Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
PROFORMA FATURA.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\PROFORMA FATURA.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmpAB7A.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\GvgUQlbRIXOe.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\GvgUQlbRIXOe.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\GvgUQlbRIXOe.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3e0sehfq.oqt.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_afmzpfvl.yoc.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bc1nzdf0.2dh.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mzk50qgb.gmp.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nl20zavh.ruo.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_rafy1dfb.xgx.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_sozpsjhb.ot2.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_v1drupbt.qiz.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpBA20.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\PROFORMA FATURA.exe
|
"C:\Users\user\Desktop\PROFORMA FATURA.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\PROFORMA
FATURA.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\GvgUQlbRIXOe.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\GvgUQlbRIXOe" /XML "C:\Users\user\AppData\Local\Temp\tmpAB7A.tmp"
|
|
|
|
C:\Users\user\Desktop\PROFORMA FATURA.exe
|
"C:\Users\user\Desktop\PROFORMA FATURA.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\GvgUQlbRIXOe.exe
|
C:\Users\user\AppData\Roaming\GvgUQlbRIXOe.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\GvgUQlbRIXOe" /XML "C:\Users\user\AppData\Local\Temp\tmpBA20.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\GvgUQlbRIXOe.exe
|
"C:\Users\user\AppData\Roaming\GvgUQlbRIXOe.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://zqamcx.com
|
unknown
|
|
|
|
https://account.dyn.com/
|
unknown
|
||
|
http://r11.o.lencr.org0#
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://www.chiark.greenend.org.uk/~sgtatham/putty/0
|
unknown
|
||
|
http://r11.i.lencr.org/0#
|
unknown
|
||
|
http://x1.c.lencr.org/0
|
unknown
|
||
|
http://x1.i.lencr.org/0
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
zqamcx.com
|
78.110.166.82
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
78.110.166.82
|
zqamcx.com
|
United Kingdom
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4BEB000
|
trusted library allocation
|
page read and write
|
|
|
|
2C1E000
|
trusted library allocation
|
page read and write
|
|
|
|
2BD1000
|
trusted library allocation
|
page read and write
|
|
|
|
2881000
|
trusted library allocation
|
page read and write
|
|
|
|
2C48000
|
trusted library allocation
|
page read and write
|
|
|
|
28CE000
|
trusted library allocation
|
page read and write
|
|
|
|
4A7A000
|
trusted library allocation
|
page read and write
|
|
|
|
28F8000
|
trusted library allocation
|
page read and write
|
|
|
|
117E000
|
stack
|
page read and write
|
||
|
10A0000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
D00000
|
trusted library allocation
|
page read and write
|
||
|
5210000
|
heap
|
page read and write
|
||
|
1186000
|
heap
|
page read and write
|
||
|
6840000
|
heap
|
page read and write
|
||
|
D47E000
|
stack
|
page read and write
|
||
|
291A000
|
stack
|
page read and write
|
||
|
2870000
|
heap
|
page read and write
|
||
|
2BA3000
|
trusted library allocation
|
page execute and read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
EF7000
|
stack
|
page read and write
|
||
|
6598000
|
trusted library allocation
|
page read and write
|
||
|
162E000
|
stack
|
page read and write
|
||
|
15B2000
|
trusted library allocation
|
page read and write
|
||
|
4B0D000
|
trusted library allocation
|
page read and write
|
||
|
634E000
|
stack
|
page read and write
|
||
|
60AF000
|
stack
|
page read and write
|
||
|
403000
|
remote allocation
|
page execute and read and write
|
||
|
10F7000
|
stack
|
page read and write
|
||
|
5410000
|
heap
|
page read and write
|
||
|
6590000
|
trusted library allocation
|
page read and write
|
||
|
6328000
|
heap
|
page read and write
|
||
|
12EE000
|
stack
|
page read and write
|
||
|
42F000
|
remote allocation
|
