Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
KEQprG0zDB.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
||
C:\ProgramData\BGIIDAEBGCAAECAKFHII
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
C:\ProgramData\EBGIEGCFHCFHIDHIJECA
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 2, database pages 25, cookie
0xe, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
C:\ProgramData\GDHIEHJEBAAFIDHJEBGIEBFIJK
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x3, schema 4, UTF-8,
version-valid-for 6
|
dropped
|
||
C:\ProgramData\GHJDBAKE
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie
0x37, schema 4, UTF-8, version-valid-for 8
|
dropped
|
||
C:\ProgramData\IIJDBAKKKFBFHIDGIIEHIDBGCA
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
C:\ProgramData\KJDGIJEC
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
C:\ProgramData\freebl3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\ProgramData\mozglue.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\ProgramData\msvcp140.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\ProgramData\nss3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\ProgramData\softokn3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\ProgramData\vcruntime140.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\softokn3[1].dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\vcruntime140[1].dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\freebl3[1].dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\mozglue[1].dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\msvcp140[1].dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\nss3[1].dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
There are 9 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\KEQprG0zDB.exe
|
"C:\Users\user\Desktop\KEQprG0zDB.exe"
|
||
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://217.138.215.82/ec72081014d386e4/vcruntime140.dll
|
217.138.215.82
|
||
http://217.138.215.82/
|
217.138.215.82
|
||
http://217.138.215.82/ec72081014d386e4/softokn3.dll
|
217.138.215.82
|
||
http://217.138.215.82/ec72081014d386e4/mozglue.dll
|
217.138.215.82
|
||
http://217.138.215.82/ec72081014d386e4/nss3.dll
|
217.138.215.82
|
||
http://217.138.215.82/ec72081014d386e4/freebl3.dll
|
217.138.215.82
|
||
http://217.138.215.82
|
unknown
|
||
http://217.138.215.82/ec72081014d386e4/sqlite3.dll
|
217.138.215.82
|
||
http://217.138.215.82/ec72081014d386e4/msvcp140.dll
|
217.138.215.82
|
||
http://217.138.215.82/8c77d85de581124b.php
|
217.138.215.82
|
||
http://217.138.2
|
unknown
|
||
http://217.138.215.82/ec72081014d386e4/msvcp140.dlli
|
unknown
|
||
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
http://217.138.215.82/ec72081014d386e4/nss3.dllser
|
unknown
|
||
http://217.138.215.82/ec72081014d386e4/softokn3.dll1
|
unknown
|
||
https://duckduckgo.com/ac/?q=
|
unknown
|
||
https://github.com/mgravell/protobuf-netJ
|
unknown
|
||
http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0
|
unknown
|
||
http://ocsp.sectigo.com0
|
unknown
|
||
http://217.138.215.82/ec72081014d386e4/mozglue.dllO
|
unknown
|
||
http://217.138.215.82/ec72081014d386e4/Softwareer
|
unknown
|
||
http://217.138.215.82/ec72081014d386e4/vcruntime140.dll1014d386e4/nss3.dll
|
unknown
|
||
http://217.138.215.82/ec72081014d386e4/msvcp140.dllu
|
unknown
|
||
http://crt.sectigo.com/SectigoPublicCodeSigningCAEVR36.crt0#
|
unknown
|
||
http://217.138.215.82/8c77d85de581124b.phpdge
|
unknown
|
||
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#
|
unknown
|
||
http://217.138.215.82/ec72081014d386e4/mozglue.dll33e6ea656ba6edffae7a9tionComponentcal
|
unknown
|
||
http://217.138.215.82/ec72081014d386e4/mozglue.dll=
|
unknown
|
||
http://217.138.215.82ec72081014d386e4/sqlite3.dllnY2l8MXwwfDB8TWV0YU1hc2t8ZWpiYWxiYWtvcGxjaGxnaGVjZG
|
unknown
|
||
http://217.138.215.82/8c77d85de581124b.phptware
|
unknown
|
||
http://217.138.215.82/ec72081014d386e4/sqlite3.dllQ
|
unknown
|
||
http://217.138.215.82/ec72081014d386e4/nss3.dll9
|
unknown
|
||
http://217.138.215.828c77d85de581124b.phprowser
|
unknown
|
||
https://github.com/mgravell/protobuf-neti
|
unknown
|
||
http://217.138.215.82/ec72081014d386e4/mozglue.dllera
|
unknown
|
||
http://217.138.215.82/ec72081014d386e4/mozglue.dll/
|
unknown
|
||
https://stackoverflow.com/q/11564914/23354;
|
unknown
|
||
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
http://217.138.215.82/ec72081014d386e4/vcruntime140.dllv
|
unknown
|
||
http://217.138.215.82/ec72081014d386e4/softokn3.dllC
|
unknown
|
||
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
http://217.138.215.82/ec72081014d386e4/
|
unknown
|
||
http://217.138.215.82/ec72081014d386e4/t
|
unknown
|
||
http://217.138.215.821411eff3ce7ccc36ac0942af4936f33e6ea656ba6edffae7a9tionComponent
|
unknown
|
||
http://www.sqlite.org/copyright.html.
