Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
file.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\182349\Beginners.pif
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
modified
|
|
|
|
C:\Users\user\AppData\Local\TradeOptimize Dynamics\TradeHub.js
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\TradeOptimize Dynamics\TradeHub.scr
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TradeHub.url
|
MS Windows 95 Internet shortcut text (URL=<"C:\Users\user\AppData\Local\TradeOptimize Dynamics\TradeHub.js" >), ASCII text,
with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\182349\l
|
SysEx File - Harmony
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Cause
|
SysEx File - Harmony
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Coral
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Correlation
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Edges
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Provision
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Res
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Shopper
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Sp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Sunset
|
ASCII text, with very long lines (409), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Sunset.bat (copy)
|
ASCII text, with very long lines (409), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Wearing
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Zinc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\TradeOptimize Dynamics\z
|
SysEx File - Harmony
|
dropped
|
There are 9 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c move Sunset Sunset.bat & Sunset.bat
|
|
|
|
C:\Windows\SysWOW64\findstr.exe
|
findstr /I "wrsa opssvc"
|
|
|
|
C:\Windows\SysWOW64\findstr.exe
|
findstr /I "avastui avgui bdservicehost nswscsvc sophoshealth"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /c md 182349
|
|
|
|
C:\Windows\SysWOW64\findstr.exe
|
findstr /V "RefundAlienConservativeChapters" Coral
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /c copy /b ..\Cause + ..\Shopper + ..\Edges + ..\Zinc + ..\Correlation + ..\Wearing + ..\Provision + ..\Res l
|
|
|
|
C:\Users\user\AppData\Local\Temp\182349\Beginners.pif
|
Beginners.pif l
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /k echo [InternetShortcut] > "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TradeHub.url"
& echo URL="C:\Users\user\AppData\Local\TradeOptimize Dynamics\TradeHub.js" >> "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Startup\TradeHub.url" & exit
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Local\TradeOptimize Dynamics\TradeHub.js"
|
|
|
|
C:\Users\user\AppData\Local\TradeOptimize Dynamics\TradeHub.scr
|
"C:\Users\user\AppData\Local\TradeOptimize Dynamics\TradeHub.scr" "C:\Users\user\AppData\Local\TradeOptimize Dynamics\z"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\tasklist.exe
|
tasklist
|
||
|
C:\Windows\SysWOW64\tasklist.exe
|
tasklist
|
||
|
C:\Windows\SysWOW64\choice.exe
|
choice /d y /t 5
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 6 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.autoitscript.com/autoit3/J
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
https://www.autoitscript.com/autoit3/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bsQfWYzSEObgoEYPHvZYAafhPH.bsQfWYzSEObgoEYPHvZYAafhPH
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\wscript.exe
|
JScriptSetScriptStateStarted
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
33F1000
|
heap
|
page read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
86E000
|
heap
|
page read and write
|
||
|
86E000
|
heap
|
page read and write
|
||
|
2AC6000
|
heap
|
page read and write
|
||
|
84E000
|
heap
|
page read and write
|
||
|
87D000
|
heap
|
page read and write
|
||
|
4AE000
|
heap
|
page read and write
|
||
|
235111E0000
|
heap
|
page read and write
|
||
|
E0C000
|
heap
|
page read and write
|
||
|
E98000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
2410000
|
heap
|
page read and write
|
||
|
2DE6000
|
heap
|
page read and write
|
||
|
881000
|
heap
|
page read and write
|
||
|
615000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
3650000
|
heap
|
page read and write
|
||
|
2D9E000
|
stack
|
page read and write
|
||
|
4F4000
|
unkown
|
page readonly
|
||
|
85F000
|
heap
|
page read and write
|
||
|
12A4000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2DEC000
|
heap
|
page read and write
|
||
|
36A0000
|
trusted library allocation
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
B7F000
|
stack
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
12A6000
|
heap
|
page read and write
|
||
|
468000
|
heap
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
235111AE000
