Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
RepozetorySetup.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_RepozetorySetup._dbae9c7c1666e638f7cace34c3620537866cb47_6b7089c6_0bf54268-0f17-418d-853d-4b7cde7816bb\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4BE1.tmp.dmp
|
Mini DuMP crash report, 14 streams, Thu Oct 17 22:27:26 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4C30.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4E64.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\MSBuild.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\RepozetorySetup.exe
|
"C:\Users\user\Desktop\RepozetorySetup.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7496 -s 260
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
185.196.9.26:6302
|
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Text
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/sct
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/sc/dk
|
unknown
|
||
|
http://tempuri.org/Entity/Id23ResponseD
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#HexBinary
|
unknown
|
||
|
http://tempuri.org/Entity/Id12Response
|
unknown
|
||
|
http://tempuri.org/
|
unknown
|
||
|
http://tempuri.org/Entity/Id2Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/dk/p_sha1
|
unknown
|
||
|
http://tempuri.org/Entity/Id21Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/2005/02/trust/spnego#GSS_Wrap
|
unknown
|
||
|
http://tempuri.org/Entity/Id9
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID
|
unknown
|
||
|
http://tempuri.org/Entity/Id8
|
unknown
|
||
|
http://tempuri.org/Entity/Id5
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Prepare
|
unknown
|
||
|
http://tempuri.org/Entity/Id4
|
unknown
|
||
|
http://tempuri.org/Entity/Id7
|
unknown
|
||
|
http://tempuri.org/Entity/Id6
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust#BinarySecret
|
unknown
|
||
|
http://tempuri.org/Entity/Id19Response
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-rel-token-profile-1.0.pdf#license
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Aborted
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/TerminateSequence
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/fault
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey
|
unknown
|
||
|
http://tempuri.org/Entity/Id15Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Renew
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/Register
|
unknown
|
||
|
http://tempuri.org/Entity/Id6Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/SymmetricKey
|
unknown
|
||
|
https://api.ip.sb/ip
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/sc
|
unknown
|
||
|
http://tempuri.org/Entity/Id1ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Volatile2PC
|
unknown
|
||
|
http://www.entrust.net/rpa03
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id9Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id20
|
unknown
|
||
|
http://tempuri.org/Entity/Id21
|
unknown
|
||
|
http://tempuri.org/Entity/Id22
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#Kerberosv5APREQSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id23
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/CK/PSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id24
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/Issue
|
unknown
|
||
|
http://tempuri.org/Entity/Id24Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id1Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/AckRequested
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/ReadOnly
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Replay
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Durable2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/SymmetricKey
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Completion
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust
|
unknown
|
||
|
http://tempuri.org/Entity/Id10
|
unknown
|
||
|
http://tempuri.org/Entity/Id11
|
unknown
|
||
|