|
unknown
|
||
http://217.138.215.82/S
|
unknown
|
||
http://crl.sectigo.com/SectigoPublicCodeSigningCAEVR36.crl0
|
unknown
|
||
http://www.mozilla.com/en-US/blocklist/
|
unknown
|
||
https://sectigo.com/CPS0
|
unknown
|
||
https://mozilla.org0/
|
unknown
|
||
https://stackoverflow.com/q/14436606/23354
|
unknown
|
||
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
http://217.138.215.82/8c77d85de581124b.phpme
|
unknown
|
||
http://217.138.215.82ata
|
unknown
|
||
https://github.com/mgravell/protobuf-net
|
unknown
|
||
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
http://217.138.215.82/8c77d85de581124b.phptZWVta2JnY2l8MXwwfDB8TWV0YU1hc2t8ZWpiYWxiYWtvcGxjaGxnaGVjZ
|
unknown
|
||
http://217.138.215.82/ec72081014d386e4/softokn3.dllU
|
unknown
|
||
https://www.ecosia.org/newtab/
|
unknown
|
||
http://217.138.215.82/ec72081014d386e4/nss3.dllr:
|
unknown
|
||
http://217.138.215.82/ec72081014d386e4/freebl3.dllser
|
unknown
|
||
http://217.138.215.82/ec72081014d386e4/mozglue.dllg
|
unknown
|
||
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
http://217.138.215.82/8c77d85de581124b.phpM
|
unknown
|
||
http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
|
unknown
|
||
https://ac.ecopnacl
|
unknown
|
||
http://217.138.215.82/ec72081014d386e4/vcruntime140.dllC
|
unknown
|
||
https://stackoverflow.com/q/2152978/23354
|
unknown
|
||
http://217.138.215.82/ec72081014d386e4/freebl3.dllera
|
unknown
|
||
http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
|
unknown
|
||
http://217.138.215.82/ec72081014d386e4/softokn3.dllData
|
unknown
|
||
http://217.138.215.82/ec72081014d386e4/Software
|
unknown
|
||
http://217.138.215.82/ec72081014d386e4/msvcp140.dllData
|
unknown
|
||
http://217.138.215.82ZY
|
unknown
|
||
https://ac.ecop
|
unknown
|
||
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
http://ocsp.sectigo.com0D
|
unknown
|
There are 68 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
|
217.20.57.25
|
||
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
217.138.215.82
|
unknown
|
United Kingdom
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
1207000
|
heap
|
page read and write
|
||
5FA0000
|
trusted library section
|
page read and write
|
||
3481000
|
trusted library allocation
|
page read and write
|
||
4865000
|
trusted library allocation
|
page read and write
|
||
1B12E000
|
stack
|
page read and write
|
||
360C000
|
trusted library allocation
|
page read and write
|
||
216CA000
|
heap
|
page read and write
|
||
3791000
|
trusted library allocation
|
page read and write
|
||
3814000
|
trusted library allocation
|
page read and write
|
||
378D000
|
trusted library allocation
|
page read and write
|
||
37E0000
|
trusted library allocation
|
page read and write
|
||
10BC000
|
stack
|
page read and write
|
||
1B0BD000
|
stack
|
page read and write
|
||
39FC000
|
trusted library allocation
|
page read and write
|
||
3880000
|
trusted library allocation
|
page read and write
|
||
35EF000
|
trusted library allocation
|
page read and write
|
||
587000
|
remote allocation
|
page execute and read and write
|
||
3829000
|
trusted library allocation
|
page read and write
|
||
5A50000
|
trusted library allocation
|
page read and write
|
||
3602000
|
trusted library allocation
|
page read and write
|
||
3846000
|
trusted library allocation
|
page read and write
|
||
38CD000
|
trusted library allocation
|
page read and write
|
||
4481000
|
trusted library allocation
|
page read and write
|
||
335E000
|
stack
|
page read and write
|
||
3988000
|
trusted library allocation
|
page read and write
|
||
35BF000
|
trusted library allocation
|
page read and write
|
||
39F4000
|
trusted library allocation
|
page read and write
|
||
384A000
|
trusted library allocation
|
page read and write
|
||
3665000
|
trusted library allocation
|
page read and write
|
||
37AE000
|
trusted library allocation
|
page read and write
|
||
3760000
|
trusted library allocation
|
page read and write
|
||
39D7000
|
