Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
0XLuA614VK.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\049zKJ78K
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 8
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Okeghem
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\autC864.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\autC894.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\avenses
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\0XLuA614VK.exe
|
"C:\Users\user\Desktop\0XLuA614VK.exe"
|
|
|
|
C:\Windows\SysWOW64\svchost.exe
|
"C:\Users\user\Desktop\0XLuA614VK.exe"
|
|
|
|
C:\Program Files (x86)\tDCzgUpqMpyFtrEZKjWXqEXSFoaiZJoViUUxeRKTJygWDziRLNg\sXmdPDASzrmzi.exe
|
"C:\Program Files (x86)\tDCzgUpqMpyFtrEZKjWXqEXSFoaiZJoViUUxeRKTJygWDziRLNg\sXmdPDASzrmzi.exe"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\SysWOW64\msiexec.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.formytinyhome.com/lztc/?V6h=7O2Vi30c2oKUz/gZ0nmLwDIgwhZodI9AolnTqJiIqHlz4L2fxMx7xnfeqZW9vH+mS4f3qWyrmk5EaMabwLfk8B7yJXbJanTlK0OvtO++wyfSRGRbh4BKfAxEuo7imst0wg==&sH=nVVHdDTx2PSTVJ
|
34.149.87.45
|
|
|
|
http://www.thecivilwearsprada06.site/2hp8/
|
199.59.243.226
|
|
|
|
http://www.cacingnaga36.click/ssw0/
|
199.59.243.226
|
|
|
|
http://www.whiskeydecanterset.com/wuux/?sH=nVVHdDTx2PSTVJ&V6h=G8W1V2+ngxJ+E83/0IyfiXupIqoHasoRgPgAY3+/EHQIvd2Wul84Lo8VWixQDtg5AMG3Phy0eNTP33PkrrD0t0eGx0WSmGJ1HH0cwOwxD95TaQSaBMeTfZ443OH1gA0wDQ==
|
199.59.243.226
|
|
|
|
http://www.smokesandhoney.com/ld3u/?V6h=7cSyNGFy/S5quoM6udyikngV4L2ptvlq1/kf9BPZtTlwCENfjvle2IZfxcv5JQLEZFLmm1935WPn1s0g14qVusJPQGgEr6+5yVxfblixZgca2mD/C/dkht+8dQzCD1+Jew==&sH=nVVHdDTx2PSTVJ
|
34.149.87.45
|
|
|
|
http://www.cacingnaga36.click/ssw0/?V6h=EWS2YwJnJiunoUuFc/7D9RbaJ3v4wM/73ZiSCzwa3KkaAEYrAxr2MHaEXaA/BV5/vIbe5XGczNGh+M2iNsrtVcMRpqBE9VdECLv8jlI9PFfIoqokrAMGKtNOgnbIBrYWGQ==&sH=nVVHdDTx2PSTVJ
|
199.59.243.226
|
|
|
|
http://www.smokesandhoney.com/ld3u/
|
34.149.87.45
|
|
|
|
http://www.5a8yly.cfd/kfsd/
|
72.52.178.23
|
|
|
|
http://www.4odagiyn.click/f1qc/?V6h=hzwN5LvsQYGPXTyx42WRS7uCqzLBy6ud4OZoJGct5lGhQCi/JqvYfzOI1V2uJBuqGZjzCjoJ029vt64MfCw2DjbXOZQ5rAFnHlGKde1l7O/bIsy3YWShbixw9PLvmnDlNA==&sH=nVVHdDTx2PSTVJ
