Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
FkJbps6Srrl6lOQ9M_l8dpw2.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\Public\Desktop\Google Chrome.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working
directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:41 2023, mtime=Wed Oct 4 11:02:31 2023,
atime=Wed Sep 27 04:28:27 2023, length=3242272, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RegAsm.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\TmpBEEC.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\TmpBEFD.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2246122658-3693405117-2476756634-1002\76b53b3ec448f7ccdda2063b15d2bfc3_9e146be9-c76a-4720-bcdb-53011b87bd06
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\FkJbps6Srrl6lOQ9M_l8dpw2.exe
|
"C:\Users\user\Desktop\FkJbps6Srrl6lOQ9M_l8dpw2.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
51.195.145.80:14640
|
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Text
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/sct
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/sc/dk
|
unknown
|
||
|
http://tempuri.org/Entity/Id14ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id23ResponseD
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#HexBinary
|
unknown
|
||
|
http://tempuri.org/Entity/Id12Response
|
unknown
|
||
|
http://tempuri.org/
|
unknown
|
||
|
http://tempuri.org/Entity/Id2Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/dk/p_sha1
|
unknown
|
||
|
http://tempuri.org/Entity/Id21Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/2005/02/trust/spnego#GSS_Wrap
|
unknown
|
||
|
http://tempuri.org/Entity/Id9
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID
|
unknown
|
||
|
http://tempuri.org/Entity/Id8
|
unknown
|
||
|
http://tempuri.org/Entity/Id6ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id5
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Prepare
|
unknown
|
||
|
http://tempuri.org/Entity/Id4
|
unknown
|
||
|
http://tempuri.org/Entity/Id7
|
unknown
|
||
|
http://tempuri.org/Entity/Id6
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust#BinarySecret
|
unknown
|
||
|
http://tempuri.org/Entity/Id19Response
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-rel-token-profile-1.0.pdf#license
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Aborted
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/TerminateSequence
|
unknown
|
||
|
http://tempuri.org/Entity/Id13ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/fault
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey
|
unknown
|
||
|
http://tempuri.org/Entity/Id15Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id5ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Renew
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing/faultp9
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/Register
|
unknown
|
||
|
http://tempuri.org/Entity/Id6Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/SymmetricKey
|
unknown
|
||
|
https://api.ip.sb/ip
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/sc
|
unknown
|
||
|
http://tempuri.org/Entity/Id1ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Volatile2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id9Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id20
|
unknown
|
||
|
http://tempuri.org/Entity/Id21
|
unknown
|
||
|
http://tempuri.org/Entity/Id22
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#Kerberosv5APREQSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id23
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/CK/PSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id24
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/Issue
|
unknown
|
||
|
http://tempuri.org/Entity/Id24Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id1Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/AckRequested
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/ReadOnly
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Replay
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Durable2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/SymmetricKey
|
unknown
|
||
|
http://tempuri.org/Entity/Id21ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Completion
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust
|
unknown
|
||
|
http://tempuri.org/Entity/Id10
|
unknown
|
||
|
http://tempuri.org/Entity/Id11
|
unknown
|
||
|
http://tempuri.org/Entity/Id10ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id12