page execute and read and write
|
||
|
DA3E000
|
stack
|
page read and write
|
||
|
1084000
|
trusted library allocation
|
page read and write
|
||
|
57C6000
|
trusted library allocation
|
page read and write
|
||
|
2F67000
|
trusted library allocation
|
page read and write
|
||
|
2BAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
F68000
|
heap
|
page read and write
|
||
|
55FF000
|
trusted library section
|
page readonly
|
||
|
50DD000
|
trusted library allocation
|
page read and write
|
||
|
53A0000
|
trusted library allocation
|
page read and write
|
||
|
2E7B000
|
trusted library allocation
|
page read and write
|
||
|
1061000
|
heap
|
page read and write
|
||
|
2D3A000
|
trusted library allocation
|
page read and write
|
||
|
5880000
|
heap
|
page read and write
|
||
|
402000
|
remote allocation
|
page execute and read and write
|
||
|
D87C000
|
stack
|
page read and write
|
||
|
5615000
|
heap
|
page read and write
|
||
|
2700000
|
trusted library allocation
|
page read and write
|
||
|
1083000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B8B000
|
trusted library allocation
|
page read and write
|
||
|
7220000
|
trusted library allocation
|
page read and write
|
||
|
53B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
15C0000
|
trusted library allocation
|
page read and write
|
||
|
F99000
|
heap
|
page read and write
|
||
|
D61E000
|
stack
|
page read and write
|
||
|
F8B000
|
heap
|
page read and write
|
||
|
2E91000
|
trusted library allocation
|
page read and write
|
||
|
57A6000
|
trusted library allocation
|
page read and write
|
||
|
10A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
431000
|
remote allocation
|
page execute and read and write
|
||
|
D7FD000
|
stack
|
page read and write
|
||
|
62B0000
|
heap
|
page read and write
|
||
|
658F000
|
stack
|
page read and write
|
||
|
52AC000
|
stack
|
page read and write
|
||
|
50BE000
|
trusted library allocation
|
page read and write
|
||
|
FF7000
|
heap
|
page read and write
|
||
|
430000
|
remote allocation
|
page execute and read and write
|
||
|
5740000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BB3000
|
trusted library allocation
|
page read and write
|
||
|
5595000
|
heap
|
page read and write
|
||
|
D3B000
|
trusted library allocation
|
page execute and read and write
|
||
|
132D000
|
stack
|
page read and write
|
||
|
2E9D000
|
trusted library allocation
|
page read and write
|
||
|
2820000
|
trusted library allocation
|
page read and write
|
||
|
2A50000
|
heap
|
page read and write
|
||
|
1090000
|
trusted library allocation
|
page read and write
|
||
|
62B8000
|
heap
|
page read and write
|
||
|
2C8E000
|
trusted library allocation
|
page read and write
|
||
|
2CB0000
|
heap
|
page execute and read and write
|
||
|
50BB000
|
trusted library allocation
|
page read and write
|
||
|
DF4E000
|
stack
|
page read and write
|
||
|
10E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
780E000
|
stack
|
page read and write
|
||
|
D35000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EB0000
|
trusted library allocation
|
page read and write
|
||
|
50D1000
|
trusted library allocation
|
page read and write
|
||
|
1430000
|
trusted library allocation
|
page read and write
|
||
|
15A0000
|
trusted library allocation
|
page read and write
|
||
|
6FA000
|
stack
|
page read and write
|
||
|
41C000
|
remote allocation
|
page execute and read and write
|
||
|
29DF000
|
stack
|
page read and write
|
||
|
68A0000
|
heap
|
page read and write
|
||
|
2E8E000
|
trusted library allocation
|
page read and write
|
||
|
5760000
|
heap
|
page execute and read and write
|
||
|
10BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BC6000
|
trusted library allocation
|
page execute and read and write
|
||
|
2852000
|
trusted library allocation
|
page read and write
|
||
|
B25000
|
heap
|
page read and write
|
||
|
1118000
|
heap
|
page read and write
|
||
|
7F8F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
28E8000
|
trusted library allocation
|
page read and write
|
||
|
D04000
|
trusted library allocation
|
page read and write
|
||
|
D50000
|
trusted library allocation
|
page read and write
|
||
|
D10000
|
trusted library allocation
|
page read and write