http://tempuri.org/Entity/Id12
|
unknown
|
||
|
http://tempuri.org/Entity/Id16Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContextResponse
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id13
|
unknown
|
||
|
http://tempuri.org/Entity/Id14
|
unknown
|
||
|
http://tempuri.org/Entity/Id15
|
unknown
|
||
|
http://tempuri.org/Entity/Id16
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Nonce
|
unknown
|
||
|
http://tempuri.org/Entity/Id17
|
unknown
|
||
|
http://tempuri.org/Entity/Id18
|
unknown
|
||
|
http://tempuri.org/Entity/Id5Response
|
unknown
|
||
|
http://crl.entrust.net/2048ca.crl0
|
unknown
|
||
|
http://tempuri.org/Entity/Id19
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dns
|
unknown
|
||
|
https://www.entrust.net/rpa0
|
unknown
|
||
|
http://tempuri.org/Entity/Id10Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Renew
|
unknown
|
||
|
http://tempuri.org/Entity/Id8Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/PublicKey
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
|
unknown
|
||
|
http://ocsp.entrust.net03
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID
|
unknown
|
||
|
http://ocsp.entrust.net02
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/SCT
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2006/02/addressingidentity
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/PublicKey
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKeySHA1
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Rollback
|
unknown
|
||
|
http://tempuri.org/Entity/Id3ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id23Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/SCT
|
unknown
|
||
|
http://tempuri.org/D
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
s-part-0017.t-0009.t-msedge.net
|
13.107.246.45
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.196.9.26
|
unknown
|
Switzerland
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
||
|
\REGISTRY\A\{6ec19d34-6f71-1933-1a89-67bae711ac9d}\Root\InventoryApplicationFile\repozetorysetup.|c15edff2a63533c9
|
ProgramId
|
||
|
\REGISTRY\A\{6ec19d34-6f71-1933-1a89-67bae711ac9d}\Root\InventoryApplicationFile\repozetorysetup.|c15edff2a63533c9
|
FileId
|
||
|
\REGISTRY\A\{6ec19d34-6f71-1933-1a89-67bae711ac9d}\Root\InventoryApplicationFile\repozetorysetup.|c15edff2a63533c9
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{6ec19d34-6f71-1933-1a89-67bae711ac9d}\Root\InventoryApplicationFile\repozetorysetup.|c15edff2a63533c9
|
LongPathHash
|
||
|
\REGISTRY\A\{6ec19d34-6f71-1933-1a89-67bae711ac9d}\Root\InventoryApplicationFile\repozetorysetup.|c15edff2a63533c9
|
Name
|
||
|
\REGISTRY\A\{6ec19d34-6f71-1933-1a89-67bae711ac9d}\Root\InventoryApplicationFile\repozetorysetup.|c15edff2a63533c9
|
OriginalFileName
|
||
|
\REGISTRY\A\{6ec19d34-6f71-1933-1a89-67bae711ac9d}\Root\InventoryApplicationFile\repozetorysetup.|c15edff2a63533c9
|
Publisher
|
||
|
\REGISTRY\A\{6ec19d34-6f71-1933-1a89-67bae711ac9d}\Root\InventoryApplicationFile\repozetorysetup.|c15edff2a63533c9
|
Version
|
||
|
\REGISTRY\A\{6ec19d34-6f71-1933-1a89-67bae711ac9d}\Root\InventoryApplicationFile\repozetorysetup.|c15edff2a63533c9
|
BinFileVersion
|
||
|
\REGISTRY\A\{6ec19d34-6f71-1933-1a89-67bae711ac9d}\Root\InventoryApplicationFile\repozetorysetup.|c15edff2a63533c9
|
BinaryType
|
||
|
\REGISTRY\A\{6ec19d34-6f71-1933-1a89-67bae711ac9d}\Root\InventoryApplicationFile\repozetorysetup.|c15edff2a63533c9
|
ProductName
|
||
|
\REGISTRY\A\{6ec19d34-6f71-1933-1a89-67bae711ac9d}\Root\InventoryApplicationFile\repozetorysetup.|c15edff2a63533c9
|
ProductVersion
|
||
|
\REGISTRY\A\{6ec19d34-6f71-1933-1a89-67bae711ac9d}\Root\InventoryApplicationFile\repozetorysetup.|c15edff2a63533c9
|
LinkDate
|
||
|
\REGISTRY\A\{6ec19d34-6f71-1933-1a89-67bae711ac9d}\Root\InventoryApplicationFile\repozetorysetup.|c15edff2a63533c9
|
BinProductVersion
|
||
|
\REGISTRY\A\{6ec19d34-6f71-1933-1a89-67bae711ac9d}\Root\InventoryApplicationFile\repozetorysetup.|c15edff2a63533c9
