Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
WLQqQl48me.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\WLQqQl48me.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\chargeable.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\WLQqQl48me.exe
|
"C:\Users\user\Desktop\WLQqQl48me.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
"C:\Users\user\AppData\Roaming\confuse\chargeable.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
"C:\Users\user\AppData\Roaming\confuse\chargeable.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\AppData\Roaming\confuse\chargeable.exe" "chargeable.exe" ENABLE
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7780 -s 80
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://go.microsoft.
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
http://go.microsoft.LinkId=42127
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
https://www.sysinternals.com0
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
There are 18 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
doddyfire.linkpc.net
|
196.206.78.106
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
196.206.78.106
|
doddyfire.linkpc.net
|
Morocco
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
confuse
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
SysMain
|
|
|
|
HKEY_CURRENT_USER
|
di
|
|
|
|
HKEY_CURRENT_USER\Environment
|
SEE_MASK_NOZONECHECKS
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\e1a87040f2026369a233f9ae76301b7b
|
[kl]
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2DF1000
|
trusted library allocation
|
page read and write
|
|
|
|
2C51000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
C91000
|
heap
|
page read and write
|
||
|
4FBE000
|
stack
|
page read and write
|
||
|
30A8000
|
trusted library allocation
|
page read and write
|
||
|
CE3000
|
heap
|
page read and write
|
||
|
CEA000
|
heap
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
CA8000
|
heap
|
page read and write
|
||
|
527E000
|
stack
|
page read and write
|
||
|
1020000
|
trusted library allocation
|
page read and write
|
||
|
992000
|
unkown
|
page readonly
|
||
|
F30000
|
heap
|
page read and write
|
||
|
183E000
|
stack
|
page read and write
|
||
|
56B5000
|
heap
|
page read and write
|
||
|
D68000
|
heap
|
page read and write
|
||
|
513E000
|
stack
|
page read and write
|
||
|
D67000
|
heap
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
CE7000
|
heap
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
56CF000
|
heap
|
page read and write
|
||
|
14D0000
|
trusted library allocation
|
page read and write
|
||
|
6C5E000
|
heap
|
page read and write
|
||
|
14F0000
|
trusted library allocation
|
page read and write
|
||
|
A5E000
|
unkown
|
page read and write
|
||
|
17BE000
|
stack
|
page read and write
|
||
|
CB4000
|
heap
|
page read and write
|
||
|
12F6000
|
stack
|
page read and write
|
||
|
CE2000
|
heap
|
page read and write
|
||
|
A31000
|
heap
|
page read and write
|
||
|
14B2000
|
trusted library allocation
|
page execute and read and write
|
||
|
53B0000
|
heap
|
page read and write
|
||
|
CB5000
|
heap
|
page read and write
|
||
|
597E000
|
stack
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
6850000
|
trusted library allocation
|
page read and write
|
||
|
4AC0000
|
heap
|
page read and write
|
||
|
1080000
|
trusted library allocation
|
page read and write
|
||
|
8F4000
|
stack
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
10D2000
|
trusted library allocation
|
page read and write
|
||
|
1580000
|
heap
|
page read and write
|
||
|
10CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
5640000
|
trusted library allocation
|
page execute and read and write
|
||
|
683E000
|
stack
|
page read and write
|
||
|
CE8000
|
heap
|
page read and write
|
||
|
F1F000
|
stack
|
page read and write
|
||
|
523F000
|
stack
|
page read and write
|
||
|
5370000
|
heap
|
page read and write
|
||
|
D1F000
|
heap
|
page read and write
|
||
|
F50000
|
heap
|
page execute and read and write
|
||
|
CE5000
|
heap
|
page read and write
|
||
|
102A000
|
trusted library allocation
|