|
||
|
29CE000
|
unkown
|
page read and write
|
||
|
DBFF000
|
stack
|
page read and write
|
||
|
1016000
|
heap
|
page read and write
|
||
|
644E000
|
stack
|
page read and write
|
||
|
7A4E000
|
stack
|
page read and write
|
||
|
2D3F000
|
trusted library allocation
|
page read and write
|
||
|
40B000
|
remote allocation
|
page execute and read and write
|
||
|
B28000
|
unkown
|
page readonly
|
||
|
6252000
|
heap
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
2C59000
|
trusted library allocation
|
page read and write
|
||
|
5610000
|
heap
|
page read and write
|
||
|
600E000
|
stack
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
FFB000
|
heap
|
page read and write
|
||
|
65A0000
|
trusted library allocation
|
page read and write
|
||
|
2E96000
|
trusted library allocation
|
page read and write
|
||
|
73E1000
|
trusted library allocation
|
page read and write
|
||
|
119C000
|
stack
|
page read and write
|
||
|
2BCA000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D27000
|
trusted library allocation
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
4A8F000
|
trusted library allocation
|
page read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
4E60000
|
trusted library allocation
|
page read and write
|
||
|
267A000
|
stack
|
page read and write
|
||
|
F7E000
|
heap
|
page read and write
|
||
|
5E8E000
|
stack
|
page read and write
|
||
|
38EA000
|
trusted library allocation
|
page read and write
|
||
|
406A000
|
trusted library allocation
|
page read and write
|
||
|
1080000
|
trusted library allocation
|
page read and write
|
||
|
7F9000
|
stack
|
page read and write
|
||
|
319A000
|
trusted library allocation
|
page read and write
|
||
|
2980000
|
heap
|
page read and write
|
||
|
1156000
|
heap
|
page read and write
|
||
|
2ECF000
|
stack
|
page read and write
|
||
|
E1E000
|
stack
|
page read and write
|
||
|
7209000
|
trusted library allocation
|
page read and write
|
||
|
1090000
|
trusted library allocation
|
page read and write
|
||
|
61CE000
|
stack
|
page read and write
|
||
|
D3A0000
|
heap
|
page read and write
|
||
|
296C000
|
trusted library allocation
|
page read and write
|
||
|
15B0000
|
trusted library allocation
|
page read and write
|
||
|
41D000
|
remote allocation
|
page execute and read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
2C7C000
|
stack
|
page read and write
|
||
|
284D000
|
trusted library allocation
|
page read and write
|
||
|
3251000
|
trusted library allocation
|
page read and write
|
||
|
2C35000
|
trusted library allocation
|
page read and write
|
||
|
FB2000
|
heap
|
page read and write
|
||
|
67ED000
|
stack
|
page read and write
|
||
|
5325000
|
trusted library allocation
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
15CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7150000
|
heap
|
page read and write
|
||
|
38A9000
|
trusted library allocation
|
page read and write
|
||
|
282B000
|
trusted library allocation
|
page read and write
|
||
|
D4DD000
|
stack
|
page read and write
|
||
|
D26000
|
trusted library allocation
|
page execute and read and write
|
||
|
437000
|
remote allocation
|
page execute and read and write
|
||
|
2846000
|
trusted library allocation
|
page read and write
|
||
|
2E60000
|
heap
|
page read and write
|
||
|
7825000
|
heap
|
page read and write
|
||
|
11D4000
|
trusted library allocation
|
page read and write
|
||
|
52EE000
|
trusted library allocation
|
page read and write
|
||
|
5990000
|
heap
|
page read and write
|
||
|
1013000
|
heap
|
page read and write
|
||
|
BBA000
|
stack
|
page read and write
|
||
|
53EE000
|
stack
|
page read and write
|
||
|
2E50000
|
trusted library allocation
|
page read and write
|
||
|
5008000
|
trusted library allocation
|
page read and write
|
||
|
53A2000
|
trusted library allocation
|
page read and write
|
||
|
D6C0000
|
heap
|
page read and write
|
||
|
4A11000
|
trusted library allocation
|
page read and write
|
||
|
7FDF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B02000
|
trusted library allocation
|
page read and write
|
||
|
4EC3000
|
heap
|
page read and write
|
||
|
D11E000
|
stack
|
page read and write
|
||
|
2CBC000
|
trusted library allocation
|
page read and write