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{6ec19d34-6f71-1933-1a89-67bae711ac9d}\Root\InventoryApplicationFile\repozetorysetup.|c15edff2a63533c9
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{6ec19d34-6f71-1933-1a89-67bae711ac9d}\Root\InventoryApplicationFile\repozetorysetup.|c15edff2a63533c9
|
Size
|
||
|
\REGISTRY\A\{6ec19d34-6f71-1933-1a89-67bae711ac9d}\Root\InventoryApplicationFile\repozetorysetup.|c15edff2a63533c9
|
Language
|
||
|
\REGISTRY\A\{6ec19d34-6f71-1933-1a89-67bae711ac9d}\Root\InventoryApplicationFile\repozetorysetup.|c15edff2a63533c9
|
Usn
|
There are 14 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2F14000
|
trusted library allocation
|
page read and write
|
|
|
|
2E81000
|
trusted library allocation
|
page read and write
|
|
|
|
AAB000
|
unkown
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2E7F000
|
stack
|
page read and write
|
||
|
4019000
|
trusted library allocation
|
page read and write
|
||
|
5590000
|
trusted library allocation
|
page read and write
|
||
|
7F8E000
|
stack
|
page read and write
|
||
|
5408000
|
trusted library allocation
|
page read and write
|
||
|
2FD6000
|
trusted library allocation
|
page read and write
|
||
|
34B1000
|
trusted library allocation
|
page read and write
|
||
|
53DD000
|
trusted library allocation
|
page read and write
|
||
|
40AF000
|
trusted library allocation
|
page read and write
|
||
|
41F2000
|
trusted library allocation
|
page read and write
|
||
|
70D5000
|
trusted library allocation
|
page read and write
|
||
|
4FD000
|
stack
|
page read and write
|
||
|
423B000
|
trusted library allocation
|
page read and write
|
||
|
5400000
|
trusted library allocation
|
page read and write
|
||
|
5380000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A50000
|
trusted library allocation
|
page execute and read and write
|
||
|
1366000
|
heap
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
2CE0000
|
heap
|
page execute and read and write
|
||
|
3FD6000
|
trusted library allocation
|
page read and write
|
||
|
6F4F000
|
heap
|
page read and write
|
||
|
3EC8000
|
trusted library allocation
|
page read and write
|
||
|
5360000
|
heap
|
page read and write
|
||
|
34C2000
|
trusted library allocation
|
page read and write
|
||
|
30EC000
|
trusted library allocation
|
page read and write
|
||
|
54B0000
|
heap
|
page read and write
|
||
|
70BA000
|
trusted library allocation
|
page read and write
|
||
|
30E4000
|
trusted library allocation
|
page read and write
|
||
|
57F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
34B8000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
5700000
|
trusted library allocation
|
page read and write
|
||
|
2FA3000
|
trusted library allocation
|
page read and write
|
||
|
33F9000
|
trusted library allocation
|
page read and write
|
||
|
4089000
|
trusted library allocation
|
page read and write
|
||
|
33EE000
|
trusted library allocation
|
page read and write
|
||
|
4082000
|
trusted library allocation
|
page read and write
|
||
|
A91000
|
unkown
|
page execute read
|
||
|
4140000
|
trusted library allocation
|
page read and write
|
||
|
C9A000
|
stack
|
page read and write
|
||
|
A90000
|
unkown
|
page readonly
|
||
|
141E000
|
heap
|
page read and write
|
||
|
4003000
|
trusted library allocation
|
page read and write
|
||
|
70AF000
|
trusted library allocation
|
page read and write
|
||
|
40F7000
|
trusted library allocation
|
page read and write
|
||
|
6F7E000
|
heap
|
page read and write
|
||
|
3FB7000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
30F8000
|
trusted library allocation
|
page read and write
|
||
|
AAB000
|
unkown
|
page write copy
|
||
|
6F2B000
|
heap
|
page read and write
|
||
|
6DE000
|
heap
|
page read and write
|
||
|
3ECE000
|
trusted library allocation
|
page read and write
|
||
|
53D6000
|
trusted library allocation
|
page read and write
|
||
|
4077000
|
trusted library allocation
|
page read and write
|
||
|
570E000
|
trusted library allocation
|
