Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
tsle.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_tsle.exe_355e8546985d9dcce4d61437496d879d61db39b_08b7ce8b_0885b6fd-cff6-4a46-b8da-29a518c74190\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2FE.tmp.dmp
|
Mini DuMP crash report, 14 streams, Thu Oct 17 09:21:03 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER502.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER522.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\MSBuild.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\tsle.exe
|
"C:\Users\user\Desktop\tsle.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 2748 -s 308
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
185.196.9.26:6302
|
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Text
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/sct
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/sc/dk
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
http://tempuri.org/Entity/Id23ResponseD
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#HexBinary
|
unknown
|
||
|
http://tempuri.org/Entity/Id12Response
|
unknown
|
||
|
http://tempuri.org/
|
unknown
|
||
|
http://tempuri.org/Entity/Id2Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/dk/p_sha1
|
unknown
|
||
|
http://tempuri.org/Entity/Id21Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/2005/02/trust/spnego#GSS_Wrap
|
unknown
|
||
|
http://tempuri.org/Entity/Id9
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID
|
unknown
|
||
|
http://tempuri.org/Entity/Id8
|
unknown
|
||
|
http://tempuri.org/Entity/Id5
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Prepare
|
unknown
|
||
|
http://tempuri.org/Entity/Id4
|
unknown
|
||
|
http://tempuri.org/Entity/Id7
|
unknown
|
||
|
http://tempuri.org/Entity/Id6
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust#BinarySecret
|
unknown
|
||
|
http://tempuri.org/Entity/Id19Response
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-rel-token-profile-1.0.pdf#license
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Aborted
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/TerminateSequence
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/fault
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey
|
unknown
|
||
|
http://tempuri.org/Entity/Id15Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Renew
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/Register
|
unknown
|
||
|
http://tempuri.org/Entity/Id6Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/SymmetricKey
|
unknown
|
||
|
https://api.ip.sb/ip
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/sc
|
unknown
|
||
|
http://tempuri.org/Entity/Id1ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Volatile2PC
|
unknown
|
||
|
http://www.entrust.net/rpa03
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id9Response
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://tempuri.org/Entity/Id20
|
unknown
|
||
|
http://tempuri.org/Entity/Id21
|
unknown
|
||
|
http://tempuri.org/Entity/Id22
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#Kerberosv5APREQSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id23
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/CK/PSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id24
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/Issue
|
unknown
|
||
|
http://tempuri.org/Entity/Id24Response
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
http://tempuri.org/Entity/Id1Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/AckRequested
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/ReadOnly
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Replay
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Durable2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/SymmetricKey
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Completion
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust
|
unknown
|
||
|
http://tempuri.org/Entity/Id10
|
unknown
|
||
|
http://tempuri.org/Entity/Id11
|
unknown
|
||
|
http://tempuri.org/Entity/Id12
|
unknown
|
||
|
http://tempuri.org/Entity/Id16Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContextResponse
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id13
|
unknown
|
||
|
http://tempuri.org/Entity/Id14
|
unknown
|
||
|
http://tempuri.org/Entity/Id15
|
unknown
|
||
|
http://tempuri.org/Entity/Id16