|
72.52.178.23
|
|
|
|
http://www.bnmlk.org/r6tm/?sH=nVVHdDTx2PSTVJ&V6h=03r06RSocIWRHlQMBHZ7/ZdxuKKmGlmlv7BltFVQgkYFIdRnDBF7O8WDu3tP30gBrpd5Hehkjcnr6TVmd9giBmXATSrzqLCUTktLP3Nid+3n62oF5w/Mdat6l5CFzOydDA==
|
13.248.151.237
|
|
|
|
http://www.marinamaquiagens.online/n4sv/?V6h=Rn8sYt8YDaYT7jFf5K1RN21751bCn2USuvRVR0XZr3jMl4ljVezIqMhPdYzWo0QynoEEVao5Nd7ZkOoeHk8KzYmVnd6lY3cEc8VkS42gD8QuE3e2/CTNStdnS6k5rMWW1Q==&sH=nVVHdDTx2PSTVJ
|
15.197.240.20
|
|
|
|
http://www.yi992.com/iuti/?V6h=hoHbkVcpbob4KKGwTSg4Qmxuxm4KO3ujR6NVpJZRiS90gufBWzA0W/yR6JGFw3H3NTWRULQgnx1gCbPTi357oLTiVxRhMsTUHJ+Wl6jWlVJ6tv3Z5Sqw5Cg13CqV209vow==&sH=nVVHdDTx2PSTVJ
|
199.59.243.226
|
|
|
|
http://www.wildenmann.shop/ccpi/
|
91.203.110.247
|
|
|
|
http://www.4odagiyn.click/f1qc/
|
72.52.178.23
|
|
|
|
http://www.bnmlk.org/r6tm/
|
13.248.151.237
|
|
|
|
http://www.marinamaquiagens.online/n4sv/
|
15.197.240.20
|
|
|
|
http://www.formytinyhome.com/lztc/
|
34.149.87.45
|
|
|
|
http://www.rigintech.info/ig9u/?V6h=DsbZHDl7ETyucOGSRMDREU0gLqon/JCM1qPnn3cy3RxLEFGk9lVuu2W6wSDxGu+YER8koFm75cmrGcIzTbmZQ3LhDYrene07E1oxIZlh9GtUu7RZMRKLFDCiJnSgV5dMHg==&sH=nVVHdDTx2PSTVJ
|
162.0.213.94
|
|
|
|
http://www.5a8yly.cfd/kfsd/?sH=nVVHdDTx2PSTVJ&V6h=xdt0ktZO0PUVE8ko/vYSpSqVpvi6VCO8XncayCS9euW1eL9fqbwTWogO+vBLUJXWpdaX6FBHI3PARBJ6BBwlCmNGVSn5FdlKflrneiv2THCpchPWcIBHiIkx6LHBCpUWbA==
|
72.52.178.23
|
|
|
|
http://www.yi992.com/iuti/
|
199.59.243.226
|
|
|
|
http://www.rigintech.info/ig9u/
|
162.0.213.94
|
|
|
|
http://www.wildenmann.shop/ccpi/?sH=nVVHdDTx2PSTVJ&V6h=96vdCLF6vzOjbBC3mbkrC4zzUz2rd8Vx/oWpiC2btghNh3zo1JohGtlH0OSuyloWV4aL4gulV88Z8WUGiHxG/5dbitedT3dwls/KnYRS+O7Xw5tFmWV2oMBDB9F7a8JBDA==
|
91.203.110.247
|
|
|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
http://www.bnmlk.org/?ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NmQ5YTM2NDExYzB
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://www.namesilo.com/whois
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://d38psrni17bvxu.cloudfront.net/themes/registrar/images/namesilo.svg
|
unknown
|
||
|
https://www.namesilo.com
|
unknown
|
||
|
https://pcnatrk.net/track.