page execute and read and write
|
||
|
CCA000
|
heap
|
page read and write
|
||
|
AA5000
|
heap
|
page read and write
|
||
|
53E0000
|
heap
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
CF5000
|
heap
|
page read and write
|
||
|
D1E000
|
heap
|
page read and write
|
||
|
5520000
|
heap
|
page read and write
|
||
|
E7A000
|
trusted library allocation
|
page execute and read and write
|
||
|
53C0000
|
heap
|
page read and write
|
||
|
4FDE000
|
stack
|
page read and write
|
||
|
15F9000
|
heap
|
page read and write
|
||
|
4F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
CF7000
|
heap
|
page read and write
|
||
|
361F000
|
trusted library allocation
|
page read and write
|
||
|
14CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
CEC000
|
heap
|
page read and write
|
||
|
D6C000
|
heap
|
page read and write
|
||
|
580F000
|
stack
|
page read and write
|
||
|
5C65000
|
heap
|
page read and write
|
||
|
6C50000
|
heap
|
page read and write
|
||
|
CBA000
|
heap
|
page read and write
|
||
|
3612000
|
trusted library allocation
|
page read and write
|
||
|
CC6000
|
heap
|
page read and write
|
||
|
CEE000
|
heap
|
page read and write
|
||
|
1056000
|
heap
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
CE7000
|
heap
|
page read and write
|
||
|
5050000
|
trusted library allocation
|
page execute and read and write
|
||
|
DF2000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CCE000
|
stack
|
page read and write
|
||
|
CBD000
|
heap
|
page read and write
|
||
|
EDD000
|
stack
|
page read and write
|
||
|
15B4000
|
heap
|
page read and write
|
||
|
CE4000
|
heap
|
page read and write
|
||
|
B79000
|
heap
|
page read and write
|
||
|
5244000
|
heap
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
523F000
|
heap
|
page read and write
|
||
|
CE2000
|
heap
|
page read and write
|
||
|
C42000
|
trusted library allocation
|
page execute and read and write
|
||
|
3D34000
|
trusted library allocation
|
page read and write
|
||
|
52F0000
|
trusted library allocation
|
page read and write
|
||
|
5C81000
|
heap
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
C91000
|
heap
|
page read and write
|
||
|
AFE000
|
stack
|
page read and write
|
||
|
108E000
|
stack
|
page read and write
|
||
|
13B0000
|
heap
|
page execute and read and write
|
||
|
5BDD000
|
stack
|
page read and write
|
||
|
101F000
|
stack
|
page read and write
|
||
|
52B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C91000
|
heap
|
page read and write
|
||
|
7AA000
|
stack
|
page read and write
|
||
|
137E000
|
stack
|
page read and write
|
||
|
4D9C000
|
stack
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
14A0000
|
trusted library allocation
|
page read and write
|
||
|
877E000
|
stack
|
page read and write
|
||
|
1A80000
|
heap
|
page execute and read and write
|
||
|
D1E000
|
heap
|
page read and write
|
||
|
51D0000
|
heap
|
page read and write
|
||
|
109A000
|
trusted library allocation
|
page execute and read and write
|
||
|
F60000
|
trusted library allocation
|
page read and write
|
||
|
CEA000
|
heap
|
page read and write
|
||
|
B3F000
|
heap
|
page read and write
|
||
|
1600000
|
heap
|
page read and write
|
||
|
1030000
|
trusted library allocation
|
page execute and read and write
|
||
|
712E000
|
stack
|
page read and write
|
||
|
115E000
|
stack
|
page read and write
|
||
|
CCA000
|
heap
|
page read and write
|
||
|
2A1E000
|
stack
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
54F0000
|
trusted library section
|
page readonly
|
||
|
FBE000
|
stack
|
page read and write
|
||
|
584E000
|
stack
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
6560000
|
heap
|
page read and write
|
||
|
88BE000
|
stack
|
page read and write
|
||
|
CFB000
|
heap
|
page read and write
|
||
|
D0B000
|
heap
|
page read and write
|
||
|
177E000
|
stack
|
page read and write
|
||
|
D1E000
|
heap
|
page read and write
|
||
|
10BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
E92000
|
trusted library allocation
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
CE6000
|
heap
|
page read and write
|
||
|
15AE000
|
stack
|
page read and write