page read and write
|
||
|
416C000
|
trusted library allocation
|
page read and write
|
||
|
424D000
|
trusted library allocation
|
page read and write
|
||
|
6E70000
|
heap
|
page read and write
|
||
|
411D000
|
trusted library allocation
|
page read and write
|
||
|
12DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
60E9000
|
heap
|
page read and write
|
||
|
2CD0000
|
trusted library allocation
|
page read and write
|
||
|
3EA1000
|
trusted library allocation
|
page read and write
|
||
|
349B000
|
trusted library allocation
|
page read and write
|
||
|
34AF000
|
trusted library allocation
|
page read and write
|
||
|
4155000
|
trusted library allocation
|
page read and write
|
||
|
53A0000
|
trusted library allocation
|
page read and write
|
||
|
41F7000
|
trusted library allocation
|
page read and write
|
||
|
5A0E000
|
stack
|
page read and write
|
||
|
656C000
|
stack
|
page read and write
|
||
|
4180000
|
trusted library allocation
|
page read and write
|
||
|
4093000
|
trusted library allocation
|
page read and write
|
||
|
4178000
|
trusted library allocation
|
page read and write
|
||
|
60C0000
|
heap
|
page read and write
|
||
|
70C4000
|
trusted library allocation
|
page read and write
|
||
|
6BE000
|
stack
|
page read and write
|
||
|
71B0000
|
trusted library allocation
|
page read and write
|
||
|
3F7F000
|
trusted library allocation
|
page read and write
|
||
|
331B000
|
trusted library allocation
|
page read and write
|
||
|
54A2000
|
trusted library allocation
|
page read and write
|
||
|
5575000
|
trusted library allocation
|
page read and write
|
||
|
4056000
|
trusted library allocation
|
page read and write
|
||
|
5930000
|
trusted library allocation
|
page read and write
|
||
|
53E2000
|
trusted library allocation
|
page read and write
|
||
|
6F62000
|
heap
|
page read and write
|
||
|
3FFC000
|
trusted library allocation
|
page read and write
|
||
|
6F13000
|
heap
|
page read and write
|
||
|
6083000
|
heap
|
page read and write
|
||
|
40C9000
|
trusted library allocation
|
page read and write
|
||
|
6098000
|
heap
|
page read and write
|
||
|
65C0000
|
trusted library allocation
|
page read and write
|
||
|
8CF000
|
stack
|
page read and write
|
||
|
401C000
|
trusted library allocation
|
page read and write
|
||
|
33DA000
|
trusted library allocation
|
page read and write
|
||
|
65BE000
|
stack
|
page read and write
|
||
|
4063000
|
trusted library allocation
|
page read and write
|
||
|
6E60000
|
trusted library allocation
|
page read and write
|
||
|
60D8000
|
heap
|
page read and write
|
||
|
12D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
4027000
|
trusted library allocation
|
page read and write
|
||
|
5560000
|
trusted library allocation
|
page execute and read and write
|
||
|
5730000
|
trusted library allocation
|
page read and write
|
||
|
5790000
|
trusted library allocation
|
page read and write
|
||
|
5780000
|
trusted library allocation
|
page read and write
|
||
|
3EB7000
|
trusted library allocation
|
page read and write
|
||
|
7090000
|
trusted library allocation
|
page read and write
|
||
|
5720000
|
trusted library allocation
|
page read and write
|
||
|
3F0A000
|
trusted library allocation
|
page read and write
|
||
|
6EFF000
|
heap
|
page read and write
|
||
|
71C9000
|
trusted library allocation
|
page read and write
|
||
|
6E82000
|
heap
|
page read and write
|
||
|
41ED000
|
trusted library allocation
|
page read and write
|
||
|
4021000
|
trusted library allocation
|
page read and write
|
||
|
54B3000
|
heap
|
page read and write
|
||
|
40C5000
|
trusted library allocation
|
page read and write
|
||
|
4252000
|
trusted library allocation
|
page read and write
|
||
|
645C000
|
stack
|
page read and write
|
||
|
71C0000
|
trusted library allocation
|
page read and write
|
||
|
60F0000
|
heap
|
page read and write
|
||
|
5578000
|
trusted library allocation
|
page read and write
|
||
|
756E000
|
stack
|
page read and write
|
||
|
60FE000
|
heap
|