|
heap
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
37CC000
|
stack
|
page read and write
|
||
|
41F000
|
unkown
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
97F000
|
stack
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
36A0000
|
trusted library allocation
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
877000
|
heap
|
page read and write
|
||
|
4560000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
2DD9000
|
heap
|
page read and write
|
||
|
85A000
|
heap
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
2DD9000
|
heap
|
page read and write
|
||
|
34F0000
|
trusted library allocation
|
page read and write
|
||
|
A34000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
F57000
|
heap
|
page read and write
|
||
|
66B4AFE000
|
stack
|
page read and write
|
||
|
235111D3000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
85F000
|
heap
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
235111DA000
|
heap
|
page read and write
|
||
|
36A0000
|
trusted library allocation
|
page read and write
|
||
|
179000
|
unkown
|
page readonly
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
85A000
|
heap
|
page read and write
|
||
|
235111B5000
|
heap
|
page read and write
|
||
|
1284000
|
heap
|
page read and write
|
||
|
2D90000
|
heap
|
page read and write
|
||
|
E20000
|
unkown
|
page write copy
|
||
|
66B44FA000
|
stack
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
C34000
|
heap
|
page read and write
|
||
|
235111AF000
|
heap
|
page read and write
|
||
|
A34000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
235111E4000
|
heap
|
page read and write
|
||
|
368F000
|
stack
|
page read and write
|
||
|
331E000
|
stack
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
235111A8000
|
heap
|
page read and write
|
||
|
877000
|
heap
|
page read and write
|
||
|
235111A0000
|
heap
|
page read and write
|
||
|
255F000
|
stack
|
page read and write
|
||
|
E24000
|
unkown
|
page write copy
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
A34000
|
heap
|
page read and write
|
||
|
65E000
|
stack
|
page read and write
|
||
|
12C5000
|
heap
|
page read and write
|
||
|
40B000
|
unkown
|
page write copy
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
A34000
|
heap
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
439000
|
stack
|
page read and write
|
||
|
A34000
|
heap
|
page read and write
|
||
|
4AB000
|
heap
|
page read and write
|
||
|
3755000
|
trusted library allocation
|
page read and write
|
||
|
85F000
|
heap
|
page read and write
|
||
|
2B74000
|
heap
|
page read and write
|
||
|
87D000
|
heap
|
page read and write
|
||
|
1385000
|
heap
|
page read and write
|
||
|
3842000
|
trusted library allocation
|
page read and write
|
||
|
23511180000
|
heap
|
page read and write
|
||
|
2AC0000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
C73000
|
heap
|
page read and write
|
||
|
86E000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
33B8000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
B0F000
|
stack
|
page read and write
|
||
|
66B45FF000
|
stack
|
page read and write
|
||
|
E8F000
|
heap
|
page read and write
|
||
|
2ACC000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
30FD000
|
stack
|
page read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
75F000
|
stack
|
page read and write
|
||
|
2DE3000
|
heap
|
page read and write
|
||
|
12A4000
|
heap
|
page read and write
|
||
|
23EE000
|
stack
|
page read and write
|
||
|
36A0000
|
trusted library allocation
|
page read and write
|
||
|
235111CD000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
1BF0000
|
trusted library allocation
|
page read and write
|
||
|
2AC6000
|
heap
|
page read and write
|
||
|
2F7C000
|
stack
|
page read and write
|
||
|
2DA0000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
B14000
|
heap
|
page read and write
|
||
|
325C000
|
heap
|
page read and write
|
||
|
F03000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
17C000
|
stack
|
page read and write
|
||
|
235110F0000
|
heap
|
page read and write
|
||
|
2F14000
|
heap
|
page read and write
|
||
|
3250000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
DF0000
|
unkown
|
page readonly
|
||
|
84E000
|
heap
|
page read and write
|
||
|
66B48FF000
|
stack
|
page read and write
|
||
|
2AC0000
|
heap
|
page read and write
|
||
|
D1E000
|
heap
|
page read and write
|
||
|
235111E7000
|
heap
|
page read and write
|
||
|
877000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
4F4000
|
unkown
|
page readonly
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
358E000
|
stack
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
344F000
|
unkown
|
page read and write
|
||
|
2AC2000
|
heap
|
page read and write
|
||
|
85A000
|
heap
|
page read and write