|
||
|
1020000
|
trusted library allocation
|
page read and write
|
||
|
CBE000
|
heap
|
page read and write
|
||
|
5241000
|
heap
|
page read and write
|
||
|
2CC9000
|
trusted library allocation
|
page read and write
|
||
|
4EC9000
|
stack
|
page read and write
|
||
|
5330000
|
trusted library allocation
|
page execute and read and write
|
||
|
A9E000
|
stack
|
page read and write
|
||
|
B0E000
|
heap
|
page read and write
|
||
|
8C3E000
|
stack
|
page read and write
|
||
|
14D2000
|
trusted library allocation
|
page read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
CCD000
|
heap
|
page read and write
|
||
|
CB4000
|
heap
|
page read and write
|
||
|
12F9000
|
stack
|
page read and write
|
||
|
104B000
|
trusted library allocation
|
page execute and read and write
|
||
|
103A000
|
trusted library allocation
|
page execute and read and write
|
||
|
51C0000
|
heap
|
page read and write
|
||
|
CEF000
|
heap
|
page read and write
|
||
|
500F000
|
stack
|
page read and write
|
||
|
CC8000
|
heap
|
page read and write
|
||
|
53D000
|
stack
|
page read and write
|
||
|
D1E000
|
heap
|
page read and write
|
||
|
CBB000
|
heap
|
page read and write
|
||
|
5188000
|
heap
|
page read and write
|
||
|
D69000
|
heap
|
page read and write
|
||
|
701E000
|
stack
|
page read and write
|
||
|
CE7000
|
heap
|
page read and write
|
||
|
10A2000
|
trusted library allocation
|
page execute and read and write
|
||
|
C50000
|
heap
|
page read and write
|
||
|
14FB000
|
trusted library allocation
|
page execute and read and write
|
||
|
B93000
|
heap
|
page read and write
|
||
|
AF9000
|
stack
|
page read and write
|
||
|
5C30000
|
heap
|
page read and write
|
||
|
30A1000
|
trusted library allocation
|
page read and write
|
||
|
E6E000
|
stack
|
page read and write
|
||
|
562D000
|
stack
|
page read and write
|
||
|
E82000
|
trusted library allocation
|
page execute and read and write
|
||
|
CFA000
|
heap
|
page read and write
|
||
|
5630000
|
heap
|
page read and write
|
||
|
5243000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page execute and read and write
|
||
|
E77000
|
trusted library allocation
|
page execute and read and write
|
||
|
1040000
|
trusted library allocation
|
page read and write
|
||
|
656E000
|
heap
|
page read and write
|
||
|
1169000
|
heap
|
page read and write
|
||
|
14BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
F68000
|
trusted library allocation
|
page read and write
|
||
|
5110000
|
heap
|
page read and write
|
||
|
BDE000
|
stack
|
page read and write
|
||
|
5040000
|
trusted library allocation
|
page read and write
|
||
|
5270000
|
trusted library section
|
page readonly
|
||
|
6820000
|
trusted library section
|
page read and write
|
||
|
17FB000
|
stack
|
page read and write
|
||
|
66EE000
|
stack
|
page read and write
|
||
|
C15000
|
heap
|
page read and write
|
||
|
15DA000
|
heap
|
page read and write
|
||
|
6EED000
|
stack
|
page read and write
|
||
|
EE2000
|
trusted library allocation
|
page execute and read and write
|
||
|
15BE000
|
heap
|
page read and write
|
||
|
711E000
|
stack
|
page read and write
|
||
|
29EE000
|
stack
|
page read and write
|
||
|
1588000
|
heap
|
page read and write
|
||
|
CF1000
|
heap
|
page read and write
|
||
|
566E000
|
stack
|
page read and write
|
||
|
2CD8000
|
trusted library allocation
|
page read and write
|
||
|
1854000
|
heap
|
page read and write
|
||
|
61F0000
|
heap
|
page read and write
|
||
|
6A7F000
|
stack
|
page read and write
|
||
|
112F000
|
heap
|
page read and write
|
||
|
5523000
|
heap
|
page read and write
|
||
|
E97000
|
trusted library allocation
|
page execute and read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
CF2000
|
heap
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
1165000
|
heap
|
page read and write
|
||
|
13B5000
|
heap
|
page read and write
|
||
|
505F000
|
stack
|
page read and write
|
||
|
54C0000
|
heap
|
page read and write
|
||
|
CBE000
|
heap
|
page read and write
|
||
|
10B0000
|
trusted library allocation
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
523F000
|
heap
|
page read and write
