Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
9348000 EDT8 EDQ-905.pdf.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_RegSvcs.exe_a35497387d5c18b093425ec6f082bbfea43142fc_c2842f8f_97cfd8f8-b88d-41a5-b19f-5e00daa1091b\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5E88.tmp.dmp
|
Mini DuMP crash report, 14 streams, Fri Oct 25 12:57:43 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6271.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER62DF.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Clinton
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Log.tmp
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\AYT.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AYT.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Fri Oct 25 11:56:04
2024, mtime=Fri Oct 25 11:56:04 2024, atime=Fri Oct 25 11:56:04 2024, length=45984, window=hide
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\9348000 EDT8 EDQ-905.pdf.exe
|
"C:\Users\user\Desktop\9348000 EDT8 EDQ-905.pdf.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Users\user\Desktop\9348000 EDT8 EDQ-905.pdf.exe"
|
|
|
|
C:\Users\user\Desktop\9348000 EDT8 EDQ-905.pdf.exe
|
"C:\Users\user\Desktop\9348000 EDT8 EDQ-905.pdf.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Users\user\Desktop\9348000 EDT8 EDQ-905.pdf.exe"
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 3608 -s 1424
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
154.216.18.238
|
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
154.216.18.238
|
unknown
|
Seychelles
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{0b299896-4e22-3a31-df3c-26256b83ae07}\Root\InventoryApplicationFile\regsvcs.exe|bc5951771b601cae
|
ProgramId
|
||
|
\REGISTRY\A\{0b299896-4e22-3a31-df3c-26256b83ae07}\Root\InventoryApplicationFile\regsvcs.exe|bc5951771b601cae
|
FileId
|
||
|
\REGISTRY\A\{0b299896-4e22-3a31-df3c-26256b83ae07}\Root\InventoryApplicationFile\regsvcs.exe|bc5951771b601cae
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{0b299896-4e22-3a31-df3c-26256b83ae07}\Root\InventoryApplicationFile\regsvcs.exe|bc5951771b601cae
|
LongPathHash
|
||
|
\REGISTRY\A\{0b299896-4e22-3a31-df3c-26256b83ae07}\Root\InventoryApplicationFile\regsvcs.exe|bc5951771b601cae
|
Name
|
||
|
\REGISTRY\A\{0b299896-4e22-3a31-df3c-26256b83ae07}\Root\InventoryApplicationFile\regsvcs.exe|bc5951771b601cae
|
OriginalFileName
|
||
|
\REGISTRY\A\{0b299896-4e22-3a31-df3c-26256b83ae07}\Root\InventoryApplicationFile\regsvcs.exe|bc5951771b601cae
|
Publisher
|
||
|
\REGISTRY\A\{0b299896-4e22-3a31-df3c-26256b83ae07}\Root\InventoryApplicationFile\regsvcs.exe|bc5951771b601cae
|
Version
|
||
|
\REGISTRY\A\{0b299896-4e22-3a31-df3c-26256b83ae07}\Root\InventoryApplicationFile\regsvcs.exe|bc5951771b601cae
|
BinFileVersion
|
||
|
\REGISTRY\A\{0b299896-4e22-3a31-df3c-26256b83ae07}\Root\InventoryApplicationFile\regsvcs.exe|bc5951771b601cae
|
BinaryType
|
||
|
\REGISTRY\A\{0b299896-4e22-3a31-df3c-26256b83ae07}\Root\InventoryApplicationFile\regsvcs.exe|bc5951771b601cae
|
ProductName
|
||
|
\REGISTRY\A\{0b299896-4e22-3a31-df3c-26256b83ae07}\Root\InventoryApplicationFile\regsvcs.exe|bc5951771b601cae
|
ProductVersion
|
||
|
\REGISTRY\A\{0b299896-4e22-3a31-df3c-26256b83ae07}\Root\InventoryApplicationFile\regsvcs.exe|bc5951771b601cae
|
LinkDate
|
||
|
\REGISTRY\A\{0b299896-4e22-3a31-df3c-26256b83ae07}\Root\InventoryApplicationFile\regsvcs.exe|bc5951771b601cae
|
BinProductVersion
|
||
|
\REGISTRY\A\{0b299896-4e22-3a31-df3c-26256b83ae07}\Root\InventoryApplicationFile\regsvcs.exe|bc5951771b601cae
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{0b299896-4e22-3a31-df3c-26256b83ae07}\Root\InventoryApplicationFile\regsvcs.exe|bc5951771b601cae
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{0b299896-4e22-3a31-df3c-26256b83ae07}\Root\InventoryApplicationFile\regsvcs.exe|bc5951771b601cae
|
Size
|
||
|
\REGISTRY\A\{0b299896-4e22-3a31-df3c-26256b83ae07}\Root\InventoryApplicationFile\regsvcs.exe|bc5951771b601cae
|