trusted library allocation
|
page read and write
|
||
4D1000
|
remote allocation
|
page execute and read and write
|
||
D90000
|
heap
|
page read and write
|
||
394A000
|
trusted library allocation
|
page read and write
|
||
3A9D000
|
trusted library allocation
|
page read and write
|
||
3842000
|
trusted library allocation
|
page read and write
|
||
1604000
|
trusted library allocation
|
page read and write
|
||
38F7000
|
trusted library allocation
|
page read and write
|
||
61ED4000
|
direct allocation
|
page readonly
|
||
148C000
|
heap
|
page read and write
|
||
35DA000
|
trusted library allocation
|
page read and write
|
||
3912000
|
trusted library allocation
|
page read and write
|
||
366D000
|
trusted library allocation
|
page read and write
|
||
1960000
|
trusted library allocation
|
page read and write
|
||
3832000
|
trusted library allocation
|
page read and write
|
||
5EA0000
|
heap
|
page read and write
|
||
3771000
|
trusted library allocation
|
page read and write
|
||
375E000
|
trusted library allocation
|
page read and write
|
||
3897000
|
trusted library allocation
|
page read and write
|
||
62D0000
|
trusted library allocation
|
page execute and read and write
|
||
35CE000
|
trusted library allocation
|
page read and write
|
||
361A000
|
trusted library allocation
|
page read and write
|
||
37A4000
|
trusted library allocation
|
page read and write
|
||
37F9000
|
trusted library allocation
|
page read and write
|
||
61E00000
|
direct allocation
|
page execute and read and write
|
||
1683000
|
heap
|
page read and write
|
||
6430000
|
trusted library allocation
|
page execute and read and write
|
||
38F3000
|
trusted library allocation
|
page read and write
|
||
3A6C000
|
trusted library allocation
|
page read and write
|
||
3A4D000
|
trusted library allocation
|
page read and write
|
||
37F5000
|
trusted library allocation
|
page read and write
|
||
37C7000
|
trusted library allocation
|
page read and write
|
||
1ADE000
|
stack
|
page read and write
|
||
1AE3F000
|
stack
|
page read and write
|
||
359E000
|
trusted library allocation
|
page read and write
|
||
1822000
|
trusted library allocation
|
page read and write
|
||
3A73000
|
trusted library allocation
|
page read and write
|
||
39DB000
|
trusted library allocation
|
page read and write
|
||
1435000
|
heap
|
page read and write
|
||
3817000
|
trusted library allocation
|
page read and write
|
||
39F6000
|
trusted library allocation
|
page read and write
|
||
3ABA000
|
trusted library allocation
|
page read and write
|
||
3A18000
|
trusted library allocation
|
page read and write
|
||
39C6000
|
trusted library allocation
|
page read and write
|
||
39C4000
|
trusted library allocation
|
page read and write
|
||
39C8000
|
trusted library allocation
|
page read and write
|
||
3AA1000
|
trusted library allocation
|
page read and write
|
||
399F000
|
trusted library allocation
|
page read and write
|
||
390C000
|
trusted library allocation
|
page read and write
|
||
3891000
|
trusted library allocation
|
page read and write
|
||
39A5000
|
trusted library allocation
|
page read and write
|
||
35DE000
|
trusted library allocation
|
page read and write
|
||
276B1000
|
heap
|
page read and write
|
||
38D8000
|
trusted library allocation
|
page read and write
|
||
11B7000
|
stack
|
page read and write
|
||
5E60000
|
trusted library allocation
|
page read and write
|
||
38B0000
|
trusted library allocation
|
page read and write
|
||
3A6E000
|
trusted library allocation
|
page read and write
|
||
3A88000
|
trusted library allocation
|
page read and write
|
||
61ECC000
|
direct allocation
|
page read and write
|
||
384C000
|
trusted library allocation
|
page read and write
|
||
1837000
|
trusted library allocation
|
page execute and read and write
|
||
129E000
|
heap
|
page read and write
|
||
3A11000
|
trusted library allocation
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
10F5000
|
stack
|
page read and write
|
||
3A36000
|
