Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
YPcqnc0z06.js
|
ASCII text, with very long lines (64506)
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\oqljufxb.txt
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
|
|
|
C:\ProgramData\Oracle\Java\.oracle_jre_usage\b5820291038aa69c.timestamp
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\hsperfdata_user\1900
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2246122658-3693405117-2476756634-1002\83aa4cc77f591dfc2374580bbd95f6ba_9e146be9-c76a-4720-bcdb-53011b87bd06
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\YPcqnc0z06.js"
|
|
|
|
C:\Program Files (x86)\Java\jre-1.8\bin\javaw.exe
|
"C:\Program Files (x86)\Java\jre-1.8\bin\javaw.exe" -jar "C:\Users\user\AppData\Roaming\oqljufxb.txt"
|
|
|
|
C:\Windows\SysWOW64\icacls.exe
|
C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://wshsoft.company/jv/jrex.zip
|
unknown
|
|
|
|
http://crl.xrampsecurity.com/XGCA.crl
|
unknown
|
||
|
http://wshsoft.company/jv/jrex.zipcZX
|
unknown
|
||
|
https://repo1.maven.org/maven2/net/java/dev/jna/jna-platform/5.5.0/jna-platform-5.5.0.jar
|
unknown
|
||
|
http://crl.chambersign.org/chambersroot.crl0
|
unknown
|
||
|
https://github.com
|
unknown
|
||
|
https://repo1.maven.org/maven2/net/java/dev/jna/jna/5.5.0/jna-5.5.0.jarP
|
unknown
|
||
|
https://repository.luxtrust.lu0
|
unknown
|
||
|
http://bugreport.sun.com/bugreport/
|
unknown
|
||
|
http://cps.chambersign.org/cps/chambersroot.html0
|
unknown
|
||
|
http://java.oracle.com/
|
unknown
|
||
|
http://null.oracle.com/
|
unknown
|
||
|
http://www.chambersign.org1
|
unknown
|
||
|
https://repo1.maven.org/maven2/net/java/dev/jna/jna/5.5.0/jna-5.5.0.jarh
|
unknown
|
||
|
http://repository.swisssign.com/0
|
unknown
|
||
|
https://repo1.maven.org/maven2/net/java/dev/jna/jna/5.5.0/jna-5.5.0.jar
|
unknown
|
||
|
http://policy.camerfirma.com
|
unknown
|
||
|
https://ocsp.quovadisoffshore.com
|
unknown
|
||
|
https://repo1.maven.org/maven2/org/xerial/sqlite-jdbc/3.14.2.1/sqlite-jdbc-3.14.2.1.jar
|
unknown
|
||
|
http://crl.securetrust.com/STCA.crl0
|
unknown
|
||
|
http://www.quovadisglobal.com/cps
|
unknown
|
||
|
http://cps.chambersign.org/cps/chambersroot.html
|
unknown
|
||
|
http://crl.securetrust.com/STCA.crl
|
unknown
|
||
|
https://repo1.maven.org
|
unknown
|
||
|
https://repository.luxtrust.lu
|
unknown
|
||
|
http://www.quovadisglobal.com/cps0
|
unknown
|
||
|
https://repo1.maven.org/maven2/org/xerial/sqlite-jdbc/3.14.2.1/sqlite-jdbc-3.14.2.1.jarar
|
unknown
|
||
|
http://crl.xrampsecurity.com/XGCA.crl0
|
unknown
|
||
|
http://www.quovadis.bm
|
unknown
|
||
|
http://www.quovadis.bm0
|
unknown
|
||
|
https://repo1.maven.org/maven2/net/java/dev/jna/jna/5.5.0/jna-5.5.0.jarH
|
unknown
|
||
|
https://ocsp.quovadisoffshore.com0
|
unknown
|
||
|
http://www.allatori.com
|
unknown
|
||
|
http://crl.chambersign.org/chambersroot.crl
|
unknown
|
||
|
http://repository.swisssign.com/
|
unknown
|
||
|
http://www.chambersign.org
|
unknown
|
||
|
https://github.com/kristian/system-hook/releases/download/3.5/system-hook-3.5.jar
|
unknown
|
||
|
http://policy.camerfirma.com0
|
unknown
|
There are 28 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
github.com
|
140.82.121.4
|
||
|
dualstack.sonatype.map.fastly.net
|
199.232.196.209
|
||
|
repo1.maven.org
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
199.232.192.209
|
unknown
|
United States
|
||
|
140.82.121.3
|
unknown
|
United States
|
||
|
140.82.121.4
|
github.com
|
United States
|
||
|
199.232.196.209
|
dualstack.sonatype.map.fastly.net
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\wscript.exe
|
JScriptSetScriptStateStarted
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
24FD4FEC000
|
heap
|
page read and write
|
|
|
|
A363000
|
trusted library allocation
|
page read and write
|
|
|
|
A395000
|
trusted library allocation
|
page read and write
|
|
|
|
A369000
|
trusted library allocation
|
page read and write
|
|
|
|
51F4000
|
trusted library allocation
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
A5A4000
|
trusted library allocation
|
page read and write
|
||
|
A886000
|
trusted library allocation
|
page read and write
|
||
|
24FD5078000
|
heap
|
page read and write
|
||
|
24FD5063000
|
heap
|
page read and write
|
||
|
24FD47E0000
|
heap
|
page read and write
|
||
|
5091000
|
trusted library allocation
|
page read and write
|
||
|
A6E8000
|
trusted library allocation
|
page read and write
|
||
|
158DB000
|
heap
|
