Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.Win32.PWSX-gen.28365.916.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\SecuriteInfo.com.Win32.PWSX-gen.28365.916.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmpE51C.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\rRQnnfB.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\rRQnnfB.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\rRQnnfB.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_12401240.ugp.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_44lcahnm.ysa.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_beaxd2fj.eub.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_g3bijr5y.gns.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_sq0hpzw0.wyw.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ualgpki3.sov.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_veieiips.qbt.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ypq2gapu.0wm.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpF613.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win32.PWSX-gen.28365.916.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win32.PWSX-gen.28365.916.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\SecuriteInfo.com.Win32.PWSX-gen.28365.916.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\rRQnnfB.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\rRQnnfB" /XML "C:\Users\user\AppData\Local\Temp\tmpE51C.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\rRQnnfB.exe
|
C:\Users\user\AppData\Roaming\rRQnnfB.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\rRQnnfB" /XML "C:\Users\user\AppData\Local\Temp\tmpF613.tmp"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe"
|
||
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe"
|
||
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe"
|
||
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe"
|
||
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe"
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe"
|
||
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe"
|
||
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe"
|
||
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe"
|
||
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe"
|
There are 11 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
wznne1.duckdns.org
|
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
https://github.com/syohex/java-simple-mine-sweeperC:
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
There are 18 hidden URLs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3E35000
|
trusted library allocation
|
page read and write
|
|
|
|
42C6000
|
trusted library allocation
|
page read and write
|
|
|
|
884F000
|
stack
|
page read and write
|
||
|
B0AE000
|
stack
|
page read and write
|
||
|
2A31000
|
trusted library allocation
|
page read and write
|
||
|
6DFE000
|
stack
|
page read and write
|
||
|
8B7000
|
heap
|
page read and write
|
||
|
711E000
|
stack
|
page read and write
|
||
|
286E000
|
stack
|
page read and write
|
||
|
4BE0000
|
heap
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
2E20000
|
heap
|
page read and write
|
||
|
35A9000
|
trusted library allocation
|
page read and write
|
||
|
4EF6000
|
trusted library allocation
|
page read and write
|
||
|
712D000
|
stack
|
page read and write
|
||
|
6F50000
|
trusted library allocation
|
page execute and read and write
|
||
|
CE8000
|
heap
|
page read and write
|
||
|
8A0000
|
trusted library allocation
|
page read and write
|
||
|
4D70000
|
trusted library allocation
|
page read and write
|
||
|
716D000
|
stack
|
page read and write
|
||
|
25A1000
|
trusted library allocation
|
page read and write
|
||
|
4BC0000
|
trusted library allocation
|
page read and write
|
||
|
2A7E000
|
stack
|
page read and write
|
||
|
525B000
|
stack
|
page read and write
|
||
|
27E2000
|
trusted library allocation
|
page read and write
|
||
|
2CED000
|
stack
|
page read and write
|
||
|
EA1F000
|
stack
|
page read and write
|
||
|
51D0000
|
heap
|
page execute and read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
2440000
|
trusted library allocation
|
page read and write
|
||
|
4AD7000
|
trusted library allocation
|
page read and write
|
||
|
51C4000
|
trusted library section
|
page readonly
|
||
|
842000
|
trusted library allocation
|
page read and write
|
||
|
8470000
|
heap
|
page read and write
|
||
|
70DE000
|
stack
|
page read and write
|
||
|
4EDD000
|
trusted library allocation
|
page read and write
|
||
|
260F000
|
trusted library allocation
|
page read and write
|
||
|
870000
|
trusted library allocation
|
page read and write
|
||
|
6CFE000
|
stack
|
page read and write
|
||
|
8417000
|
heap
|
page read and write
|
||
|
27DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
857000
|
trusted library allocation
|
page execute and read and write