trusted library allocation
|
page read and write
|
||
3A0D000
|
trusted library allocation
|
page read and write
|
||
18D0000
|
heap
|
page read and write
|
||
385B000
|
trusted library allocation
|
page read and write
|
||
5A70000
|
trusted library allocation
|
page read and write
|
||
35D6000
|
trusted library allocation
|
page read and write
|
||
401000
|
remote allocation
|
page execute and read and write
|
||
5D5E000
|
stack
|
page read and write
|
||
5ECA000
|
heap
|
page read and write
|
||
4E7B000
|
trusted library allocation
|
page read and write
|
||
18B0000
|
trusted library allocation
|
page read and write
|
||
3914000
|
trusted library allocation
|
page read and write
|
||
35FB000
|
trusted library allocation
|
page read and write
|
||
3952000
|
trusted library allocation
|
page read and write
|
||
38FD000
|
trusted library allocation
|
page read and write
|
||
3950000
|
trusted library allocation
|
page read and write
|
||
394C000
|
trusted library allocation
|
page read and write
|
||
380A000
|
trusted library allocation
|
page read and write
|
||
27630000
|
heap
|
page read and write
|
||
3AB8000
|
trusted library allocation
|
page read and write
|
||
35A0000
|
trusted library allocation
|
page read and write
|
||
35C1000
|
trusted library allocation
|
page read and write
|
||
5A90000
|
trusted library section
|
page read and write
|
||
35C7000
|
trusted library allocation
|
page read and write
|
||
390A000
|
trusted library allocation
|
page read and write
|
||
37E3000
|
trusted library allocation
|
page read and write
|
||
372C000
|
trusted library allocation
|
page read and write
|
||
3A85000
|
trusted library allocation
|
page read and write
|
||
1680000
|
heap
|
page read and write
|
||
378B000
|
trusted library allocation
|
page read and write
|
||
3927000
|
trusted library allocation
|
page read and write
|
||
382D000
|
trusted library allocation
|
page read and write
|
||
E30000
|
unkown
|
page readonly
|
||
1AFBE000
|
stack
|
page read and write
|
||
398A000
|
trusted library allocation
|
page read and write
|
||
392D000
|
trusted library allocation
|
page read and write
|
||
3667000
|
trusted library allocation
|
page read and write
|
||
61ED3000
|
direct allocation
|
page read and write
|
||
1970000
|
heap
|
page read and write
|
||
37C5000
|
trusted library allocation
|
page read and write
|
||
6060000
|
trusted library allocation
|
page execute and read and write
|
||
3876000
|
trusted library allocation
|
page read and write
|
||
45A8000
|
trusted library allocation
|
page read and write
|
||
3958000
|
trusted library allocation
|
page read and write
|
||
61ED0000
|
direct allocation
|
page read and write
|
||
DA0000
|
heap
|
page read and write
|
||
215D8000
|
heap
|
page read and write
|
||
1012000
|
unkown
|
page readonly
|
||
366F000
|
trusted library allocation
|
page read and write
|
||
35A6000
|
trusted library allocation
|
page read and write
|
||
380E000
|
trusted library allocation
|
page read and write
|
||
10FF000
|
stack
|
page read and write
|
||
38C7000
|
trusted library allocation
|
page read and write
|
||
35F9000
|
trusted library allocation
|
page read and write
|
||
3654000
|
trusted library allocation
|
page read and write
|
||
4562000
|
trusted library allocation
|
page read and write
|
||
35A2000
|
trusted library allocation
|
page read and write
|
||
154E000
|
stack
|
page read and write
|
||
3A70000
|
trusted library allocation
|
page read and write
|
||
3789000
|
trusted library allocation
|
page read and write
|
||
38F1000
|
trusted library allocation
|
page read and write
|
||
38F9000
|
trusted library allocation
|
page read and write
|
||
39D9000
|
trusted library allocation
|
page read and write
|
||
276D1000
|
heap
|
page read and write
|
||
37A2000
|
trusted library allocation
|
page read and write
|
||
3A9B000
|
trusted library allocation
|
page read and write
|
||
3671000
|
trusted library allocation
|
page read and write
|
||
215C3000
|
heap
|