|
||
|
4F60000
|
heap
|
page execute and read and write
|
||
|
62F2000
|
heap
|
page read and write
|
||
|
26A0000
|
heap
|
page read and write
|
||
|
2C44000
|
trusted library allocation
|
page read and write
|
||
|
2CCB000
|
trusted library allocation
|
page read and write
|
||
|
5110000
|
heap
|
page execute and read and write
|
||
|
490A000
|
trusted library allocation
|
page read and write
|
||
|
263D000
|
stack
|
page read and write
|
||
|
4F50000
|
trusted library allocation
|
page read and write
|
||
|
4888000
|
trusted library allocation
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
5B10000
|
trusted library allocation
|
page read and write
|
||
|
291E000
|
unkown
|
page read and write
|
||
|
439000
|
remote allocation
|
page execute and read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
D5DE000
|
stack
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
D20000
|
trusted library allocation
|
page read and write
|
||
|
D32000
|
trusted library allocation
|
page read and write
|
||
|
DE0C000
|
stack
|
page read and write
|
||
|
1290000
|
trusted library allocation
|
page read and write
|
||
|
2BA0000
|
trusted library allocation
|
page read and write
|
||
|
52D0000
|
trusted library allocation
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
2996000
|
trusted library allocation
|
page read and write
|
||
|
66AE000
|
stack
|
page read and write
|
||
|
3C62000
|
trusted library allocation
|
page read and write
|
||
|
729E000
|
stack
|
page read and write
|
||
|
41F000
|
remote allocation
|
page execute and read and write
|
||
|
32BE000
|
trusted library allocation
|
page read and write
|
||
|
5D56000
|
trusted library allocation
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
29E4000
|
trusted library allocation
|
page read and write
|
||
|
142F000
|
stack
|
page read and write
|
||
|
41B000
|
remote allocation
|
page execute and read and write
|
||
|
67F0000
|
trusted library allocation
|
page read and write
|
||
|
28DD000
|
stack
|
page read and write
|
||
|
2C9B000
|
trusted library allocation
|
page read and write
|
||
|
2979000
|
trusted library allocation
|
page read and write
|
||
|
D6BD000
|
stack
|
page read and write
|
||
|
2D90000
|
heap
|
page read and write
|
||
|
29EF000
|
trusted library allocation
|
page read and write
|
||
|
11D0000
|
trusted library allocation
|
page read and write
|
||
|
75BE000
|
stack
|
page read and write
|
||
|
52FD000
|
trusted library allocation
|
page read and write
|
||
|
5302000
|
trusted library allocation
|
page read and write
|
||
|
5B0E000
|
trusted library allocation
|
page read and write
|
||
|
3BD1000
|
trusted library allocation
|
page read and write
|
||
|
D1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
F96000
|
heap
|
page read and write
|
||
|
5310000
|
trusted library allocation
|
page read and write
|
||
|
7810000
|
heap
|
page read and write
|
||
|
5542000
|
trusted library allocation
|
page read and write
|
||
|
3001000
|
trusted library allocation
|
page read and write
|
||
|
1647000
|
heap
|
page read and write
|
||
|
794E000
|
stack
|
page read and write
|
||
|
60F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C40000
|
trusted library allocation
|
page read and write
|
||
|
5750000
|
heap
|
page read and write
|
||
|
1640000
|
heap
|
page read and write
|
||
|
6100000
|
trusted library allocation
|
page read and write
|
||
|
2E91000
|
trusted library allocation
|
page read and write
|
||
|
6860000
|
trusted library allocation
|
page execute and read and write
|
||
|
15BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
2866000
|
trusted library allocation
|
page read and write
|
||
|
739F000
|
stack
|
page read and write
|
||
|
15E0000
|
trusted library allocation
|
page read and write
|
||
|
2909000
|
trusted library allocation
|
page read and write
|
||
|
A62000
|
unkown
|
page readonly
|
||
|
3C39000
|
trusted library allocation
|
page read and write
|
||
|
5530000
|
heap
|
page read and write
|
||
|
282E000
|
trusted library allocation
|
page read and write
|
||
|
6800000
|
trusted library allocation
|
page read and write
|
||
|
4D6E000
|
stack
|
page read and write
|
||
|
108D000
|
trusted library allocation
|