|
||
|
8519000
|
heap
|
page read and write
|
||
|
D8BC000
|
stack
|
page read and write
|
||
|
4EBB000
|
trusted library allocation
|
page read and write
|
||
|
4F90000
|
trusted library allocation
|
page read and write
|
||
|
FCE000
|
stack
|
page read and write
|
||
|
85CE000
|
stack
|
page read and write
|
||
|
23FB000
|
stack
|
page read and write
|
||
|
4F10000
|
heap
|
page read and write
|
||
|
314E000
|
stack
|
page read and write
|
||
|
541D000
|
stack
|
page read and write
|
||
|
4287000
|
trusted library allocation
|
page read and write
|
||
|
AF7000
|
stack
|
page read and write
|
||
|
5150000
|
trusted library allocation
|
page read and write
|
||
|
5180000
|
trusted library allocation
|
page read and write
|
||
|
501D000
|
stack
|
page read and write
|
||
|
507A000
|
heap
|
page read and write
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
45A8000
|
trusted library allocation
|
page read and write
|
||
|
E56D000
|
stack
|
page read and write
|
||
|
2A0F000
|
unkown
|
page read and write
|
||
|
1B2000
|
unkown
|
page readonly
|
||
|
86AF000
|
stack
|
page read and write
|
||
|
259E000
|
stack
|
page read and write
|
||
|
8EE000
|
heap
|
page read and write
|
||
|
ACBE000
|
stack
|
page read and write
|
||
|
27E0000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
D4FE000
|
stack
|
page read and write
|
||
|
506C000
|
heap
|
page read and write
|
||
|
5260000
|
trusted library allocation
|
page execute and read and write
|
||
|
296F000
|
stack
|
page read and write
|
||
|
96D000
|
heap
|
page read and write
|
||
|
D17E000
|
stack
|
page read and write
|
||
|
8D0000
|
trusted library allocation
|
page read and write
|
||
|
C7E000
|
heap
|
page read and write
|
||
|
2A20000
|
heap
|
page execute and read and write
|
||
|
3A39000
|
trusted library allocation
|
page read and write
|
||
|
5540000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A6C000
|
stack
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
3170000
|
heap
|
page read and write
|
||
|
6772000
|
trusted library allocation
|
page read and write
|
||
|
9C8000
|
heap
|
page read and write
|
||
|
5550000
|
trusted library allocation
|
page read and write
|
||
|
283D000
|
stack
|
page read and write
|
||
|
99E000
|
heap
|
page read and write
|
||
|
810000
|
trusted library allocation
|
page read and write
|
||
|
E91E000
|
stack
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
D23000
|
heap
|
page read and write
|
||
|
2432000
|
trusted library allocation
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
310E000
|
unkown
|
page read and write
|
||
|
6BA0000
|
heap
|
page read and write
|
||
|
D54000
|
heap
|
page read and write
|
||
|
1187000
|
heap
|
page read and write
|
||
|
86D0000
|
trusted library section
|
page read and write
|
||
|
C97000
|
heap
|
page read and write
|
||
|
E3EE000
|
stack
|
page read and write
|
||
|
4FB3000
|
heap
|
page read and write
|
||
|
D57000
|
heap
|
page read and write
|
||
|
25B9000
|
trusted library allocation
|
page read and write
|
||
|
29CE000
|
unkown
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
B1ED000
|
stack
|
page read and write
|
||
|
8700000
|
trusted library allocation
|
page execute and read and write
|
||
|
83B2000
|
heap
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
8E8000
|
heap
|
page read and write
|
||
|
4EB0000
|
trusted library allocation
|
page read and write
|
||
|
4AD2000
|
trusted library allocation
|
page read and write
|
||
|
D63F000
|
stack
|
page read and write
|
||
|
25B7000
|
trusted library allocation
|
page read and write
|
||
|
82D000
|
trusted library allocation
|
page execute and read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
6B50000
|
heap
|
page read and write
|
||
|
336B000
|
heap
|
page read and write
|
||
|
3A31000
|
trusted library allocation
|
page read and write
|
||
|
5200000
|
trusted library allocation
|
page read and write
|
||
|
D1B000
|
heap
|
page read and write
|
||
|
7CA000
|
stack
|
page read and write
|
||
|
5170000
|
trusted library allocation
|
page read and write
|
||
|
242D000
|
trusted library allocation
|
page read and write
|
||
|
ECE000
|
stack
|
page read and write
|
||
|
29CE000
|
stack
|
page read and write
|
||
|
51C0000
|
trusted library section
|
page readonly
|
||
|
2B90000
|
heap
|
page read and write
|
||
|
8431000
|
heap
|
page read and write
|
||
|
2ABF000
|
stack
|
page read and write
|
||
|
852000
|
trusted library allocation
|
page read and write
|
||
|
AF70000
|
trusted library allocation
|
page read and write
|
||
|
4ED1000
|
trusted library allocation
|
page read and write
|
||
|
27B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2421000
|
trusted library allocation
|
page read and write
|
||
|
2ACB000
|
trusted library allocation
|
page read and write
|
||
|
2D90000
|
heap
|
page read and write
|
||
|
D2BE000
|
stack
|
page read and write