page read and write
|
||
|
24FD2D90000
|
heap
|
page read and write
|
||
|
A747000
|
trusted library allocation
|
page read and write
|
||
|
A75D000
|
trusted library allocation
|
page read and write
|
||
|
A989000
|
trusted library allocation
|
page read and write
|
||
|
158BB000
|
heap
|
page read and write
|
||
|
A95E000
|
trusted library allocation
|
page read and write
|
||
|
50BA000
|
trusted library allocation
|
page read and write
|
||
|
59F000
|
stack
|
page read and write
|
||
|
5085000
|
trusted library allocation
|
page read and write
|
||
|
A81C000
|
trusted library allocation
|
page read and write
|
||
|
410000
|
heap
|
page read and write
|
||
|
159B0000
|
heap
|
page read and write
|
||
|
24FD4DDA000
|
heap
|
page read and write
|
||
|
158EE000
|
heap
|
page read and write
|
||
|
15982000
|
heap
|
page read and write
|
||
|
A855000
|
trusted library allocation
|
page read and write
|
||
|
24FD53F0000
|
heap
|
page read and write
|
||
|
159C8000
|
heap
|
page read and write
|
||
|
52A6000
|
trusted library allocation
|
page read and write
|
||
|
A422000
|
trusted library allocation
|
page read and write
|
||
|
501C000
|
trusted library allocation
|
page read and write
|
||
|
2648000
|
heap
|
page read and write
|
||
|
5341000
|
trusted library allocation
|
page read and write
|
||
|
514D000
|
trusted library allocation
|
page read and write
|
||
|
24FD5028000
|
heap
|
page read and write
|
||
|
2BF8000
|
unkown
|
page read and write
|
||
|
24FD2E74000
|
heap
|
page read and write
|
||
|
24FD5037000
|
heap
|
page read and write
|
||
|
502D000
|
trusted library allocation
|
page read and write
|
||
|
24FD4DC1000
|
heap
|
page read and write
|
||
|
158DB000
|
heap
|
page read and write
|
||
|
24FD5008000
|
heap
|
page read and write
|
||
|
159C8000
|
heap
|
page read and write
|
||
|
A9B1000
|
trusted library allocation
|
page read and write
|
||
|
5184000
|
trusted library allocation
|
page read and write
|
||
|
A9E2000
|
trusted library allocation
|
page read and write
|
||
|
24FD503F000
|
heap
|
page read and write
|
||
|
24FD5022000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
15E79000
|
unkown
|
page read and write
|
||
|
1541E000
|
unkown
|
page read and write
|
||
|
24FD4DFC000
|
heap
|
page read and write
|
||
|
159E4000
|
heap
|
page read and write
|
||
|
DBC000
|
stack
|
page read and write
|
||
|
1696F000
|
stack
|
page read and write
|
||
|
5235000
|
trusted library allocation
|
page read and write
|
||
|
1691E000
|
stack
|
page read and write
|
||
|
24FD2E6A000
|
heap
|
page read and write
|
||
|
24FD5025000
|
heap
|
page read and write
|
||
|
A958000
|
trusted library allocation
|
page read and write
|
||
|
52C2000
|
trusted library allocation
|
page read and write
|
||
|
159C8000
|
heap
|
page read and write
|
||
|
24FD4DFC000
|
heap
|
page read and write
|
||
|
A70D000
|
trusted library allocation
|
page read and write
|
||
|
24FD506B000
|
heap
|
page read and write
|
||
|
24FD5A70000
|
heap
|
page read and write
|
||
|
24FD515B000
|
heap
|
page read and write
|
||
|
A783000
|
trusted library allocation
|
page read and write
|
||
|
A8A1000
|
trusted library allocation
|
page read and write
|
||
|
534F000
|
trusted library allocation
|
page read and write
|
||
|
87D49A1000
|
stack
|
page read and write
|
||
|
24FD2E8E000
|
heap
|
page read and write
|
||
|
A772000
|
trusted library allocation
|
page read and write
|
||
|
24FD5159000
|
heap
|
page read and write
|
||
|
A871000
|
trusted library allocation
|
page read and write
|
||
|
24FD4F1F000
|
heap
|
page read and write
|
||
|
A676000
|
trusted library allocation
|
page read and write
|
||
|
24FD4DD0000
|
heap
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
15545000
|
heap
|
page read and write
|
||
|
24FD2E8E000
|
heap
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
1318000
|
heap
|
page read and write
|
||
|
24FD4DC1000
|
heap
|
page read and write
|
||
|
A40B000
|
trusted library allocation
|
page read and write
|
||
|
159C5000
|
heap
|
page read and write
|
||
|
15891000
|
heap
|
page read and write
|
||
|
87D4DFE000
|
stack
|
page read and write
|
||
|
1593D000
|
heap
|
page read and write
|
||
|
A8C0000
|
trusted library allocation
|
page read and write
|
||
|
159C8000
|
heap
|
page read and write
|
||
|
4EC9000
|
trusted library allocation
|
page read and write
|
||
|
A8BD000
|
trusted library allocation
|
page read and write
|
||
|
A7A0000
|
trusted library allocation
|
page read and write
|
||
|
276E000
|
stack
|