|
||
|
B1000
|
unkown
|
page execute read
|
||
|
13B6000
|
heap
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
449E000
|
stack
|
page read and write
|
||
|
36A0000
|
trusted library allocation
|
page read and write
|
||
|
B14000
|
heap
|
page read and write
|
||
|
F16000
|
heap
|
page read and write
|
||
|
1BF0000
|
trusted library allocation
|
page read and write
|
||
|
E29000
|
unkown
|
page readonly
|
||
|
66B46FE000
|
stack
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
33B0000
|
heap
|
page read and write
|
||
|
2DEC000
|
heap
|
page read and write
|
||
|
B0F000
|
stack
|
page read and write
|
||
|
36A0000
|
trusted library allocation
|
page read and write
|
||
|
D60000
|
unkown
|
page readonly
|
||
|
22EE000
|
stack
|
page read and write
|
||
|
85A000
|
heap
|
page read and write
|
||
|
321E000
|
stack
|
page read and write
|
||
|
4AE000
|
heap
|
page read and write
|
||
|
A34000
|
heap
|
page read and write
|
||
|
9EE000
|
stack
|
page read and write
|
||
|
235111A9000
|
heap
|
page read and write
|
||
|
85F000
|
heap
|
page read and write
|
||
|
1BF0000
|
trusted library allocation
|
page read and write
|
||
|
49F000
|
heap
|
page read and write
|
||
|
85F000
|
heap
|
page read and write
|
||
|
134A000
|
heap
|
page read and write
|
||
|
164A000
|
heap
|
page read and write
|
||
|
86E000
|
heap
|
page read and write
|
||
|
455F000
|
stack
|
page read and write
|
||
|
A34000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
A34000
|
heap
|
page read and write
|
||
|
496F000
|
stack
|
page read and write
|
||
|
235111EE000
|
heap
|
page read and write
|
||
|
1BF0000
|
trusted library allocation
|
page read and write
|
||
|
26D0000
|
heap
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
57C000
|
stack
|
page read and write
|
||
|
84E000
|
heap
|
page read and write
|
||
|
44DF000
|
stack
|
page read and write
|
||
|
235111E0000
|
heap
|
page read and write
|
||
|
75E000
|
stack
|
page read and write
|
||
|
A3A000
|
stack
|
page read and write
|
||
|
875000
|
heap
|
page read and write
|
||
|
4AE000
|
heap
|
page read and write
|
||
|
66B49FE000
|
stack
|
page read and write
|
||
|
47F000
|
heap
|
page read and write
|
||
|
66B4CFE000
|
stack
|
page read and write
|
||
|
A34000
|
heap
|
page read and write
|
||
|
235111D1000
|
heap
|
page read and write
|
||
|
15D9000
|
heap
|
page read and write
|
||
|
B4E000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4AA000
|
heap
|
page read and write
|
||
|
36A0000
|
trusted library allocation
|
page read and write
|
||
|
83C000
|
stack
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
36A0000
|
trusted library allocation
|
page read and write
|
||
|
1268000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
235111D3000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
3662000
|
heap
|
page read and write
|
||
|
33AE000
|
stack
|
page read and write
|
||
|
140000
|
unkown
|
page readonly
|
||
|
1BF0000
|
trusted library allocation
|
page read and write
|
||
|
86E000
|
heap
|
page read and write
|
||
|
85F000
|
heap
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
1BF0000
|
trusted library allocation
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
3B10000
|
heap
|
page read and write
|
||
|
36CC000
|
stack
|
page read and write
|
||
|
85A000
|
heap
|
page read and write
|
||
|
166000
|
unkown
|
page readonly
|
||
|
818000
|
heap
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
85F000
|
heap
|
page read and write
|
||
|
899000
|
heap
|
page read and write
|
||
|
6DE000
|
stack
|
page read and write
|
||
|
235111DB000
|
heap
|
page read and write
|
||
|
2DE2000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
23511545000
|
heap
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
2DEC000
|
heap
|
page read and write
|
||
|
1BF0000
|
trusted library allocation
|
page read and write
|
||
|
461000
|
unkown
|
page read and write
|
||
|
150D000
|
heap
|
page read and write
|
||
|
23512FA0000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
D61000
|
unkown
|
page execute read
|
||
|
B14000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
483000
|
heap
|
page read and write
|
||
|
E93000
|
heap
|
page read and write
|
||
|
4AE000
|
heap
|
page read and write
|
||
|
59E000
|
stack
|
page read and write
|
||
|
85F000
|
heap
|
page read and write
|
||
|
2AC0000
|
heap
|
page read and write
|
||
|
B14000
|
heap
|
page read and write
|
||
|
85A000
|
heap
|
page read and write
|
||
|
86E000
|
heap
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
2D3D000
|
stack
|
page read and write
|
||
|
235111E7000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
E29000
|
unkown
|
page readonly
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
2F10000
|
heap
|
page read and write
|