page execute and read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
4F70000
|
heap
|
page read and write
|
||
|
1580000
|
heap
|
page read and write
|
||
|
10B0000
|
trusted library allocation
|
page read and write
|
||
|
15C2000
|
trusted library allocation
|
page read and write
|
||
|
29EA000
|
trusted library allocation
|
page read and write
|
||
|
DAFE000
|
stack
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
6210000
|
heap
|
page read and write
|
||
|
159E000
|
stack
|
page read and write
|
||
|
F1F000
|
stack
|
page read and write
|
||
|
BF5000
|
heap
|
page read and write
|
||
|
4F40000
|
trusted library allocation
|
page read and write
|
||
|
70DE000
|
heap
|
page read and write
|
||
|
2C50000
|
trusted library allocation
|
page read and write
|
||
|
5400000
|
trusted library section
|
page readonly
|
||
|
7200000
|
trusted library allocation
|
page read and write
|
||
|
770E000
|
stack
|
page read and write
|
||
|
51E0000
|
trusted library allocation
|
page read and write
|
||
|
D71F000
|
stack
|
page read and write
|
||
|
75FE000
|
stack
|
page read and write
|
||
|
4F5C000
|
trusted library allocation
|
page read and write
|
||
|
F5E000
|
stack
|
page read and write
|
||
|
5EA0000
|
trusted library allocation
|
page read and write
|
||
|
2D80000
|
heap
|
page read and write
|
||
|
29FD000
|
trusted library allocation
|
page read and write
|
||
|
D01E000
|
stack
|
page read and write
|
||
|
15B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
D57E000
|
stack
|
page read and write
|
||
|
299E000
|
stack
|
page read and write
|
||
|
D6D1000
|
heap
|
page read and write
|
||
|
149E000
|
stack
|
page read and write
|
||
|
2BC2000
|
trusted library allocation
|
page read and write
|
||
|
2C80000
|
heap
|
page read and write
|
||
|
DD0C000
|
stack
|
page read and write
|
||
|
D0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5430000
|
heap
|
page read and write
|
||
|
5540000
|
trusted library allocation
|
page read and write
|
||
|
5D60000
|
trusted library allocation
|
page execute and read and write
|
||
|
65AE000
|
stack
|
page read and write
|
||
|
648E000
|
stack
|
page read and write
|
||
|
4EBC000
|
stack
|
page read and write
|
||
|
AF8000
|
heap
|
page read and write
|
||
|
5B00000
|
trusted library allocation
|
page read and write
|
||
|
D97C000
|
stack
|
page read and write
|
||
|
5730000
|
heap
|
page read and write
|
||
|
6810000
|
trusted library allocation
|
page read and write
|
||
|
6890000
|
heap
|
page read and write
|
||
|
D43E000
|
stack
|
page read and write
|
||
|
D22000
|
trusted library allocation
|
page read and write
|
||
|
CF9000
|
stack
|
page read and write
|
||
|
2710000
|
heap
|
page read and write
|
||
|
598D000
|
stack
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
D9E000
|
stack
|
page read and write
|
||
|
5E90000
|
trusted library allocation
|
page execute and read and write
|
||
|
102E000
|
heap
|
page read and write
|
||
|
2B8F000
|
stack
|
page read and write
|
||
|
58DE000
|
heap
|
page read and write
|
||
|
620E000
|
stack
|
page read and write
|
||
|
297B000
|
trusted library allocation
|
page read and write
|
||
|
5590000
|
heap
|
page read and write
|
||
|
B23000
|
heap
|
page read and write
|
||
|
29D0000
|
heap
|
page read and write
|
||
|
7165000
|
heap
|
page read and write
|
||
|
D15E000
|
stack
|
page read and write
|
||
|
1443000
|
trusted library allocation
|
page execute and read and write
|
||
|
5D50000
|
trusted library allocation
|
page read and write
|
||
|
D9BD000
|
stack
|
page read and write
|
||
|
15AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
58D0000
|
heap
|
page read and write
|
||
|
AE5000
|
heap
|
page read and write
|
||
|
75A2000
|
trusted library allocation
|
page read and write
|
||
|
67F8000
|
trusted library allocation
|
page read and write
|
||
|
2B90000
|
trusted library allocation
|
page read and write
|
||
|
1009000
|
heap
|
page read and write
|
||
|
618F000
|
stack
|
page read and write
|
||
|
65E0000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
4001000
|
trusted library allocation
|
page read and write
|
||
|
57C0000
|
trusted library allocation
|
page read and write
|
||
|
AAE000
|
stack
|
page read and write
|
||