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
http://ww7.4odagiyn.click/f1qc/?V6h=hzwN5LvsQYGPXTyx42WRS7uCqzLBy6ud4OZoJGct5lGhQCi/JqvYfzOI1V2uJBuq
|
unknown
|
||
|
https://www.formytinyhome.com/lztc/?V6h=7O2Vi30c2oKUz/gZ0nmLwDIgwhZodI9AolnTqJiIqHlz4L2fxMx7xnfeqZW9
|
unknown
|
||
|
http://ww1.5a8yly.cfd/kfsd/?sH=nVVHdDTx2PSTVJ&V6h=xdt0ktZO0PUVE8ko/vYSpSqVpvi6VCO8XncayCS9euW1eL9fqb
|
unknown
|
||
|
https://www.smokesandhoney.com/ld3u/?V6h=7cSyNGFy/S5quoM6udyikngV4L2ptvlq1/kf9BPZtTlwCENfjvle2IZfxcv
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://www.namesilo.com/domain/search-domains
|
unknown
|
||
|
http://c.parkingcrew.net/scripts/sale_form.js
|
unknown
|
||
|
http://www.4odagiyn.click
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://cdnjs.cloudflare.com/ajax/libs/normalize/5.0.0/normalize.min.css
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
http://wildenmann.shop/ccpi/?sH=nVVHdDTx2PSTVJ&V6h=96vdCLF6vzOjbBC3mbkrC4zzUz2rd8Vx/oWpiC2btghNh3zo1
|
unknown
|
There are 36 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.rigintech.info
|
162.0.213.94
|
|
|
|
869710.parkingcrew.net
|
13.248.151.237
|
|
|
|
77980.bodis.com
|
199.59.243.226
|
|
|
|
www.wildenmann.shop
|
91.203.110.247
|
|
|
|
www.4odagiyn.click
|
72.52.178.23
|
|
|
|
www.5a8yly.cfd
|
72.52.178.23
|
|
|
|
td-ccm-neg-87-45.wixdns.net
|
34.149.87.45
|
|
|
|
www.marinamaquiagens.online
|
15.197.240.20
|
|
|
|
www.ios2222abh.top
|
unknown
|
|
|
|
www.bnmlk.org
|
unknown
|
|
|
|
www.shimakaze-83.cfd
|
unknown
|
|
|
|
www.cacingnaga36.click
|
unknown
|
|
|
|
198.187.3.20.in-addr.arpa
|
unknown
|
|
|
|
www.sugargz.com
|
unknown
|
|
|
|
www.whiskeydecanterset.com
|
unknown
|
|
|
|
www.yi992.com
|
unknown
|
|
|
|
www.smokesandhoney.com
|
unknown
|
|
|
|
www.thecivilwearsprada06.site
|
unknown
|
|
|
|
www.sandiegosharon.com
|
unknown
|
|
|
|
www.formytinyhome.com
|
unknown
|
|
There are 10 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
72.52.178.23
|
www.4odagiyn.click
|
United States
|
|
|
|
162.0.213.94
|
www.rigintech.info
|
Canada
|
|
|
|
15.197.240.20
|
www.marinamaquiagens.online
|
United States
|
|
|
|
199.59.243.226
|
77980.bodis.com
|
United States
|
|
|
|
13.248.151.237
|
869710.parkingcrew.net
|
United States
|
|
|
|
34.149.87.45
|
td-ccm-neg-87-45.wixdns.net
|
United States
|
|
|
|
91.203.110.247
|
www.wildenmann.shop
|
Germany
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
5000000
|
unclassified section
|
page execute and read and write
|
|
|
|
6A20000
|
system
|
page execute and read and write
|
|
|
|
2590000
|
trusted library allocation
|
page read and write
|
|
|
|
400000
|
system
|
page execute and read and write
|
|
|
|
3480000
|
unclassified section
|
page execute and read and write
|
|
|
|
110000
|
system
|
page execute and read and write
|
|
|
|
25D0000
|
trusted library allocation
|
page read and write
|
|
|
|
41A0000
|
unkown
|
page execute and read and write
|
|
|
|
2CA4000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
1213000
|
heap
|
page read and write
|
||
|
49D4000
|
system
|
page read and write
|
||
|
1611000
|
unkown
|
page readonly
|
||
|
73E4000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
1F87B490000
|
system
|
page execute and read and write
|
||
|
2D80000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
41DC000
|
heap
|
page read and write
|
||
|
109F000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
3A43000
|
direct allocation
|
page read and write
|
||
|
1491000
|
heap
|
page read and write
|
||
|
1289000
|
heap
|
page read and write
|
||
|
C1B000
|
stack
|
page read and write
|
||
|
40B0000
|
heap
|
page read and write
|
||
|
BCA000
|
stack
|
page read and write
|
||
|
3005000
|
heap
|
page read and write
|
||
|
3A70000
|
direct allocation
|
page read and write
|
||
|
1088000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
BFE000
|
stack
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
41B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F87CF00000
|
trusted library allocation
|
page read and write
|
||
|
38D0000
|
direct allocation
|
page read and write
|
||
|
F21000
|
unkown
|
page execute read
|
||
|
4822000
|
unclassified section
|
page read and write
|
||
|
2672000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
38D0000
|
direct allocation
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