||
|
235111BF000
|
heap
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
D60000
|
unkown
|
page readonly
|
||
|
85A000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
34EF000
|
stack
|
page read and write
|
||
|
B14000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
36A0000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
12A4000
|
heap
|
page read and write
|
||
|
84E000
|
heap
|
page read and write
|
||
|
235111AF000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
85A000
|
heap
|
page read and write
|
||
|
A34000
|
heap
|
page read and write
|
||
|
179000
|
unkown
|
page readonly
|
||
|
E16000
|
unkown
|
page readonly
|
||
|
1516000
|
heap
|
page read and write
|
||
|
235111DD000
|
heap
|
page read and write
|
||
|
7DE000
|
stack
|
page read and write
|
||
|
2ACF000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
81E000
|
heap
|
page read and write
|
||
|
C1C000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
235111CC000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
2AC9000
|
heap
|
page read and write
|
||
|
81D000
|
stack
|
page read and write
|
||
|
E20000
|
unkown
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
85F000
|
heap
|
page read and write
|
||
|
A34000
|
heap
|
page read and write
|
||
|
84E000
|
heap
|
page read and write
|
||
|
378D000
|
trusted library allocation
|
page read and write
|
||
|
2E27000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
170000
|
unkown
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
2351119C000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
899000
|
heap
|
page read and write
|
||
|
2E02000
|
heap
|
page read and write
|
||
|
E16000
|
unkown
|
page readonly
|
||
|
FBE000
|
heap
|
page read and write
|
||
|
86E000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
A2F000
|
stack
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
D5E000
|
heap
|
page read and write
|
||
|
36A0000
|
trusted library allocation
|
page read and write
|
||
|
84E000
|
heap
|
page read and write
|
||
|
235111E0000
|
heap
|
page read and write
|
||
|
A34000
|
heap
|
page read and write
|
||
|
B14000
|
heap
|
page read and write
|
||
|
5BC000
|
stack
|
page read and write
|
||
|
A34000
|
heap
|
page read and write
|
||
|
84E000
|
heap
|
page read and write
|
||
|
877000
|
heap
|
page read and write
|
||
|
235111BE000
|
heap
|
page read and write
|
||
|
1BF0000
|
trusted library allocation
|
page read and write
|
||
|
881000
|
heap
|
page read and write
|
||
|
DF0000
|
unkown
|
page readonly
|
||
|
1BF0000
|
trusted library allocation
|
page read and write
|
||
|
877000
|
heap
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
A88000
|
heap
|
page read and write
|
||
|
23512C50000
|
heap
|
page read and write
|
||
|
235111D1000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
B1000
|
unkown
|
page execute read
|
||
|
26E0000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
36A0000
|
trusted library allocation
|
page read and write
|
||
|
235111D3000
|
heap
|
page read and write
|
||
|
2AC0000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
140000
|
unkown
|
page readonly
|
||
|
235111D1000
|
heap
|
page read and write
|
||
|
1BC000
|
stack
|
page read and write
|
||
|
877000
|
heap
|
page read and write
|
||
|
1BF0000
|
trusted library allocation
|
page read and write
|
||
|
235111A0000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
4970000
|
heap
|
page read and write
|
||
|
86E000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
2415000
|
heap
|
page read and write
|
||
|
7FF000
|
stack
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
4A9000
|
heap
|
page read and write
|
||
|
36A0000
|
trusted library allocation
|
page read and write
|
||
|
B0000
|
unkown
|
page readonly
|
||
|
451E000
|
stack
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
245E000
|
stack
|
page read and write
|
||
|
84E000
|
heap
|
page read and write
|
||
|
71E000
|
stack
|
page read and write
|
||
|
123C000
|
stack
|
page read and write
|
||
|
B14000
|
heap
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
23511540000
|
heap
|
page read and write
|
||
|
85F000
|
heap
|
page read and write
|
||
|
3642000
|
heap
|
page read and write
|
||
|
B8F000
|
stack
|
page read and write
|
||
|
85A000
|
heap
|
page read and write
|
||
|
49B000
|
heap
|
page read and write
|
||
|
235111E3000
|
heap
|
page read and write
|
||
|
A34000
|
heap
|
page read and write
|
||
|
2DC2000
|
heap
|
page read and write
|
||
|
40B000
|
unkown
|
page read and write
|
||
|
D41000
|
heap
|
page read and write
|
||
|
3763000
|
trusted library allocation
|
page read and write
|
||
|
2ACF000
|
heap
|
page read and write
|
||
|
36A0000
|
heap
|
page read and write
|
||
|
235111D3000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
