Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
9B1ZyhsFUq.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\9B1ZyhsFUq.exe.log
|
CSV text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\-16743
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 7
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\9B1ZyhsFUq.exe
|
"C:\Users\user\Desktop\9B1ZyhsFUq.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
|
|
|
|
C:\Program Files (x86)\UzVmIKqKKKIUmlFTdhEWXdmgJvPkFwXWaHzHndjHm\nBalytGzlKEsLGhTwrqyRTGQJtkGfn.exe
|
"C:\Program Files (x86)\UzVmIKqKKKIUmlFTdhEWXdmgJvPkFwXWaHzHndjHm\nBalytGzlKEsLGhTwrqyRTGQJtkGfn.exe"
|
|
|
|
C:\Windows\SysWOW64\convert.exe
|
"C:\Windows\SysWOW64\convert.exe"
|
|
|
|
C:\Program Files (x86)\UzVmIKqKKKIUmlFTdhEWXdmgJvPkFwXWaHzHndjHm\nBalytGzlKEsLGhTwrqyRTGQJtkGfn.exe
|
"C:\Program Files (x86)\UzVmIKqKKKIUmlFTdhEWXdmgJvPkFwXWaHzHndjHm\nBalytGzlKEsLGhTwrqyRTGQJtkGfn.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.jl884.vip/r4wk/?odlXV=x9GkKIHXkLsCiyVr8u8o1dWkHkpveCE8pq06snQr36Jjj9CRM0vMnoakwWLgrIMHyYBq6SPCqUTgPlgJ6rJOJebRDbzl2T1aaRGoo2pz4PsH3zqV1w==&3rb=9LUll6
|
38.47.158.160
|
|
|
|
https://investdirectinsurance.com/assuence/litesolidCha/Footer.cli
|
172.67.189.102
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
http://www.jl800.vip/g67v/
|
38.47.158.215
|
||
|
http://www.theridleysuk.co.uk
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
http://www.d99qtpkvavjj.xyz/r4rr/
|
3.33.130.190
|
||
|
http://www.theridleysuk.co.uk/frbh/
|
3.33.130.190
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://investdirectinsurance.com/assuence/litesolidCha/Oszina.cli
|
172.67.189.102
|
||
|
https://github.com/HerpDerpinstine/bHapticsLib
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://cdnjs.cloudflare.com/ajax/libs/normalize/5.0.0/normalize.min.css
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
http://www.firmshow.top/02nb/?odlXV=wAM00RPxm4SI4CXmbVVIy3I1PpnrRkiLCY5B6OI1JPNyCoxACldRit5a2XiaNEn9mU81Z8Y/J9c7Sme1Jv71fP4xTcu1wI0JIyM1RMLSZxEp7JGf5Q==&3rb=9LUll6
|
203.161.43.228
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
http://www.firmshow.top/02nb/
|
203.161.43.228
|
There are 10 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
d99qtpkvavjj.xyz
|
3.33.130.190
|
|
|
|
www.d99qtpkvavjj.xyz
|
unknown
|
|
|
|
www.jl884.vip
|
unknown
|
|
|
|
www.jl800.vip
|
unknown
|
|
|
|
www.theridleysuk.co.uk
|
unknown
|
|
|
|
www.cloudsoda.xyz
|
unknown
|
|
|
|
theridleysuk.co.uk
|
3.33.130.190
|
||
|
www.firmshow.top
|
203.161.43.228
|
||
|
e6375a47.jl884.vip.cname.scname.com
|
38.47.158.160
|
||
|
8418a72e.jl800.vip.cname.scname.com
|
38.47.158.215
|
||
|
investdirectinsurance.com
|
172.67.189.102
|
There are 1 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
3.33.130.190
|
theridleysuk.co.uk
|
United States
|
|
|
|
203.161.43.228
|
www.firmshow.top
|
Malaysia
|
||
|
172.67.189.102
|
investdirectinsurance.com
|
United States
|
||
|
38.47.158.215
|
8418a72e.jl800.vip.cname.scname.com
|
United States
|
||
|
38.47.158.160
|
e6375a47.jl884.vip.cname.scname.com
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
34D0000
|
trusted library allocation
|
page read and write
|
|
|
|
3490000
|
trusted library allocation
|
page read and write
|
|
|
|
2B00000
|
unkown
|
page execute and read and write
|
|
|
|
1460000
|
unclassified section
|
page execute and read and write
|
|
|
|
4B10000
|
system
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
13A0000
|
unclassified section
|
page execute and read and write
|
|
|
|
3000000
|
system
|
page execute and read and write
|
|
|
|
3391000
|
heap
|
page read and write
|
||
|
7FF7C19B0000
|
trusted library allocation
|
page read and write
|
||
|
A55000
|
unkown
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
4B9D000
|
system
|
page execute and read and write
|
||
|
8AA000
|
stack
|
page read and write
|
||
|
32A3000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
2344000
|
heap
|
page read and write
|
||
|
167F000
|
stack
|
page read and write
|
||
|
3342000
|
heap
|
page read and write
|
||
|
3050000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
F10000
|
unkown
|
page read and write
|
||
|
A57000
|
unkown
|
page readonly
|
||
|
36EE000
|
stack
|
page read and write
|
||
|
2FFF2000
|
system
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
31FC000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
5F0000
|
unkown
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
1BF81000
|
heap
|
page read and write
|
||
|
23A71E21000
|
trusted library allocation