page read and write
|
||
|
A4FE000
|
trusted library allocation
|
page read and write
|
||
|
24FD2E7C000
|
heap
|
page read and write
|
||
|
51B6000
|
trusted library allocation
|
page read and write
|
||
|
55E000
|
stack
|
page read and write
|
||
|
24FD2DD0000
|
heap
|
page read and write
|
||
|
24FD506F000
|
heap
|
page read and write
|
||
|
159CA000
|
heap
|
page read and write
|
||
|
24FD5056000
|
heap
|
page read and write
|
||
|
50C9000
|
trusted library allocation
|
page read and write
|
||
|
24FD2E53000
|
heap
|
page read and write
|
||
|
1593D000
|
heap
|
page read and write
|
||
|
A982000
|
trusted library allocation
|
page read and write
|
||
|
A59E000
|
trusted library allocation
|
page read and write
|
||
|
A729000
|
trusted library allocation
|
page read and write
|
||
|
A8AC000
|
trusted library allocation
|
page read and write
|
||
|
A81A000
|
trusted library allocation
|
page read and write
|
||
|
A4A3000
|
trusted library allocation
|
page read and write
|
||
|
A878000
|
trusted library allocation
|
page read and write
|
||
|
24FD4C21000
|
heap
|
page read and write
|
||
|
A86A000
|
trusted library allocation
|
page read and write
|
||
|
4FED000
|
trusted library allocation
|
page read and write
|
||
|
A951000
|
trusted library allocation
|
page read and write
|
||
|
158EE000
|
heap
|
page read and write
|
||
|
24FD2E75000
|
heap
|
page read and write
|
||
|
A516000
|
trusted library allocation
|
page read and write
|
||
|
A8F4000
|
trusted library allocation
|
page read and write
|
||
|
24FD506F000
|
heap
|
page read and write
|
||
|
24FD5051000
|
heap
|
page read and write
|
||
|
A9D3000
|
trusted library allocation
|
page read and write
|
||
|
52FA000
|
trusted library allocation
|
page read and write
|
||
|
4C00000
|
trusted library allocation
|
page read and write
|
||
|
24FD5051000
|
heap
|
page read and write
|
||
|
15905000
|
heap
|
page read and write
|
||
|
24FD2E53000
|
heap
|
page read and write
|
||
|
24FD51E4000
|
heap
|
page read and write
|
||
|
1526F000
|
heap
|
page read and write
|
||
|
4F2A000
|
trusted library allocation
|
page read and write
|
||
|
14E00000
|
trusted library allocation
|
page read and write
|
||
|
24FD5063000
|
heap
|
page read and write
|
||
|
24FD47C0000
|
heap
|
page read and write
|
||
|
1629B000
|
heap
|
page read and write
|
||
|
1300000
|
unkown
|
page read and write
|
||
|
24FD2E5F000
|
heap
|
page read and write
|
||
|
52CC000
|
trusted library allocation
|
page read and write
|
||
|
24FD5021000
|
heap
|
page read and write
|
||
|
15982000
|
heap
|
page read and write
|
||
|
15A03000
|
heap
|
page read and write
|
||
|
24FD5022000
|
heap
|
page read and write
|
||
|
24FD5050000
|
heap
|
page read and write
|
||
|
24FD5051000
|
heap
|
page read and write
|
||
|
A89B000
|
trusted library allocation
|
page read and write
|
||
|
15450000
|
heap
|
page read and write
|
||
|
159C5000
|
heap
|
page read and write
|
||
|
24FD5570000
|
trusted library allocation
|
page read and write
|
||
|
159EC000
|
heap
|
page read and write
|
||
|
24FD5053000
|
heap
|
page read and write
|
||
|
2C3E000
|
trusted library allocation
|
page execute and read and write
|
||
|
24FD504A000
|
heap
|
page read and write
|
||
|
87D53FE000
|
stack
|
page read and write
|
||
|
24FD5063000
|
heap
|
page read and write
|
||
|
52DE000
|
trusted library allocation
|
page read and write
|
||
|
A76B000
|
trusted library allocation
|
page read and write
|
||
|
24FD4DFF000
|
heap
|
page read and write
|
||
|
15A83000
|
heap
|
page read and write
|
||
|
24FD2F75000
|
heap
|
page read and write
|
||
|
24FD4E1E000
|
heap
|
page read and write
|
||
|
158C2000
|
heap
|
page read and write
|
||
|
154C7000
|
heap
|
page read and write
|
||
|
24FD2E8E000
|
heap
|
page read and write
|
||
|
24FD5057000
|
heap
|
page read and write
|
||
|
159C8000
|
heap
|
page read and write
|
||
|
1165000
|
heap
|
page read and write
|
||
|
24FD4EC4000
|
heap
|
page read and write
|
||
|
A8BA000
|
trusted library allocation
|
page read and write
|
||
|
15905000
|
heap
|
page read and write
|
||
|
24FD2E53000
|
heap
|
page read and write
|
||
|
24FD507B000
|
heap
|
page read and write
|
||
|
15DEA000
|
unkown
|
page read and write
|
||
|
24FD4C25000
|
heap
|
page read and write
|
||
|
4E51000
|
trusted library allocation
|
page read and write
|
||
|
24FD2E60000
|
heap
|
page read and write
|
||
|
5301000
|
trusted library allocation
|
page read and write
|
||
|
24FD4DB6000
|
heap
|
page read and write
|
||
|