|
||
|
CCA000
|
heap
|
page read and write
|
||
|
43C000
|
stack
|
page read and write
|
||
|
5A0B000
|
stack
|
page read and write
|
||
|
CED000
|
heap
|
page read and write
|
||
|
1090000
|
heap
|
page execute and read and write
|
||
|
4E8C000
|
stack
|
page read and write
|
||
|
8B3D000
|
stack
|
page read and write
|
||
|
CDF000
|
heap
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
1840000
|
trusted library allocation
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
EB2000
|
trusted library allocation
|
page execute and read and write
|
||
|
50FE000
|
stack
|
page read and write
|
||
|
D6A000
|
heap
|
page read and write
|
||
|
CC4000
|
heap
|
page read and write
|
||
|
4E4B000
|
stack
|
page read and write
|
||
|
CC3000
|
heap
|
page read and write
|
||
|
51D3000
|
heap
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
15B0000
|
heap
|
page read and write
|
||
|
D0F000
|
heap
|
page read and write
|
||
|
EC2000
|
trusted library allocation
|
page execute and read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
D0F000
|
heap
|
page read and write
|
||
|
CF8000
|
heap
|
page read and write
|
||
|
CE4000
|
heap
|
page read and write
|
||
|
13C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
D39000
|
stack
|
page read and write
|
||
|
2C97000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
F96000
|
heap
|
page read and write
|
||
|
13A0000
|
trusted library allocation
|
page read and write
|
||
|
10E0000
|
trusted library allocation
|
page read and write
|
||
|
ECC000
|
trusted library allocation
|
page execute and read and write
|
||
|
AF6000
|
stack
|
page read and write
|
||
|
4E0C000
|
stack
|
page read and write
|
||
|
CB7000
|
heap
|
page read and write
|
||
|
B4E000
|
stack
|
page read and write
|
||
|
C7B000
|
heap
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
CDB000
|
heap
|
page read and write
|
||
|
CEA000
|
heap
|
page read and write
|
||
|
CC8000
|
heap
|
page read and write
|
||
|
EDE000
|
stack
|
page read and write
|
||
|
CE3000
|
heap
|
page read and write
|
||
|
CC4000
|
heap
|
page read and write
|
||
|
161E000
|
heap
|
page read and write
|
||
|
CF1000
|
heap
|
page read and write
|
||
|
A6F000
|
heap
|
page read and write
|
||
|
CBA000
|
heap
|
page read and write
|
||
|
D3D000
|
stack
|
page read and write
|
||
|
CED000
|
heap
|
page read and write
|
||
|
D6A000
|
heap
|
page read and write
|
||
|
CF7000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
CE7000
|
heap
|
page read and write
|
||
|
4F40000
|
unclassified section
|
page read and write
|
||
|
2DEE000
|
trusted library allocation
|
page read and write
|
||
|
53F1000
|
heap
|
page read and write
|
||
|
15FD000
|
heap
|
page read and write
|
||
|
6D70000
|
heap
|
page read and write
|
||
|
D67000
|
heap
|
page read and write
|
||
|
195F000
|
stack
|
page read and write
|
||
|
526B000
|
stack
|
page read and write
|
||
|
CDF000
|
heap
|
page read and write
|
||
|
693E000
|
stack
|
page read and write
|
||
|
52D0000
|
heap
|
page read and write
|
||
|
52AE000
|
stack
|
page read and write
|
||
|
4D4E000
|
stack
|
page read and write
|
||
|
6810000
|
heap
|
page read and write
|
||
|
CF5000
|
heap
|
page read and write
|
||
|
D9D000
|
stack
|
page read and write
|
||
|
54DB000
|
stack
|
page read and write
|
||
|
1060000
|
trusted library allocation
|
page execute and read and write
|
||
|
D7E000
|
stack
|
page read and write
|
||
|
523F000
|
heap
|
page read and write
|
||
|
990000
|
unkown
|
page readonly
|
||
|
4DB0000
|
trusted library allocation
|
page read and write
|
||
|
C30000
|
trusted library allocation
|
page read and write
|
||
|
1540000
|
heap
|
page read and write
|
||
|
C37000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
C3A000
|
stack
|
page read and write
|
||
|
3D61000
|
trusted library allocation
|
page read and write
|
||
|
5A24000
|
trusted library section
|
page readonly
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
CFA000
|
heap
|
page read and write
|
||
|
DDE000
|
stack
|
page read and write
|
||
|
83A000
|
stack
|
page read and write
|
||
|
CFF000
|
heap