1299000
|
heap
|
page read and write
|
||
|
5E000
|
unkown
|
page readonly
|
||
|
C80000
|
heap
|
page read and write
|
||
|
C0E000
|
stack
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
7540000
|
trusted library allocation
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
45EC000
|
system
|
page read and write
|
||
|
3480000
|
direct allocation
|
page read and write
|
||
|
272E000
|
heap
|
page read and write
|
||
|
26F4000
|
heap
|
page read and write
|
||
|
3BAE4000
|
system
|
page read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
3B6FC000
|
system
|
page read and write
|
||
|
47F000
|
stack
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
1F87B6F0000
|
heap
|
page read and write
|
||
|
1F87D00F000
|
trusted library allocation
|
page read and write
|
||
|
1429000
|
heap
|
page read and write
|
||
|
3B422000
|
system
|
page read and write
|
||
|
FEC000
|
unkown
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
11F8000
|
heap
|
page read and write
|
||
|
10B6000
|
unkown
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
4B817FF000
|
stack
|
page read and write
|
||
|
12D1000
|
heap
|
page read and write
|
||
|
4752000
|
direct allocation
|
page execute and read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
10A9000
|
unkown
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
270A000
|
heap
|
page read and write
|
||
|
1F87D011000
|
trusted library allocation
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
2D90000
|
direct allocation
|
page read and write
|
||
|
FBC000
|
unkown
|
page readonly
|
||
|
4B66000
|
system
|
page read and write
|
||
|
799F000
|
stack
|
page read and write
|
||
|
3B9D000
|
direct allocation
|
page read and write
|
||
|
C2F000
|
stack
|
page read and write
|
||
|
1021000
|
unkown
|
page readonly
|
||
|
424C000
|
unkown
|
page execute and read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
67000
|
unkown
|
page readonly
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
50AC000
|
unclassified section
|
page execute and read and write
|
||
|
65000
|
unkown
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
5DD8000
|
unclassified section
|
page read and write
|
||
|
190000
|
heap
|
page readonly
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
145B000
|
heap
|
page read and write
|
||
|
DFE000
|
stack
|
page read and write
|
||
|
127F000
|
stack
|
page read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
F00000
|
unkown
|
page readonly
|
||
|
2584000
|
heap
|
page read and write
|
||
|
51000
|
unkown
|
page execute read
|
||
|
5988000
|
system
|
page read and write
|
||
|
442C000
|
system
|
page read and write
|
||
|
4539000
|
direct allocation
|
page execute and read and write
|
||
|
3005000
|
heap
|
page read and write
|
||
|
1035000
|
heap
|
page read and write
|
||
|
2728000
|
heap
|
page read and write
|
||
|
1F87CEF0000
|
heap
|
page read and write
|
||
|
B40000
|
unkown
|
page readonly
|
||
|
3017000
|
heap
|
page read and write
|
||
|
1299000
|
heap
|
page read and write
|
||
|
795E000
|
stack
|
page read and write
|
||
|
1F87D000000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
unkown
|
page readonly
|
||
|
E40000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
1494000
|
heap
|
page read and write
|
||
|
741E000
|
heap
|
page read and write
|
||
|
F10000
|
unkown
|
page readonly
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
FF0000
|
unkown
|
page write copy
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
1299000
|
heap
|
page read and write
|
||
|
19EE000
|
stack
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
122C000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
26DE000
|
heap
|
page read and write
|
||
|
5CAC000
|
system
|
page read and write
|
||
|
1299000
|
heap
|
page read and write
|
||
|
F20000
|
unkown
|
page readonly
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
2CB0000
|
unkown
|
page readonly
|
||
|
26E3000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
266C000
|
heap
|
page read and write
|
||
|
26BD000
|
heap
|
page read and write
|
||
|
1F87CEC0000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
51AE000
|
system
|
page read and write
|
||
|
3BED000
|
direct allocation
|
page read and write
|
||
|
107E000
|
stack
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
37A0000
|