|
||
|
846000
|
trusted library allocation
|
page execute and read and write
|
||
|
5420000
|
heap
|
page read and write
|
||
|
E6E000
|
stack
|
page read and write
|
||
|
8480000
|
heap
|
page read and write
|
||
|
4D50000
|
heap
|
page read and write
|
||
|
7EEE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4EF4000
|
trusted library allocation
|
page read and write
|
||
|
EB5C000
|
stack
|
page read and write
|
||
|
AECE000
|
stack
|
page read and write
|
||
|
1B0000
|
unkown
|
page readonly
|
||
|
914000
|
heap
|
page read and write
|
||
|
4EE2000
|
trusted library allocation
|
page read and write
|
||
|
83B0000
|
heap
|
page read and write
|
||
|
D53E000
|
stack
|
page read and write
|
||
|
86E0000
|
heap
|
page read and write
|
||
|
E52D000
|
stack
|
page read and write
|
||
|
83FE000
|
heap
|
page read and write
|
||
|
2450000
|
heap
|
page execute and read and write
|
||
|
4F92000
|
trusted library allocation
|
page read and write
|
||
|
4B6C000
|
stack
|
page read and write
|
||
|
2426000
|
trusted library allocation
|
page read and write
|
||
|
D08000
|
heap
|
page read and write
|
||
|
972000
|
heap
|
page read and write
|
||
|
4ECE000
|
trusted library allocation
|
page read and write
|
||
|
27D2000
|
trusted library allocation
|
page read and write
|
||
|
5191000
|
trusted library allocation
|
page read and write
|
||
|
A716000
|
trusted library allocation
|
page read and write
|
||
|
8C0000
|
heap
|
page read and write
|
||
|
2480000
|
trusted library allocation
|
page read and write
|
||
|
E42D000
|
stack
|
page read and write
|
||
|
6EB0000
|
trusted library section
|
page read and write
|
||
|
6F30000
|
trusted library allocation
|
page read and write
|
||
|
2D2A000
|
stack
|
page read and write
|
||
|
4F15000
|
trusted library allocation
|
page read and write
|
||
|
823000
|
trusted library allocation
|
page execute and read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
AFAD000
|
stack
|
page read and write
|
||
|
27CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
4AD0000
|
trusted library allocation
|
page read and write
|
||
|
241E000
|
trusted library allocation
|
page read and write
|
||
|
4ED6000
|
trusted library allocation
|
page read and write
|
||
|
2445000
|
trusted library allocation
|
page read and write
|
||
|
ADF000
|
stack
|
page read and write
|
||
|
D27F000
|
stack
|
page read and write
|
||
|
824000
|
trusted library allocation
|
page read and write
|
||
|
C6D000
|
stack
|
page read and write
|
||
|
6CB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BD0000
|
trusted library allocation
|
page read and write
|
||
|
D3BD000
|
stack
|
page read and write
|
||
|
890000
|
trusted library allocation
|
page read and write
|
||
|
4F00000
|
trusted library allocation
|
page read and write
|
||
|
84A000
|
trusted library allocation
|
page execute and read and write
|
||
|
84EF000
|
heap
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
4AF0000
|
trusted library allocation
|
page read and write
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
4BE3000
|
heap
|
page read and write
|
||
|
874E000
|
stack
|
page read and write
|
||
|
D7BB000
|
stack
|
page read and write
|
||
|
2DDE000
|
unkown
|
page read and write
|
||
|
D3FD000
|
stack
|
page read and write
|
||
|
83D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D40000
|
trusted library section
|
page readonly
|
||
|
5270000
|
trusted library allocation
|
page read and write
|
||
|
891E000
|
stack
|
page read and write
|
||
|
3F7000
|
stack
|
page read and write
|
||
|
2820000
|
heap
|
page read and write
|
||
|
921000
|
heap
|
page read and write
|
||
|
27BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
85AE000
|
stack
|
page read and write
|
||
|
4F97000
|
trusted library allocation
|
page read and write
|
||
|
27A0000
|
trusted library allocation
|
page read and write
|
||
|
2800000
|
trusted library allocation
|
page read and write
|
||
|
EA5C000
|
stack
|
page read and write
|
||
|
979000
|
heap
|
page read and write
|
||
|
907000
|
heap
|
page read and write
|
||
|
2A69000
|
trusted library allocation
|
page read and write
|
||
|
BDE000
|
stack
|
page read and write
|
||
|
86D1000
|
trusted library allocation
|
page read and write
|
||
|
2800000
|
trusted library allocation
|
page read and write
|
||
|
27EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D60000
|
heap
|
page read and write
|
||
|
E66E000
|
stack
|
page read and write
|
||
|
820000
|
trusted library allocation
|
page read and write
|
||
|
5215000
|
heap
|
page read and write
|
||
|
27C0000
|
trusted library allocation
|
page read and write
|
||
|
6FD000
|
stack
|
page read and write
|
||
|
28B0000
|
heap
|
page read and write
|
||
|
2A0E000
|
stack
|
page read and write
|
||
|
996000
|
heap
|
page read and write
|
||
|
880000
|
trusted library allocation
|
page execute and read and write