page read and write
|
||
|
1403000
|
heap
|
page read and write
|
||
|
559B000
|
trusted library allocation
|
page read and write
|
||
|
6113000
|
heap
|
page read and write
|
||
|
131B000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F1A000
|
heap
|
page read and write
|
||
|
7740000
|
heap
|
page read and write
|
||
|
33BF000
|
trusted library allocation
|
page read and write
|
||
|
6024000
|
heap
|
page read and write
|
||
|
602A000
|
heap
|
page read and write
|
||
|
6ECA000
|
heap
|
page read and write
|
||
|
4257000
|
trusted library allocation
|
page read and write
|
||
|
5980000
|
heap
|
page execute and read and write
|
||
|
3E81000
|
trusted library allocation
|
page read and write
|
||
|
331D000
|
trusted library allocation
|
page read and write
|
||
|
6059000
|
heap
|
page read and write
|
||
|
124E000
|
stack
|
page read and write
|
||
|
70C0000
|
trusted library allocation
|
page read and write
|
||
|
7095000
|
trusted library allocation
|
page read and write
|
||
|
12D4000
|
trusted library allocation
|
page read and write
|
||
|
1312000
|
trusted library allocation
|
page read and write
|
||
|
4162000
|
trusted library allocation
|
page read and write
|
||
|
1145000
|
heap
|
page read and write
|
||
|
306C000
|
trusted library allocation
|
page read and write
|
||
|
41D4000
|
trusted library allocation
|
page read and write
|
||
|
2D2E000
|
stack
|
page read and write
|
||
|
AFB000
|
unkown
|
page write copy
|
||
|
33C1000
|
trusted library allocation
|
page read and write
|
||
|
4185000
|
trusted library allocation
|
page read and write
|
||
|
6D5E000
|
stack
|
page read and write
|
||
|
5415000
|
trusted library allocation
|
page read and write
|
||
|
4009000
|
trusted library allocation
|
page read and write
|
||
|
60BD000
|
heap
|
page read and write
|
||
|
30F2000
|
trusted library allocation
|
page read and write
|
||
|
3484000
|
trusted library allocation
|
page read and write
|
||
|
70A8000
|
trusted library allocation
|
page read and write
|
||
|
1338000
|
heap
|
page read and write
|
||
|
30DE000
|
trusted library allocation
|
page read and write
|
||
|
719F000
|
stack
|
page read and write
|
||
|
60B5000
|
heap
|
page read and write
|
||
|
7099000
|
trusted library allocation
|
page read and write
|
||
|
6F78000
|
heap
|
page read and write
|
||
|
53B0000
|
trusted library allocation
|
page read and write
|
||
|
AF6000
|
unkown
|
page execute and read and write
|
||
|
41DB000
|
trusted library allocation
|
page read and write
|
||
|
12D0000
|
trusted library allocation
|
page read and write
|
||
|
6E69000
|
trusted library allocation
|
page read and write
|
||
|
5740000
|
trusted library allocation
|
page execute and read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
12F6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1344000
|
heap
|
page read and write
|
||
|
60DB000
|
heap
|
page read and write
|
||
|
7092000
|
trusted library allocation
|
page read and write
|
||
|
762E000
|
stack
|
page read and write
|
||
|
12E0000
|
trusted library allocation
|
page read and write
|
||
|
40A9000
|
trusted library allocation
|
page read and write
|
||
|
AF8000
|
unkown
|
page readonly
|
||
|
5810000
|
trusted library allocation
|
page read and write
|
||
|
3EC0000
|
trusted library allocation
|
page read and write
|
||
|
2FEE000
|
trusted library allocation
|
page read and write
|
||
|
401F000
|
trusted library allocation
|
page read and write
|
||
|
3416000
|
trusted library allocation
|
page read and write
|
||
|
6094000
|
heap
|
page read and write
|
||
|
34C6000
|
trusted library allocation
|
page read and write
|
||
|
402C000
|
trusted library allocation
|
page read and write
|
||
|
60EC000
|
heap
|
page read and write
|
||
|
70AA000
|
trusted library allocation
|
page read and write
|
||
|
12C0000
|
trusted library allocation
|
page read and write
|
||
|
13DD000
|
heap
|
page read and write
|
||
|
34AD000
|
trusted library allocation
|
page read and write
|
||
|
30F6000
|
