Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
file.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files (x86)\seetrol\client\068\dfmirage.sys
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Program Files (x86)\seetrol\client\105\x64\dfmirage.sys
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Program Files (x86)\seetrol\client\105\x86\dfmirage.sys
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Program Files (x86)\seetrol\client\SeetrolClient.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
|
dropped
|
|
|
|
C:\Program Files (x86)\seetrol\client\068\dfmirage.cat
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Program Files (x86)\seetrol\client\068\dfmirage.dll
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Program Files (x86)\seetrol\client\068\dfmirage.inf
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Program Files (x86)\seetrol\client\105\dfmirage.cat
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Program Files (x86)\seetrol\client\105\dfmirage.inf
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Program Files (x86)\seetrol\client\105\x64\dfmirage.dll
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Program Files (x86)\seetrol\client\105\x86\dfmirage.dll
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Program Files (x86)\seetrol\client\Install.cmd
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Program Files (x86)\seetrol\client\MirrInst32.exe
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Program Files (x86)\seetrol\client\MirrInst64.exe
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Program Files (x86)\seetrol\client\STClientChat.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
|
dropped
|
||
|
C:\Program Files (x86)\seetrol\client\STUpdate.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
|
dropped
|
||
|
C:\Program Files (x86)\seetrol\client\SeetrolClient.cfg
|
data
|
dropped
|
||
|
C:\Program Files (x86)\seetrol\client\SeetrolMyService.exe
|
PE32 executable (console) Intel 80386, for MS Windows, UPX compressed
|
dropped
|
||
|
C:\Program Files (x86)\seetrol\client\Seetrol_Clt.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
|
dropped
|
||
|
C:\Program Files (x86)\seetrol\client\Uninstall.cmd
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Program Files (x86)\seetrol\client\dtph.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Program Files (x86)\seetrol\client\mdph.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Program Files (x86)\seetrol\client\sas.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\seetrol\client\sthooks.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\IXP000.TMP\ClientRun.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\IXP000.TMP\STClientChat.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\IXP000.TMP\STUpdate.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\IXP000.TMP\SeetrolClient.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\IXP000.TMP\SeetrolMyService.exe
|
PE32 executable (console) Intel 80386, for MS Windows, UPX compressed
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\IXP000.TMP\Seetrol_Clt.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\IXP000.TMP\sas.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\IXP000.TMP\sthooks.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
There are 23 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files (x86)\seetrol\client\SeetrolClient.exe
|
"C:\Program Files (x86)\seetrol\client\SeetrolClient.exe"
|
|
|
|
C:\Windows\SysWOW64\ipconfig.exe
|
"C:\Windows\System32\ipconfig.exe" /flushdns
|
|
|
|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
||
|
C:\Users\user\AppData\Local\Temp\IXP000.TMP\ClientRun.exe
|
C:\Users\user\AppData\Local\Temp\IXP000.TMP\ClientRun.exe
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.seetrol.com/update3/NetScan.exe
|
139.150.75.206
|
|
|
|
http://www.seetrol.com/update4/SeetrolCenter.exe
|
139.150.75.206
|
|
|
|
http://www.seetrol.com/update3/MirrInst32.exe
|
unknown
|
||
|
http://www.seetrol.com/update3/Install.txt
|
unknown
|
||
|
http://www.seetrol.com/update3/105/x86/dfmirage.sys
|
unknown
|
||
|
http://www.seetrol.com/update3/MirrInst64.exe%