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Nonce
|
unknown
|
||
|
http://tempuri.org/Entity/Id17
|
unknown
|
||
|
http://tempuri.org/Entity/Id18
|
unknown
|
||
|
http://tempuri.org/Entity/Id5Response
|
unknown
|
||
|
http://crl.entrust.net/2048ca.crl0
|
unknown
|
||
|
http://tempuri.org/Entity/Id19
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dns
|
unknown
|
||
|
https://www.entrust.net/rpa0
|
unknown
|
||
|
http://tempuri.org/Entity/Id10Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Renew
|
unknown
|
||
|
http://tempuri.org/Entity/Id8Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/PublicKey
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
|
unknown
|
||
|
http://ocsp.entrust.net03
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID
|
unknown
|
||
|
http://ocsp.entrust.net02
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/SCT
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2006/02/addressingidentity
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/PublicKey
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKeySHA1
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bg.microsoft.map.fastly.net
|
199.232.210.172
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
||
|
s-part-0032.t-0009.t-msedge.net
|
13.107.246.60
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.196.9.26
|
unknown
|
Switzerland
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{411e5908-58dd-3ffc-0992-49e5af99b2dd}\Root\InventoryApplicationFile\tsle.exe|39c90f9885ed110c
|
ProgramId
|
|
|
|
\REGISTRY\A\{411e5908-58dd-3ffc-0992-49e5af99b2dd}\Root\InventoryApplicationFile\tsle.exe|39c90f9885ed110c
|
FileId
|
|
|
|
\REGISTRY\A\{411e5908-58dd-3ffc-0992-49e5af99b2dd}\Root\InventoryApplicationFile\tsle.exe|39c90f9885ed110c
|
LowerCaseLongPath
|
|
|
|
\REGISTRY\A\{411e5908-58dd-3ffc-0992-49e5af99b2dd}\Root\InventoryApplicationFile\tsle.exe|39c90f9885ed110c
|
LongPathHash
|
|
|
|
\REGISTRY\A\{411e5908-58dd-3ffc-0992-49e5af99b2dd}\Root\InventoryApplicationFile\tsle.exe|39c90f9885ed110c
|
Name
|
|
|
|
\REGISTRY\A\{411e5908-58dd-3ffc-0992-49e5af99b2dd}\Root\InventoryApplicationFile\tsle.exe|39c90f9885ed110c
|
OriginalFileName
|
|
|
|
\REGISTRY\A\{411e5908-58dd-3ffc-0992-49e5af99b2dd}\Root\InventoryApplicationFile\tsle.exe|39c90f9885ed110c
|
Publisher
|
|
|
|
\REGISTRY\A\{411e5908-58dd-3ffc-0992-49e5af99b2dd}\Root\InventoryApplicationFile\tsle.exe|39c90f9885ed110c
|
Version
|
|
|
|
\REGISTRY\A\{411e5908-58dd-3ffc-0992-49e5af99b2dd}\Root\InventoryApplicationFile\tsle.exe|39c90f9885ed110c
|
BinFileVersion
|
|
|
|
\REGISTRY\A\{411e5908-58dd-3ffc-0992-49e5af99b2dd}\Root\InventoryApplicationFile\tsle.exe|39c90f9885ed110c
|
BinaryType
|
|
|
|
\REGISTRY\A\{411e5908-58dd-3ffc-0992-49e5af99b2dd}\Root\InventoryApplicationFile\tsle.exe|39c90f9885ed110c
|
ProductName
|
|
|
|
\REGISTRY\A\{411e5908-58dd-3ffc-0992-49e5af99b2dd}\Root\InventoryApplicationFile\tsle.exe|39c90f9885ed110c
|
ProductVersion
|
|
|
|
\REGISTRY\A\{411e5908-58dd-3ffc-0992-49e5af99b2dd}\Root\InventoryApplicationFile\tsle.exe|39c90f9885ed110c
|
LinkDate
|
|
|
|
\REGISTRY\A\{411e5908-58dd-3ffc-0992-49e5af99b2dd}\Root\InventoryApplicationFile\tsle.exe|39c90f9885ed110c
|
BinProductVersion
|
|
|
|
\REGISTRY\A\{411e5908-58dd-3ffc-0992-49e5af99b2dd}\Root\InventoryApplicationFile\tsle.exe|39c90f9885ed110c
|
AppxPackageFullName
|
|
|
|
\REGISTRY\A\{411e5908-58dd-3ffc-0992-49e5af99b2dd}\Root\InventoryApplicationFile\tsle.exe|39c90f9885ed110c
|
AppxPackageRelativeId
|
|
|
|
\REGISTRY\A\{411e5908-58dd-3ffc-0992-49e5af99b2dd}\Root\InventoryApplicationFile\tsle.exe|39c90f9885ed110c
|
Size
|
|
|
|
\REGISTRY\A\{411e5908-58dd-3ffc-0992-49e5af99b2dd}\Root\InventoryApplicationFile\tsle.exe|39c90f9885ed110c
|
Language
|
|
|
|
\REGISTRY\A\{411e5908-58dd-3ffc-0992-49e5af99b2dd}\Root\InventoryApplicationFile\tsle.exe|39c90f9885ed110c
|
Usn
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
There are 14 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
310000
|
unkown
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2C41000
|
trusted library allocation
|
page read and write
|
|
|
|
2CD4000
|
trusted library allocation
|
page read and write
|
|
|
|
3D44000
|
trusted library allocation
|
page read and write
|
||
|
126B000
|
stack
|
page read and write
|
||
|
3E75000
|
trusted library allocation
|
page read and write
|
||
|
3CCD000
|
trusted library allocation
|
page read and write
|