page read and write
|
||
215C0000
|
heap
|
page read and write
|
||
10FD000
|
stack
|
page read and write
|
||
3751000
|
trusted library allocation
|
page read and write
|
||
382F000
|
trusted library allocation
|
page read and write
|
||
3793000
|
trusted library allocation
|
page read and write
|
||
27650000
|
heap
|
page read and write
|
||
358D000
|
trusted library allocation
|
page read and write
|
||
375A000
|
trusted library allocation
|
page read and write
|
||
3A4B000
|
trusted library allocation
|
page read and write
|
||
39BA000
|
trusted library allocation
|
page read and write
|
||
3967000
|
trusted library allocation
|
page read and write
|
||
37FB000
|
trusted library allocation
|
page read and write
|
||
35D8000
|
trusted library allocation
|
page read and write
|
||
3A13000
|
trusted library allocation
|
page read and write
|
||
3868000
|
trusted library allocation
|
page read and write
|
||
60A0000
|
trusted library allocation
|
page read and write
|
||
3882000
|
trusted library allocation
|
page read and write
|
||
3925000
|
trusted library allocation
|
page read and write
|
||
3657000
|
trusted library allocation
|
page read and write
|
||
3A59000
|
trusted library allocation
|
page read and write
|
||
1200000
|
heap
|
page read and write
|
||
35AA000
|
trusted library allocation
|
page read and write
|
||
38E0000
|
trusted library allocation
|
page read and write
|
||
6089000
|
trusted library allocation
|
page read and write
|
||
35F7000
|
trusted library allocation
|
page read and write
|
||
1B3DE000
|
stack
|
page read and write
|
||
361C000
|
trusted library allocation
|
page read and write
|
||
38B6000
|
trusted library allocation
|
page read and write
|
||
38B8000
|
trusted library allocation
|
page read and write
|
||
6090000
|
trusted library allocation
|
page read and write
|
||
347F000
|
stack
|
page read and write
|
||
3A81000
|
trusted library allocation
|
page read and write
|
||
1950000
|
trusted library allocation
|
page read and write
|
||
3954000
|
trusted library allocation
|
page read and write
|
||
215E7000
|
heap
|
page read and write
|
||
1826000
|
trusted library allocation
|
page execute and read and write
|
||
1600000
|
trusted library allocation
|
page read and write
|
||
5E80000
|
trusted library allocation
|
page execute and read and write
|
||
3A97000
|
trusted library allocation
|
page read and write
|
||
1B540000
|
heap
|
page read and write
|
||
3A66000
|
trusted library allocation
|
page read and write
|
||
35ED000
|
trusted library allocation
|
page read and write
|
||
163A000
|
heap
|
page read and write
|
||
3618000
|
trusted library allocation
|
page read and write
|
||
3A32000
|
trusted library allocation
|
page read and write
|
||
18C0000
|
trusted library allocation
|
page read and write
|
||
3929000
|
trusted library allocation
|
page read and write
|
||
3AA5000
|
trusted library allocation
|
page read and write
|
||
38EF000
|
trusted library allocation
|
page read and write
|
||
387A000
|
trusted library allocation
|
page read and write
|
||
18A0000
|
trusted library allocation
|
page execute and read and write
|
||
3969000
|
trusted library allocation
|
page read and write
|
||
3895000
|
trusted library allocation
|
page read and write
|
||
39C0000
|
trusted library allocation
|
page read and write
|
||
35D4000
|
trusted library allocation
|
page read and write
|
||
37AC000
|
trusted library allocation
|
page read and write
|
||
364E000
|
trusted library allocation
|
page read and write
|
||
3631000
|
trusted library allocation
|
page read and write
|
||
3848000
|
trusted library allocation
|
page read and write
|
||
38DA000
|
trusted library allocation
|
page read and write
|
||
61EB7000
|
direct allocation
|
page readonly
|
||
36FB000
|
trusted library allocation
|
page read and write
|
||
62B0000
|
trusted library allocation
|
page read and write
|
||
378F000
|
trusted library allocation
|
page read and write
|
||
3919000
|
trusted library allocation