|
unknown
|
||
|
http://www.seetrol.com/update3/068/dfmirage.cat_
|
unknown
|
||
|
http://www.seetrol.com/update3/105/x64/dfmirage.dll
|
unknown
|
||
|
http://www.seetrol.com/update3/105/x64/dfmirage.dll~
|
unknown
|
||
|
http://www.seetrol.com/flash.html
|
unknown
|
||
|
http://www.seetrol.com/update3WINDOWS
|
unknown
|
||
|
http://www.seetrol.com/update3/NetScan.exeVo
|
unknown
|
||
|
http://www.seetrol.com/update3/NetScan.exeZo
|
unknown
|
||
|
http://www.symauth.com/cps0(
|
unknown
|
||
|
http://www.seetrol.com/flash.htmlflash.htmlwww.seetrol.com901801701_01%s_%02d_
|
unknown
|
||
|
http://www.seetrol.com/update3/MirrInst64.exe
|
unknown
|
||
|
http://www.seetrol.com/update3/Uninstall.txt
|
unknown
|
||
|
http://www.seetrol.com/update3/105/dfmirage.catp
|
unknown
|
||
|
http://www.seetrol.com/update3/068/dfmirage.sys
|
unknown
|
||
|
http://www.seetrol.com/
|
unknown
|
||
|
http://www.seetrol.com/update3/105/dfmirage.inf
|
unknown
|
||
|
http://www.seetrol.com/update3/MirrInst32.exe9
|
unknown
|
||
|
http://www.symauth.com/rpa00
|
unknown
|
||
|
http://www.seetrol.com/update3/NetScan.exeNo
|
unknown
|
||
|
http://www.seetrol.com/update4/SeetrolCenter.exeh
|
unknown
|
||
|
http://www.seetrol.com/update4
|
unknown
|
||
|
http://www.seetrol.com/update3/068/dfmirage.inf
|
unknown
|
||
|
http://www.seetrol.com/update3/105/dfmirage.cat
|
unknown
|
||
|
http://www.seetrol.com/update3/105/x86/dfmirage.dll8
|
unknown
|
||
|
http://www.seetrol.com/update3/105/x86/dfmirage.sysm
|
unknown
|
||
|
http://www.seetrol.com/update3/Uninstall.txt~GP
|
unknown
|
||
|
http://www.seetrol.com/update3
|
unknown
|
||
|
http://www.seetrol.com/update3/068/dfmirage.cat4
|
unknown
|
||
|
http://www.seetrol.com/update4%s:
|
unknown
|
||
|
http://www.seetrol.com/update3/105/x64/dfmirage.sys
|
unknown
|
||
|
http://www.seetrol.com/update3/068/dfmirage.dll
|
unknown
|
||
|
http://www.seetrol.com/update3/105/x86/dfmirage.dll
|
unknown
|
||
|
http://www.seetrol.com/update4/SeetrolCenter.exe3V
|
unknown
|
There are 28 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.seetrol.com
|
139.150.75.206
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
139.150.75.206
|
www.seetrol.com
|
Korea Republic of
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
|
C:\Program Files (x86)\seetrol\client\SeetrolClient.exe
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce
|
wextract_cleanup0
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
|
SoftwareSASGeneration
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
|
EnableLinkedConnections
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3922000
|
heap
|
page read and write
|
||
|
4F7E000
|
stack
|
page read and write
|
||
|
9CE9000
|
heap
|
page read and write
|
||
|
71E000
|
unkown
|
page execute and read and write
|
||
|
635000
|
unkown
|
page execute and read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
3993000
|
heap
|
page read and write
|
||
|
2130000
|
heap
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
796C000
|
stack
|
page read and write
|
||
|
315F000
|
stack
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
2131000
|
heap
|
page read and write
|
||
|
3941000
|
heap
|
page read and write
|
||
|
54E000
|
stack
|
page read and write
|
||
|
1086000
|
heap
|
page read and write
|
||
|
33FF000
|
stack
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
394F000
|
heap
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
2131000
|
heap
|
page read and write
|
||
|
B84F000
|
stack
|
page read and write
|
||
|
100D000
|
unkown
|
page readonly
|
||
|
1054000
|
heap
|
page read and write
|
||
|
41A000
|
unkown
|
page write copy
|
||
|
2131000
|
heap
|
page read and write
|
||
|
4F3F000
|
stack
|
page read and write
|
||
|
5F9E000
|
stack
|
page read and write
|
||
|
394B000
|
heap
|
page read and write
|
||
|
1FF000
|
stack
|
page read and write
|
||
|
2131000
|
heap
|
page read and write
|
||
|
100B000
|
unkown
|
page write copy
|
||
|
305E000
|
stack
|
page read and write
|
||
|
32FE000
|
stack
|
page read and write
|
||
|
5A2000
|
unkown
|
page execute and read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
574000
|
unkown
|