A80E000
|
trusted library allocation
|
page read and write
|
||
|
2C9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
A9E4000
|
trusted library allocation
|
page read and write
|
||
|
4EB4000
|
trusted library allocation
|
page read and write
|
||
|
A9BF000
|
trusted library allocation
|
page read and write
|
||
|
159CA000
|
heap
|
page read and write
|
||
|
1589C000
|
heap
|
page read and write
|
||
|
16D000
|
stack
|
page read and write
|
||
|
4DFE000
|
stack
|
page read and write
|
||
|
A823000
|
trusted library allocation
|
page read and write
|
||
|
159C5000
|
heap
|
page read and write
|
||
|
A9C8000
|
trusted library allocation
|
page read and write
|
||
|
15935000
|
heap
|
page read and write
|
||
|
15925000
|
heap
|
page read and write
|
||
|
1596B000
|
heap
|
page read and write
|
||
|
24FD2EB0000
|
heap
|
page read and write
|
||
|
24FD5020000
|
heap
|
page read and write
|
||
|
15546000
|
heap
|
page read and write
|
||
|
1576D000
|
unkown
|
page read and write
|
||
|
158E2000
|
heap
|
page read and write
|
||
|
87D56FB000
|
stack
|
page read and write
|
||
|
4EAB000
|
trusted library allocation
|
page read and write
|
||
|
24FD4DC5000
|
heap
|
page read and write
|
||
|
1537E000
|
unkown
|
page read and write
|
||
|
24FD506A000
|
heap
|
page read and write
|
||
|
24FD4FA6000
|
heap
|
page read and write
|
||
|
24FD2E90000
|
heap
|
page read and write
|
||
|
A735000
|
trusted library allocation
|
page read and write
|
||
|
24FD505B000
|
heap
|
page read and write
|
||
|
A9BC000
|
trusted library allocation
|
page read and write
|
||
|
24FD4DCE000
|
heap
|
page read and write
|
||
|
A73D000
|
trusted library allocation
|
page read and write
|
||
|
158A2000
|
heap
|
page read and write
|
||
|
A997000
|
trusted library allocation
|
page read and write
|
||
|
24FD4C21000
|
heap
|
page read and write
|
||
|
159CA000
|
heap
|
page read and write
|
||
|
A93A000
|
trusted library allocation
|
page read and write
|
||
|
A8B2000
|
trusted library allocation
|
page read and write
|
||
|
24FD5063000
|
heap
|
page read and write
|
||
|
24FD5021000
|
heap
|
page read and write
|
||
|
24FD5038000
|
heap
|
page read and write
|
||
|
A9CB000
|
trusted library allocation
|
page read and write
|
||
|
24FD4EC3000
|
heap
|
page read and write
|
||
|
2C53000
|
trusted library allocation
|
page execute and read and write
|
||
|
1554D000
|
heap
|
page read and write
|
||
|
A781000
|
trusted library allocation
|
page read and write
|
||
|
4F5A000
|
trusted library allocation
|
page read and write
|
||
|
A411000
|
trusted library allocation
|
page read and write
|
||
|
15982000
|
heap
|
page read and write
|
||
|
A900000
|
trusted library allocation
|
page read and write
|
||
|
1592E000
|
heap
|
page read and write
|
||
|
15930000
|
heap
|
page read and write
|
||
|
15F0A000
|
unkown
|
page read and write
|
||
|
157FE000
|
unkown
|
page read and write
|
||
|
162B2000
|
heap
|
page read and write
|
||
|
50F3000
|
trusted library allocation
|
page read and write
|
||
|
533A000
|
trusted library allocation
|
page read and write
|
||
|
15A0C000
|
heap
|
page read and write
|
||
|
15982000
|
heap
|
page read and write
|
||
|
24FD5047000
|
heap
|
page read and write
|
||
|
A350000
|
trusted library allocation
|
page read and write
|
||
|
24FD502B000
|
heap
|
page read and write
|
||
|
24FD506F000
|
heap
|
page read and write
|
||
|
154D7000
|
heap
|
page read and write
|
||
|
24FD2E62000
|
heap
|
page read and write
|
||
|
24FD5029000
|
heap
|
page read and write
|
||
|
159C5000
|
heap
|
page read and write
|
||
|
516D000
|
trusted library allocation
|
page read and write
|
||
|
27AF000
|
stack
|
page read and write
|
||
|
4EA1000
|
trusted library allocation
|
page read and write
|
||
|
24FD51E4000
|
heap
|
page read and write
|
||
|
523C000
|
trusted library allocation
|
page read and write
|
||
|
24FD5056000
|
heap
|
page read and write
|
||
|
A85C000
|
trusted library allocation
|
page read and write
|
||
|
15D9D000
|
stack
|
page read and write
|
||
|
24FD4FA6000
|
heap
|
page read and write
|
||
|
52AD000
|
trusted library allocation
|
page read and write
|
||
|
24FD4C33000
|
heap
|
page read and write
|
||
|
1583D000
|
stack
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
24FD4FA6000
|
heap
|
page read and write
|
||
|
A8AF000
|
trusted library allocation
|
page read and write
|
||
|
5333000
|
trusted library allocation
|
page read and write
|
||
|
24FD5024000
|
heap
|
page read and write
|
||
|
24FD5050000
|
heap
|