|
unknown
|
||
|
http://tempuri.org/Entity/Id16Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContextResponse
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id13
|
unknown
|
||
|
http://tempuri.org/Entity/Id14
|
unknown
|
||
|
http://tempuri.org/Entity/Id15
|
unknown
|
||
|
http://tempuri.org/Entity/Id16
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Nonce
|
unknown
|
||
|
http://tempuri.org/Entity/Id17
|
unknown
|
||
|
http://tempuri.org/Entity/Id18
|
unknown
|
||
|
http://tempuri.org/Entity/Id5Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id19
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dns
|
unknown
|
||
|
http://tempuri.org/Entity/Id15ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id10Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Renew
|
unknown
|
||
|
http://tempuri.org/Entity/Id11ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id8Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/PublicKey
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/SCT
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2006/02/addressingidentity
|
unknown
|
||
|
http://tempuri.org/Entity/Id17ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
||
|
http://tempuri.org/Entity/Id8ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/PublicKey
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKeySHA1
|
unknown
|
There are 90 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
51.195.145.80
|
unknown
|
France
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F1A578C4CB5DE79A370893983FD4DA8B67B2B064
|
Blob
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
522000
|
unkown
|
page read and write
|
|
|
|
29C1000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
49C0000
|
trusted library allocation
|
page read and write
|
||
|
7502000
|
trusted library allocation
|
page read and write
|
||
|
5CDE000
|
stack
|
page read and write
|
||
|
537F000
|
stack
|
page read and write
|
||
|
5F62000
|
heap
|
page read and write
|
||
|
3A91000
|
trusted library allocation
|
page read and write
|
||
|
7550000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
5B08000
|
heap
|
page read and write
|
||
|
EFA000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A9D000
|
trusted library allocation
|
page read and write
|
||
|
751F000
|
trusted library allocation
|
page read and write
|
||
|
66B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
28BE000
|
stack
|
page read and write
|
||
|
2B7D000
|
trusted library allocation
|
page read and write
|
||
|
657E000
|
trusted library allocation
|
page read and write
|
||
|
39C1000
|
trusted library allocation
|
page read and write
|
||
|
6620000
|
trusted library allocation
|
page read and write
|
||
|
65F0000
|
trusted library allocation
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
BDE000
|
heap
|
page read and write
|
||
|
EBE000
|
stack
|
page read and write
|
||
|
571000
|
unkown
|
page readonly
|
||
|
39E2000
|
trusted library allocation
|
page read and write
|
||
|
72E4000
|
heap
|
page read and write
|
||
|
26B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
76C4000
|
trusted library allocation
|
page read and write
|
||
|
728D000
|
stack
|
page read and write
|
||
|
7C5D000
|
stack
|
page read and write
|
||
|
FFF000
|
stack
|
page read and write
|
||
|
26B0000
|
trusted library allocation
|
page read and write
|
||
|
69DD000
|
stack
|
page read and write
|
||
|
7505000
|
trusted library allocation
|
page read and write
|
||
|
7540000
|
trusted library allocation
|
page read and write
|
||
|
EDE000
|
stack
|
page read and write
|
||
|
6550000
|
trusted library allocation
|
page read and write
|
||
|
74F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A98000
|
trusted library allocation
|
page read and write
|
||
|
5CE0000
|
trusted library allocation
|
page read and write
|
||
|
4F50000
|
trusted library allocation
|
page read and write
|
||
|
6440000
|
trusted library allocation
|
page execute and read and write
|
||
|
5F72000
|
heap
|
page read and write
|
||
|
752F000
|
trusted library allocation
|
page read and write
|
||
|
B95000
|
heap
|
page read and write
|
||
|
8DFE000
|
stack
|
page read and write
|
||
|
4F11000
|
trusted library allocation
|
page read and write
|
||
|
6525000
|
trusted library allocation
|
page read and write
|
||
|
5FDF000
|
heap
|
page read and write
|
||
|
3D61000
|
trusted library allocation
|
page read and write