page execute and read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
399F000
|
heap
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
367F000
|
stack
|
page read and write
|
||
|
538000
|
unkown
|
page execute and read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
66E000
|
stack
|
page read and write
|
||
|
3935000
|
heap
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
9CD3000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
6B0000
|
trusted library allocation
|
page read and write
|
||
|
419000
|
unkown
|
page execute and write copy
|
||
|
50E000
|
stack
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
3A10000
|
heap
|
page read and write
|
||
|
1AE000
|
stack
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
5F5F000
|
stack
|
page read and write
|
||
|
FE0000
|
direct allocation
|
page read and write
|
||
|
100D000
|
unkown
|
page readonly
|
||
|
10F3000
|
heap
|
page read and write
|
||
|
722000
|
unkown
|
page execute and write copy
|
||
|
1000000
|
direct allocation
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
5C7000
|
unkown
|
page execute and read and write
|
||
|
557000
|
unkown
|
page execute and read and write
|
||
|
675000
|
unkown
|
page execute and write copy
|
||
|
FF0000
|
direct allocation
|
page read and write
|
||
|
39AA000
|
heap
|
page read and write
|
||
|
2140000
|
heap
|
page read and write
|
||
|
39A6000
|
heap
|
page read and write
|
||
|
411000
|
unkown
|
page execute and write copy
|
||
|
2131000
|
heap
|
page read and write
|
||
|
8B30000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
2EE0000
|
trusted library allocation
|
page read and write
|
||
|
A01C000
|
stack
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
26E0000
|
trusted library allocation
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
DC000
|
stack
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
39F5000
|
heap
|
page read and write
|
||
|
57C000
|
heap
|
page read and write
|
||
|
9F10000
|
heap
|
page read and write
|
||
|
56A000
|
unkown
|
page execute and read and write
|
||
|
607000
|
unkown
|
page execute and read and write
|
||
|
9CD0000
|
heap
|
page read and write
|
||
|
2131000
|
heap
|
page read and write
|
||
|
B88E000
|
stack
|
page read and write
|
||
|
745000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
2EE0000
|
trusted library allocation
|
page read and write
|
||
|
541000
|
unkown
|
page execute and read and write
|
||
|
77AE000
|
stack
|
page read and write
|
||
|
F45000
|
heap
|
page read and write
|
||
|
3EE0000
|
trusted library allocation
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
2120000
|
heap
|
page read and write
|
||
|
578000
|
heap
|
page read and write
|
||
|
353F000
|
stack
|
page read and write
|
||
|
36BC000
|
stack
|
page read and write
|
||
|
560000
|
unkown
|
page execute and read and write
|
||
|
6F9F000
|
stack
|
page read and write
|
||
|
3A00000
|
heap
|
page read and write
|
||
|
3945000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
20EF000
|
stack
|
page read and write
|
||
|
2131000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
20F0000
|
heap
|
page read and write
|
||
|
5EB000
|
heap
|
page read and write
|
||
|
1097000
|
heap
|
page read and write
|
||
|
476E000
|
stack
|
page read and write
|
||
|
9ED2000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
6E4000
|
heap
|
page read and write
|
||
|
111E000
|
heap
|
page read and write
|
||
|
F14000
|
heap
|
page read and write
|
||
|
113E000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
1093000
|
heap
|
page read and write
|
||
|
57C000
|
heap
|
page read and write
|
||
|
67CE000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5B5000
|
unkown
|
page execute and read and write
|
||
|
9A000
|
stack
|
page read and write
|
||
|
2131000
|
heap
|
page read and write
|
||
|
1B0000
|
heap
|
page read and write
|
||
|
27EF000
|
heap
|
page read and write
|
||
|
9ED6000
|
heap
|
page read and write
|
||
|
2131000
|
heap
|
page read and write
|
||
|
2131000
|
heap
|
page read and write
|
||
|
140000
|
heap
|
page read and write
|
||
|
9D0F000
|
heap
|
page read and write
|
||
|
2131000
|
heap
|
page read and write
|
||
|