||
|
3C83000
|
trusted library allocation
|
page read and write
|
||
|
120E000
|
heap
|
page read and write
|
||
|
305D000
|
trusted library allocation
|
page read and write
|
||
|
50AD000
|
trusted library allocation
|
page read and write
|
||
|
2FAE000
|
trusted library allocation
|
page read and write
|
||
|
3E71000
|
trusted library allocation
|
page read and write
|
||
|
55F0000
|
trusted library allocation
|
page read and write
|
||
|
1280000
|
trusted library allocation
|
page read and write
|
||
|
5400000
|
trusted library allocation
|
page read and write
|
||
|
5430000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
6CAA000
|
heap
|
page read and write
|
||
|
60BE000
|
stack
|
page read and write
|
||
|
3343000
|
trusted library allocation
|
page read and write
|
||
|
3D89000
|
trusted library allocation
|
page read and write
|
||
|
3167000
|
trusted library allocation
|
page read and write
|
||
|
6A60000
|
heap
|
page read and write
|
||
|
2E5F000
|
trusted library allocation
|
page read and write
|
||
|
2FD6000
|
trusted library allocation
|
page read and write
|
||
|
100E000
|
stack
|
page read and write
|
||
|
569C000
|
heap
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
2D9D000
|
stack
|
page read and write
|
||
|
309D000
|
trusted library allocation
|
page read and write
|
||
|
3186000
|
trusted library allocation
|
page read and write
|
||
|
3DCF000
|
trusted library allocation
|
page read and write
|
||
|
6FA0000
|
trusted library allocation
|
page read and write
|
||
|
2E52000
|
trusted library allocation
|
page read and write
|
||
|
9DE000
|
stack
|
page read and write
|
||
|
3DBC000
|
trusted library allocation
|
page read and write
|
||
|
56D1000
|
heap
|
page read and write
|
||
|
3F1F000
|
trusted library allocation
|
page read and write
|
||
|
3D15000
|
trusted library allocation
|
page read and write
|
||
|
35E000
|
unkown
|
page readonly
|
||
|
326B000
|
trusted library allocation
|
page read and write
|
||
|
35D000
|
unkown
|
page read and write
|
||
|
3E9C000
|
trusted library allocation
|
page read and write
|
||
|
3D95000
|
trusted library allocation
|
page read and write
|
||
|
6D24000
|
heap
|
page read and write
|
||
|
3CF9000
|
trusted library allocation
|
page read and write
|
||
|
3C7B000
|
trusted library allocation
|
page read and write
|
||
|
50B2000
|
trusted library allocation
|
page read and write
|
||
|
3302000
|
trusted library allocation
|
page read and write
|
||
|
3D3F000
|
trusted library allocation
|
page read and write
|
||
|
3DB6000
|
trusted library allocation
|
page read and write
|
||
|
2F48000
|
trusted library allocation
|
page read and write
|
||
|
3101000
|
trusted library allocation
|
page read and write
|
||
|
6C9D000
|
stack
|
page read and write
|
||
|
3FC5000
|
trusted library allocation
|
page read and write
|
||
|
6ECA000
|
trusted library allocation
|
page read and write
|
||
|
3F1A000
|
trusted library allocation
|
page read and write
|
||
|
3C41000
|
trusted library allocation
|
page read and write
|
||
|
73BE000
|
stack
|
page read and write
|
||
|
330A000
|
trusted library allocation
|
page read and write
|
||
|
3317000
|
trusted library allocation
|
page read and write
|
||
|
3E6C000
|
trusted library allocation
|
page read and write
|
||
|
2B8F000
|
stack
|
page read and write
|
||
|
532B000
|
trusted library allocation
|
page read and write
|
||
|
F5C000
|
stack
|
page read and write
|
||
|
56FF000
|
heap
|
page read and write
|
||
|
3E2E000
|
trusted library allocation
|
page read and write
|
||
|
5662000
|
heap
|
page read and write
|
||
|
53D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DBC000
|
trusted library allocation
|
page read and write
|
||
|
3DDA000
|
trusted library allocation
|
page read and write
|
||
|
3FC2000
|
trusted library allocation
|
page read and write
|
||
|
3DC3000
|
trusted library allocation
|
page read and write
|
||
|
613C000
|
stack
|
page read and write
|
||
|
F8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5360000
|
trusted library allocation
|
page read and write
|
||
|
3EA8000
|
trusted library allocation
|
page read and write
|
||
|
6ED0000
|
trusted library allocation
|
page read and write
|
||
|
E4F000
|
heap
|
page read and write
|
||
|
2EEC000
|
trusted library allocation
|
page read and write
|
||
|
FC0000
|
trusted library allocation
|
page read and write
|
||
|
3DC6000
|
trusted library allocation