Language
|
||
|
\REGISTRY\A\{0b299896-4e22-3a31-df3c-26256b83ae07}\Root\InventoryApplicationFile\regsvcs.exe|bc5951771b601cae
|
IsOsComponent
|
||
|
\REGISTRY\A\{0b299896-4e22-3a31-df3c-26256b83ae07}\Root\InventoryApplicationFile\regsvcs.exe|bc5951771b601cae
|
Usn
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
|
0018000DDABBE6B3
|
There are 14 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
43C1000
|
trusted library allocation
|
page read and write
|
|
|
|
3340000
|
trusted library section
|
page read and write
|
|
|
|
305C000
|
heap
|
page read and write
|
|
|
|
5910000
|
trusted library section
|
page read and write
|
|
|
|
33C1000
|
trusted library allocation
|
page read and write
|
|
|
|
482000
|
unkown
|
page readonly
|
||
|
2FED000
|
stack
|
page read and write
|
||
|
5F4E000
|
stack
|
page read and write
|
||
|
3698000
|
heap
|
page read and write
|
||
|
1338000
|
stack
|
page read and write
|
||
|
1636000
|
heap
|
page read and write
|
||
|
15C0000
|
trusted library section
|
page read and write
|
||
|
3D22000
|
heap
|
page read and write
|
||
|
1657000
|
heap
|
page read and write
|
||
|
6B6C000
|
stack
|
page read and write
|
||
|
3040000
|
heap
|
page read and write
|
||
|
3020000
|
trusted library allocation
|
page read and write
|
||
|
319E000
|
stack
|
page read and write
|
||
|
3010000
|
trusted library allocation
|
page read and write
|
||
|
9DE000
|
stack
|
page read and write
|
||
|
301A000
|
trusted library allocation
|
page execute and read and write
|
||
|
760C000
|
stack
|
page read and write
|
||
|
46AE000
|
direct allocation
|
page read and write
|
||
|
58B4000
|
trusted library allocation
|
page read and write
|
||
|
31DC000
|
stack
|
page read and write
|
||
|
44D0000
|
direct allocation
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
9A000
|
stack
|
page read and write
|
||
|
3F4F000
|
heap
|
page read and write
|
||
|
714F000
|
stack
|
page read and write
|
||
|
490000
|
unkown
|
page write copy
|
||
|
4370000
|
direct allocation
|
page read and write
|
||
|
31E0000
|
heap
|
page read and write
|
||
|
44D0000
|
direct allocation
|
page read and write
|
||
|
6766000
|
heap
|
page read and write
|
||
|
89F000
|
stack
|
page read and write
|
||
|
3E5C000
|
heap
|
page read and write
|
||
|
490000
|
unkown
|
page read and write
|
||
|
5FE7000
|
trusted library allocation
|
page read and write
|
||
|
3DA2000
|
heap
|
page read and write
|
||
|
2EBE000
|
stack
|
page read and write
|
||
|
2A93000
|
heap
|
page read and write
|
||
|
123B000
|
stack
|
page read and write
|
||
|
710E000
|
stack
|
page read and write
|
||
|
728E000
|
stack
|
page read and write
|
||
|
16B3000
|
heap
|
page read and write
|
||
|
441A000
|
trusted library allocation
|
page read and write
|
||
|
6A7C000
|
stack
|
page read and write
|
||
|
3D92000
|
heap
|
page read and write
|
||
|
4639000
|
direct allocation
|
page read and write
|
||
|
100000
|
heap
|
page read and write
|
||
|
58B0000
|
trusted library allocation
|
page read and write
|
||
|
2E30000
|
heap
|
page read and write
|
||
|
5F50000
|
trusted library allocation
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
58DD000
|
trusted library allocation
|
page read and write
|
||
|
4453000
|
direct allocation
|
page read and write
|
||
|
3001000
|
heap
|
page read and write
|
||
|
3BDF000
|
stack
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
3022000
|
trusted library allocation
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
4330000
|
direct allocation
|
page read and write
|
||
|
1465000
|
heap
|
page read and write
|
||
|
466E000
|
direct allocation
|
page read and write
|
||
|
3F30000
|
heap
|
page read and write
|
||
|
6BB0000
|
trusted library allocation
|
page read and write
|
||
|
770E000
|
stack
|
page read and write
|
||
|
73CD000
|
stack
|
page read and write
|
||
|
463D000
|
direct allocation
|
page read and write
|
||
|
6DCA000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
4AB000
|
unkown
|
page readonly
|