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
85FE000
|
stack
|
page read and write
|
||
|
3162000
|
trusted library allocation
|
page read and write
|
||
|
7F52000
|
heap
|
page read and write
|
||
|
7FB9000
|
heap
|
page read and write
|
||
|
7EED000
|
heap
|
page read and write
|
||
|
3670000
|
trusted library allocation
|
page read and write
|
||
|
A57000
|
unkown
|
page readonly
|
||
|
23A71FAF000
|
trusted library allocation
|
page read and write
|
||
|
3170000
|
heap
|
page read and write
|
||
|
A31000
|
unkown
|
page readonly
|
||
|
7FF7C1813000
|
trusted library allocation
|
page execute and read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
1316000
|
direct allocation
|
page execute and read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
10F1000
|
stack
|
page read and write
|
||
|
23A70220000
|
heap
|
page read and write
|
||
|
820000
|
unkown
|
page readonly
|
||
|
E01000
|
unkown
|
page readonly
|
||
|
5D0000
|
unkown
|
page read and write
|
||
|
1090000
|
unkown
|
page readonly
|
||
|
8050000
|
trusted library allocation
|
page read and write
|
||
|
4D2C000
|
unkown
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
7FF7C182D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3670000
|
trusted library allocation
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
334C000
|
heap
|
page read and write
|
||
|
A70000
|
unkown
|
page readonly
|
||
|
32A8000
|
heap
|
page read and write
|
||
|
2340000
|
heap
|
page read and write
|
||
|
BC7CFFE000
|
stack
|
page read and write
|
||
|
36E4000
|
heap
|
page read and write
|
||
|
670000
|
unkown
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
4BAD000
|
system
|
page execute and read and write
|
||
|
7FF7C1820000
|
trusted library allocation
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3510000
|
trusted library allocation
|
page read and write
|
||
|
830000
|
unkown
|
page readonly
|
||
|
157F000
|
stack
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
A20000
|
unkown
|
page read and write
|
||
|
3383000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
A40000
|
unkown
|
page readonly
|
||
|
3298000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
7ED6000
|
heap
|
page read and write
|
||
|
23A71FC4000
|
trusted library allocation
|
page read and write
|
||
|
7F24000
|
heap
|
page read and write
|
||
|
863F000
|
stack
|
page read and write
|
||
|
1BF60000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
323C000
|
trusted library allocation
|
page read and write
|
||
|
24C2000
|
unkown
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
12AE000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
A41000
|
unkown
|
page execute read
|
||
|
3670000
|
trusted library allocation
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
13091000
|
trusted library allocation
|
page read and write
|
||
|
7FF7C1812000
|
trusted library allocation
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
D0000
|
unkown
|
page readonly
|
||
|
1260000
|
trusted library allocation
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
32A3000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
1450000
|
heap
|
page read and write
|
||
|
3166000
|
trusted library allocation
|
page read and write
|
||
|
7ED1000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3080000
|
heap
|
page execute and read and write
|
||
|
23A71E03000
|
trusted library allocation
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3490000
|
trusted library allocation
|
page read and write
|
||
|
1286000
|
heap
|
page read and write
|
||
|
355C000
|
unclassified section
|
page execute and read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
C0000
|
unkown
|
page readonly
|
||
|
23F0000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
23A7020C000
|
heap
|
page read and write
|
||
|
3394000
|
heap
|
page read and write
|
||
|
820000
|
unkown
|
page readonly
|
||
|
23A70170000
|
heap
|
page read and write
|
||
|
EFF000
|
stack
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
388E000
|
direct allocation
|
page execute and read and write
|
||
|
F98000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3D1C000
|
unclassified section
|
page read and write
|
||
|
3B5C000
|
unclassified section
|
page read and write
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
7A0000
|
unkown
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
1179000
|
direct allocation
|
page execute and read and write
|
||
|
650000
|
unkown
|
page readonly
|
||
|
3391000
|
heap
|
page read and write
|
||
|
292F000
|
stack
|