|
page read and write
|
||
|
6CC6000
|
heap
|
page read and write
|
||
|
2E3A000
|
trusted library allocation
|
page read and write
|
||
|
3FB7000
|
trusted library allocation
|
page read and write
|
||
|
60E3000
|
trusted library allocation
|
page read and write
|
||
|
6EB8000
|
trusted library allocation
|
page read and write
|
||
|
3F1D000
|
trusted library allocation
|
page read and write
|
||
|
432000
|
remote allocation
|
page execute and read and write
|
||
|
568B000
|
heap
|
page read and write
|
||
|
2DB1000
|
trusted library allocation
|
page read and write
|
||
|
FAB000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E3F000
|
trusted library allocation
|
page read and write
|
||
|
535A000
|
trusted library allocation
|
page read and write
|
||
|
6EA2000
|
trusted library allocation
|
page read and write
|
||
|
6CF6000
|
heap
|
page read and write
|
||
|
3EDB000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
3272000
|
trusted library allocation
|
page read and write
|
||
|
5210000
|
heap
|
page read and write
|
||
|
2E7E000
|
trusted library allocation
|
page read and write
|
||
|
2FE0000
|
trusted library allocation
|
page read and write
|
||
|
6EBF000
|
trusted library allocation
|
page read and write
|
||
|
F96000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B98000
|
trusted library allocation
|
page read and write
|
||
|
31B2000
|
trusted library allocation
|
page read and write
|
||
|
3F41000
|
trusted library allocation
|
page read and write
|
||
|
3F67000
|
trusted library allocation
|
page read and write
|
||
|
737E000
|
stack
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
3178000
|
trusted library allocation
|
page read and write
|
||
|
3F6E000
|
trusted library allocation
|
page read and write
|
||
|
12A0000
|
trusted library allocation
|
page read and write
|
||
|
6FC0000
|
trusted library allocation
|
page read and write
|
||
|
31C4000
|
trusted library allocation
|
page read and write
|
||
|
509E000
|
trusted library allocation
|
page read and write
|
||
|
3E17000
|
trusted library allocation
|
page read and write
|
||
|
6EBA000
|
trusted library allocation
|
page read and write
|
||
|
DF5000
|
heap
|
page read and write
|
||
|
3338000
|
trusted library allocation
|
page read and write
|
||
|
2FDB000
|
trusted library allocation
|
page read and write
|
||
|
2FB7000
|
trusted library allocation
|
page read and write
|
||
|
310000
|
unkown
|
page write copy
|
||
|
733E000
|
stack
|
page read and write
|
||
|
E30000
|
heap
|
page read and write
|
||
|
3360000
|
trusted library allocation
|
page read and write
|
||
|
310C000
|
trusted library allocation
|
page read and write
|
||
|
F90000
|
trusted library allocation
|
page read and write
|
||
|
74FE000
|
stack
|
page read and write
|
||
|
104E000
|
stack
|
page read and write
|
||
|
3FA6000
|
trusted library allocation
|
page read and write
|
||
|
3CEE000
|
trusted library allocation
|
page read and write
|
||
|
3193000
|
trusted library allocation
|
page read and write
|
||
|
5E7E000
|
stack
|
page read and write
|
||
|
3D90000
|
trusted library allocation
|
page read and write
|
||
|
3CDA000
|
trusted library allocation
|
page read and write
|
||
|
2E0000
|
unkown
|
page readonly
|
||
|
5120000
|
heap
|
page read and write
|
||
|
2F92000
|
trusted library allocation
|
page read and write
|
||
|
5370000
|
trusted library allocation
|
page read and write
|
||
|
E5B000
|
heap
|
page read and write
|
||
|
69F7000
|
trusted library allocation
|
page read and write
|
||
|
60F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5381000
|
trusted library allocation
|
page read and write
|
||
|
14FF000
|
stack
|
page read and write
|
||
|
3E55000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
2F95000
|
trusted library allocation
|
page read and write
|
||
|
5610000
|
heap
|
page execute and read and write
|
||
|
3240000
|
trusted library allocation
|
page read and write
|
||
|
568F000
|
heap
|
page read and write
|
||
|
579E000
|
stack
|
page read and write
|
||
|
F7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
437000
|
remote allocation
|
page execute and read and write
|
||
|
3CC1000
|
trusted library allocation
|
page read and write
|
||
|
2FE6000
|
trusted library allocation
|
page read and write
|
||
|
3F5A000
|
trusted library allocation
|
page read and write
|
||
|
5638000
|
heap
|
page read and write
|
||
|
5420000