page read and write
|
||
|
15982000
|
heap
|
page read and write
|
||
|
A9AE000
|
trusted library allocation
|
page read and write
|
||
|
A713000
|
trusted library allocation
|
page read and write
|
||
|
159C8000
|
heap
|
page read and write
|
||
|
1551A000
|
heap
|
page read and write
|
||
|
5348000
|
trusted library allocation
|
page read and write
|
||
|
1593D000
|
heap
|
page read and write
|
||
|
24FD5A84000
|
heap
|
page read and write
|
||
|
A50B000
|
trusted library allocation
|
page read and write
|
||
|
24FD4780000
|
heap
|
page read and write
|
||
|
A91A000
|
trusted library allocation
|
page read and write
|
||
|
24FD5085000
|
heap
|
page read and write
|
||
|
24FD4DC1000
|
heap
|
page read and write
|
||
|
5268000
|
trusted library allocation
|
page read and write
|
||
|
A5A2000
|
trusted library allocation
|
page read and write
|
||
|
1568D000
|
stack
|
page read and write
|
||
|
16270000
|
heap
|
page read and write
|
||
|
24FD4E12000
|
heap
|
page read and write
|
||
|
24FD2F70000
|
heap
|
page read and write
|
||
|
532B000
|
trusted library allocation
|
page read and write
|
||
|
24FD506F000
|
heap
|
page read and write
|
||
|
A9C2000
|
trusted library allocation
|
page read and write
|
||
|
15982000
|
heap
|
page read and write
|
||
|
A9B4000
|
trusted library allocation
|
page read and write
|
||
|
A9C5000
|
trusted library allocation
|
page read and write
|
||
|
A8B5000
|
trusted library allocation
|
page read and write
|
||
|
52E6000
|
trusted library allocation
|
page read and write
|
||
|
A84E000
|
trusted library allocation
|
page read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
2638000
|
heap
|
page read and write
|
||
|
154C7000
|
heap
|
page read and write
|
||
|
A788000
|
trusted library allocation
|
page read and write
|
||
|
4F86000
|
trusted library allocation
|
page read and write
|
||
|
159FC000
|
heap
|
page read and write
|
||
|
24FD5003000
|
heap
|
page read and write
|
||
|
24FD2E8E000
|
heap
|
page read and write
|
||
|
1532D000
|
stack
|
page read and write
|
||
|
524F000
|
trusted library allocation
|
page read and write
|
||
|
A9CD000
|
trusted library allocation
|
page read and write
|
||
|
24FD5970000
|
heap
|
page read and write
|
||
|
A89E000
|
trusted library allocation
|
page read and write
|
||
|
A8EE000
|
trusted library allocation
|
page read and write
|
||
|
514B000
|
trusted library allocation
|
page read and write
|
||
|
15A0C000
|
heap
|
page read and write
|
||
|
A776000
|
trusted library allocation
|
page read and write
|
||
|
24FD5085000
|
heap
|
page read and write
|
||
|
1280000
|
heap
|
page read and write
|
||
|
A908000
|
trusted library allocation
|
page read and write
|
||
|
24FD5008000
|
heap
|
page read and write
|
||
|
15C20000
|
trusted library allocation
|
page read and write
|
||
|
A743000
|
trusted library allocation
|
page read and write
|
||
|
A9DC000
|
trusted library allocation
|
page read and write
|
||
|
A404000
|
trusted library allocation
|
page read and write
|
||
|
5228000
|
trusted library allocation
|
page read and write
|
||
|
1550A000
|
heap
|
page read and write
|
||
|
24FD5069000
|
heap
|
page read and write
|
||
|
24FD4FA6000
|
heap
|
page read and write
|
||
|
2CA4000
|
trusted library allocation
|
page execute and read and write
|
||
|
1598D000
|
heap
|
page read and write
|
||
|
16276000
|
heap
|
page read and write
|
||
|
A8A3000
|
trusted library allocation
|
page read and write
|
||
|
1551A000
|
heap
|
page read and write
|
||
|
A8E8000
|
trusted library allocation
|
page read and write
|
||
|
A74E000
|
trusted library allocation
|
page read and write
|
||
|
16750000
|
trusted library allocation
|
page read and write
|
||
|
24FD4FA8000
|
heap
|
page read and write
|
||
|
24FD2E7C000
|
heap
|
page read and write
|
||
|
15905000
|
heap
|
page read and write
|
||
|
52C9000
|
trusted library allocation
|
page read and write
|
||
|
154C7000
|
heap
|
page read and write
|
||
|
154D7000
|
heap
|
page read and write
|
||
|
15890000
|
heap
|
page read and write
|
||
|
A966000
|
trusted library allocation
|
page read and write
|
||
|
24FD4C26000
|
heap
|
page read and write
|
||
|
24FD5158000
|
heap
|
page read and write
|
||
|
4E9F000
|
trusted library allocation
|
page read and write
|
||
|
A92B000
|
trusted library allocation
|
page read and write
|
||
|
154B8000
|
heap
|
page read and write
|
||
|
87D54FD000
|
stack
|
page read and write
|
||
|
A949000
|
trusted library allocation
|
page read and write
|
||
|
A505000