|
D25E000
|
stack
|
page read and write
|
||
|
4BD8000
|
trusted library allocation
|
page read and write
|
||
|
2BB0000
|
trusted library allocation
|
page read and write
|
||
|
2900000
|
trusted library allocation
|
page read and write
|
||
|
7485000
|
trusted library allocation
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
2CC8000
|
trusted library allocation
|
page read and write
|
||
|
D29D000
|
stack
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
2C1C000
|
trusted library allocation
|
page read and write
|
||
|
5320000
|
trusted library allocation
|
page read and write
|
||
|
50C2000
|
trusted library allocation
|
page read and write
|
||
|
1100000
|
trusted library allocation
|
page read and write
|
||
|
4F48000
|
trusted library allocation
|
page read and write
|
||
|
2E30000
|
heap
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
2841000
|
trusted library allocation
|
page read and write
|
||
|
29D7000
|
trusted library allocation
|
page read and write
|
||
|
1148000
|
heap
|
page read and write
|
||
|
608E000
|
stack
|
page read and write
|
||
|
2D49000
|
trusted library allocation
|
page read and write
|
||
|
50B6000
|
trusted library allocation
|
page read and write
|
||
|
2EC0000
|
trusted library allocation
|
page read and write
|
||
|
5E4E000
|
stack
|
page read and write
|
||
|
2E8E000
|
stack
|
page read and write
|
||
|
50CE000
|
trusted library allocation
|
page read and write
|
||
|
2ED5000
|
trusted library allocation
|
page read and write
|
||
|
D37000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BC0000
|
heap
|
page execute and read and write
|
||
|
294B000
|
trusted library allocation
|
page read and write
|
||
|
57B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
B68000
|
heap
|
page read and write
|
||
|
DE4E000
|
stack
|
page read and write
|
||
|
59A0000
|
heap
|
page read and write
|
||
|
4E5E000
|
stack
|
page read and write
|
||
|
15A3000
|
trusted library allocation
|
page read and write
|
||
|
5570000
|
trusted library allocation
|
page read and write
|
||
|
2D23000
|
trusted library allocation
|
page read and write
|
||
|
28F4000
|
trusted library allocation
|
page read and write
|
||
|
D39D000
|
stack
|
page read and write
|
||
|
2860000
|
trusted library allocation
|
page read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
55F0000
|
trusted library section
|
page readonly
|
||
|
26F0000
|
heap
|
page read and write
|
||
|
4712000
|
trusted library allocation
|
page read and write
|
||
|
122E000
|
stack
|
page read and write
|
||
|
283E000
|
trusted library allocation
|
page read and write
|
||
|
D2A000
|
trusted library allocation
|
page execute and read and write
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
515C000
|
stack
|
page read and write
|
||
|
52DB000
|
trusted library allocation
|
page read and write
|
||
|
10B5000
|
trusted library allocation
|
page execute and read and write
|
||
|
1450000
|
heap
|
page read and write
|
||
|
D93E000
|
stack
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
2D60000
|
trusted library allocation
|
page read and write
|
||
|
438000
|
remote allocation
|
page execute and read and write
|
||
|
144D000
|
trusted library allocation
|
page execute and read and write
|
||
|
54F0000
|
trusted library allocation
|
page read and write
|
||
|
4F8B000
|
stack
|
page read and write
|
||
|
704E000
|
stack
|
page read and write
|
||
|
FEB000
|
heap
|
page read and write
|
||
|
4009000
|
trusted library allocation
|
page read and write
|
||
|
DA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5390000
|
heap
|
page read and write
|
||
|
D17E000
|
stack
|
page read and write
|
||
|
109D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6218000
|
heap
|
page read and write
|
||
|
28F0000
|
trusted library allocation
|
page read and write
|
||
|
11C0000
|
trusted library allocation
|
page read and write
|
||
|
2D70000
|
trusted library allocation
|
page read and write
|
||
|
127F000
|
stack
|
page read and write
|
||
|
2D2F000
|
unkown
|
page read and write
|
||
|
73A0000
|
trusted library allocation
|
page read and write
|
||
|
7250000
|
trusted library allocation
|
page read and write
|
||
|
108C000
|
stack