|
trusted library allocation
|
page read and write
|
||
|
5336000
|
trusted library allocation
|
page read and write
|
||
|
F80000
|
trusted library allocation
|
page read and write
|
||
|
3331000
|
trusted library allocation
|
page read and write
|
||
|
5342000
|
trusted library allocation
|
page read and write
|
||
|
3EFA000
|
trusted library allocation
|
page read and write
|
||
|
637C000
|
stack
|
page read and write
|
||
|
6ED2000
|
trusted library allocation
|
page read and write
|
||
|
3D5D000
|
trusted library allocation
|
page read and write
|
||
|
50F0000
|
heap
|
page execute and read and write
|
||
|
2FA4000
|
trusted library allocation
|
page read and write
|
||
|
3E77000
|
trusted library allocation
|
page read and write
|
||
|
31CF000
|
trusted library allocation
|
page read and write
|
||
|
3E3B000
|
trusted library allocation
|
page read and write
|
||
|
6D78000
|
heap
|
page read and write
|
||
|
3F17000
|
trusted library allocation
|
page read and write
|
||
|
6CBC000
|
heap
|
page read and write
|
||
|
50A1000
|
trusted library allocation
|
page read and write
|
||
|
3D2C000
|
trusted library allocation
|
page read and write
|
||
|
6F90000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
trusted library allocation
|
page read and write
|
||
|
5490000
|
trusted library allocation
|
page execute and read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
6CB6000
|
heap
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
3C4F000
|
trusted library allocation
|
page read and write
|
||
|
2E1000
|
unkown
|
page execute read
|
||
|
2D81000
|
trusted library allocation
|
page read and write
|
||
|
3292000
|
trusted library allocation
|
page read and write
|
||
|
2D66000
|
trusted library allocation
|
page read and write
|
||
|
30DE000
|
trusted library allocation
|
page read and write
|
||
|
6EA0000
|
trusted library allocation
|
page read and write
|
||
|
55E0000
|
trusted library allocation
|
page read and write
|
||
|
3249000
|
trusted library allocation
|
page read and write
|
||
|
2D95000
|
trusted library allocation
|
page read and write
|
||
|
50F3000
|
heap
|
page execute and read and write
|
||
|
55D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7CA0000
|
heap
|
page read and write
|
||
|
3D0A000
|
trusted library allocation
|
page read and write
|
||
|
6D29000
|
heap
|
page read and write
|
||
|
305000
|
unkown
|
page readonly
|
||
|
3259000
|
trusted library allocation
|
page read and write
|
||
|
3F86000
|
trusted library allocation
|
page read and write
|
||
|
2FC1000
|
trusted library allocation
|
page read and write
|
||
|
327C000
|
trusted library allocation
|
page read and write
|
||
|
50A6000
|
trusted library allocation
|
page read and write
|
||
|
3073000
|
trusted library allocation
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
31BF000
|
trusted library allocation
|
page read and write
|
||
|
520A000
|
trusted library allocation
|
page read and write
|
||
|
6FB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3EC9000
|
trusted library allocation
|
page read and write
|
||
|
56FA000
|
heap
|
page read and write
|
||
|
3D42000
|
trusted library allocation
|
page read and write
|
||
|
69F0000
|
trusted library allocation
|
page read and write
|
||
|
2F9D000
|
trusted library allocation
|
page read and write
|
||
|
3F80000
|
trusted library allocation
|
page read and write
|
||
|
3EE0000
|
trusted library allocation
|
page read and write
|
||
|
353000
|
unkown
|
page read and write
|
||
|
306E000
|
trusted library allocation
|
page read and write
|
||
|
3FA0000
|
trusted library allocation
|
page read and write
|
||
|
3287000
|
trusted library allocation
|
page read and write
|
||
|
3079000
|
trusted library allocation
|
page read and write
|
||
|
EE1000
|
heap
|
page read and write
|
||
|
3F01000
|
trusted library allocation
|
page read and write
|
||
|
3E4B000
|
trusted library allocation
|
page read and write
|
||
|
3D3C000
|
trusted library allocation
|
page read and write
|
||
|
5600000
|
trusted library allocation
|
page execute and read and write
|
||
|
FA5000
|
trusted library allocation
|
page execute and read and write
|
||
|
74BE000
|
stack
|
page read and write
|
||
|
3131000
|
trusted library allocation
|
page read and write
|
||
|
56BC000
|
heap
|
page read and write
|
||
|
3D9A000
|
trusted library allocation
|
page read and write
|
||
|
6D8C000
|
heap
|