|
||
|
4EFB000
|
trusted library allocation
|
page read and write
|
||
|
B10000
|
direct allocation
|
page execute and read and write
|
||
|
67F0000
|
trusted library allocation
|
page read and write
|
||
|
5260000
|
heap
|
page read and write
|
||
|
556000
|
unkown
|
page read and write
|
||
|
615E000
|
stack
|
page read and write
|
||
|
751A000
|
trusted library allocation
|
page read and write
|
||
|
2C4C000
|
trusted library allocation
|
page read and write
|
||
|
732B000
|
heap
|
page read and write
|
||
|
EF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
113F000
|
stack
|
page read and write
|
||
|
4F55000
|
trusted library allocation
|
page read and write
|
||
|
7500000
|
trusted library allocation
|
page read and write
|
||
|
6630000
|
trusted library allocation
|
page read and write
|
||
|
2B80000
|
trusted library allocation
|
page read and write
|
||
|
7560000
|
trusted library allocation
|
page read and write
|
||
|
3AA4000
|
trusted library allocation
|
page read and write
|
||
|
446000
|
remote allocation
|
page execute and read and write
|
||
|
4F73000
|
heap
|
page read and write
|
||
|
7509000
|
trusted library allocation
|
page read and write
|
||
|
4FE2000
|
trusted library allocation
|
page read and write
|
||
|
4F0E000
|
trusted library allocation
|
page read and write
|
||
|
522000
|
unkown
|
page write copy
|
||
|
7364000
|
heap
|
page read and write
|
||
|
2CE6000
|
trusted library allocation
|
page read and write
|
||
|
CAB000
|
heap
|
page read and write
|
||
|
74E0000
|
trusted library allocation
|
page read and write
|
||
|
799F000
|
stack
|
page read and write
|
||
|
39CF000
|
trusted library allocation
|
page read and write
|
||
|
103E000
|
stack
|
page read and write
|
||
|
67E0000
|
trusted library allocation
|
page read and write
|
||
|
EED000
|
trusted library allocation
|
page execute and read and write
|
||
|
EFE000
|
stack
|
page read and write
|
||
|
7610000
|
trusted library allocation
|
page read and write
|
||
|
5D2E000
|
stack
|
page read and write
|
||
|
2BDB000
|
trusted library allocation
|
page read and write
|
||
|
2CF9000
|
trusted library allocation
|
page read and write
|
||
|
2BFE000
|
trusted library allocation
|
page read and write
|
||
|
4F9E000
|
trusted library allocation
|
page read and write
|
||
|
26B2000
|
trusted library allocation
|
page read and write
|
||
|
26B5000
|
trusted library allocation
|
page execute and read and write
|
||
|
D89000
|
heap
|
page read and write
|
||
|
625E000
|
stack
|
page read and write
|
||
|
6520000
|
trusted library allocation
|
page read and write
|
||
|
5F65000
|
heap
|
page read and write
|
||
|
54EE000
|
stack
|
page read and write
|
||
|
79DE000
|
stack
|
page read and write
|
||
|
5F2A000
|
heap
|
page read and write
|
||
|
65B0000
|
trusted library allocation
|
page read and write
|
||
|
4EF0000
|
trusted library allocation
|
page read and write
|
||
|
7A1E000
|
stack
|
page read and write
|
||
|
689C000
|
stack
|
page read and write
|
||
|
7530000
|
trusted library allocation
|
page read and write
|
||
|
BD7000
|
heap
|
page read and write
|
||
|
7360000
|
heap
|
page read and write
|
||
|
6572000
|
trusted library allocation
|
page read and write
|
||
|
C90000
|
trusted library allocation
|
page read and write
|
||
|
5D30000
|
trusted library allocation
|
page read and write
|
||
|
2B95000
|
trusted library allocation
|
page read and write
|
||
|
76B0000
|
trusted library allocation
|
page read and write
|
||
|
4F1000
|
unkown
|
page execute read
|
||
|
6810000
|
trusted library allocation
|
page read and write
|
||
|
571000
|
unkown
|
page readonly
|
||
|
26E0000
|
heap
|
page read and write
|
||
|
D57000
|
heap
|
page read and write
|
||
|
3C52000
|
trusted library allocation
|
page read and write
|
||
|
8EFE000
|
stack
|
page read and write
|
||
|
6820000
|
trusted library allocation
|
page read and write
|
||
|
3AB6000
|
trusted library allocation
|
page read and write
|
||
|
75CD000
|
stack
|
page read and write
|
||
|
4FD0000
|
heap
|
page read and write
|
||
|
7D00000
|
heap
|
page read and write
|
||
|
CD4000
|
heap
|
page read and write
|
||
|
4F40000
|
trusted library allocation
|
page read and write
|
||
|
7301000
|
heap
|
page read and write
|
||
|
6005000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
65D0000
|
trusted library allocation
|
page read and write
|
||
|
6B20000
|
trusted library allocation
|
page read and write
|
||
|
65E0000
|