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
12EE000
|
stack
|
page read and write
|
||
|
14E2000
|
trusted library allocation
|
page execute and read and write
|
||
|
1850000
|
heap
|
page read and write
|
||
|
6EDE000
|
stack
|
page read and write
|
||
|
10B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
14EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
5665000
|
heap
|
page read and write
|
||
|
5680000
|
heap
|
page read and write
|
||
|
501E000
|
stack
|
page read and write
|
||
|
3011000
|
trusted library allocation
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
CEA000
|
heap
|
page read and write
|
||
|
88B000
|
stack
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
986000
|
stack
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
4DC0000
|
trusted library allocation
|
page read and write
|
||
|
516E000
|
stack
|
page read and write
|
||
|
117D000
|
heap
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
CDC000
|
heap
|
page read and write
|
||
|
E8A000
|
trusted library allocation
|
page execute and read and write
|
||
|
CCA000
|
heap
|
page read and write
|
||
|
67EE000
|
stack
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
CF7000
|
heap
|
page read and write
|
||
|
CE9000
|
heap
|
page read and write
|
||
|
4EBE000
|
stack
|
page read and write
|
||
|
CFD000
|
heap
|
page read and write
|
||
|
4FFE000
|
stack
|
page read and write
|
||
|
6FDE000
|
stack
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
1047000
|
trusted library allocation
|
page execute and read and write
|
||
|
5245000
|
heap
|
page read and write
|
||
|
4571000
|
trusted library allocation
|
page read and write
|
||
|
133E000
|
stack
|
page read and write
|
||
|
BA3000
|
heap
|
page read and write
|
||
|
2CEC000
|
trusted library allocation
|
page read and write
|
||
|
EC6000
|
trusted library allocation
|
page execute and read and write
|
||
|
F25000
|
heap
|
page read and write
|
||
|
AC5000
|
heap
|
page read and write
|
||
|
CF2000
|
heap
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
10FE000
|
heap
|
page read and write
|
||
|
CB8000
|
heap
|
page read and write
|
||
|
715E000
|
stack
|
page read and write
|
||
|
3601000
|
trusted library allocation
|
page read and write
|
||
|
3D31000
|
trusted library allocation
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
C4A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5C60000
|
heap
|
page read and write
|
||
|
F6F000
|
trusted library allocation
|
page read and write
|
||
|
5691000
|
heap
|
page read and write
|
||
|
BAE000
|
unkown
|
page read and write
|
||
|
F2D000
|
stack
|
page read and write
|
||
|
10DE000
|
stack
|
page read and write
|
||
|
CEA000
|
heap
|
page read and write
|
||
|
D1E000
|
heap
|
page read and write
|
||
|
52A0000
|
heap
|
page read and write
|
||
|
D61000
|
heap
|
page read and write
|
||
|
DFA000
|
trusted library allocation
|
page execute and read and write
|
||
|
523F000
|
heap
|
page read and write
|
||
|
C8F000
|
stack
|
page read and write
|
||
|
5AD3000
|
heap
|
page read and write
|
||
|
E02000
|
trusted library allocation
|
page execute and read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
8FB000
|
stack
|
page read and write
|
||
|
5A10000
|
heap
|
page read and write
|
||
|
2CA6000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
trusted library allocation
|
page read and write
|
||
|
1027000
|
trusted library allocation
|
page execute and read and write
|
||
|
14D7000
|
trusted library allocation
|
page execute and read and write
|
||
|
EC0000
|
trusted library allocation
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
6670000
|
trusted library allocation
|
page read and write
|
||
|
B7D000
|
heap
|
page read and write
|
||
|
3643000
|
trusted library allocation
|
page read and write
|
||
|
1032000
|
trusted library allocation
|
page execute and read and write
|
||
|
14F7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D31000
|
trusted library allocation
|
page read and write
|
||
|
9A8000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
CF1000
|
heap
|
page read and write
|
||
|
F6A000
|