|
page read and write
|
||
3773000
|
trusted library allocation
|
page read and write
|
||
398C000
|
trusted library allocation
|
page read and write
|
||
5E50000
|
trusted library allocation
|
page read and write
|
||
3AA3000
|
trusted library allocation
|
page read and write
|
||
1480000
|
heap
|
page read and write
|
||
39A3000
|
trusted library allocation
|
page read and write
|
||
35CA000
|
trusted library allocation
|
page read and write
|
||
63E000
|
remote allocation
|
page execute and read and write
|
||
363E000
|
trusted library allocation
|
page read and write
|
||
3A30000
|
trusted library allocation
|
page read and write
|
||
182A000
|
trusted library allocation
|
page execute and read and write
|
||
38AC000
|
trusted library allocation
|
page read and write
|
||
1830000
|
trusted library allocation
|
page read and write
|
||
189E000
|
stack
|
page read and write
|
||
5E70000
|
trusted library allocation
|
page execute and read and write
|
||
38DE000
|
trusted library allocation
|
page read and write
|
||
39E1000
|
trusted library allocation
|
page read and write
|
||
4C4000
|
remote allocation
|
page execute and read and write
|
||
4FD000
|
remote allocation
|
page execute and read and write
|
||
37DA000
|
trusted library allocation
|
page read and write
|
||
12FE000
|
heap
|
page read and write
|
||
38CB000
|
trusted library allocation
|
page read and write
|
||
37C3000
|
trusted library allocation
|
page read and write
|
||
3859000
|
trusted library allocation
|
page read and write
|
||
39F8000
|
trusted library allocation
|
page read and write
|
||
3956000
|
trusted library allocation
|
page read and write
|
||
1247000
|
heap
|
page read and write
|
||
61ECD000
|
direct allocation
|
page readonly
|
||
366B000
|
trusted library allocation
|
page read and write
|
||
361E000
|
trusted library allocation
|
page read and write
|
||
1610000
|
heap
|
page read and write
|
||
5E90000
|
trusted library allocation
|
page execute and read and write
|
||
3A15000
|
trusted library allocation
|
page read and write
|
||
385D000
|
trusted library allocation
|
page read and write
|
||
3600000
|
trusted library allocation
|
page read and write
|
||
15F0000
|
trusted library allocation
|
page read and write
|
||
39A8000
|
trusted library allocation
|
page read and write
|
||
3A53000
|
trusted library allocation
|
page read and write
|
||
27691000
|
heap
|
page read and write
|
||
389B000
|
trusted library allocation
|
page read and write
|
||
35A4000
|
trusted library allocation
|
page read and write
|
||
35C3000
|
trusted library allocation
|
page read and write
|
||
3637000
|
trusted library allocation
|
page read and write
|
||
38DC000
|
trusted library allocation
|
page read and write
|
||
1B65D000
|
heap
|
page read and write
|
||
1B550000
|
heap
|
page read and write
|
||
3884000
|
trusted library allocation
|
page read and write
|
||
1B4DF000
|
stack
|
page read and write
|
||
35DC000
|
trusted library allocation
|
page read and write
|
||
1850000
|
trusted library allocation
|
page read and write
|
||
38B4000
|
trusted library allocation
|
page read and write
|
||
3825000
|
trusted library allocation
|
page read and write
|
||
181D000
|
trusted library allocation
|
page execute and read and write
|
||
27671000
|
heap
|
page read and write
|
||
3A51000
|
trusted library allocation
|
page read and write
|
||
159E000
|
stack
|
page read and write
|
||
39E3000
|
trusted library allocation
|
page read and write
|
||
49F000
|
remote allocation
|
page execute and read and write
|
||
37F7000
|
trusted library allocation
|
page read and write
|
||
21603000
|
heap
|
page read and write
|
||
1B28D000
|
stack
|
page read and write
|
||
392B000
|
trusted library allocation
|
page read and write
|
||
19D0000
|
heap
|
page read and write
|
||
62C000
|
remote allocation
|
page execute and read and write
|
||
3639000
|
trusted library allocation
|
page read and write
|
||
396B000
|
trusted library allocation
