Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Ycj3d5NMhc.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\Ycj3d5NMhc.exe.log
|
CSV text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\MSBuild.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\Victim_SID[1].bd
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NCK9WNDU\Zopi[1].bd
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\mzsxeov1.jvf\[user]-[468325].zip
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Ycj3d5NMhc.exe
|
"C:\Users\user\Desktop\Ycj3d5NMhc.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\wbem\WMIC.exe
|
"wmic" csproduct get UUID
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://ipinfo.io/json
|
34.117.59.81
|
|
|
|
https://investdirectinsurance.com/assuence/litesolidCha/Zopi.bd
|
104.21.65.79
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://ipinfo.io/missingauth
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://investdirectinsurance.com/assuence/litesolidCha/Victim_SID.bd4
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://investdirectinsurance.com/assuence/litesolidCha/Victim_SID.bdP
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://investdirectinsurance.com/assuence/litesolidCha/Victim_SID.bdj
|
unknown
|
||
|
https://discord.com/api/v9/users/
|
unknown
|
||
|
https://investdirectinsurance.com/assuence/litesolidCha/Victim_SID.bd
|
104.21.65.79
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://investdirectinsurance.com/
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
https://ipinfo.io
|
unknown
|
||
|
https://investdirectinsurance.com/m
|
unknown
|
There are 11 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ipinfo.io
|
34.117.59.81
|
|
|
|
bg.microsoft.map.fastly.net
|
199.232.214.172
|
||
|
investdirectinsurance.com
|
104.21.65.79
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
34.117.59.81
|
ipinfo.io
|
United States
|
|
|
|
79.110.49.176
|
unknown
|
Germany
|
||
|
104.21.65.79
|
investdirectinsurance.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
E40000
|
trusted library allocation
|
page read and write
|
||
|
D04000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
59B0000
|
trusted library allocation
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
5920000
|
trusted library allocation
|
page execute and read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
EB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3086000
|
heap
|
page read and write
|
||
|
7FFB4AF40000
|
trusted library allocation
|
page read and write
|
||
|
5D20000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
2E1E000
|
trusted library allocation
|
page read and write
|
||
|
5C3E000
|
stack
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
F2C000
|
stack
|
page read and write
|
||
|
857000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
D0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
D03000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4AF5D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
2AB9000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
2941000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
5E30000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
387D000
|
heap
|
page read and write
|
||
|
C07000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
D1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3870000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
315F000
|
heap
|
page read and write
|
||
|
561E000
|
stack
|
page read and write
|
||
|
5890000
|
trusted library allocation
|
page read and write
|
||
|
3C15000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
59EE000
|
trusted library allocation
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
2A1E000
|
trusted library allocation
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3BC4000
|
trusted library allocation
|
page read and write
|
||
|
50DE000
|
stack
|
page read and write
|
||
|
2E50000
|
heap
|
page read and write
|
||
|
30A0000
|
heap
|
page read and write
|
||
|
3010000
|
heap
|
page read and write
|
||
|
298A000
|
trusted library allocation
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3A0000
|
unkown
|
page readonly
|
||
|
3014000
|
heap
|
page read and write
|
||
|
63FE000
|
stack
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
2BBA000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3087000
|
heap
|
page read and write
|
||
|
3BE4000
|
trusted library allocation
|
page read and write
|
||
|
7FC000
|
heap
|
page read and write
|
||
|
7FFB4AF34000
|
trusted library allocation
|
page read and write
|
||
|
5B75000
|
trusted library allocation
|
page read and write
|
||
|
72BE000
|
stack
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
3089000
|
heap
|
page read and write
|
||
|
5E20000
|
trusted library allocation
|
page execute and read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
2AA4000
|
trusted library allocation
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3080000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
539E000
|
stack
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
2AB1000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
71BF000
|
stack
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
319C000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
6FC0000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
1B50E000
|
stack
|
page read and write
|
||
|
58DE000
|
stack
|
page read and write
|
||
|
387D000
|
heap
|
page read and write
|
||
|
3C61000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
D45000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3A0000