||
|
3DFF000
|
heap
|
page read and write
|
||
|
2FF4000
|
trusted library allocation
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
100000
|
heap
|
page read and write
|
||
|
58A0000
|
trusted library allocation
|
page read and write
|
||
|
3D30000
|
heap
|
page read and write
|
||
|
53C8000
|
trusted library allocation
|
page read and write
|
||
|
15E8000
|
heap
|
page read and write
|
||
|
5FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6000000
|
trusted library allocation
|
page read and write
|
||
|
16D1000
|
heap
|
page read and write
|
||
|
73D0000
|
heap
|
page read and write
|
||
|
3F31000
|
heap
|
page read and write
|
||
|
6030000
|
heap
|
page read and write
|
||
|
16C3000
|
heap
|
page read and write
|
||
|
4458000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
555D000
|
stack
|
page read and write
|
||
|
45F9000
|
direct allocation
|
page read and write
|
||
|
3073000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
58B6000
|
trusted library allocation
|
page read and write
|
||
|
3F31000
|
heap
|
page read and write
|
||
|
4AB000
|
unkown
|
page readonly
|
||
|
1370000
|
heap
|
page read and write
|
||
|
A9E000
|
heap
|
page read and write
|
||
|
3207000
|
heap
|
page read and write
|
||
|
4A7000
|
unkown
|
page read and write
|
||
|
2B40000
|
heap
|
page read and write
|
||
|
44D0000
|
direct allocation
|
page read and write
|
||
|
35DC000
|
trusted library allocation
|
page read and write
|
||
|
466E000
|
direct allocation
|
page read and write
|
||
|
9CE000
|
stack
|
page read and write
|
||
|
4453000
|
direct allocation
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
3E60000
|
heap
|
page read and write
|
||
|
45FD000
|
direct allocation
|
page read and write
|
||
|
3F53000
|
heap
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
5B2E000
|
stack
|
page read and write
|
||
|
3C61000
|
heap
|
page read and write
|
||
|
45F9000
|
direct allocation
|
page read and write
|
||
|
401E000
|
heap
|
page execute and read and write
|
||
|
3027000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FF5000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
95E000
|
stack
|
page read and write
|
||
|
3150000
|
trusted library allocation
|
page read and write
|
||
|
72CC000
|
stack
|
page read and write
|
||
|
3D30000
|
heap
|
page read and write
|
||
|
2EE6000
|
heap
|
page read and write
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
368E000
|
stack
|
page read and write
|
||
|
3DF3000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
66F0000
|
heap
|
page read and write
|
||
|
3E37000
|
heap
|
page read and write
|
||
|
3D67000
|
heap
|
page read and write
|
||
|
8B4000
|
stack
|
page read and write
|
||
|
2FF0000
|
trusted library allocation
|
page read and write
|
||
|
33B0000
|
heap
|
page read and write
|
||
|
2FA0000
|
direct allocation
|
page read and write
|
||
|
4453000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
8B4000
|
stack
|
page read and write
|
||
|
79DE000
|
stack
|
page read and write
|
||
|
46AE000
|
direct allocation
|
page read and write
|
||
|
4453000
|
direct allocation
|
page read and write
|
||
|
1610000
|
heap
|
page read and write
|
||
|
3BE0000
|
heap
|
page read and write
|
||
|
718C000
|
stack
|
page read and write
|
||
|
67AC000
|
heap
|
page read and write
|
||
|
2F4F000
|
stack
|
page read and write
|
||
|
A2E000
|
stack
|
page read and write
|
||
|
15E0000
|
heap
|
page read and write
|
||
|
45FD000
|
direct allocation
|
page read and write
|
||
|
2FFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3FFF000
|
heap
|
page read and write
|
||
|
70CF000
|
stack
|
page read and write
|
||
|
466E000
|
direct allocation
|
page read and write
|
||
|
3E61000
|
heap
|
page read and write
|
||
|
5AA0000
|
heap
|
page read and write
|
||
|
4493000
|
direct allocation
|
page read and write
|
||
|
69F0000
|
trusted library allocation
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
4AB000
|
unkown
|
page readonly
|
||
|
3360000