|
page read and write
|
||
3616000
|
trusted library allocation
|
page read and write
|
||
3A0F000
|
trusted library allocation
|
page read and write
|
||
1483000
|
heap
|
page read and write
|
||
1B22F000
|
stack
|
page read and write
|
||
1618000
|
heap
|
page read and write
|
||
3669000
|
trusted library allocation
|
page read and write
|
||
3646000
|
trusted library allocation
|
page read and write
|
||
35F5000
|
trusted library allocation
|
page read and write
|
||
35FE000
|
trusted library allocation
|
page read and write
|
||
399B000
|
trusted library allocation
|
page read and write
|
||
1647000
|
heap
|
page read and write
|
||
3A3C000
|
trusted library allocation
|
page read and write
|
||
358A000
|
trusted library allocation
|
page read and write
|
||
363B000
|
trusted library allocation
|
page read and write
|
||
276C9000
|
heap
|
page read and write
|
||
5A60000
|
trusted library allocation
|
page read and write
|
||
1450000
|
heap
|
page read and write
|
||
37C1000
|
trusted library allocation
|
page read and write
|
||
3A34000
|
trusted library allocation
|
page read and write
|
||
35AC000
|
trusted library allocation
|
page read and write
|
||
6010000
|
trusted library section
|
page read and write
|
||
3986000
|
trusted library allocation
|
page read and write
|
||
46A000
|
remote allocation
|
page execute and read and write
|
||
3A68000
|
trusted library allocation
|
page read and write
|
||
D2C000
|
stack
|
page read and write
|
||
DB0000
|
heap
|
page read and write
|
||
38AE000
|
trusted library allocation
|
page read and write
|
||
3623000
|
trusted library allocation
|
page read and write
|
||
396D000
|
trusted library allocation
|
page read and write
|
||
5A7000
|
remote allocation
|
page execute and read and write
|
||
5A40000
|
trusted library allocation
|
page read and write
|
||
3620000
|
trusted library allocation
|
page read and write
|
||
5A80000
|
heap
|
page execute and read and write
|
||
376F000
|
trusted library allocation
|
page read and write
|
||
5AD000
|
remote allocation
|
page execute and read and write
|
||
3812000
|
trusted library allocation
|
page read and write
|
||
400000
|
remote allocation
|
page execute read
|
||
3652000
|
trusted library allocation
|
page read and write
|
||
37DC000
|
trusted library allocation
|
page read and write
|
||
35B9000
|
trusted library allocation
|
page read and write
|
||
43C000
|
remote allocation
|
page execute and read and write
|
||
37A6000
|
trusted library allocation
|
page read and write
|
||
3787000
|
trusted library allocation
|
page read and write
|
||
3878000
|
trusted library allocation
|
page read and write
|
||
3AC0000
|
trusted library allocation
|
page read and write
|
||
1AD3E000
|
stack
|
page read and write
|
||
E32000
|
unkown
|
page readonly
|
||
1262000
|
heap
|
page read and write
|
||
3758000
|
trusted library allocation
|
page read and write
|
||
38FB000
|
trusted library allocation
|
page read and write
|
||
1430000
|
heap
|
page read and write
|
||
4665000
|
trusted library allocation
|
page read and write
|
||
1420000
|
heap
|
page read and write
|
||
398E000
|
trusted library allocation
|
page read and write
|
||
3A4F000
|
trusted library allocation
|
page read and write
|
||
37BF000
|
trusted library allocation
|
page read and write
|
||
60B0000
|
trusted library allocation
|
page execute and read and write
|
||
3810000
|
trusted library allocation
|
page read and write
|
||
35BB000
|
trusted library allocation
|
page read and write
|
||
6070000
|
trusted library allocation
|
page read and write
|
||
3A3A000
|
trusted library allocation
|
page read and write
|
||
1820000
|
trusted library allocation
|
page read and write
|
||
38C5000
|
trusted library allocation
|
page read and write
|
||
191E000
|
stack
|
page read and write
|
||
608B000
|
trusted library allocation
|
page read and write
|
||
1550000
|
heap
|
page read and write
|
||
44EC000
|
trusted library allocation
|
page read and write
|
||
