A000
|
trusted library allocation
|
page read and write
|
||
|
64FD000
|
stack
|
page read and write
|
||
|
5640000
|
trusted library allocation
|
page execute and read and write
|
||
|
B46E000
|
stack
|
page read and write
|
||
|
AD0E000
|
stack
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
CD0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
6880000
|
trusted library allocation
|
page read and write
|
||
|
2C40000
|
trusted library allocation
|
page read and write
|
||
|
D57000
|
trusted library allocation
|
page execute and read and write
|
||
|
5100000
|
trusted library allocation
|
page execute and read and write
|
||
|
2974000
|
trusted library allocation
|
page read and write
|
||
|
6780000
|
trusted library section
|
page read and write
|
||
|
2B4D000
|
trusted library allocation
|
page read and write
|
||
|
36A9000
|
trusted library allocation
|
page read and write
|
||
|
4F93000
|
heap
|
page read and write
|
||
|
25BE000
|
stack
|
page read and write
|
||
|
FB0000
|
trusted library allocation
|
page read and write
|
||
|
5180000
|
trusted library section
|
page read and write
|
||
|
2990000
|
heap
|
page execute and read and write
|
||
|
8413000
|
heap
|
page read and write
|
||
|
3A27000
|
trusted library allocation
|
page read and write
|
||
|
7FD30000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CD8000
|
trusted library allocation
|
page read and write
|
||
|
830000
|
trusted library allocation
|
page read and write
|
||
|
8B7000
|
heap
|
page read and write
|
||
|
62BE000
|
stack
|
page read and write
|
||
|
5625000
|
trusted library allocation
|
page read and write
|
||
|
C60000
|
trusted library allocation
|
page read and write
|
||
|
63F3000
|
heap
|
page read and write
|
||
|
500E000
|
heap
|
page read and write
|
||
|
CF6000
|
trusted library allocation
|
page read and write
|
||
|
2B0B000
|
trusted library allocation
|
page read and write
|
||
|
4B9E000
|
stack
|
page read and write
|
||
|
627E000
|
stack
|
page read and write
|
||
|
D78000
|
heap
|
page read and write
|
||
|
2980000
|
trusted library allocation
|
page read and write
|
||
|
870000
|
trusted library allocation
|
page execute and read and write
|
||
|
561E000
|
stack
|
page read and write
|
||
|
CDB000
|
trusted library allocation
|
page read and write
|
||
|
657D000
|
stack
|
page read and write
|
||
|
25E5000
|
trusted library allocation
|
page read and write
|
||
|
94A000
|
heap
|
page read and write
|
||
|
6879000
|
trusted library allocation
|
page read and write
|
||
|
66BE000
|
stack
|
page read and write
|
||
|
2AB2000
|
trusted library allocation
|
page read and write
|
||
|
83E8000
|
heap
|
page read and write
|
||
|
D02000
|
trusted library allocation
|
page read and write
|
||
|
6840000
|
trusted library allocation
|
page read and write
|
||
|
AC0E000
|
stack
|
page read and write
|
||
|
68BE000
|
stack
|
page read and write
|
||
|
880000
|
heap
|
page execute and read and write
|
||
|
2B07000
|
trusted library allocation
|
page read and write
|
||
|
D9A000
|
heap
|
page read and write
|
||
|
832000
|
trusted library allocation
|
page read and write
|
||
|
4BD3000
|
heap
|
page read and write
|
||
|
813000
|
trusted library allocation
|
page execute and read and write
|
||
|
D10000
|
trusted library allocation
|
page read and write
|
||
|
D40000
|
trusted library allocation
|
page read and write
|
||
|
66FF000
|
stack
|
page read and write
|
||
|
8C4000
|
heap
|
page read and write
|
||
|
84B000
|
trusted library allocation
|
page execute and read and write
|
||
|
94BB000
|
trusted library allocation
|
page read and write
|
||
|
B30E000
|
stack
|
page read and write
|
||
|
2B69000
|
trusted library allocation
|
page read and write
|
||
|
2C3A000
|
trusted library allocation
|
page read and write
|
||
|
D20000
|
trusted library allocation
|
page read and write
|
||
|
277F000
|
trusted library allocation
|
page read and write
|
||
|
69BF000
|
stack
|
page read and write
|
||
|
6425000
|
heap
|
page read and write
|
||
|
2CC1000
|
trusted library allocation
|
page read and write
|
||
|
2AC7000
|
trusted library allocation
|
page read and write
|
||
|
4BA0000
|
trusted library section
|
page readonly
|
||
|
667D000
|
stack
|
page read and write
|
||
|
2AFF000
|
trusted library allocation
|
page read and write
|
||
|
2C17000
|
trusted library allocation
|
page read and write
|
||
|
836000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B03000
|
trusted library allocation
|
page read and write
|
||
|
8AF000
|
heap
|
page read and write
|
||
|
68E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C65000
|
trusted library allocation
|
page read and write
|
||
|
CFD000
|
trusted library allocation
|
page read and write
|
||
|
2B13000
|
trusted library allocation
|
page read and write
|
||
|
603E000
|
stack
|
page read and write
|
||
|
B7EE000
|
stack
|