page read and write
|
||
|
7FF7C186C000
|
trusted library allocation
|
page execute and read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
ADE000
|
stack
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
23A70160000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
129F000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
5F0000
|
unkown
|
page read and write
|
||
|
A00000
|
unkown
|
page readonly
|
||
|
23A701F7000
|
heap
|
page read and write
|
||
|
3124000
|
trusted library allocation
|
page read and write
|
||
|
3240000
|
trusted library allocation
|
page read and write
|
||
|
3290000
|
heap
|
page read and write
|
||
|
7FF7C18C0000
|
trusted library allocation
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
848C000
|
stack
|
page read and write
|
||
|
7FF7C1814000
|
trusted library allocation
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
1050000
|
direct allocation
|
page execute and read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
1348000
|
heap
|
page read and write
|
||
|
7EA4000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
A41000
|
unkown
|
page execute read
|
||
|
1FE000
|
stack
|
page read and write
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
1BF5F000
|
stack
|
page read and write
|
||
|
310C000
|
unkown
|
page read and write
|
||
|
A00000
|
unkown
|
page readonly
|
||
|
FB4000
|
unkown
|
page read and write
|
||
|
32A7000
|
heap
|
page read and write
|
||
|
117D000
|
direct allocation
|
page execute and read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
7F41000
|
heap
|
page read and write
|
||
|
12AA000
|
heap
|
page read and write
|
||
|
23A700C1000
|
system
|
page execute and read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3A42000
|
unclassified section
|
page read and write
|
||
|
3170000
|
trusted library allocation
|
page read and write
|
||
|
381D000
|
direct allocation
|
page execute and read and write
|
||
|
14A000
|
stack
|
page read and write
|
||
|
7FC000
|
unkown
|
page read and write
|
||
|
FB8000
|
unkown
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
7FF7C19BB000
|
trusted library allocation
|
page read and write
|
||
|
840000
|
unkown
|
page readonly
|
||
|
3391000
|
heap
|
page read and write
|
||
|
7FF7C1810000
|
trusted library allocation
|
page read and write
|
||
|
3390000
|
heap
|
page read and write
|
||
|
9AC000
|
stack
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
A41000
|
unkown
|
page execute read
|
||
|
329C000
|
heap
|
page read and write
|
||
|
2AC4000
|
unkown
|
page read and write
|
||
|
3673000
|
heap
|
page read and write
|
||
|
36F0000
|
direct allocation
|
page execute and read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
30CE000
|
trusted library allocation
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
23A71AA0000
|
trusted library allocation
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
4FC000
|
stack
|
page read and write
|
||
|
6EC000
|
stack
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
7F65000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3270000
|
heap
|
page read and write
|
||
|
190000
|
unkown
|
page readonly
|
||
|
3391000
|
heap
|
page read and write
|
||
|
2A00000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
1301000
|
direct allocation
|
page execute and read and write
|
||
|
7F60000
|
heap
|
page read and write
|
||
|
830000
|
unkown
|
page readonly
|
||
|
FF0000
|
direct allocation
|
page read and write
|
||
|
DF5000
|
heap
|
page read and write
|
||
|
1420000
|
unkown
|
page readonly
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
670000
|
unkown
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
32A1000
|
heap
|
page read and write
|
||
|
66CE000
|
stack
|
page read and write
|
||
|
78F000
|
stack
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
41FC000
|
unkown
|
page execute and read and write
|
||
|
3369000
|
heap
|
page read and write
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
7F38000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
7FF7C1930000
|
trusted library allocation
|
page execute and read and write
|
||
|
5D0000
|
unkown
|
page read and write
|
||
|
26DC000
|
unkown
|
page read and write
|
||
|
2A10000
|
unkown
|
page readonly
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
7F01000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
A55000
|
unkown
|
page read and write
|
||
|
23A71E11000
|
trusted library allocation
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
1BA5F000
|
stack
|
page read and write
|
||
|