|
trusted library allocation
|
page read and write
|
||
|
1591E000
|
heap
|
page read and write
|
||
|
A895000
|
trusted library allocation
|
page read and write
|
||
|
15986000
|
heap
|
page read and write
|
||
|
A739000
|
trusted library allocation
|
page read and write
|
||
|
24FD5085000
|
heap
|
page read and write
|
||
|
162BB000
|
heap
|
page read and write
|
||
|
1595A000
|
heap
|
page read and write
|
||
|
158DB000
|
heap
|
page read and write
|
||
|
24FD4CA0000
|
heap
|
page read and write
|
||
|
24FD503F000
|
heap
|
page read and write
|
||
|
1325000
|
heap
|
page read and write
|
||
|
5271000
|
trusted library allocation
|
page read and write
|
||
|
2C42000
|
trusted library allocation
|
page execute and read and write
|
||
|
52FC000
|
trusted library allocation
|
page read and write
|
||
|
24FD4DC9000
|
heap
|
page read and write
|
||
|
A6FA000
|
trusted library allocation
|
page read and write
|
||
|
159CA000
|
heap
|
page read and write
|
||
|
A77D000
|
trusted library allocation
|
page read and write
|
||
|
4F69000
|
trusted library allocation
|
page read and write
|
||
|
24FD2E69000
|
heap
|
page read and write
|
||
|
24FD4DB6000
|
heap
|
page read and write
|
||
|
159F4000
|
heap
|
page read and write
|
||
|
24FD5061000
|
heap
|
page read and write
|
||
|
24FD2E6E000
|
heap
|
page read and write
|
||
|
87D49A7000
|
stack
|
page read and write
|
||
|
A947000
|
trusted library allocation
|
page read and write
|
||
|
A5A0000
|
trusted library allocation
|
page read and write
|
||
|
15A33000
|
heap
|
page read and write
|
||
|
168DF000
|
stack
|
page read and write
|
||
|
12CD000
|
stack
|
page read and write
|
||
|
A8A9000
|
trusted library allocation
|
page read and write
|
||
|
A941000
|
trusted library allocation
|
page read and write
|
||
|
1688E000
|
stack
|
page read and write
|
||
|
A840000
|
trusted library allocation
|
page read and write
|
||
|
A892000
|
trusted library allocation
|
page read and write
|
||
|
13C3000
|
heap
|
page read and write
|
||
|
24FD4770000
|
heap
|
page read and write
|
||
|
15E2D000
|
stack
|
page read and write
|
||
|
24FD2DCF000
|
heap
|
page read and write
|
||
|
24FD2E50000
|
heap
|
page read and write
|
||
|
A97B000
|
trusted library allocation
|
page read and write
|
||
|
A790000
|
trusted library allocation
|
page read and write
|
||
|
A3FA000
|
trusted library allocation
|
page read and write
|
||
|
4E24000
|
trusted library allocation
|
page read and write
|
||
|
24FD2E6B000
|
heap
|
page read and write
|
||
|
87D4EFE000
|
stack
|
page read and write
|
||
|
24FD2E66000
|
heap
|
page read and write
|
||
|
24FD4790000
|
heap
|
page read and write
|
||
|
24FD4E21000
|
heap
|
page read and write
|
||
|
5129000
|
trusted library allocation
|
page read and write
|
||
|
A752000
|
trusted library allocation
|
page read and write
|
||
|
A8C3000
|
trusted library allocation
|
page read and write
|
||
|
24FD504D000
|
heap
|
page read and write
|
||
|
4F62000
|
trusted library allocation
|
page read and write
|
||
|
A87F000
|
trusted library allocation
|
page read and write
|
||
|
4F28000
|
trusted library allocation
|
page read and write
|
||
|
24FD4F37000
|
heap
|
page read and write
|
||
|
5025000
|
trusted library allocation
|
page read and write
|
||
|
A756000
|
trusted library allocation
|
page read and write
|
||
|
4DAD000
|
stack
|
page read and write
|
||
|
52BB000
|
trusted library allocation
|
page read and write
|
||
|
15EBD000
|
stack
|
page read and write
|
||
|
A88F000
|
trusted library allocation
|
page read and write
|
||
|
5023000
|
trusted library allocation
|
page read and write
|
||
|
24FD5058000
|
heap
|
page read and write
|
||
|
24FD5008000
|
heap
|
page read and write
|
||
|
A6D5000
|
trusted library allocation
|
page read and write
|
||
|
D6C000
|
stack
|
page read and write
|
||
|
24FD2E8E000
|
heap
|
page read and write
|
||
|
24FD51E4000
|
heap
|
page read and write
|
||
|
A8FA000
|
trusted library allocation
|
page read and write
|
||
|
A4BB000
|
trusted library allocation
|
page read and write
|
||
|
154CE000
|
heap
|
page read and write
|
||
|
159C5000
|
heap
|
page read and write
|
||
|
531E000
|
trusted library allocation
|
page read and write
|
||
|
52FE000
|
trusted library allocation
|
page read and write
|
||
|
52EE000
|
trusted library allocation
|
page read and write
|
||
|
24FD4DBC000
|
heap
|
page read and write
|
||
|
5014000
|
trusted library allocation
|
page read and write
|
||
|
24FD4DB7000
|
heap
|
page read and write