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
2C38000
|
trusted library allocation
|
page read and write
|
||
|
5563000
|
heap
|
page read and write
|
||
|
1587000
|
heap
|
page read and write
|
||
|
57AC000
|
trusted library allocation
|
page read and write
|
||
|
3E99000
|
trusted library allocation
|
page read and write
|
||
|
EBD000
|
stack
|
page read and write
|
||
|
57A2000
|
trusted library allocation
|
page read and write
|
||
|
436000
|
remote allocation
|
page execute and read and write
|
||
|
5420000
|
heap
|
page read and write
|
||
|
10B2000
|
trusted library allocation
|
page read and write
|
||
|
519B000
|
stack
|
page read and write
|
||
|
7210000
|
trusted library allocation
|
page execute and read and write
|
||
|
1215000
|
heap
|
page read and write
|
||
|
5433000
|
heap
|
page read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
29D3000
|
trusted library allocation
|
page read and write
|
||
|
7260000
|
trusted library allocation
|
page read and write
|
||
|
4BAB000
|
trusted library allocation
|
page read and write
|
||
|
2864000
|
trusted library allocation
|
page read and write
|
||
|
50E2000
|
trusted library allocation
|
page read and write
|
||
|
D5BE000
|
stack
|
page read and write
|
||
|
28CC000
|
trusted library allocation
|
page read and write
|
||
|
2EA2000
|
trusted library allocation
|
page read and write
|
||
|
293E000
|
trusted library allocation
|
page read and write
|
||
|
435000
|
remote allocation
|
page execute and read and write
|
||
|
51E8000
|
trusted library allocation
|
page read and write
|
||
|
2CE6000
|
trusted library allocation
|
page read and write
|
||
|
70D0000
|
heap
|
page read and write
|
||
|
5550000
|
trusted library allocation
|
page execute and read and write
|
||
|
3260000
|
trusted library allocation
|
page read and write
|
||
|
2826000
|
trusted library allocation
|
page read and write
|
||
|
5510000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E2B000
|
stack
|
page read and write
|
||
|
2710000
|
heap
|
page execute and read and write
|
||
|
63EE000
|
stack
|
page read and write
|
||
|
30F0000
|
trusted library allocation
|
page read and write
|
||
|
115E000
|
stack
|
page read and write
|
||
|
CF0000
|
trusted library allocation
|
page read and write
|
||
|
2D4D000
|
trusted library allocation
|
page read and write
|
||
|
2C3E000
|
stack
|
page read and write
|
||
|
65B0000
|
trusted library allocation
|
page read and write
|
||
|
3881000
|
trusted library allocation
|
page read and write
|
||
|
2EB6000
|
trusted library allocation
|
page read and write
|
||
|
13EE000
|
stack
|
page read and write
|
||
|
5213000
|
heap
|
page read and write
|
||
|
50CA000
|
trusted library allocation
|
page read and write
|
||
|
5220000
|
heap
|
page read and write
|
||
|
5600000
|
heap
|
page read and write
|
||
|
D13E000
|
stack
|
page read and write
|
||
|
2BC0000
|
trusted library allocation
|
page read and write
|
||
|
DB7E000
|
stack
|
page read and write
|
||
|
2CA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
59D0000
|
trusted library section
|
page read and write
|
||
|
2D2F000
|
trusted library allocation
|
page read and write
|
||
|
5560000
|
heap
|
page read and write
|
||
|
2CC9000
|
trusted library allocation
|
page read and write
|
||
|
2EE0000
|
trusted library allocation
|
page read and write
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
5780000
|
heap
|
page read and write
|
||
|
5760000
|
heap
|
page read and write
|
||
|
281E000
|
stack
|
page read and write
|
||
|
B19000
|
heap
|
page read and write
|
||
|
2832000
|
trusted library allocation
|
page read and write
|
||
|
111E000
|
heap
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
7460000
|
trusted library allocation
|
page read and write
|
||
|
A60000
|
unkown
|
page readonly
|
||
|
283A000
|
trusted library allocation
|
page read and write
|
||
|
A080000
|
trusted library section
|
page read and write
|
||
|
295F000
|
unkown
|
page read and write
|
||
|
D8FF000
|
stack
|
page read and write
|
||
|
DA7E000
|
stack
|
page read and write
|
||
|
30D7000
|
trusted library allocation
|
page read and write
|
||
|
2ED0000
|
trusted library allocation
|
page read and write
|
||
|
11CB000
|
heap
|