|
heap
|
page execute and read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
463D000
|
direct allocation
|
page read and write
|
||
|
105000
|
heap
|
page read and write
|
||
|
5F0E000
|
stack
|
page read and write
|
||
|
89F000
|
stack
|
page read and write
|
||
|
2B24000
|
heap
|
page read and write
|
||
|
67B3000
|
heap
|
page read and write
|
||
|
127F000
|
stack
|
page read and write
|
||
|
45F9000
|
direct allocation
|
page read and write
|
||
|
7710000
|
trusted library allocation
|
page execute and read and write
|
||
|
6729000
|
heap
|
page read and write
|
||
|
58CA000
|
trusted library allocation
|
page read and write
|
||
|
302B000
|
trusted library allocation
|
page execute and read and write
|
||
|
58D6000
|
trusted library allocation
|
page read and write
|
||
|
58E2000
|
trusted library allocation
|
page read and write
|
||
|
3092000
|
heap
|
page read and write
|
||
|
44D0000
|
direct allocation
|
page read and write
|
||
|
5A8E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
128E000
|
stack
|
page read and write
|
||
|
4330000
|
direct allocation
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
3310000
|
heap
|
page read and write
|
||
|
66EE000
|
stack
|
page read and write
|
||
|
9A000
|
stack
|
page read and write
|
||
|
5E0E000
|
stack
|
page read and write
|
||
|
2EC0000
|
trusted library section
|
page read and write
|
||
|
3E88000
|
heap
|
page read and write
|
||
|
4639000
|
direct allocation
|
page read and write
|
||
|
8AF000
|
stack
|
page read and write
|
||
|
3525000
|
trusted library allocation
|
page read and write
|
||
|
3016000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E88000
|
heap
|
page read and write
|
||
|
45FD000
|
direct allocation
|
page read and write
|
||
|
4330000
|
direct allocation
|
page read and write
|
||
|
3F3E000
|
heap
|
page read and write
|
||
|
45FD000
|
direct allocation
|
page read and write
|
||
|
3003000
|
trusted library allocation
|
page read and write
|
||
|
300D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C51000
|
heap
|
page read and write
|
||
|
2FF3000
|
trusted library allocation
|
page execute and read and write
|
||
|
110000
|
heap
|
page read and write
|
||
|
1460000
|
heap
|
page read and write
|
||
|
4510000
|
direct allocation
|
page read and write
|
||
|
5FF0000
|
trusted library allocation
|
page read and write
|
||
|
5980000
|
heap
|
page execute and read and write
|
||
|
2A20000
|
heap
|
page read and write
|
||
|
3EB2000
|
heap
|
page read and write
|
||
|
2B45000
|
heap
|
page read and write
|
||
|
3E71000
|
heap
|
page read and write
|
||
|
482000
|
unkown
|
page readonly
|
||
|
31E4000
|
heap
|
page read and write
|
||
|
A88000
|
heap
|
page read and write
|
||
|
33FB000
|
trusted library allocation
|
page read and write
|
||
|
4510000
|
direct allocation
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
482000
|
unkown
|
page readonly
|
||
|
3D30000
|
heap
|
page read and write
|
||
|
4A7000
|
unkown
|
page read and write
|
||
|
45F9000
|
direct allocation
|
page read and write
|
||
|
14AE000
|
stack
|
page read and write
|
||
|
6BD0000
|
heap
|
page read and write
|
||
|
15D3000
|
heap
|
page read and write
|
||
|
708D000
|
stack
|
page read and write
|
||
|
46AE000
|
direct allocation
|
page read and write
|
||
|
4370000
|
direct allocation
|
page read and write
|
||
|
4510000
|
direct allocation
|
page read and write
|
||
|
3DAF000
|
heap
|
page read and write
|
||
|
392E000
|
stack
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
169B000
|
heap
|
page read and write
|
||
|
58E5000
|
trusted library allocation
|
page read and write
|
||
|
58CE000
|
trusted library allocation
|
page read and write
|
||
|
A75000
|
heap
|
page read and write
|
||
|
58D1000
|
trusted library allocation
|
page read and write
|
||
|
2ED0000
|
trusted library allocation
|
page read and write
|
||
|
3D2F000
|
stack
|
page read and write
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
45F9000
|