7EB2000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
37FC000
|
unkown
|
page execute and read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
4E2F000
|
stack
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
1090000
|
unkown
|
page readonly
|
||
|
7F60000
|
heap
|
page read and write
|
||
|
BF0000
|
unkown
|
page readonly
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3180000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
7FF7C1834000
|
trusted library allocation
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
7FF7C183D000
|
trusted library allocation
|
page execute and read and write
|
||
|
64E000
|
stack
|
page read and write
|
||
|
3347000
|
heap
|
page read and write
|
||
|
1421000
|
unkown
|
page readonly
|
||
|
2E30000
|
trusted library allocation
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
190000
|
unkown
|
page readonly
|
||
|
7FB1000
|
heap
|
page read and write
|
||
|
2402000
|
unkown
|
page read and write
|
||
|
A4E000
|
unkown
|
page readonly
|
||
|
3391000
|
heap
|
page read and write
|
||
|
1BFA7000
|
heap
|
page read and write
|
||
|
3338000
|
heap
|
page read and write
|
||
|
4BBB000
|
system
|
page execute and read and write
|
||
|
3B02000
|
unclassified section
|
page read and write
|
||
|
4104000
|
unclassified section
|
page read and write
|
||
|
2210000
|
unkown
|
page readonly
|
||
|
2A10000
|
unkown
|
page readonly
|
||
|
A55000
|
unkown
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
A4E000
|
unkown
|
page readonly
|
||
|
7FF7C1830000
|
trusted library allocation
|
page read and write
|
||
|
EEF000
|
stack
|
page read and write
|
||
|
7EB9000
|
heap
|
page read and write
|
||
|
4BFC000
|
unkown
|
page execute and read and write
|
||
|
1BB5E000
|
stack
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
FAB000
|
unkown
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
84F000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
1275000
|
heap
|
page read and write
|
||
|
13137000
|
trusted library allocation
|
page read and write
|
||
|
BC7C7FE000
|
stack
|
page read and write
|
||
|
128C000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
2210000
|
unkown
|
page readonly
|
||
|
9E0000
|
unkown
|
page readonly
|
||
|
7FA0000
|
trusted library allocation
|
page read and write
|
||
|
A2F000
|
stack
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
E01000
|
unkown
|
page readonly
|
||
|
3391000
|
heap
|
page read and write
|
||
|
175C000
|
unclassified section
|
page execute and read and write
|
||
|
12ED000
|
heap
|
page read and write
|
||
|
30E0000
|
trusted library allocation
|
page read and write
|
||
|
7EB4000
|
heap
|
page read and write
|
||
|
844C000
|
stack
|
page read and write
|
||
|
3363000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
1305000
|
heap
|
page read and write
|
||
|
84CE000
|
stack
|
page read and write
|
||
|
B3A000
|
heap
|
page read and write
|
||
|
30D8000
|
trusted library allocation
|
page read and write
|
||
|
26DC000
|
unkown
|
page read and write
|
||
|
7FF7C18CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
23A71E00000
|
trusted library allocation
|
page read and write
|
||
|
2A00000
|
heap
|
page read and write
|
||
|
302CC000
|
system
|
page read and write
|
||
|
FEF000
|
stack
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
215C000
|
unclassified section
|
page execute and read and write
|
||
|
4B95000
|
system
|
page execute and read and write
|
||
|
A40000
|
unkown
|
page readonly
|
||
|
7EAF000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
16EE000
|
unclassified section
|
page execute and read and write
|
||
|
7F5B000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
7FF7C19BF000
|
trusted library allocation
|
page read and write
|
||
|
7FF7C183B000
|
trusted library allocation
|
page execute and read and write
|
||
|
30DC000
|
trusted library allocation
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3050000
|
trusted library section
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
1BC5E000
|
stack
|
page read and write
|
||
|
300B2000
|
system
|
page read and write
|
||
|
2340000
|
heap
|
page read and write
|
||
|
D50000
|
unkown
|
page readonly
|
||
|
2984000
|
heap
|
page read and write
|
||
|
147F000
|
stack
|
page read and write
|
||
|
A40000
|
unkown
|
page readonly
|
||
|
3391000
|
heap
|
page read and write
|
||
|
23A701B0000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
32B2000
|
heap
|
page read and write
|
||
|
2B5C000
|
unclassified section
|
page execute and read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