unkown
|
page execute and read and write
|
||
|
3101000
|
heap
|
page read and write
|
||
|
428D000
|
stack
|
page read and write
|
||
|
1F87B5EF000
|
heap
|
page read and write
|
||
|
26FD000
|
heap
|
page read and write
|
||
|
3729000
|
direct allocation
|
page execute and read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
39F3000
|
direct allocation
|
page read and write
|
||
|
2CB0000
|
unkown
|
page readonly
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
3B53C000
|
system
|
page read and write
|
||
|
10BB000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
46E1000
|
direct allocation
|
page execute and read and write
|
||
|
2810000
|
trusted library allocation
|
page read and write
|
||
|
F21000
|
unkown
|
page execute read
|
||
|
4394000
|
heap
|
page read and write
|
||
|
BCA000
|
stack
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
26B8000
|
heap
|
page read and write
|
||
|
1F87B5FC000
|
heap
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
3B4E2000
|
system
|
page read and write
|
||
|
43D2000
|
system
|
page read and write
|
||
|
12C7000
|
heap
|
page read and write
|
||
|
343F000
|
stack
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
2AE0000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
5F6A000
|
unclassified section
|
page read and write
|
||
|
1288000
|
heap
|
page read and write
|
||
|
60FC000
|
unclassified section
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
2580000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
3480000
|
direct allocation
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
301A000
|
heap
|
page read and write
|
||
|
1F87D1CE000
|
trusted library allocation
|
page read and write
|
||
|
4600000
|
unclassified section
|
page execute and read and write
|
||
|
3A70000
|
direct allocation
|
page read and write
|
||
|
26AC000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
1F87B5E9000
|
heap
|
page read and write
|
||
|
2A20000
|
unkown
|
page read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
271D000
|
heap
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
79AF000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
1DEE000
|
stack
|
page read and write
|
||
|
FEC000
|
unkown
|
page write copy
|
||
|
2A80000
|
unkown
|
page readonly
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
38D0000
|
direct allocation
|
page read and write
|
||
|
26DE000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
2DCE000
|
stack
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
FF4000
|
unkown
|
page readonly
|
||
|
E70000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
26B8000
|
heap
|
page read and write
|
||
|
46DD000
|
direct allocation
|
page execute and read and write
|
||
|
1010000
|
unkown
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
3000000
|
heap
|
page read and write
|
||
|
28B0000
|
trusted library allocation
|
page read and write
|
||
|
73EA000
|
heap
|
page read and write
|
||
|
B60000
|
unkown
|
page readonly
|
||
|
12D1000
|
heap
|
page read and write
|
||
|
12D1000
|
heap
|
page read and write
|
||
|
7417000
|
heap
|
page read and write
|
||
|
1348000
|
heap
|
page read and write
|
||
|
1287000
|
heap
|
page read and write
|
||
|
1F87D100000
|
trusted library allocation
|
page read and write
|
||
|
6A7F000
|
system
|
page execute and read and write
|
||
|
7490000
|
trusted library allocation
|
page read and write
|
||
|
28B0000
|
trusted library allocation
|
page read and write
|
||
|
2E02000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
10A5000
|
unkown
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B9000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
3920000
|
direct allocation
|
page read and write
|
||
|
26E7000
|
heap
|
page read and write
|
||
|
FE2000
|
unkown
|
page readonly
|
||
|
38D1000
|
direct allocation
|
page execute and read and write
|
||
|
4BFFBFC000
|
stack
|
page read and write
|
||
|
39F3000
|
direct allocation
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
65000
|
unkown
|
page read and write
|
||
|
73AB000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
1010000
|
unkown
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
4B807FE000
|
stack
|
page read and write
|
||
|
487C000
|
unclassified section
|
page read and write
|
||
|
32FF000
|
stack
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