|
||
|
35A1000
|
trusted library allocation
|
page read and write
|
||
|
2A10000
|
trusted library allocation
|
page read and write
|
||
|
C8F000
|
heap
|
page read and write
|
||
|
ABBD000
|
stack
|
page read and write
|
||
|
27D0000
|
trusted library allocation
|
page read and write
|
||
|
279F000
|
trusted library allocation
|
page read and write
|
||
|
85B000
|
trusted library allocation
|
page execute and read and write
|
||
|
AE70000
|
heap
|
page read and write
|
||
|
840A000
|
heap
|
page read and write
|
||
|
C7A000
|
heap
|
page read and write
|
||
|
287A000
|
stack
|
page read and write
|
||
|
31BF000
|
stack
|
page read and write
|
||
|
4ED0000
|
trusted library allocation
|
page read and write
|
||
|
4FA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
D17000
|
heap
|
page read and write
|
||
|
4EF0000
|
trusted library allocation
|
page read and write
|
||
|
4F15000
|
heap
|
page read and write
|
||
|
4F40000
|
trusted library allocation
|
page read and write
|
||
|
31E0000
|
heap
|
page read and write
|
||
|
7FD80000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F2C000
|
trusted library allocation
|
page read and write
|
||
|
4FB0000
|
heap
|
page read and write
|
||
|
27B4000
|
trusted library allocation
|
page read and write
|
||
|
4F10000
|
trusted library allocation
|
page read and write
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
6F20000
|
trusted library allocation
|
page read and write
|
||
|
23BE000
|
stack
|
page read and write
|
||
|
4AE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5430000
|
heap
|
page read and write
|
||
|
CB2000
|
heap
|
page read and write
|
||
|
4A90000
|
heap
|
page read and write
|
||
|
D5A000
|
heap
|
page read and write
|
||
|
3DF7000
|
trusted library allocation
|
page read and write
|
||
|
2A30000
|
heap
|
page read and write
|
||
|
D2F000
|
heap
|
page read and write
|
||
|
E6AE000
|
stack
|
page read and write
|
||
|
2980000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A67000
|
trusted library allocation
|
page read and write
|
||
|
266000
|
unkown
|
page readonly
|
||
|
51F0000
|
heap
|
page read and write
|
||
|
51B0000
|
heap
|
page read and write
|
||
|
5190000
|
trusted library allocation
|
page execute and read and write
|
||
|
473C000
|
stack
|
page read and write
|
||
|
86CE000
|
stack
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
4EE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4EF0000
|
trusted library allocation
|
page read and write
|
||
|
709E000
|
stack
|
page read and write
|
||
|
B0ED000
|
stack
|
page read and write
|
||
|
27E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2810000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F20000
|
trusted library allocation
|
page read and write
|
||
|
830000
|
trusted library allocation
|
page read and write
|
||
|
968000
|
heap
|
page read and write
|
||
|
840000
|
trusted library allocation
|
page read and write
|
||
|
27D6000
|
trusted library allocation
|
page execute and read and write
|
||
|
D2B000
|
heap
|
page read and write
|
||
|
3A50000
|
trusted library allocation
|
page read and write
|
||
|
4AC0000
|
heap
|
page read and write
|
||
|
2B9B000
|
heap
|
page read and write
|
||
|
6F9E000
|
stack
|
page read and write
|
||
|
4B00000
|
heap
|
page execute and read and write
|
||
|
2AC7000
|
trusted library allocation
|
page read and write
|
||
|
6FF0000
|
heap
|
page read and write
|
||
|
27B0000
|
trusted library allocation
|
page read and write
|
||
|
4EB4000
|
trusted library allocation
|
page read and write
|
||
|
4F80000
|
heap
|
page read and write
|
||
|
5020000
|
heap
|
page read and write
|
||
|
4D3B000
|
stack
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
5030000
|
heap
|
page read and write
|
||
|
3360000
|
heap
|
page read and write
|
||
|
51E0000
|
heap
|
page read and write
|
||
|
E7AE000
|
stack
|
page read and write
|
||
|
2C2A000
|
trusted library allocation
|
page read and write
|
||
|
8441000
|
heap
|
page read and write
|
||
|
4CE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4EA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2490000
|
heap
|
page read and write
|
||
|
5070000
|
heap
|
page read and write
|
||
|
8A1E000
|
stack
|
page read and write
|
||
|
6BE000
|
stack
|
page read and write
|
||
|
505E000
|
heap
|
page read and write
|
||
|
84A5000
|
heap
|
page read and write
|
||
|
8FF000
|
heap
|
page read and write
|
||
|
5210000
|
heap
|
page read and write
|
||
|
6CA0000
|
trusted library allocation
|
page read and write
|
||
|
6750000
|
trusted library allocation
|
page read and write
|
||
|
240B000
|
trusted library allocation
|
page read and write
|
||
|
D07F000
|
stack
|
page read and write
|
||
|
2FA000
|
stack
|
page read and write
|
||
|
E2EE000
|
stack
|
page read and write
|
There are 313 hidden memdumps, click here to show them.