trusted library allocation
|
page read and write
|
||
|
75EE000
|
stack
|
page read and write
|
||
|
70E0000
|
trusted library allocation
|
page read and write
|
||
|
631E000
|
stack
|
page read and write
|
||
|
152E000
|
stack
|
page read and write
|
||
|
6049000
|
heap
|
page read and write
|
||
|
3FCB000
|
trusted library allocation
|
page read and write
|
||
|
5A4E000
|
stack
|
page read and write
|
||
|
421A000
|
trusted library allocation
|
page read and write
|
||
|
4013000
|
trusted library allocation
|
page read and write
|
||
|
417A000
|
trusted library allocation
|
page read and write
|
||
|
746E000
|
stack
|
page read and write
|
||
|
661D000
|
stack
|
page read and write
|
||
|
4227000
|
trusted library allocation
|
page read and write
|
||
|
71A0000
|
trusted library allocation
|
page read and write
|
||
|
7730000
|
heap
|
page read and write
|
||
|
6E8A000
|
heap
|
page read and write
|
||
|
4110000
|
trusted library allocation
|
page read and write
|
||
|
12ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
3EC3000
|
trusted library allocation
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
420E000
|
trusted library allocation
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
6EDC000
|
heap
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
41E6000
|
trusted library allocation
|
page read and write
|
||
|
412F000
|
trusted library allocation
|
page read and write
|
||
|
415C000
|
trusted library allocation
|
page read and write
|
||
|
30F0000
|
trusted library allocation
|
page read and write
|
||
|
70D2000
|
trusted library allocation
|
page read and write
|
||
|
D97000
|
stack
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
4172000
|
trusted library allocation
|
page read and write
|
||
|
3F3B000
|
trusted library allocation
|
page read and write
|
||
|
5450000
|
trusted library allocation
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
501B000
|
stack
|
page read and write
|
||
|
4246000
|
trusted library allocation
|
page read and write
|
||
|
3368000
|
trusted library allocation
|
page read and write
|
||
|
70D0000
|
trusted library allocation
|
page read and write
|
||
|
71F0000
|
trusted library allocation
|
page read and write
|
||
|
6EFA000
|
heap
|
page read and write
|
||
|
6EDF000
|
heap
|
page read and write
|
||
|
6020000
|
heap
|
page read and write
|
||
|
3F7A000
|
trusted library allocation
|
page read and write
|
||
|
55F1000
|
trusted library allocation
|
page read and write
|
||
|
446000
|
remote allocation
|
page execute and read and write
|
||
|
611D000
|
heap
|
page read and write
|
||
|
A91000
|
unkown
|
page execute read
|
||
|
414B000
|
trusted library allocation
|
page read and write
|
||
|
AA4000
|
unkown
|
page readonly
|
||
|
5570000
|
trusted library allocation
|
page read and write
|
||
|
33E7000
|
trusted library allocation
|
page read and write
|
||
|
53B4000
|
trusted library allocation
|
page read and write
|
||
|
40CB000
|
trusted library allocation
|
page read and write
|
||
|
3462000
|
trusted library allocation
|
page read and write
|
||
|
5600000
|
heap
|
page read and write
|
||
|
111E000
|
stack
|
page read and write
|
||
|
70F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
30EA000
|
trusted library allocation
|
page read and write
|
||
|
5705000
|
trusted library allocation
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
34EC000
|
trusted library allocation
|
page read and write
|
||
|
5970000
|
trusted library allocation
|
page execute and read and write
|
||
|
B82000
|
unkown
|
page write copy
|
||
|
1317000
|
trusted library allocation
|
page execute and read and write
|
||
|
6DA000
|
heap
|
page read and write
|
||
|
4124000
|
trusted library allocation
|
page read and write
|
||
|
41BA000
|
trusted library allocation
|
page read and write
|
||
|
408F000
|
trusted library allocation
|
page read and write
|
||
|
5443000
|
heap
|
page execute and read and write
|
||
|
55B2000
|
trusted library allocation
|