trusted library allocation
|
page read and write
|
||
|
2710000
|
heap
|
page execute and read and write
|
||
|
EE0000
|
trusted library allocation
|
page read and write
|
||
|
655B000
|
trusted library allocation
|
page read and write
|
||
|
BBE000
|
stack
|
page read and write
|
||
|
73BA000
|
heap
|
page read and write
|
||
|
74E6000
|
trusted library allocation
|
page read and write
|
||
|
5AF2000
|
heap
|
page read and write
|
||
|
C9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
51C0000
|
heap
|
page read and write
|
||
|
EF0000
|
trusted library allocation
|
page read and write
|
||
|
4F0000
|
unkown
|
page readonly
|
||
|
DDE000
|
stack
|
page read and write
|
||
|
565000
|
unkown
|
page read and write
|
||
|
3B52000
|
trusted library allocation
|
page read and write
|
||
|
6420000
|
trusted library allocation
|
page execute and read and write
|
||
|
651A000
|
trusted library allocation
|
page read and write
|
||
|
7630000
|
trusted library allocation
|
page read and write
|
||
|
2AE9000
|
trusted library allocation
|
page read and write
|
||
|
4A9C000
|
stack
|
page read and write
|
||
|
72F0000
|
heap
|
page read and write
|
||
|
6ADC000
|
stack
|
page read and write
|
||
|
4F16000
|
trusted library allocation
|
page read and write
|
||
|
6581000
|
trusted library allocation
|
page read and write
|
||
|
C93000
|
trusted library allocation
|
page execute and read and write
|
||
|
7534000
|
trusted library allocation
|
page read and write
|
||
|
76C0000
|
trusted library allocation
|
page read and write
|
||
|
7640000
|
trusted library allocation
|
page execute and read and write
|
||
|
7335000
|
heap
|
page read and write
|
||
|
65AE000
|
trusted library allocation
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
72F9000
|
heap
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
6850000
|
trusted library allocation
|
page execute and read and write
|
||
|
7CDE000
|
stack
|
page read and write
|
||
|
4F1D000
|
trusted library allocation
|
page read and write
|
||
|
6510000
|
trusted library allocation
|
page read and write
|
||
|
2730000
|
heap
|
page read and write
|
||
|
EF2000
|
trusted library allocation
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
516000
|
unkown
|
page readonly
|
||
|
752A000
|
trusted library allocation
|
page read and write
|
||
|
6561000
|
trusted library allocation
|
page read and write
|
||
|
4F90000
|
trusted library allocation
|
page read and write
|
||
|
4FE0000
|
trusted library allocation
|
page read and write
|
||
|
4F30000
|
trusted library allocation
|
page read and write
|
||
|
2700000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C46000
|
trusted library allocation
|
page read and write
|
||
|
769E000
|
stack
|
page read and write
|
||
|
432000
|
remote allocation
|
page execute and read and write
|
||
|
5D50000
|
trusted library allocation
|
page read and write
|
||
|
6016000
|
heap
|
page read and write
|
||
|
7518000
|
trusted library allocation
|
page read and write
|
||
|
4F22000
|
trusted library allocation
|
page read and write
|
||
|
6830000
|
trusted library allocation
|
page execute and read and write
|
||
|
601E000
|
heap
|
page read and write
|
||
|
734C000
|
heap
|
page read and write
|
||
|
7341000
|
heap
|
page read and write
|
||
|
6529000
|
trusted library allocation
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
6518000
|
trusted library allocation
|
page read and write
|
||
|
6800000
|
heap
|
page execute and read and write
|
||
|
6515000
|
trusted library allocation
|
page read and write
|
||
|
4F60000
|
trusted library allocation
|
page read and write
|
||
|
67D0000
|
trusted library allocation
|
page read and write
|
||
|
733E000
|
heap
|
page read and write
|
||
|
5273000
|
heap
|
page execute and read and write
|
||
|
4F1000
|
unkown
|
page execute read
|
||
|
3ADE000
|
trusted library allocation
|
page read and write
|
||
|
65A5000
|
trusted library allocation
|
page read and write
|
||
|
6650000
|
trusted library allocation
|
page execute and read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
2B89000
|
trusted library allocation
|
page read and write
|
||
|
736D000
|
heap
|
page read and write
|
||
|
2A68000
|
trusted library allocation
|
page read and write
|
||
|
4EE0000
|
trusted library allocation
|
page read and write
|
||
|
524E000
|
stack
|
page read and write
|
||
|
2C4E000
|
trusted library allocation
|
page read and write
|
||
|
7525000
|
trusted library allocation