|
||
|
162A2000
|
heap
|
page read and write
|
||
|
24FD4D20000
|
heap
|
page read and write
|
||
|
4D10000
|
trusted library allocation
|
page read and write
|
||
|
24FD2E3A000
|
heap
|
page read and write
|
||
|
1592E000
|
heap
|
page read and write
|
||
|
A990000
|
trusted library allocation
|
page read and write
|
||
|
A723000
|
trusted library allocation
|
page read and write
|
||
|
A4EE000
|
trusted library allocation
|
page read and write
|
||
|
158F5000
|
heap
|
page read and write
|
||
|
159CA000
|
heap
|
page read and write
|
||
|
15BD0000
|
trusted library allocation
|
page read and write
|
||
|
A4AA000
|
trusted library allocation
|
page read and write
|
||
|
A799000
|
trusted library allocation
|
page read and write
|
||
|
A9D9000
|
trusted library allocation
|
page read and write
|
||
|
24FD4F63000
|
heap
|
page read and write
|
||
|
A703000
|
trusted library allocation
|
page read and write
|
||
|
24FD4D21000
|
heap
|
page read and write
|
||
|
5293000
|
trusted library allocation
|
page read and write
|
||
|
24FD5067000
|
heap
|
page read and write
|
||
|
A8A6000
|
trusted library allocation
|
page read and write
|
||
|
24FD4C20000
|
heap
|
page read and write
|
||
|
526A000
|
trusted library allocation
|
page read and write
|
||
|
24FD2E3A000
|
heap
|
page read and write
|
||
|
24FD2CB0000
|
heap
|
page read and write
|
||
|
24FD4EC3000
|
heap
|
page read and write
|
||
|
1592E000
|
heap
|
page read and write
|
||
|
A4F4000
|
trusted library allocation
|
page read and write
|
||
|
5175000
|
trusted library allocation
|
page read and write
|
||
|
24FD2E51000
|
heap
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
15982000
|
heap
|
page read and write
|
||
|
24FD2E53000
|
heap
|
page read and write
|
||
|
A839000
|
trusted library allocation
|
page read and write
|
||
|
157AD000
|
stack
|
page read and write
|
||
|
A933000
|
trusted library allocation
|
page read and write
|
||
|
24FD5085000
|
heap
|
page read and write
|
||
|
A9B6000
|
trusted library allocation
|
page read and write
|
||
|
15545000
|
heap
|
page read and write
|
||
|
4E00000
|
trusted library allocation
|
page read and write
|
||
|
A767000
|
trusted library allocation
|
page read and write
|
||
|
15A03000
|
heap
|
page read and write
|
||
|
24FD502C000
|
heap
|
page read and write
|
||
|
4F73000
|
trusted library allocation
|
page read and write
|
||
|
2C96000
|
trusted library allocation
|
page execute and read and write
|
||
|
162AB000
|
heap
|
page read and write
|
||
|
4E9B000
|
trusted library allocation
|
page read and write
|
||
|
A808000
|
trusted library allocation
|
page read and write
|
||
|
1598F000
|
heap
|
page read and write
|
||
|
50B2000
|
trusted library allocation
|
page read and write
|
||
|
15A13000
|
heap
|
page read and write
|
||
|
152EE000
|
unkown
|
page read and write
|
||
|
A813000
|
trusted library allocation
|
page read and write
|
||
|
159AB000
|
heap
|
page read and write
|
||
|
24FD5560000
|
heap
|
page read and write
|
||
|
517C000
|
trusted library allocation
|
page read and write
|
||
|
24FD4D8A000
|
heap
|
page read and write
|
||
|
24FD5064000
|
heap
|
page read and write
|
||
|
15935000
|
heap
|
page read and write
|
||
|
16250000
|
heap
|
page read and write
|
||
|
2630000
|
heap
|
page read and write
|
||
|
A96D000
|
trusted library allocation
|
page read and write
|
||
|
2C00000
|
trusted library allocation
|
page execute and read and write
|
||
|
A427000
|
trusted library allocation
|
page read and write
|
||
|
24FD4E20000
|
heap
|
page read and write
|
||
|
24FD503B000
|
heap
|
page read and write
|
||
|
24FD4CBB000
|
heap
|
page read and write
|
||
|
2C3A000
|
trusted library allocation
|
page execute and read and write
|
||
|
87D52FF000
|
stack
|
page read and write
|
||
|
24FD4DC4000
|
heap
|
page read and write
|
||
|
15905000
|
heap
|
page read and write
|
||
|
24FD5064000
|
heap
|
page read and write
|
||
|
15545000
|
heap
|
page read and write
|
||
|
24FD2E8E000
|
heap
|
page read and write
|
||
|
15905000
|
heap
|
page read and write
|
||
|
24FD5085000
|
heap
|
page read and write
|
||
|
518C000
|
trusted library allocation
|
page read and write
|
||
|
A9B9000
|
trusted library allocation
|
page read and write
|
||
|
24FD5041000
|
heap
|
page read and write
|
||
|
5201000
|
trusted library allocation
|
page read and write
|
||
|
525B000
|
trusted library allocation
|
page read and write
|
||
|
A831000
|
trusted library allocation
|
page read and write
|
||
|
24FD5085000
|