direct allocation
|
page read and write
|
||
|
1634000
|
heap
|
page read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
3780000
|
direct allocation
|
page read and write
|
||
|
3E66000
|
heap
|
page read and write
|
||
|
490000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
15D0000
|
heap
|
page read and write
|
||
|
44D0000
|
direct allocation
|
page read and write
|
||
|
4330000
|
direct allocation
|
page read and write
|
||
|
4330000
|
direct allocation
|
page read and write
|
||
|
4493000
|
direct allocation
|
page read and write
|
||
|
33AE000
|
stack
|
page read and write
|
||
|
482000
|
unkown
|
page readonly
|
||
|
58BB000
|
trusted library allocation
|
page read and write
|
||
|
8AF000
|
stack
|
page read and write
|
||
|
58F0000
|
trusted library allocation
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
2A21000
|
heap
|
page read and write
|
||
|
3000000
|
trusted library allocation
|
page read and write
|
||
|
161D000
|
heap
|
page read and write
|
||
|
463D000
|
direct allocation
|
page read and write
|
||
|
5FCA000
|
stack
|
page read and write
|
||
|
31F0000
|
trusted library allocation
|
page read and write
|
||
|
3000000
|
heap
|
page read and write
|
||
|
3F2F000
|
heap
|
page read and write
|
||
|
168F000
|
stack
|
page read and write
|
||
|
330F000
|
stack
|
page read and write
|
||
|
7ADE000
|
stack
|
page read and write
|
||
|
5FE0000
|
trusted library allocation
|
page read and write
|
||
|
15AD000
|
stack
|
page read and write
|
||
|
1450000
|
heap
|
page read and write
|
||
|
6BC0000
|
heap
|
page read and write
|
||
|
A9A000
|
heap
|
page read and write
|
||
|
7FAE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6008000
|
trusted library allocation
|
page read and write
|
||
|
2AB2000
|
heap
|
page read and write
|
||
|
401F000
|
heap
|
page read and write
|
||
|
3012000
|
trusted library allocation
|
page read and write
|
||
|
3527000
|
trusted library allocation
|
page read and write
|
||
|
4453000
|
direct allocation
|
page read and write
|
||
|
6A30000
|
trusted library allocation
|
page execute and read and write
|
||
|
6726000
|
heap
|
page read and write
|
||
|
ACB000
|
heap
|
page read and write
|
||
|
45FD000
|
direct allocation
|
page read and write
|
||
|
5950000
|
trusted library allocation
|
page read and write
|
||
|
58C2000
|
trusted library allocation
|
page read and write
|
||
|
AB1000
|
heap
|
page read and write
|
||
|
161A000
|
heap
|
page read and write
|
||
|
3F4E000
|
heap
|
page execute and read and write
|
||
|
3E61000
|
heap
|
page read and write
|
||
|
163A000
|
heap
|
page read and write
|
||
|
A2E000
|
stack
|
page read and write
|
||
|
3105000
|
heap
|
page read and write
|
||
|
4639000
|
direct allocation
|
page read and write
|
||
|
3C5D000
|
heap
|
page read and write
|
||
|
4493000
|
direct allocation
|
page read and write
|
||
|
5900000
|
trusted library allocation
|
page read and write
|
||
|
6EC9000
|
stack
|
page read and write
|
||
|
400E000
|
heap
|
page read and write
|
||
|
3C45000
|
heap
|
page read and write
|
||
|
3F82000
|
heap
|
page read and write
|
||
|
68E9000
|
stack
|
page read and write
|
||
|
31E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
58BE000
|
trusted library allocation
|
page read and write
|
||
|
432000
|
system
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
490000
|
unkown
|
page read and write
|
||
|
68F0000
|
heap
|
page read and write
|
||
|
5AEE000
|
stack
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
426000
|
system
|
page execute and read and write
|
||
|
466E000
|
direct allocation
|
page read and write
|
||
|
4370000
|
direct allocation
|
page read and write
|
||
|
466E000
|
direct allocation
|
page read and write
|
||
|
4AB000
|
unkown
|
page readonly
|
||
|
AD3000
|
heap
|
page read and write
|
||
|
67AE000
|
heap
|
page read and write
|
||
|
426B000
|
heap
|
page read and write
|
||
|
4023000
|
heap
|
page read and write
|
There are 311 hidden memdumps, click here to show them.