A82C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
504000
|
heap
|
page read and write
|
||
|
6FDE000
|
stack
|
page read and write
|
||
|
813D000
|
stack
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
1030000
|
direct allocation
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
418000
|
unkown
|
page execute and read and write
|
||
|
526000
|
unkown
|
page execute and read and write
|
||
|
2F1E000
|
stack
|
page read and write
|
||
|
1FEF000
|
stack
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
150000
|
heap
|
page read and write
|
||
|
B010000
|
trusted library allocation
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
104A000
|
heap
|
page read and write
|
||
|
6B0000
|
trusted library allocation
|
page read and write
|
||
|
2131000
|
heap
|
page read and write
|
||
|
6AE000
|
stack
|
page read and write
|
||
|
599000
|
unkown
|
page execute and read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
5BE000
|
unkown
|
page execute and read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
1001000
|
unkown
|
page execute read
|
||
|
504000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
100B000
|
unkown
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
578000
|
heap
|
page read and write
|
||
|
2EE0000
|
trusted library allocation
|
page read and write
|
||
|
3EC0000
|
heap
|
page read and write
|
||
|
3E60000
|
heap
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
301F000
|
stack
|
page read and write
|
||
|
39E8000
|
heap
|
page read and write
|
||
|
AFFE000
|
stack
|
page read and write
|
||
|
9CCF000
|
stack
|
page read and write
|
||
|
B07E000
|
stack
|
page read and write
|
||
|
412000
|
unkown
|
page execute and read and write
|
||
|
574F000
|
stack
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
343E000
|
stack
|
page read and write
|
||
|
8980000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
2131000
|
heap
|
page read and write
|
||
|
676E000
|
stack
|
page read and write
|
||
|
723000
|
unkown
|
page read and write
|
||
|
57E000
|
unkown
|
page execute and read and write
|
||
|
6780000
|
trusted library allocation
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
52A000
|
heap
|
page read and write
|
||
|
C05F000
|
stack
|
page read and write
|
||
|
113B000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
578E000
|
stack
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
393A000
|
heap
|
page read and write
|
||
|
EF3000
|
stack
|
page read and write
|
||
|
2131000
|
heap
|
page read and write
|
||
|
3A14000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
100000
|
heap
|
page read and write
|
||
|
1001000
|
unkown
|
page execute read
|
||
|
A7EF000
|
stack
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
578000
|
heap
|
page read and write
|
||
|
110000
|
heap
|
page read and write
|
||
|
5AB000
|
unkown
|
page execute and read and write
|
||
|
723000
|
unkown
|
page write copy
|
||
|
94FE000
|
stack
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
9EDC000
|
heap
|
page read and write
|
||
|
37BC000
|
stack
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
39DA000
|
heap
|
page read and write
|
||
|
54E000
|
unkown
|
page execute and read and write
|
||
|
505000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
10D1000
|
heap
|
page read and write
|
||
|
357E000
|
stack
|
page read and write
|
||
|
2131000
|
heap
|
page read and write
|
||
|
579000
|
heap
|
page read and write
|
||
|
5D3000
|
heap
|
page read and write
|
||
|
749000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
199000
|
stack
|
page read and write
|
||
|
25EF000
|
heap
|
page read and write
|
||
|
96000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
534000
|
heap
|
page read and write
|
||
|
5CB000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
63F000
|
unkown
|
page execute and read and write
|
||
|
1000000
|
unkown
|
page readonly
|
||
|
10EE000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
105000
|
heap
|
page read and write
|
||
|
1000000
|
unkown
|
page readonly
|
||
|
41A000
|
unkown
|
page read and write
|
||
|
3A1E000
|
heap
|
page read and write
|
There are 250 hidden memdumps, click here to show them.