page read and write
|
||
|
2B6D000
|
trusted library allocation
|
page read and write
|
||
|
C1E000
|
stack
|
page read and write
|
||
|
CC0000
|
trusted library allocation
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
D2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7BE000
|
stack
|
page read and write
|
||
|
6D42000
|
trusted library allocation
|
page read and write
|
||
|
D42000
|
trusted library allocation
|
page read and write
|
||
|
4F60000
|
trusted library allocation
|
page read and write
|
||
|
69FD000
|
stack
|
page read and write
|
||
|
4BC0000
|
heap
|
page read and write
|
||
|
39E9000
|
trusted library allocation
|
page read and write
|
||
|
90A000
|
stack
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
A8E000
|
stack
|
page read and write
|
||
|
4F3E000
|
trusted library allocation
|
page read and write
|
||
|
8D3000
|
heap
|
page read and write
|
||
|
4F90000
|
heap
|
page read and write
|
||
|
4F46000
|
trusted library allocation
|
page read and write
|
||
|
511D000
|
stack
|
page read and write
|
||
|
2C0E000
|
trusted library allocation
|
page read and write
|
||
|
673D000
|
stack
|
page read and write
|
||
|
82D000
|
trusted library allocation
|
page execute and read and write
|
||
|
479C000
|
stack
|
page read and write
|
||
|
5DFE000
|
stack
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
387E000
|
trusted library allocation
|
page read and write
|
||
|
6940000
|
heap
|
page read and write
|
||
|
531D000
|
stack
|
page read and write
|
||
|
4D0B000
|
stack
|
page read and write
|
||
|
2B7B000
|
trusted library allocation
|
page read and write
|
||
|
4F2B000
|
trusted library allocation
|
page read and write
|
||
|
25D0000
|
trusted library allocation
|
page read and write
|
||
|
422000
|
remote allocation
|
page execute and read and write
|
||
|
B10F000
|
stack
|
page read and write
|
||
|
CF7000
|
stack
|
page read and write
|
||
|
2CAD000
|
trusted library allocation
|
page read and write
|
||
|
83F4000
|
heap
|
page read and write
|
||
|
562B000
|
trusted library allocation
|
page read and write
|
||
|
1D0000
|
unkown
|
page readonly
|
||
|
6870000
|
trusted library allocation
|
page read and write
|
||
|
83A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5380000
|
trusted library allocation
|
page read and write
|
||
|
2CB7000
|
trusted library allocation
|
page read and write
|
||
|
E33000
|
heap
|
page read and write
|
||
|
277D000
|
trusted library allocation
|
page read and write
|
||
|
4EF0000
|
heap
|
page read and write
|
||
|
2ABB000
|
trusted library allocation
|
page read and write
|
||
|
B0B000
|
stack
|
page read and write
|
||
|
613F000
|
stack
|
page read and write
|
||
|
2A84000
|
trusted library allocation
|
page read and write
|
||
|
B20E000
|
stack
|
page read and write
|
||
|
6A3D000
|
stack
|
page read and write
|
||
|
DA6000
|
heap
|
page read and write
|
||
|
2650000
|
heap
|
page read and write
|
||
|
D3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
915000
|
heap
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
D24000
|
trusted library allocation
|
page read and write
|
||
|
2CA2000
|
trusted library allocation
|
page read and write
|
||
|
25C0000
|
trusted library allocation
|
page read and write
|
||
|
AF0D000
|
stack
|
page read and write
|
||
|
5627000
|
trusted library allocation
|
page read and write
|
||
|
686E000
|
stack
|
page read and write
|
||
|
4F30000
|
heap
|
page read and write
|
||
|
6AD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BF5000
|
trusted library allocation
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
B830000
|
trusted library allocation
|
page execute and read and write
|
||
|
63C0000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
538D000
|
trusted library allocation
|
page read and write
|
||
|
3A42000
|
trusted library allocation
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
2660000
|
trusted library allocation
|
page read and write
|
||
|
36C9000
|
trusted library allocation
|
page read and write
|
||
|
E01000
|
heap
|
page read and write
|
||
|
D23000
|
trusted library allocation
|
page execute and read and write
|
||
|
2970000
|
trusted library allocation
|
page read and write
|
||
|
6C1E000
|
stack
|
page read and write
|
||
|
25F0000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B0F000
|
trusted library allocation
|
page read and write
|
||
|
296F000
|
stack
|
page read and write
|
||
|
25E0000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
heap
|
page execute and read and write
|
||
|
2EA000
|
stack
|
page read and write
|
||
|
4D10000
|
trusted library allocation
|
page read and write
|
||
|
5630000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A82000
|
trusted library allocation
|
page read and write
|
||
|
ACE000
|
stack
|
page read and write
|
There are 293 hidden memdumps, click here to show them.