stack
|
page read and write
|
||
|
CB4000
|
heap
|
page read and write
|
||
|
5246000
|
heap
|
page read and write
|
||
|
5010000
|
heap
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
3645000
|
trusted library allocation
|
page read and write
|
||
|
132E000
|
stack
|
page read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
CB8000
|
heap
|
page read and write
|
||
|
D65000
|
heap
|
page read and write
|
||
|
4011000
|
trusted library allocation
|
page read and write
|
||
|
CC6000
|
heap
|
page read and write
|
||
|
5170000
|
trusted library allocation
|
page read and write
|
||
|
5242000
|
heap
|
page read and write
|
||
|
6872000
|
trusted library allocation
|
page read and write
|
||
|
14C2000
|
trusted library allocation
|
page execute and read and write
|
||
|
CE2000
|
heap
|
page read and write
|
||
|
CE3000
|
heap
|
page read and write
|
||
|
6D89000
|
heap
|
page read and write
|
||
|
56C2000
|
heap
|
page read and write
|
||
|
6FEE000
|
stack
|
page read and write
|
||
|
5211000
|
heap
|
page read and write
|
||
|
CF7000
|
heap
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
C9B000
|
stack
|
page read and write
|
||
|
1022000
|
trusted library allocation
|
page read and write
|
||
|
5170000
|
heap
|
page read and write
|
||
|
C84000
|
heap
|
page read and write
|
||
|
EAE000
|
stack
|
page read and write
|
||
|
14EE000
|
stack
|
page read and write
|
||
|
CA5000
|
heap
|
page read and write
|
||
|
B4B000
|
heap
|
page read and write
|
||
|
309E000
|
trusted library allocation
|
page read and write
|
||
|
E2C000
|
stack
|
page read and write
|
||
|
989000
|
stack
|
page read and write
|
||
|
5660000
|
heap
|
page read and write
|
||
|
8AFC000
|
stack
|
page read and write
|
||
|
EFB000
|
trusted library allocation
|
page execute and read and write
|
||
|
CC5000
|
heap
|
page read and write
|
||
|
4EDE000
|
stack
|
page read and write
|
||
|
71DE000
|
stack
|
page read and write
|
||
|
E80000
|
trusted library allocation
|
page read and write
|
||
|
2EE1000
|
trusted library allocation
|
page read and write
|
||
|
10DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
5236000
|
heap
|
page read and write
|
||
|
5060000
|
heap
|
page read and write
|
||
|
10AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
725E000
|
stack
|
page read and write
|
||
|
5210000
|
heap
|
page read and write
|
||
|
5A20000
|
trusted library section
|
page readonly
|
||
|
537E000
|
stack
|
page read and write
|
||
|
53DD000
|
stack
|
page read and write
|
||
|
CFC000
|
heap
|
page read and write
|
||
|
547E000
|
stack
|
page read and write
|
||
|
5BF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
E9B000
|
trusted library allocation
|
page execute and read and write
|
||
|
8EE000
|
stack
|
page read and write
|
||
|
52EE000
|
stack
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
6D7E000
|
heap
|
page read and write
|
||
|
E0C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1530000
|
heap
|
page read and write
|
||
|
D1D000
|
heap
|
page read and write
|
||
|
887E000
|
stack
|
page read and write
|
||
|
EF7000
|
trusted library allocation
|
page execute and read and write
|
||
|
52D5000
|
heap
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
B0A000
|
heap
|
page read and write
|
||
|
702E000
|
stack
|
page read and write
|
||
|
CF7000
|
heap
|
page read and write
|
||
|
89FB000
|
stack
|
page read and write
|
||
|
697E000
|
stack
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
35C0000
|
trusted library allocation
|
page read and write
|
||
|
10C4000
|
heap
|
page read and write
|
||
|
3571000
|
trusted library allocation
|
page read and write
|
||
|
1612000
|
heap
|
page read and write
|
||
|
5274000
|
trusted library section
|
page readonly
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
CE6000
|
heap
|
page read and write
|
||
|
1092000
|
trusted library allocation
|
page execute and read and write
|
||
|
CA0000
|
trusted library allocation
|
page read and write
|
||
|
E60000
|
trusted library allocation
|
page read and write
|
||
|
CDF000
|
heap
|
page read and write
|
||
|
F1E000
|
stack