page read and write
|
||
|
3FE2000
|
trusted library allocation
|
page read and write
|
||
|
71D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
12F2000
|
trusted library allocation
|
page read and write
|
||
|
4169000
|
trusted library allocation
|
page read and write
|
||
|
55C1000
|
trusted library allocation
|
page read and write
|
||
|
4263000
|
trusted library allocation
|
page read and write
|
||
|
AEE000
|
unkown
|
page read and write
|
||
|
5410000
|
trusted library allocation
|
page read and write
|
||
|
6E98000
|
heap
|
page read and write
|
||
|
60E5000
|
heap
|
page read and write
|
||
|
570B000
|
trusted library allocation
|
page read and write
|
||
|
5950000
|
trusted library allocation
|
page read and write
|
||
|
12BE000
|
stack
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
34BD000
|
trusted library allocation
|
page read and write
|
||
|
6EB8000
|
heap
|
page read and write
|
||
|
60B2000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
4070000
|
trusted library allocation
|
page read and write
|
||
|
3475000
|
trusted library allocation
|
page read and write
|
||
|
6F09000
|
heap
|
page read and write
|
||
|
432000
|
remote allocation
|
page execute and read and write
|
||
|
557A000
|
trusted library allocation
|
page read and write
|
||
|
3FC4000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
trusted library allocation
|
page read and write
|
||
|
60A9000
|
heap
|
page read and write
|
||
|
312F000
|
trusted library allocation
|
page read and write
|
||
|
404A000
|
trusted library allocation
|
page read and write
|
||
|
3FDD000
|
trusted library allocation
|
page read and write
|
||
|
2FB3000
|
trusted library allocation
|
page read and write
|
||
|
71B4000
|
trusted library allocation
|
page read and write
|
||
|
6F37000
|
heap
|
page read and write
|
||
|
60F4000
|
heap
|
page read and write
|
||
|
60CF000
|
heap
|
page read and write
|
||
|
413B000
|
trusted library allocation
|
page read and write
|
||
|
6107000
|
heap
|
page read and write
|
||
|
340A000
|
trusted library allocation
|
page read and write
|
||
|
34BB000
|
trusted library allocation
|
page read and write
|
||
|
772E000
|
stack
|
page read and write
|
||
|
4136000
|
trusted library allocation
|
page read and write
|
||
|
59CE000
|
stack
|
page read and write
|
||
|
34A4000
|
trusted library allocation
|
page read and write
|
||
|
611A000
|
heap
|
page read and write
|
||
|
53F0000
|
trusted library allocation
|
page read and write
|
||
|
55E0000
|
trusted library allocation
|
page read and write
|
||
|
12F0000
|
trusted library allocation
|
page read and write
|
||
|
40D3000
|
trusted library allocation
|
page read and write
|
||
|
55A1000
|
trusted library allocation
|
page read and write
|
||
|
6F5F000
|
heap
|
page read and write
|
||
|
3EC6000
|
trusted library allocation
|
page read and write
|
||
|
2F6D000
|
trusted library allocation
|
page read and write
|
||
|
40CE000
|
trusted library allocation
|
page read and write
|
||
|
54A0000
|
trusted library allocation
|
page read and write
|
||
|
5770000
|
trusted library allocation
|
page read and write
|
||
|
30E2000
|
trusted library allocation
|
page read and write
|
||
|
1DD000
|
stack
|
page read and write
|
||
|
715E000
|
stack
|
page read and write
|
||
|
3E8F000
|
trusted library allocation
|
page read and write
|
||
|
621E000
|
stack
|
page read and write
|
||
|
33B7000
|
trusted library allocation
|
page read and write
|
||
|
75AE000
|
stack
|
page read and write
|
||
|
6460000
|
trusted library allocation
|
page execute and read and write
|
||
|
5490000
|
heap
|
page read and write
|
||
|
70BF000
|
trusted library allocation
|
page read and write
|
||
|
3F9E000
|
trusted library allocation
|
page read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
60C5000
|
heap
|
page read and write
|
||
|
A90000
|
unkown
|
page readonly
|
||
|
786E000
|
stack
|
page read and write
|
||
|
4175000
|
trusted library allocation
|
page read and write
|