D52000
|
unkown
|
page readonly
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
7EDB000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
838000
|
heap
|
page read and write
|
||
|
23A71E0E000
|
trusted library allocation
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
1FE000
|
stack
|
page read and write
|
||
|
3168000
|
trusted library allocation
|
page read and write
|
||
|
840000
|
unkown
|
page readonly
|
||
|
A40000
|
unkown
|
page readonly
|
||
|
830000
|
heap
|
page read and write
|
||
|
14A000
|
stack
|
page read and write
|
||
|
854E000
|
stack
|
page read and write
|
||
|
7FF7C19C0000
|
trusted library allocation
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
E0000
|
unkown
|
page readonly
|
||
|
680000
|
heap
|
page read and write
|
||
|
3A32000
|
direct allocation
|
page execute and read and write
|
||
|
B9E000
|
stack
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
1B61D000
|
stack
|
page read and write
|
||
|
BEE000
|
stack
|
page read and write
|
||
|
304F000
|
stack
|
page read and write
|
||
|
1A0000
|
unkown
|
page readonly
|
||
|
3546000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
1BE5B000
|
stack
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
23A71F01000
|
trusted library allocation
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
1B0C0000
|
trusted library allocation
|
page read and write
|
||
|
7FF408C50000
|
trusted library allocation
|
page execute and read and write
|
||
|
366F000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3819000
|
direct allocation
|
page execute and read and write
|
||
|
7EF2000
|
heap
|
page read and write
|
||
|
C0000
|
unkown
|
page readonly
|
||
|
7FF7C1823000
|
trusted library allocation
|
page read and write
|
||
|
8AA000
|
stack
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
7EB000
|
stack
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
A20000
|
unkown
|
page read and write
|
||
|
1BF83000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
36A0000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
23A71D00000
|
trusted library allocation
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
4C10000
|
system
|
page execute and read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
A31000
|
unkown
|
page readonly
|
||
|
B28000
|
heap
|
page read and write
|
||
|
7EE2000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
2402000
|
unkown
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
23A71C30000
|
heap
|
page read and write
|
||
|
7F57000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
7F4E000
|
heap
|
page read and write
|
||
|
78F000
|
stack
|
page read and write
|
||
|
A57000
|
unkown
|
page readonly
|
||
|
3391000
|
heap
|
page read and write
|
||
|
180000
|
unkown
|
page readonly
|
||
|
650000
|
unkown
|
page readonly
|
||
|
1280000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
1398000
|
direct allocation
|
page execute and read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
7FF7C19D0000
|
trusted library allocation
|
page read and write
|
||
|
4BB9000
|
system
|
page execute and read and write
|
||
|
2344000
|
heap
|
page read and write
|
||
|
2E70000
|
heap
|
page execute and read and write
|
||
|
23A7021B000
|
heap
|
page read and write
|
||
|
7EBD000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
A2F000
|
stack
|
page read and write
|
||
|
32B2000
|
heap
|
page read and write
|
||
|
790000
|
unkown
|
page read and write
|
||
|
3184000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
D0000
|
unkown
|
page readonly
|
||
|
3391000
|
heap
|
page read and write
|
||
|
A4E000
|
unkown
|
page readonly
|
||
|
9E0000
|
unkown
|
page readonly
|
||
|
7EE8000
|
heap
|
page read and write
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
838000
|
heap
|
page read and write
|
||
|
131D000
|
direct allocation
|
page execute and read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
A55000
|
unkown
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
32A1000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
2F7A000
|
unkown
|
page read and write
|
||
|
7F1A000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
2980000
|
heap
|
page read and write
|
||
|
11EE000
|
direct allocation
|
page execute and read and write
|
||
|
45BA000
|
unclassified section
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
1BD55000
|
stack
|
page read and write
|
||
|
A70000
|
unkown
|
page readonly
|
||
|
6410000
|
trusted library allocation
|
page read and write
|
||
|
34B7000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