|
unkown
|
page readonly
|
||
|
583F000
|
stack
|
page read and write
|
||
|
5DB0000
|
trusted library allocation
|
page read and write
|
||
|
1B64F000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
2BB4000
|
trusted library allocation
|
page read and write
|
||
|
2FAE000
|
stack
|
page read and write
|
||
|
3C25000
|
trusted library allocation
|
page read and write
|
||
|
CF0000
|
trusted library allocation
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
BB8000
|
heap
|
page read and write
|
||
|
D20000
|
trusted library allocation
|
page read and write
|
||
|
4E5E000
|
stack
|
page read and write
|
||
|
3879000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
5274000
|
heap
|
page read and write
|
||
|
5270000
|
heap
|
page read and write
|
||
|
B45000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3C45000
|
trusted library allocation
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3150000
|
heap
|
page read and write
|
||
|
3BCF000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3880000
|
heap
|
page read and write
|
||
|
596E000
|
stack
|
page read and write
|
||
|
A9E000
|
stack
|
page read and write
|
||
|
813000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3A88000
|
trusted library allocation
|
page read and write
|
||
|
E45000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B7A000
|
trusted library allocation
|
page read and write
|
||
|
5A00000
|
heap
|
page read and write
|
||
|
297A000
|
trusted library allocation
|
page read and write
|
||
|
511D000
|
stack
|
page read and write
|
||
|
841000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
5980000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E90000
|
heap
|
page execute and read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
5974000
|
trusted library allocation
|
page read and write
|
||
|
5B59000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3C69000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
2A6A000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF44000
|
trusted library allocation
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
622E000
|
stack
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3C33000
|
trusted library allocation
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
57FD000
|
stack
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
E4B000
|
trusted library allocation
|
page execute and read and write
|
||
|
55DE000
|
stack
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
BEE000
|
stack
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
3082000
|
heap
|
page read and write
|
||
|
2BE9000
|
stack
|
page read and write
|
||
|
33EC000
|
heap
|
page read and write
|
||
|
3B8000
|
unkown
|
page readonly
|
||
|
D22000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3C5B000
|
trusted library allocation
|
page read and write
|
||
|
12681000
|
trusted library allocation
|
page read and write
|
||
|
59C0000
|
trusted library allocation
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
3060000
|
trusted library allocation
|
page read and write
|
||
|
4940000
|
trusted library allocation
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
33EB000
|
heap
|
page read and write
|
||
|
59C3000
|
trusted library allocation
|
page read and write
|
||
|
3BE9000
|
trusted library allocation
|
page read and write
|
||
|
D00000
|
trusted library allocation
|
page read and write
|
||
|
2E14000
|
trusted library allocation
|
page read and write
|
||
|
2F6E000
|
stack
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
AD0000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
E47000
|
trusted library allocation
|
page execute and read and write
|
||
|
387E000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3880000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3C4B000
|
trusted library allocation
|
page read and write
|
||
|
535F000
|
stack
|
page read and write
|
||
|
12683000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
7FFB4AF32000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3191000
|
heap
|
page read and write
|
||
|
3BDC000
|
trusted library allocation
|
page read and write
|
||
|
5278000
|
heap
|
page read and write
|
||
|
3191000
|
heap
|
page read and write
|
||
|
806000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
317B000
|
heap
|
page read and write
|
||
|
2A17000
|
trusted library allocation
|
page read and write
|
||
|
5E40000
|
heap
|
page read and write
|
||
|
5D30000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
1B40E000
|
stack
|
page read and write
|
||
|
2986000
|
trusted library allocation
|
page read and write
|
||
|
5990000
|
trusted library allocation
|
page execute and read and write
|
||
|
3879000
|
heap
|
page read and write
|
||
|
3C31000
|
trusted library allocation
|
page read and write
|
||
|
5A45000
|
heap
|
page read and write
|
||
|
12689000
|
trusted library allocation
|
page read and write
|
||
|
1B618000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
2B84000
|
trusted library allocation
|
page read and write
|
||
|
3BF1000
|
trusted library allocation
|
page read and write
|
||
|
3070000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
6F8B000
|
stack
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
12685000
|
trusted library allocation
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3C2E000
|
trusted library allocation
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
B8E000
|
stack
|
page read and write
|
||
|
33E0000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
7D9000
|
stack
|
page read and write