||
|
5940000
|
trusted library allocation
|
page execute and read and write
|
||
|
55CA000
|
trusted library allocation
|
page read and write
|
||
|
57A0000
|
trusted library allocation
|
page read and write
|
||
|
3EAA000
|
trusted library allocation
|
page read and write
|
||
|
3FE7000
|
trusted library allocation
|
page read and write
|
||
|
55A6000
|
trusted library allocation
|
page read and write
|
||
|
41AE000
|
trusted library allocation
|
page read and write
|
||
|
4E88000
|
trusted library allocation
|
page read and write
|
||
|
3FF2000
|
trusted library allocation
|
page read and write
|
||
|
71E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3405000
|
trusted library allocation
|
page read and write
|
||
|
5960000
|
trusted library allocation
|
page read and write
|
||
|
6E67000
|
trusted library allocation
|
page read and write
|
||
|
3422000
|
trusted library allocation
|
page read and write
|
||
|
53CE000
|
trusted library allocation
|
page read and write
|
||
|
437000
|
remote allocation
|
page execute and read and write
|
||
|
4234000
|
trusted library allocation
|
page read and write
|
||
|
134E000
|
heap
|
page read and write
|
||
|
3326000
|
trusted library allocation
|
page read and write
|
||
|
3400000
|
trusted library allocation
|
page read and write
|
||
|
B82000
|
unkown
|
page write copy
|
||
|
6E5C000
|
stack
|
page read and write
|
||
|
3EE2000
|
trusted library allocation
|
page read and write
|
||
|
33CD000
|
trusted library allocation
|
page read and write
|
||
|
40BC000
|
trusted library allocation
|
page read and write
|
||
|
3EBA000
|
trusted library allocation
|
page read and write
|
||
|
1315000
|
trusted library allocation
|
page execute and read and write
|
||
|
40C0000
|
trusted library allocation
|
page read and write
|
||
|
641E000
|
stack
|
page read and write
|
||
|
409F000
|
trusted library allocation
|
page read and write
|
||
|
ADF000
|
unkown
|
page read and write
|
||
|
4103000
|
trusted library allocation
|
page read and write
|
||
|
5800000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D6C000
|
stack
|
page read and write
|
||
|
4203000
|
trusted library allocation
|
page read and write
|
||
|
3FAA000
|
trusted library allocation
|
page read and write
|
||
|
41C7000
|
trusted library allocation
|
page read and write
|
||
|
55D0000
|
trusted library allocation
|
page read and write
|
||
|
FF480000
|
trusted library allocation
|
page execute and read and write
|
||
|
3331000
|
trusted library allocation
|
page read and write
|
||
|
3EB0000
|
trusted library allocation
|
page read and write
|
||
|
4010000
|
trusted library allocation
|
page read and write
|
||
|
5710000
|
trusted library allocation
|
page read and write
|
||
|
AFB000
|
unkown
|
page write copy
|
||
|
351E000
|
trusted library allocation
|
page read and write
|
||
|
6E76000
|
heap
|
page read and write
|
||
|
40D8000
|
trusted library allocation
|
page read and write
|
||
|
AA4000
|
unkown
|
page readonly
|
||
|
12FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
6040000
|
heap
|
page read and write
|
||
|
53D1000
|
trusted library allocation
|
page read and write
|
||
|
AF8000
|
unkown
|
page readonly
|
||
|
33AE000
|
trusted library allocation
|
page read and write
|
||
|
67E000
|
stack
|
page read and write
|
||
|
70B5000
|
trusted library allocation
|
page read and write
|
||
|
55BE000
|
trusted library allocation
|
page read and write
|
||
|
53BB000
|
trusted library allocation
|
page read and write
|
||
|
5420000
|
trusted library allocation
|
page read and write
|
||
|
13EF000
|
heap
|
page read and write
|
||
|
6F4C000
|
heap
|
page read and write
|
||
|
5440000
|
heap
|
page execute and read and write
|
||
|
60AF000
|
heap
|
page read and write
|
||
|
40B6000
|
trusted library allocation
|
page read and write
|
||
|
9CF000
|
stack
|
page read and write
|
||
|
1310000
|
trusted library allocation
|
page read and write
|
There are 394 hidden memdumps, click here to show them.