3370000
|
heap
|
page execute and read and write
|
||
39BC000
|
trusted library allocation
|
page read and write
|
||
37DE000
|
trusted library allocation
|
page read and write
|
||
63E0000
|
trusted library section
|
page read and write
|
||
389F000
|
trusted library allocation
|
page read and write
|
||
62A5000
|
trusted library allocation
|
page read and write
|
||
59BE000
|
stack
|
page read and write
|
||
3726000
|
trusted library allocation
|
page read and write
|
||
3A0B000
|
trusted library allocation
|
page read and write
|
||
35A8000
|
trusted library allocation
|
page read and write
|
||
3AB6000
|
trusted library allocation
|
page read and write
|
||
3899000
|
trusted library allocation
|
page read and write
|
||
1940000
|
trusted library allocation
|
page execute and read and write
|
||
6080000
|
trusted library allocation
|
page read and write
|
||
38C9000
|
trusted library allocation
|
page read and write
|
||
1AF7E000
|
stack
|
page read and write
|
||
3A38000
|
trusted library allocation
|
page read and write
|
||
1B38D000
|
stack
|
page read and write
|
||
1603000
|
trusted library allocation
|
page execute and read and write
|
||
39A1000
|
trusted library allocation
|
page read and write
|
||
1AE7E000
|
stack
|
page read and write
|
||
3931000
|
trusted library allocation
|
page read and write
|
||
160D000
|
trusted library allocation
|
page execute and read and write
|
||
DB5000
|
heap
|
page read and write
|
||
215D0000
|
heap
|
page read and write
|
||
375C000
|
trusted library allocation
|
page read and write
|
||
493000
|
remote allocation
|
page execute and read and write
|
||
180F000
|
stack
|
page read and write
|
||
215FA000
|
heap
|
page read and write
|
||
3827000
|
trusted library allocation
|
page read and write
|
||
35EB000
|
trusted library allocation
|
page read and write
|
||
3650000
|
trusted library allocation
|
page read and write
|
||
35E1000
|
trusted library allocation
|
page read and write
|
||
38F5000
|
trusted library allocation
|
page read and write
|
||
3844000
|
trusted library allocation
|
page read and write
|
||
5D60000
|
trusted library section
|
page read and write
|
||
39C2000
|
trusted library allocation
|
page read and write
|
||
364C000
|
trusted library allocation
|
page read and write
|
||
195E000
|
trusted library allocation
|
page read and write
|
||
1810000
|
trusted library allocation
|
page read and write
|
||
4F1000
|
remote allocation
|
page execute and read and write
|
||
3A99000
|
trusted library allocation
|
page read and write
|
||
3974000
|
trusted library allocation
|
page read and write
|
||
61E01000
|
direct allocation
|
page execute read
|
||
15C0000
|
heap
|
page read and write
|
||
3ABC000
|
trusted library allocation
|
page read and write
|
||
5ED0000
|
heap
|
page read and write
|
||
61EB4000
|
direct allocation
|
page read and write
|
||
557E000
|
stack
|
page read and write
|
||
394E000
|
trusted library allocation
|
page read and write
|
||
39FA000
|
trusted library allocation
|
page read and write
|
||
183B000
|
trusted library allocation
|
page execute and read and write
|
||
19BE000
|
stack
|
page read and write
|
||
35BD000
|
trusted library allocation
|
page read and write
|
||
3982000
|
trusted library allocation
|
page read and write
|
||
364A000
|
trusted library allocation
|
page read and write
|
||
276C3000
|
heap
|
page read and write
|
||
3785000
|
trusted library allocation
|
page read and write
|
||
35F1000
|
trusted library allocation
|
page read and write
|
||
1832000
|
trusted library allocation
|
page read and write
|
||
5EC0000
|
heap
|
page read and write
|
||
3288000
|
trusted library allocation
|
page read and write
|
||
39BE000
|
trusted library allocation
|
page read and write
|
||
37D8000
|
trusted library allocation
|
page read and write
|
||
387C000
|
trusted library allocation
|
page read and write
|
||
215E2000
|
heap
|
page read and write
|
There are 419 hidden memdumps, click here to show them.