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
ED0000
|
trusted library allocation
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
59A0000
|
trusted library allocation
|
page read and write
|
||
|
63BD000
|
stack
|
page read and write
|
||
|
2570000
|
heap
|
page read and write
|
||
|
6E8C000
|
stack
|
page read and write
|
||
|
5B55000
|
trusted library allocation
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
5D80000
|
trusted library allocation
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
626E000
|
stack
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3881000
|
heap
|
page read and write
|
||
|
3878000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
1B614000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
312E000
|
stack
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3083000
|
heap
|
page read and write
|
||
|
2B69000
|
trusted library allocation
|
page read and write
|
||
|
3161000
|
heap
|
page read and write
|
||
|
815000
|
heap
|
page read and write
|
||
|
5278000
|
heap
|
page read and write
|
||
|
2B90000
|
trusted library allocation
|
page read and write
|
||
|
3BB4000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
31A8000
|
heap
|
page read and write
|
||
|
1B20E000
|
stack
|
page read and write
|
||
|
7FFB4B0D0000
|
trusted library allocation
|
page read and write
|
||
|
3BCA000
|
trusted library allocation
|
page read and write
|
||
|
4E80000
|
trusted library allocation
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
305E000
|
stack
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
BDA000
|
heap
|
page read and write
|
||
|
3060000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
31A3000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
2A71000
|
trusted library allocation
|
page read and write
|
||
|
1B30E000
|
stack
|
page read and write
|
||
|
296F000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
7FFB4AF8C000
|
trusted library allocation
|
page execute and read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
2BB8000
|
trusted library allocation
|
page read and write
|
||
|
5B50000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
2E10000
|
trusted library allocation
|
page read and write
|
||
|
587E000
|
stack
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
7FFB4AFF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
8A3000
|
heap
|
page read and write
|
||
|
732000
|
stack
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
267E000
|
stack
|
page read and write
|
||
|
59F0000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3877000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
2AAD000
|
trusted library allocation
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3250000
|
heap
|
page read and write
|
||
|
514F000
|
stack
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
5E10000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
5D25000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
5271000
|
heap
|
page read and write
|
||
|
7FFB4AF30000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
D00000
|
trusted library allocation
|
page read and write
|
||
|
3187000
|
heap
|
page read and write
|
||
|
103F000
|
stack
|
page read and write
|
||
|
2A7D000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF50000
|
trusted library allocation
|
page read and write
|
||
|
2BD2000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
33EC000
|
heap
|
page read and write
|
||
|
637E000
|
stack
|
page read and write
|
||
|
6270000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C5000
|
unkown
|
page readonly
|
||
|
2FEE000
|
stack
|
page read and write
|
||
|
51CF000
|
stack
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3C3E000
|
trusted library allocation
|
page read and write
|
||
|
521F000
|
stack
|
page read and write
|
||
|
1B000000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
2930000
|
heap
|
page execute and read and write
|
||
|
59E0000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
30D0000
|
heap
|
page read and write
|
||
|
60F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5D70000
|
trusted library allocation
|
page execute and read and write
|
||
|
26A2000
|
trusted library allocation
|
page read and write
|
||
|
3874000
|
heap
|
page read and write
|
||
|
33D0000
|
heap
|
page read and write
|
||
|
591E000
|
stack
|
page read and write
|
||
|
5760000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B0D7000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
1AFC0000
|
trusted library section
|
page read and write
|
||
|
5B6F000
|
trusted library allocation
|
page read and write
|
||
|
5278000
|
heap
|
page read and write
|
||
|
308C000
|
heap
|
page read and write
|
||
|
315C000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
2B9E000
|
trusted library allocation
|
page read and write
|
||
|
1B60E000
|
stack
|
page read and write
|
||
|
54DE000
|
stack
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
D2A000
|
trusted library allocation
|
page execute and read and write
|
||
|
33CE000
|
stack
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
5C7E000
|
stack
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
7FFB4B016000
|
trusted library allocation
|
page execute and read and write
|
||
|
3880000
|
heap
|
page read and write
|
||
|
5A79000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
2BAB000
|
stack
|
page read and write
|
||
|
3BD7000
|
trusted library allocation
|
page read and write
|
||
|
EAE000
|
stack
|
page read and write
|
||
|
7FF4F4F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