2F29000
|
heap
|
page read and write
|
||
|
B14000
|
heap
|
page read and write
|
||
|
49B000
|
heap
|
page read and write
|
||
|
2DBE000
|
heap
|
page read and write
|
||
|
2DD9000
|
heap
|
page read and write
|
||
|
1BF0000
|
trusted library allocation
|
page read and write
|
||
|
A0F000
|
stack
|
page read and write
|
||
|
4590000
|
heap
|
page read and write
|
||
|
86E000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
877000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
BF8000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
235111CD000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
84E000
|
heap
|
page read and write
|
||
|
86E000
|
heap
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
1537000
|
heap
|
page read and write
|
||
|
458000
|
heap
|
page read and write
|
||
|
335F000
|
stack
|
page read and write
|
||
|
85F000
|
heap
|
page read and write
|
||
|
877000
|
heap
|
page read and write
|
||
|
36A0000
|
trusted library allocation
|
page read and write
|
||
|
1C40000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
79E000
|
stack
|
page read and write
|
||
|
3850000
|
trusted library allocation
|
page read and write
|
||
|
1BF0000
|
trusted library allocation
|
page read and write
|
||
|
D61000
|
unkown
|
page execute read
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
235110D0000
|
heap
|
page read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
235111E7000
|
heap
|
page read and write
|
||
|
86E000
|
heap
|
page read and write
|
||
|
121D000
|
stack
|
page read and write
|
||
|
235111B4000
|
heap
|
page read and write
|
||
|
2DA8000
|
heap
|
page read and write
|
||
|
2580000
|
heap
|
page read and write
|
||
|
877000
|
heap
|
page read and write
|
||
|
11FE000
|
stack
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
235111E7000
|
heap
|
page read and write
|
||
|
36A0000
|
trusted library allocation
|
page read and write
|
||
|
ACE000
|
stack
|
page read and write
|
||
|
F26000
|
heap
|
page read and write
|
||
|
2DEC000
|
heap
|
page read and write
|
||
|
85A000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
235110C0000
|
heap
|
page read and write
|
||
|
460000
|
heap
|
page read and write
|
||
|
47F000
|
heap
|
page read and write
|
||
|
B0000
|
unkown
|
page readonly
|
||
|
235111DF000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
31D0000
|
heap
|
page read and write
|
||
|
A34000
|
heap
|
page read and write
|
||
|
23511188000
|
heap
|
page read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
1511000
|
heap
|
page read and write
|
||
|
85A000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
A34000
|
heap
|
page read and write
|
||
|
2DFE000
|
unkown
|
page read and write
|
||
|
2DE5000
|
heap
|
page read and write
|
||
|
2F3C000
|
stack
|
page read and write
|
||
|
874000
|
heap
|
page read and write
|
||
|
84E000
|
heap
|
page read and write
|
||
|
3640000
|
heap
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
C44000
|
heap
|
page read and write
|
||
|
49E000
|
heap
|
page read and write
|
||
|
5C5000
|
heap
|
page read and write
|
||
|
2774000
|
heap
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
84B000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1BF0000
|
heap
|
page read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
985000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
2351154C000
|
heap
|
page read and write
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
3650000
|
heap
|
page read and write
|
||
|
85F000
|
heap
|
page read and write
|
||
|
354F000
|
stack
|
page read and write
|
||
|
120D000
|
stack
|
page read and write
|
||
|
80F000
|
stack
|
page read and write
|
||
|
235111B5000
|
heap
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
F7D000
|
heap
|
page read and write
|
||
|
170000
|
unkown
|
page write copy
|
||
|
3B11000
|
heap
|
page read and write
|
||
|
86E000
|
heap
|
page read and write
|
||
|
2ACD000
|
heap
|
page read and write
|
||
|
235111D1000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
174000
|
unkown
|
page write copy
|
||
|
49B000
|
heap
|
page read and write
|
||
|
66B4BFE000
|
stack
|
page read and write
|
||
|
13DE000
|
heap
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
235111D7000
|
heap
|
page read and write
|
||
|
2B81000
|
heap
|
page read and write
|
||
|
49B000
|
heap
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
C52000
|
heap
|
page read and write
|
||
|
A34000
|
heap
|
page read and write
|
||
|
166000
|
unkown
|
page readonly
|
||
|
2770000
|
heap
|
page read and write
|
||
|
877000
|
heap
|
page read and write
|
||
|
4A8000
|
heap
|
page read and write
|
||
|
4990000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
There are 513 hidden memdumps, click here to show them.