52DA000
|
unclassified section
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
73A3000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
1288000
|
heap
|
page read and write
|
||
|
65B2000
|
unclassified section
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
45AE000
|
direct allocation
|
page execute and read and write
|
||
|
39F3000
|
direct allocation
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
10B6000
|
unkown
|
page read and write
|
||
|
42BA000
|
unkown
|
page execute and read and write
|
||
|
122C000
|
heap
|
page read and write
|
||
|
7411000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
4405000
|
heap
|
page read and write
|
||
|
83A000
|
stack
|
page read and write
|
||
|
107E000
|
stack
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
2663000
|
heap
|
page read and write
|
||
|
57F6000
|
system
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
147B000
|
heap
|
page read and write
|
||
|
28B0000
|
trusted library allocation
|
page read and write
|
||
|
2BEF000
|
stack
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
180000
|
heap
|
page read and write
|
||
|
73F4000
|
heap
|
page read and write
|
||
|
4A3C000
|
unclassified section
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
3A43000
|
direct allocation
|
page read and write
|
||
|
26CA000
|
heap
|
page read and write
|
||
|
42CE000
|
stack
|
page read and write
|
||
|
3BED000
|
direct allocation
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
267F000
|
heap
|
page read and write
|
||
|
1280000
|
unkown
|
page readonly
|
||
|
1354000
|
heap
|
page read and write
|
||
|
4E8A000
|
system
|
page read and write
|
||
|
C3F000
|
stack
|
page read and write
|
||
|
26EE000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
1F87CF00000
|
trusted library allocation
|
page read and write
|
||
|
3B99000
|
direct allocation
|
page read and write
|
||
|
1F87B60C000
|
heap
|
page read and write
|
||
|
12D1000
|
heap
|
page read and write
|
||
|
6A6F000
|
system
|
page execute and read and write
|
||
|
1F87D003000
|
trusted library allocation
|
page read and write
|
||
|
7430000
|
heap
|
page read and write
|
||
|
1170000
|
direct allocation
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
2584000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
5AB4000
|
unclassified section
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
2672000
|
heap
|
page read and write
|
||
|
3012000
|
heap
|
page read and write
|
||
|
2C2C000
|
unkown
|
page read and write
|
||
|
628E000
|
unclassified section
|
page read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
F10000
|
unkown
|
page readonly
|
||
|
2640000
|
heap
|
page read and write
|
||
|
D1D000
|
unkown
|
page read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
1F87D1BE000
|
trusted library allocation
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
1160000
|
direct allocation
|
page execute and read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
1F87D101000
|
trusted library allocation
|
page read and write
|
||
|
73BB000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
26F7000
|
heap
|
page read and write
|
||
|
5922000
|
unclassified section
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
1227000
|
heap
|
page read and write
|
||
|
4410000
|
direct allocation
|
page execute and read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
4E24000
|
unclassified section
|
page read and write
|
||
|
511A000
|
unclassified section
|
page execute and read and write
|
||
|
26BD000
|
heap
|
page read and write
|
||
|
5E000
|
unkown
|
page readonly
|
||
|
1021000
|
unkown
|
page readonly
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
E74000
|
heap
|
page read and write
|
||
|
3440000
|
direct allocation
|
page read and write
|
||
|
EFC000
|
stack
|
page read and write
|
||
|
4390000
|
heap
|
page read and write
|
||
|
55FE000
|
unclassified section
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
3323000
|
heap
|
page read and write
|
||
|
2C3A000
|
stack
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
3920000
|
direct allocation
|
page read and write
|
||
|
74A3000
|
heap
|
page read and write
|
||
|
3C5E000
|
direct allocation
|
page read and write
|
||
|
2584000
|
heap
|
page read and write
|
||
|
12D1000
|
heap
|
page read and write
|
||
|