page read and write
|
||
|
4992000
|
trusted library allocation
|
page read and write
|
||
|
714E000
|
stack
|
page read and write
|
||
|
DD5000
|
heap
|
page read and write
|
||
|
389F000
|
trusted library allocation
|
page read and write
|
||
|
10A2000
|
trusted library allocation
|
page read and write
|
||
|
560C000
|
stack
|
page read and write
|
||
|
2BD2000
|
trusted library allocation
|
page read and write
|
||
|
29DF000
|
trusted library allocation
|
page read and write
|
||
|
2D9A000
|
heap
|
page read and write
|
||
|
631A000
|
heap
|
page read and write
|
||
|
15C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
DABE000
|
stack
|
page read and write
|
||
|
52F6000
|
trusted library allocation
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
7470000
|
trusted library allocation
|
page execute and read and write
|
||
|
1440000
|
trusted library allocation
|
page read and write
|
||
|
574D000
|
stack
|
page read and write
|
||
|
3BF9000
|
trusted library allocation
|
page read and write
|
||
|
2D6E000
|
stack
|
page read and write
|
||
|
5620000
|
trusted library allocation
|
page execute and read and write
|
||
|
3913000
|
trusted library allocation
|
page read and write
|
||
|
2E70000
|
trusted library allocation
|
page read and write
|
||
|
4EC0000
|
heap
|
page read and write
|
||
|
64EE000
|
stack
|
page read and write
|
||
|
3308000
|
trusted library allocation
|
page read and write
|
||
|
555C000
|
stack
|
page read and write
|
||
|
6600000
|
trusted library allocation
|
page execute and read and write
|
||
|
604D000
|
stack
|
page read and write
|
||
|
57A0000
|
trusted library allocation
|
page read and write
|
||
|
5330000
|
trusted library allocation
|
page read and write
|
||
|
2EF0000
|
heap
|
page execute and read and write
|
||
|
7480000
|
trusted library allocation
|
page read and write
|
||
|
10AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
26E0000
|
heap
|
page read and write
|
||
|
1444000
|
trusted library allocation
|
page read and write
|
||
|
66EE000
|
stack
|
page read and write
|
||
|
2BDB000
|
trusted library allocation
|
page execute and read and write
|
||
|
D5A000
|
stack
|
page read and write
|
||
|
2BA4000
|
trusted library allocation
|
page read and write
|
||
|
53C0000
|
trusted library allocation
|
page read and write
|
||
|
1630000
|
trusted library allocation
|
page execute and read and write
|
||
|
5640000
|
heap
|
page execute and read and write
|
||
|
2EB4000
|
trusted library allocation
|
page read and write
|
||
|
5FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3EFA000
|
trusted library allocation
|
page read and write
|
||
|
52D4000
|
trusted library allocation
|
page read and write
|
||
|
60EE000
|
stack
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
D03000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A1E000
|
stack
|
page read and write
|
||
|
7225000
|
trusted library allocation
|
page read and write
|
||
|
54EE000
|
stack
|
page read and write
|
||
|
95A000
|
stack
|
page read and write
|
||
|
271B000
|
heap
|
page read and write
|
||
|
5DAD000
|
stack
|
page read and write
|
||
|
62AD000
|
stack
|
page read and write
|
||
|
2CE0000
|
heap
|
page read and write
|
||
|
53E0000
|
heap
|
page read and write
|
||
|
28E5000
|
trusted library allocation
|
page read and write
|
||
|
2BD7000
|
trusted library allocation
|
page execute and read and write
|
||
|
4882000
|
trusted library allocation
|
page read and write
|
||
|
B0D000
|
heap
|
page read and write
|
||
|
2FFF000
|
stack
|
page read and write
|
||
|
55EB000
|
stack
|
page read and write
|
||
|
26FE000
|
stack
|
page read and write
|
||
|
3E91000
|
trusted library allocation
|
page read and write
|
||
|
52F1000
|
trusted library allocation
|
page read and write
|
||
|
10B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A3B000
|
trusted library allocation
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
2D34000
|
trusted library allocation
|
page read and write
|
||
|
50D6000
|
trusted library allocation
|
page read and write
|
||
|
41E000
|
remote allocation
|
page execute and read and write
|
||
|
D33E000
|
stack
|
page read and write
|
There are 564 hidden memdumps, click here to show them.