page read and write
|
||
|
6D3B000
|
heap
|
page read and write
|
||
|
6CDA000
|
heap
|
page read and write
|
||
|
300A000
|
trusted library allocation
|
page read and write
|
||
|
F9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D9C000
|
heap
|
page read and write
|
||
|
56C1000
|
heap
|
page read and write
|
||
|
112F000
|
stack
|
page read and write
|
||
|
5130000
|
trusted library allocation
|
page read and write
|
||
|
2D8E000
|
trusted library allocation
|
page read and write
|
||
|
6ED5000
|
trusted library allocation
|
page read and write
|
||
|
56CE000
|
heap
|
page read and write
|
||
|
3069000
|
trusted library allocation
|
page read and write
|
||
|
3D36000
|
trusted library allocation
|
page read and write
|
||
|
50D0000
|
trusted library allocation
|
page read and write
|
||
|
F0F000
|
heap
|
page read and write
|
||
|
3F8B000
|
trusted library allocation
|
page read and write
|
||
|
60E0000
|
trusted library allocation
|
page read and write
|
||
|
FF2B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
92A000
|
stack
|
page read and write
|
||
|
2FCA000
|
trusted library allocation
|
page read and write
|
||
|
3E7F000
|
trusted library allocation
|
page read and write
|
||
|
3F07000
|
trusted library allocation
|
page read and write
|
||
|
3D05000
|
trusted library allocation
|
page read and write
|
||
|
7050000
|
trusted library allocation
|
page execute and read and write
|
||
|
3260000
|
trusted library allocation
|
page read and write
|
||
|
E68000
|
heap
|
page read and write
|
||
|
3355000
|
trusted library allocation
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
623C000
|
stack
|
page read and write
|
||
|
6D44000
|
heap
|
page read and write
|
||
|
3F96000
|
trusted library allocation
|
page read and write
|
||
|
3FBC000
|
trusted library allocation
|
page read and write
|
||
|
3D51000
|
trusted library allocation
|
page read and write
|
||
|
6D5B000
|
heap
|
page read and write
|
||
|
6D1E000
|
heap
|
page read and write
|
||
|
3D33000
|
trusted library allocation
|
page read and write
|
||
|
3F2A000
|
trusted library allocation
|
page read and write
|
||
|
2DCB000
|
trusted library allocation
|
page read and write
|
||
|
2E73000
|
trusted library allocation
|
page read and write
|
||
|
3DD2000
|
trusted library allocation
|
page read and write
|
||
|
2D79000
|
trusted library allocation
|
page read and write
|
||
|
5630000
|
heap
|
page read and write
|
||
|
2EA6000
|
trusted library allocation
|
page read and write
|
||
|
2DFA000
|
trusted library allocation
|
page read and write
|
||
|
6D11000
|
heap
|
page read and write
|
||
|
3FC0000
|
trusted library allocation
|
page read and write
|
||
|
2DA7000
|
trusted library allocation
|
page read and write
|
||
|
5395000
|
trusted library allocation
|
page read and write
|
||
|
3209000
|
trusted library allocation
|
page read and write
|
||
|
12D0000
|
trusted library allocation
|
page read and write
|
||
|
30D4000
|
trusted library allocation
|
page read and write
|
||
|
5F7F000
|
stack
|
page read and write
|
||
|
55C0000
|
trusted library allocation
|
page read and write
|
||
|
3106000
|
trusted library allocation
|
page read and write
|
||
|
627E000
|
stack
|
page read and write
|
||
|
4D3C000
|
stack
|
page read and write
|
||
|
6CA0000
|
heap
|
page read and write
|
||
|
5FBE000
|
stack
|
page read and write
|
||
|
3D00000
|
trusted library allocation
|
page read and write
|
||
|
3CE7000
|
trusted library allocation
|
page read and write
|
||
|
3F25000
|
trusted library allocation
|
page read and write
|
||
|
3F4D000
|
trusted library allocation
|
page read and write
|
||
|
120A000
|
heap
|
page read and write
|
||
|
31A7000
|
trusted library allocation
|
page read and write
|
||
|
53A0000
|
trusted library allocation
|
page read and write
|
||
|
1010000
|
trusted library allocation
|
page execute and read and write
|
||
|
5480000
|
trusted library allocation
|
page execute and read and write
|
||
|
305000
|
unkown
|
page readonly
|
||
|
2E0000
|
unkown
|
page readonly
|
||
|
3DCC000
|
trusted library allocation
|
page read and write
|
||
|
3E62000
|
trusted library allocation
|
page read and write
|
||
|
3F11000
|
trusted library allocation
|
page read and write
|
||
|
5208000
|
trusted library allocation
|
page read and write
|
||
|
3F0E000
|
trusted library allocation
|
page read and write
|
||
|
E45000
|
heap
|
page read and write
|
||