7110000
|
trusted library allocation
|
page read and write
|
||
|
2900000
|
heap
|
page read and write
|
||
|
2AA0000
|
unkown
|
page read and write
|
||
|
73C3000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
B50000
|
unkown
|
page readonly
|
||
|
3920000
|
direct allocation
|
page read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
3BE9000
|
direct allocation
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
1F87B5E0000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
4B80FFE000
|
stack
|
page read and write
|
||
|
3A70000
|
direct allocation
|
page read and write
|
||
|
4267000
|
heap
|
page read and write
|
||
|
2C70000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
3AC0000
|
direct allocation
|
page read and write
|
||
|
26CA000
|
heap
|
page read and write
|
||
|
3048000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
12D1000
|
heap
|
page read and write
|
||
|
1F87D00A000
|
trusted library allocation
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
38CD000
|
direct allocation
|
page execute and read and write
|
||
|
3A01000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
453D000
|
direct allocation
|
page execute and read and write
|
||
|
2590000
|
trusted library allocation
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
3C0E000
|
direct allocation
|
page read and write
|
||
|
73B1000
|
heap
|
page read and write
|
||
|
3B99000
|
direct allocation
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
6C3C000
|
unkown
|
page read and write
|
||
|
3B99000
|
direct allocation
|
page read and write
|
||
|
1F87B610000
|
heap
|
page read and write
|
||
|
3BED000
|
direct allocation
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
1255000
|
heap
|
page read and write
|
||
|
2DA0000
|
unkown
|
page execute and read and write
|
||
|
1406000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
2AB0000
|
unkown
|
page read and write
|
||
|
129A000
|
heap
|
page read and write
|
||
|
3600000
|
direct allocation
|
page execute and read and write
|
||
|
50000
|
unkown
|
page readonly
|
||
|
73CB000
|
heap
|
page read and write
|
||
|
2AE0000
|
heap
|
page read and write
|
||
|
D8000
|
stack
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
264A000
|
heap
|
page read and write
|
||
|
7408000
|
heap
|
page read and write
|
||
|
2CA4000
|
heap
|
page read and write
|
||
|
359E000
|
heap
|
page read and write
|
||
|
1280000
|
unkown
|
page readonly
|
||
|
10AC000
|
heap
|
page read and write
|
||
|
7426000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
26D1000
|
heap
|
page read and write
|
||
|
3C5E000
|
direct allocation
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
51000
|
unkown
|
page execute read
|
||
|
12D1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
26C7000
|
heap
|
page read and write
|
||
|
5C46000
|
unclassified section
|
page read and write
|
||
|
6162000
|
system
|
page read and write
|
||
|
266C000
|
heap
|
page read and write
|
||
|
3C00000
|
unclassified section
|
page execute and read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
127F000
|
stack
|
page read and write
|
||
|
5E3E000
|
system
|
page read and write
|
||
|
EFC000
|
stack
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
F20000
|
unkown
|
page readonly
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
1F87D014000
|
trusted library allocation
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
333E000
|
stack
|
page read and write
|
||
|
2A80000
|
unkown
|
page readonly
|
||
|
2584000
|
heap
|
page read and write
|
||
|
379E000
|
direct allocation
|
page execute and read and write
|
||
|
1298000
|
heap
|
page read and write
|
||
|
3400000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
FBC000
|
unkown
|
page readonly
|
||
|
12D1000
|
heap
|
page read and write
|
||
|
1F87B521000
|
system
|
page execute and read and write
|
||
|
1299000
|
heap
|
page read and write
|
||
|
5B1A000
|
system
|
page read and write
|
||
|
1088000
|
heap
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
12D1000
|
heap
|
page read and write
|
||
|
1465000
|
heap
|
page read and write
|
||
|
1611000
|
unkown
|
page readonly
|
||
|
266C000
|
heap
|
page read and write
|
||
|
FF4000
|
unkown
|
page readonly
|
||
|
50000
|
unkown
|
page readonly
|
||
|
2A20000
|
unkown
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