850F000
|
stack
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
A41000
|
unkown
|
page execute read
|
||
|
B40000
|
unkown
|
page read and write
|
||
|
23A700C4000
|
system
|
page execute and read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3334000
|
heap
|
page read and write
|
||
|
F98000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
23A70223000
|
heap
|
page read and write
|
||
|
7F4E000
|
heap
|
page read and write
|
||
|
7F53000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
39C1000
|
direct allocation
|
page execute and read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
23A71AA0000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
unkown
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
BC7BFFB000
|
stack
|
page read and write
|
||
|
2DE8000
|
unkown
|
page read and write
|
||
|
12C2000
|
heap
|
page read and write
|
||
|
251C000
|
unkown
|
page read and write
|
||
|
9F0000
|
unkown
|
page readonly
|
||
|
2DFC000
|
unkown
|
page execute and read and write
|
||
|
BC7D7FE000
|
stack
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
2D6B000
|
stack
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
233E000
|
stack
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
7F13000
|
heap
|
page read and write
|
||
|
2D8E000
|
unkown
|
page execute and read and write
|
||
|
12BF000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
1A0000
|
unkown
|
page readonly
|
||
|
3391000
|
heap
|
page read and write
|
||
|
4FC000
|
stack
|
page read and write
|
||
|
23A71AA0000
|
trusted library allocation
|
page read and write
|
||
|
3184000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
9AC000
|
stack
|
page read and write
|
||
|
3091000
|
trusted library allocation
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
23A701F0000
|
heap
|
page read and write
|
||
|
23A70060000
|
system
|
page execute and read and write
|
||
|
A4E000
|
unkown
|
page readonly
|
||
|
3359000
|
heap
|
page read and write
|
||
|
BF0000
|
unkown
|
page readonly
|
||
|
7FF7C18D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
300E000
|
stack
|
page read and write
|
||
|
5E1000
|
unkown
|
page readonly
|
||
|
35C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
7F57000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
B40000
|
unkown
|
page read and write
|
||
|
7F1E000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
858F000
|
stack
|
page read and write
|
||
|
474C000
|
unclassified section
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
A9E000
|
stack
|
page read and write
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
5E1000
|
unkown
|
page readonly
|
||
|
9F0000
|
unkown
|
page readonly
|
||
|
23A71E17000
|
trusted library allocation
|
page read and write
|
||
|
23A71FBE000
|
trusted library allocation
|
page read and write
|
||
|
7F5D000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
7ECB000
|
heap
|
page read and write
|
||
|
3250000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
D50000
|
unkown
|
page readonly
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
180000
|
unkown
|
page readonly
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
4428000
|
unclassified section
|
page read and write
|
||
|
32A7000
|
heap
|
page read and write
|
||
|
39BD000
|
direct allocation
|
page execute and read and write
|
||
|
7F48000
|
heap
|
page read and write
|
||
|
1B0000
|
heap
|
page read and write
|
||
|
686000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
266000
|
unkown
|
page read and write
|
||
|
7F3B000
|
heap
|
page read and write
|
||
|
3184000
|
heap
|
page read and write
|
||
|
7FF7C18C6000
|
trusted library allocation
|
page read and write
|
||
|
64E000
|
stack
|
page read and write
|
||
|
32F5000
|
heap
|
page read and write
|
||
|
306B4000
|
system
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
23F0000
|
heap
|
page read and write
|
||
|
12EB000
|
heap
|
page read and write
|
||
|
1B0000
|
heap
|
page read and write
|
||
|
130A1000
|
trusted library allocation
|
page read and write
|
||
|
2980000
|
heap
|
page read and write
|
||
|
E0000
|
unkown
|
page readonly
|
||
|
3391000
|
heap
|
page read and write
|
||
|
7FF7C18F6000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E60000
|
trusted library allocation
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
A57000
|
unkown
|
page readonly
|
||
|
2DA8000
|
stack
|
page read and write
|
||
|
7FF7C181D000
|
trusted library allocation
|
page execute and read and write
|
There are 629 hidden memdumps, click here to show them.