|
31B9000
|
trusted library allocation
|
page read and write
|
||
|
2DA0000
|
trusted library allocation
|
page read and write
|
||
|
3054000
|
trusted library allocation
|
page read and write
|
||
|
3041000
|
trusted library allocation
|
page read and write
|
||
|
1290000
|
trusted library allocation
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
3D7E000
|
trusted library allocation
|
page read and write
|
||
|
6F8E000
|
stack
|
page read and write
|
||
|
75FE000
|
stack
|
page read and write
|
||
|
508B000
|
trusted library allocation
|
page read and write
|
||
|
5213000
|
heap
|
page read and write
|
||
|
5200000
|
trusted library allocation
|
page read and write
|
||
|
336B000
|
trusted library allocation
|
page read and write
|
||
|
3FAD000
|
trusted library allocation
|
page read and write
|
||
|
E75000
|
heap
|
page read and write
|
||
|
3E68000
|
trusted library allocation
|
page read and write
|
||
|
5150000
|
trusted library allocation
|
page execute and read and write
|
||
|
5205000
|
trusted library allocation
|
page read and write
|
||
|
5710000
|
heap
|
page read and write
|
||
|
5080000
|
trusted library allocation
|
page read and write
|
||
|
571D000
|
heap
|
page read and write
|
||
|
6EE0000
|
trusted library allocation
|
page read and write
|
||
|
6FAB000
|
trusted library allocation
|
page read and write
|
||
|
3E5B000
|
trusted library allocation
|
page read and write
|
||
|
FA7000
|
trusted library allocation
|
page execute and read and write
|
||
|
F73000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E46000
|
trusted library allocation
|
page read and write
|
||
|
54A0000
|
trusted library allocation
|
page read and write
|
||
|
700E000
|
stack
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
3C61000
|
trusted library allocation
|
page read and write
|
||
|
FA2000
|
trusted library allocation
|
page read and write
|
||
|
6EC5000
|
trusted library allocation
|
page read and write
|
||
|
30F0000
|
trusted library allocation
|
page read and write
|
||
|
53C0000
|
trusted library allocation
|
page read and write
|
||
|
534E000
|
trusted library allocation
|
page read and write
|
||
|
3D26000
|
trusted library allocation
|
page read and write
|
||
|
2E6C000
|
trusted library allocation
|
page read and write
|
||
|
339B000
|
trusted library allocation
|
page read and write
|
||
|
3EF0000
|
trusted library allocation
|
page read and write
|
||
|
3DA5000
|
trusted library allocation
|
page read and write
|
||
|
69F5000
|
trusted library allocation
|
page read and write
|
||
|
F70000
|
trusted library allocation
|
page read and write
|
||
|
5667000
|
heap
|
page read and write
|
||
|
3FB3000
|
trusted library allocation
|
page read and write
|
||
|
6ECF000
|
trusted library allocation
|
page read and write
|
||
|
2F8C000
|
trusted library allocation
|
page read and write
|
||
|
56A0000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
3FCF000
|
trusted library allocation
|
page read and write
|
||
|
6CA6000
|
heap
|
page read and write
|
||
|
56EA000
|
heap
|
page read and write
|
||
|
2FA7000
|
trusted library allocation
|
page read and write
|
||
|
3DD4000
|
trusted library allocation
|
page read and write
|
||
|
5084000
|
trusted library allocation
|
page read and write
|
||
|
117D000
|
stack
|
page read and write
|
||
|
3EC2000
|
trusted library allocation
|
page read and write
|
||
|
2E44000
|
trusted library allocation
|
page read and write
|
||
|
5351000
|
trusted library allocation
|
page read and write
|
||
|
35B000
|
unkown
|
page execute and read and write
|
||
|
3D6A000
|
trusted library allocation
|
page read and write
|
||
|
2DAC000
|
trusted library allocation
|
page read and write
|
||
|
56EE000
|
heap
|
page read and write
|
||
|
539E000
|
trusted library allocation
|
page read and write
|
||
|
3052000
|
trusted library allocation
|
page read and write
|
||
|
3ED4000
|
trusted library allocation
|
page read and write
|
||
|
F6E000
|
stack
|
page read and write
|
||
|
3324000
|
trusted library allocation
|
page read and write
|
||
|
2DC6000
|
trusted library allocation
|
page read and write
|
||
|
13FF000
|
stack
|
page read and write
|
||
|
3DEE000
|
trusted library allocation
|
page read and write
|
||
|
6D6F000
|
heap
|
page read and write
|
||
|
56DC000
|
heap
|
page read and write
|
||
|
E5C000
|
stack
|
page read and write
|
||
|
2E8B000
|
trusted library allocation
|