heap
|
page read and write
|
||
|
A93F000
|
trusted library allocation
|
page read and write
|
||
|
24FD5041000
|
heap
|
page read and write
|
||
|
24FD4C21000
|
heap
|
page read and write
|
||
|
1AD000
|
stack
|
page read and write
|
||
|
52CF000
|
trusted library allocation
|
page read and write
|
||
|
15A2C000
|
heap
|
page read and write
|
||
|
87D50FE000
|
stack
|
page read and write
|
||
|
24FD4C21000
|
heap
|
page read and write
|
||
|
24FD5310000
|
heap
|
page read and write
|
||
|
A6DB000
|
trusted library allocation
|
page read and write
|
||
|
A863000
|
trusted library allocation
|
page read and write
|
||
|
1588E000
|
stack
|
page read and write
|
||
|
15986000
|
heap
|
page read and write
|
||
|
15986000
|
heap
|
page read and write
|
||
|
A82A000
|
trusted library allocation
|
page read and write
|
||
|
24FD5085000
|
heap
|
page read and write
|
||
|
87D51FF000
|
stack
|
page read and write
|
||
|
159C5000
|
heap
|
page read and write
|
||
|
A915000
|
trusted library allocation
|
page read and write
|
||
|
A79D000
|
trusted library allocation
|
page read and write
|
||
|
15A2C000
|
heap
|
page read and write
|
||
|
24FD4CB6000
|
heap
|
page read and write
|
||
|
24FD2E76000
|
heap
|
page read and write
|
||
|
24FD4FEC000
|
heap
|
page read and write
|
||
|
1529D000
|
stack
|
page read and write
|
||
|
A847000
|
trusted library allocation
|
page read and write
|
||
|
A6E1000
|
trusted library allocation
|
page read and write
|
||
|
16780000
|
trusted library allocation
|
page read and write
|
||
|
2C02000
|
trusted library allocation
|
page execute and read and write
|
||
|
503E000
|
trusted library allocation
|
page read and write
|
||
|
A9A5000
|
trusted library allocation
|
page read and write
|
||
|
A4AE000
|
trusted library allocation
|
page read and write
|
||
|
5244000
|
trusted library allocation
|
page read and write
|
||
|
A926000
|
trusted library allocation
|
page read and write
|
||
|
15935000
|
heap
|
page read and write
|
||
|
52F5000
|
trusted library allocation
|
page read and write
|
||
|
526D000
|
trusted library allocation
|
page read and write
|
||
|
24FD5063000
|
heap
|
page read and write
|
||
|
24FD4FA6000
|
heap
|
page read and write
|
||
|
4F2E000
|
trusted library allocation
|
page read and write
|
||
|
52B4000
|
trusted library allocation
|
page read and write
|
||
|
4F6B000
|
trusted library allocation
|
page read and write
|
||
|
24FD5085000
|
heap
|
page read and write
|
||
|
24FD5057000
|
heap
|
page read and write
|
||
|
24FD4E1C000
|
heap
|
page read and write
|
||
|
153CD000
|
stack
|
page read and write
|
||
|
15D58000
|
unkown
|
page read and write
|
||
|
24FD4FA0000
|
heap
|
page read and write
|
||
|
50C1000
|
trusted library allocation
|
page read and write
|
||
|
4F7F000
|
trusted library allocation
|
page read and write
|
||
|
A974000
|
trusted library allocation
|
page read and write
|
||
|
24FD4DBB000
|
heap
|
page read and write
|
||
|
A8B8000
|
trusted library allocation
|
page read and write
|
||
|
A99E000
|
trusted library allocation
|
page read and write
|
||
|
16798000
|
trusted library allocation
|
page read and write
|
||
|
A898000
|
trusted library allocation
|
page read and write
|
||
|
522D000
|
trusted library allocation
|
page read and write
|
||
|
24FD5008000
|
heap
|
page read and write
|
||
|
24FD4CA0000
|
heap
|
page read and write
|
||
|
2C4B000
|
trusted library allocation
|
page execute and read and write
|
||
|
159CA000
|
heap
|
page read and write
|
||
|
A9D6000
|
trusted library allocation
|
page read and write
|
||
|
156DF000
|
unkown
|
page read and write
|
||
|
A9DF000
|
trusted library allocation
|
page read and write
|
||
|
16650000
|
trusted library allocation
|
page read and write
|
||
|
24FD4C21000
|
heap
|
page read and write
|
||
|
15545000
|
heap
|
page read and write
|
||
|
15D0D000
|
stack
|
page read and write
|
||
|
87D4CFF000
|
stack
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
1571D000
|
stack
|
page read and write
|
||
|
A71D000
|
trusted library allocation
|
page read and write
|
||
|
A9D0000
|
trusted library allocation
|
page read and write
|
||
|
24FD503C000
|
heap
|
page read and write
|
||
|
A4CE000
|
trusted library allocation
|
page read and write
|
||
|
4F81000
|
trusted library allocation
|
page read and write
|
||
|
A8C6000
|
trusted library allocation
|
page read and write
|
||
|
507E000
|
trusted library allocation
|
page read and write
|
There are 578 hidden memdumps, click here to show them.