3875000
|
heap
|
page read and write
|
||
|
845000
|
heap
|
page read and write
|
||
|
1B10B000
|
stack
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
430000
|
remote allocation
|
page execute and read and write
|
||
|
BCE000
|
heap
|
page read and write
|
||
|
402000
|
remote allocation
|
page execute and read and write
|
||
|
5740000
|
trusted library allocation
|
page read and write
|
||
|
2AA9000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3C5E000
|
trusted library allocation
|
page read and write
|
||
|
5880000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
7FFB4B050000
|
trusted library allocation
|
page execute and read and write
|
||
|
308A000
|
heap
|
page read and write
|
||
|
3186000
|
heap
|
page read and write
|
||
|
5B7F000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
7DD000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
4E78000
|
trusted library allocation
|
page read and write
|
||
|
3941000
|
trusted library allocation
|
page read and write
|
||
|
2978000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B0E0000
|
trusted library allocation
|
page read and write
|
||
|
CEE000
|
stack
|
page read and write
|
||
|
3191000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
2A5F000
|
trusted library allocation
|
page read and write
|
||
|
1B62D000
|
heap
|
page read and write
|
||
|
7FFB4AF3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
2B6D000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
5A6D000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
CEE000
|
stack
|
page read and write
|
||
|
E3E000
|
stack
|
page read and write
|
||
|
571F000
|
stack
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
2A56000
|
trusted library allocation
|
page read and write
|
||
|
EC0000
|
trusted library allocation
|
page read and write
|
||
|
12869000
|
trusted library allocation
|
page read and write
|
||
|
5E18000
|
trusted library allocation
|
page read and write
|
||
|
5B68000
|
trusted library allocation
|
page read and write
|
||
|
D26000
|
trusted library allocation
|
page execute and read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
1B90E000
|
stack
|
page read and write
|
||
|
3C63000
|
trusted library allocation
|
page read and write
|
||
|
317B000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
5A2D000
|
heap
|
page read and write
|
||
|
5970000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
1B80E000
|
stack
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
AE5000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
2D2F000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
5A3F000
|
heap
|
page read and write
|
||
|
4948000
|
trusted library allocation
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
6DC000
|
stack
|
page read and write
|
||
|
338F000
|
stack
|
page read and write
|
||
|
3C2B000
|
trusted library allocation
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
BE7000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
D10000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3C1B000
|
trusted library allocation
|
page read and write
|
||
|
4E75000
|
trusted library allocation
|
page read and write
|
||
|
518E000
|
stack
|
page read and write
|
||
|
3C55000
|
trusted library allocation
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
1B610000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3C52000
|
trusted library allocation
|
page read and write
|
||
|
2681000
|
trusted library allocation
|
page read and write
|
||
|
28DE000
|
stack
|
page read and write
|
||
|
5B10000
|
trusted library allocation
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
7FFB4AFE0000
|
trusted library allocation
|
page read and write
|
||
|
1AC0D000
|
stack
|
page read and write
|
||
|
7D6000
|
heap
|
page read and write
|
||
|
4ADE000
|
stack
|
page read and write
|
||
|
3A2000
|
unkown
|
page readonly
|
||
|
3C22000
|
trusted library allocation
|
page read and write
|
||
|
28E0000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
6FCC000
|
heap
|
page read and write
|
||
|
3876000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
5B52000
|
trusted library allocation
|
page read and write
|
||
|
33E8000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3BF6000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
D1B000
|
trusted library allocation
|
page read and write
|
||
|
31A4000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
59D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
387A000
|
heap
|
page read and write
|
||
|
680E000
|
stack
|
page read and write
|
||
|
1B651000
|
heap
|
page read and write
|
||
|
E42000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3C39000
|
trusted library allocation
|
page read and write
|
||
|
549E000
|
stack
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
317B000
|
heap
|
page read and write
|
||
|
4E70000
|
trusted library allocation
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
2520000
|
heap
|
page execute and read and write
|
||
|
6120000
|
heap
|
page execute and read and write
|
||
|
8A7000
|
heap
|
page read and write
|
||
|
3A78000
|
trusted library allocation
|
page read and write
|
||
|
3876000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3251000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
7FFB4AF5B000
|
trusted library allocation
|
page execute and read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
5B00000
|
trusted library allocation
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
525D000
|
stack
|
page read and write
|
There are 578 hidden memdumps, click here to show them.