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
5DB000
|
stack
|
page read and write
|
||
|
515E000
|
stack
|
page read and write
|
||
|
CC9000
|
heap
|
page read and write
|
||
|
14C0000
|
trusted library allocation
|
page read and write
|
||
|
CE5000
|
heap
|
page read and write
|
||
|
1043000
|
heap
|
page read and write
|
||
|
CC3000
|
heap
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
5AD0000
|
heap
|
page read and write
|
||
|
E0A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D61000
|
trusted library allocation
|
page read and write
|
||
|
CDC000
|
heap
|
page read and write
|
||
|
CF5000
|
heap
|
page read and write
|
||
|
D0F000
|
heap
|
page read and write
|
||
|
10AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
D63000
|
heap
|
page read and write
|
||
|
13D4000
|
heap
|
page read and write
|
||
|
10B2000
|
trusted library allocation
|
page read and write
|
||
|
570E000
|
stack
|
page read and write
|
||
|
54E0000
|
heap
|
page read and write
|
||
|
EBA000
|
trusted library allocation
|
page execute and read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
E00000
|
trusted library allocation
|
page read and write
|
||
|
4E9E000
|
stack
|
page read and write
|
||
|
A2E000
|
heap
|
page read and write
|
||
|
10A0000
|
trusted library allocation
|
page read and write
|
||
|
523F000
|
heap
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
CDB000
|
heap
|
page read and write
|
||
|
B75000
|
heap
|
page read and write
|
||
|
523F000
|
heap
|
page read and write
|
||
|
5C70000
|
heap
|
page read and write
|
||
|
5870000
|
heap
|
page read and write
|
||
|
D0B000
|
heap
|
page read and write
|
||
|
14DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
10D7000
|
trusted library allocation
|
page execute and read and write
|
||
|
721E000
|
stack
|
page read and write
|
||
|
CDD000
|
heap
|
page read and write
|
||
|
CC8000
|
heap
|
page read and write
|
||
|
1560000
|
trusted library allocation
|
page read and write
|
||
|
D0F000
|
heap
|
page read and write
|
||
|
6200000
|
heap
|
page read and write
|
||
|
5670000
|
heap
|
page read and write
|
||
|
14CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
E62000
|
trusted library allocation
|
page execute and read and write
|
||
|
CC4000
|
heap
|
page read and write
|
||
|
D36000
|
stack
|
page read and write
|
||
|
D1F000
|
heap
|
page read and write
|
||
|
5C50000
|
trusted library allocation
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
1A5E000
|
stack
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
102E000
|
stack
|
page read and write
|
||
|
89BF000
|
stack
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
7F870000
|
trusted library allocation
|
page execute and read and write
|
||
|
142E000
|
stack
|
page read and write
|
||
|
C81000
|
heap
|
page read and write
|
||
|
D0B000
|
heap
|
page read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
CE2000
|
heap
|
page read and write
|
||
|
5241000
|
heap
|
page read and write
|
||
|
136B000
|
stack
|
page read and write
|
||
|
F2C000
|
stack
|
page read and write
|
||
|
936000
|
stack
|
page read and write
|
||
|
CF1000
|
heap
|
page read and write
|
||
|
D0B000
|
heap
|
page read and write
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
3C51000
|
trusted library allocation
|
page read and write
|
||
|
51AE000
|
stack
|
page read and write
|
||
|
9D2000
|
heap
|
page read and write
|
||
|
5246000
|
heap
|
page read and write
|
||
|
4E2E000
|
stack
|
page read and write
|
||
|
D1F000
|
heap
|
page read and write
|
||
|
10C2000
|
trusted library allocation
|
page execute and read and write
|
||
|
5232000
|
heap
|
page read and write
|
||
|
CC5000
|
heap
|
page read and write
|
||
|
A3D000
|
heap
|
page read and write
|
||
|
E6A000
|
trusted library allocation
|
page execute and read and write
|
||
|
7ED0000
|
heap
|
page read and write
|
||
|
5246000
|
heap
|
page read and write
|
||
|
1170000
|
heap
|
page execute and read and write
|
||
|
5230000
|
heap
|
page read and write
|
||
|
5BE0000
|
heap
|
page read and write
|
There are 569 hidden memdumps, click here to show them.