page read and write
|
||
|
6F4E000
|
stack
|
page read and write
|
||
|
122E000
|
stack
|
page read and write
|
||
|
12A8000
|
trusted library allocation
|
page read and write
|
||
|
3DAF000
|
trusted library allocation
|
page read and write
|
||
|
2E9B000
|
trusted library allocation
|
page read and write
|
||
|
12B5000
|
trusted library allocation
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
6EA9000
|
trusted library allocation
|
page read and write
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
3D4A000
|
trusted library allocation
|
page read and write
|
||
|
317A000
|
trusted library allocation
|
page read and write
|
||
|
334A000
|
trusted library allocation
|
page read and write
|
||
|
539B000
|
trusted library allocation
|
page read and write
|
||
|
6CFF000
|
heap
|
page read and write
|
||
|
30E7000
|
trusted library allocation
|
page read and write
|
||
|
F92000
|
trusted library allocation
|
page read and write
|
||
|
12B0000
|
trusted library allocation
|
page read and write
|
||
|
100E000
|
stack
|
page read and write
|
||
|
32C2000
|
trusted library allocation
|
page read and write
|
||
|
2E1000
|
unkown
|
page execute read
|
||
|
3EB5000
|
trusted library allocation
|
page read and write
|
||
|
569A000
|
heap
|
page read and write
|
||
|
3FCB000
|
trusted library allocation
|
page read and write
|
||
|
32F8000
|
trusted library allocation
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
2F0F000
|
trusted library allocation
|
page read and write
|
||
|
6D2F000
|
heap
|
page read and write
|
||
|
2D73000
|
trusted library allocation
|
page read and write
|
||
|
30FD000
|
trusted library allocation
|
page read and write
|
||
|
446000
|
remote allocation
|
page execute and read and write
|
||
|
6B9E000
|
stack
|
page read and write
|
||
|
3277000
|
trusted library allocation
|
page read and write
|
||
|
2C30000
|
heap
|
page execute and read and write
|
||
|
5410000
|
trusted library allocation
|
page read and write
|
||
|
56C5000
|
heap
|
page read and write
|
||
|
6D56000
|
heap
|
page read and write
|
||
|
3E84000
|
trusted library allocation
|
page read and write
|
||
|
CF7000
|
stack
|
page read and write
|
||
|
704E000
|
stack
|
page read and write
|
||
|
5320000
|
trusted library allocation
|
page read and write
|
||
|
F74000
|
trusted library allocation
|
page read and write
|
||
|
2FAA000
|
trusted library allocation
|
page read and write
|
||
|
2E85000
|
trusted library allocation
|
page read and write
|
||
|
3350000
|
trusted library allocation
|
page read and write
|
||
|
3D1F000
|
trusted library allocation
|
page read and write
|
||
|
5331000
|
trusted library allocation
|
page read and write
|
||
|
3D77000
|
trusted library allocation
|
page read and write
|
||
|
53B0000
|
trusted library allocation
|
page read and write
|
||
|
575E000
|
stack
|
page read and write
|
||
|
5620000
|
heap
|
page read and write
|
||
|
6A04000
|
trusted library allocation
|
page read and write
|
||
|
6A00000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
6CEA000
|
heap
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
6CCC000
|
heap
|
page read and write
|
||
|
31DA000
|
trusted library allocation
|
page read and write
|
||
|
3171000
|
trusted library allocation
|
page read and write
|
||
|
57A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5132000
|
trusted library allocation
|
page read and write
|
||
|
3EE5000
|
trusted library allocation
|
page read and write
|
||
|
EFF000
|
heap
|
page read and write
|
||
|
2E8F000
|
trusted library allocation
|
page read and write
|
||
|
3E35000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
trusted library allocation
|
page read and write
|
||
|
3E7A000
|
trusted library allocation
|
page read and write
|
||
|
E38000
|
heap
|
page read and write
|
||
|
2E30000
|
trusted library allocation
|
page read and write
|
||
|
6CDC000
|
heap
|
page read and write
|
||
|
60C0000
|
trusted library allocation
|
page read and write
|
||
|
35E000
|
unkown
|
page readonly
|
||
|
5140000
|
heap
|
page read and write
|
||
|
6CE6000
|
heap
|
page read and write
|
||
|
6EA5000
|
trusted library allocation
|
page read and write
|
||
|
EF7000
|
heap
|
page read and write
|
||
|
3F7A000
|
trusted library allocation
|
page read and write
|
||
|
69E0000
|
trusted library allocation
|
page execute and read and write
|
There are 452 hidden memdumps, click here to show them.