73EF000
|
heap
|
page read and write
|
||
|
1223000
|
heap
|
page read and write
|
||
|
4320000
|
heap
|
page read and write
|
||
|
B40000
|
unkown
|
page readonly
|
||
|
B50000
|
unkown
|
page readonly
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
73B6000
|
heap
|
page read and write
|
||
|
1A0000
|
heap
|
page read and write
|
||
|
12D2000
|
heap
|
page read and write
|
||
|
3480000
|
direct allocation
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
43E000
|
stack
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
352D000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
2A7E000
|
stack
|
page read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
3BE9000
|
direct allocation
|
page read and write
|
||
|
12B9000
|
heap
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
5664000
|
system
|
page read and write
|
||
|
2724000
|
heap
|
page read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
FE2000
|
unkown
|
page readonly
|
||
|
3AC0000
|
direct allocation
|
page read and write
|
||
|
372D000
|
direct allocation
|
page execute and read and write
|
||
|
73BE000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
6A65000
|
system
|
page execute and read and write
|
||
|
1F87B525000
|
system
|
page execute and read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
266C000
|
heap
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
1F87B613000
|
heap
|
page read and write
|
||
|
4762000
|
unclassified section
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
3BE9000
|
direct allocation
|
page read and write
|
||
|
26C7000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
3B9D000
|
direct allocation
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
B60000
|
unkown
|
page readonly
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
4312000
|
system
|
page read and write
|
||
|
129A000
|
heap
|
page read and write
|
||
|
303B000
|
heap
|
page read and write
|
||
|
DBE000
|
stack
|
page read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
3529000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
109B000
|
unkown
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
F20000
|
unkown
|
page readonly
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
1F87D1C4000
|
trusted library allocation
|
page read and write
|
||
|
1F87D1A7000
|
trusted library allocation
|
page read and write
|
||
|
1F87B613000
|
heap
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
739E000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
304A000
|
heap
|
page read and write
|
||
|
F20000
|
unkown
|
page readonly
|
||
|
3C0E000
|
direct allocation
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
67000
|
unkown
|
page readonly
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
3C0E000
|
direct allocation
|
page read and write
|
||
|
123B000
|
heap
|
page read and write
|
||
|
3A43000
|
direct allocation
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
4FB6000
|
unclassified section
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
3B9D000
|
direct allocation
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
3942000
|
direct allocation
|
page execute and read and write
|
||
|
1490000
|
heap
|
page read and write
|
||
|
742D000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
29DC000
|
stack
|
page read and write
|
||
|
54D2000
|
system
|
page read and write
|
||
|
12D1000
|
heap
|
page read and write
|
||
|
1F87CF00000
|
trusted library allocation
|
page read and write
|
||
|
7422000
|
heap
|
page read and write
|
||
|
1298000
|
heap
|
page read and write
|
||
|
6A8B000
|
system
|
page execute and read and write
|
||
|
1F87D021000
|
trusted library allocation
|
page read and write
|
||
|
2AC0000
|
unkown
|
page read and write
|
||
|
3019000
|
heap
|
page read and write
|
||
|
2AA0000
|
unkown
|
page read and write
|
||
|
6AE2000
|
system
|
page execute and read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
122C000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
3017000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
1F87B5C0000
|
heap
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
40B1000
|
heap
|
page read and write
|
||
|
3C5E000
|
direct allocation
|
page read and write
|
||
|
3AC0000
|
direct allocation
|
page read and write
|
There are 602 hidden memdumps, click here to show them.