|
page read and write
|
||
|
CE1000
|
heap
|
page read and write
|
||
|
C94000
|
trusted library allocation
|
page read and write
|
||
|
7308000
|
heap
|
page read and write
|
||
|
7385000
|
heap
|
page read and write
|
||
|
7CA000
|
stack
|
page read and write
|
||
|
72FB000
|
heap
|
page read and write
|
||
|
7548000
|
trusted library allocation
|
page read and write
|
||
|
7D20000
|
trusted library allocation
|
page read and write
|
||
|
629E000
|
stack
|
page read and write
|
||
|
4B9C000
|
stack
|
page read and write
|
||
|
7B5B000
|
stack
|
page read and write
|
||
|
BCE000
|
heap
|
page read and write
|
||
|
516000
|
unkown
|
page readonly
|
||
|
F09000
|
heap
|
page read and write
|
||
|
437000
|
remote allocation
|
page execute and read and write
|
||
|
2CDE000
|
trusted library allocation
|
page read and write
|
||
|
2C62000
|
trusted library allocation
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
5F26000
|
heap
|
page read and write
|
||
|
4F4E000
|
trusted library allocation
|
page read and write
|
||
|
6527000
|
trusted library allocation
|
page read and write
|
||
|
72E0000
|
heap
|
page read and write
|
||
|
6B1E000
|
stack
|
page read and write
|
||
|
5270000
|
heap
|
page execute and read and write
|
||
|
26D0000
|
trusted library allocation
|
page read and write
|
||
|
4EFE000
|
trusted library allocation
|
page read and write
|
||
|
7CE0000
|
heap
|
page read and write
|
||
|
5B03000
|
heap
|
page read and write
|
||
|
65AB000
|
trusted library allocation
|
page read and write
|
||
|
F05000
|
heap
|
page read and write
|
||
|
7310000
|
heap
|
page read and write
|
||
|
3B0F000
|
trusted library allocation
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
7620000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AF5000
|
trusted library allocation
|
page read and write
|
||
|
66A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
BCA000
|
heap
|
page read and write
|
||
|
D9E000
|
heap
|
page read and write
|
||
|
6B23000
|
trusted library allocation
|
page read and write
|
||
|
5FD6000
|
heap
|
page read and write
|
||
|
26BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7A20000
|
heap
|
page read and write
|
||
|
699C000
|
stack
|
page read and write
|
||
|
7C9E000
|
stack
|
page read and write
|
||
|
7CD000
|
stack
|
page read and write
|
||
|
277E000
|
stack
|
page read and write
|
||
|
5D40000
|
trusted library allocation
|
page read and write
|
||
|
5D38000
|
trusted library allocation
|
page read and write
|
||
|
65A0000
|
trusted library allocation
|
page read and write
|
||
|
2B8C000
|
trusted library allocation
|
page read and write
|
||
|
760E000
|
stack
|
page read and write
|
||
|
6CD000
|
stack
|
page read and write
|
||
|
731F000
|
heap
|
page read and write
|
||
|
4F0000
|
unkown
|
page readonly
|
||
|
4EF4000
|
trusted library allocation
|
page read and write
|
||
|
6590000
|
trusted library allocation
|
page read and write
|
||
|
4F70000
|
heap
|
page read and write
|
||
|
5F40000
|
heap
|
page read and write
|
||
|
7650000
|
trusted library allocation
|
page execute and read and write
|
||
|
65C0000
|
trusted library allocation
|
page read and write
|
||
|
F0E000
|
heap
|
page read and write
|
||
|
3D5C000
|
trusted library allocation
|
page read and write
|
||
|
2720000
|
trusted library allocation
|
page read and write
|
||
|
74E3000
|
trusted library allocation
|
page read and write
|
||
|
29BF000
|
stack
|
page read and write
|
||
|
552E000
|
stack
|
page read and write
|
||
|
6000000
|
heap
|
page read and write
|
||
|
5FEF000
|
heap
|
page read and write
|
||
|
5FE7000
|
heap
|
page read and write
|
||
|
D7D000
|
heap
|
page read and write
|
||
|
639E000
|
stack
|
page read and write
|
||
|
7F040000
|
trusted library allocation
|
page execute and read and write
|
||
|
C80000
|
trusted library allocation
|
page read and write
|
||
|
6566000
|
trusted library allocation
|
page read and write
|
||
|
520E000
|
stack
|
page read and write
|
||
|
6640000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B9C000
|
trusted library allocation
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
7318000
|
heap
|
page read and write
|
||
|
49C8000
|
trusted library allocation
|
page read and write
|
||
|
611E000
|
stack
|
page read and write
|
||
|
AF7000
|
stack
|
page read and write
|
||
|
287F000
|
stack
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
There are 285 hidden memdumps, click here to show them.