Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Bill Of Lading.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Bill Of Lading.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ikhewcja.44a.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lefng4a4.n3e.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_s3sovwsg.x3n.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wdss2j2m.moh.psm1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Bill Of Lading.exe
|
"C:\Users\user\Desktop\Bill Of Lading.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\Bill Of
Lading.exe"
|
|
|
|
C:\Users\user\Desktop\Bill Of Lading.exe
|
"C:\Users\user\Desktop\Bill Of Lading.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/173.254.250.72d
|
unknown
|
||
|
http://reallyfreegeoip.orgd
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/173.254.250.72
|
188.114.97.3
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/173.254.250.72l
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
https://www.chiark.greenend.org.uk/~sgtatham/putty/0
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://crl.m
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://checkip.dyndns.org/
|
132.226.247.73
|
||
|
http://checkip.dyndns.comd
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://reallyfreegeoip.org
|
unknown
|
||
|
http://checkip.dyndns.orgd
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
https://reallyfreegeoip.org
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://checkip.dyndns.com
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://checkip.dyndns.org/d
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
||
|
https://api.telegram.org/bot-/sendDocument?chat_id=
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
There are 33 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
reallyfreegeoip.org
|
188.114.97.3
|
|
|
|
checkip.dyndns.org
|
unknown
|
|
|
|
checkip.dyndns.com
|
132.226.247.73
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.97.3
|
reallyfreegeoip.org
|
European Union
|
|
|
|
132.226.247.73
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Bill Of Lading_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Bill Of Lading_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Bill Of Lading_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Bill Of Lading_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Bill Of Lading_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Bill Of Lading_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Bill Of Lading_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Bill Of Lading_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Bill Of Lading_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Bill Of Lading_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Bill Of Lading_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Bill Of Lading_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Bill Of Lading_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Bill Of Lading_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
41B7000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
AF6000
|
heap
|
page read and write
|
||
|
DCCE000
|
stack
|
page read and write
|
||
|
4E03000
|
heap
|
page read and write
|
||
|
12F7000
|
stack
|
page read and write
|
||
|
5970000
|
heap
|
page read and write
|
||
|
4E10000
|
trusted library allocation
|
page read and write
|
||
|
3351000
|
trusted library allocation
|
page read and write
|
||
|
5E9E000
|
stack
|
page read and write
|
||
|
6A92000
|
trusted library allocation
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
1890000
|
trusted library allocation
|
page read and write
|
||
|
F5E000
|
stack
|
page read and write
|
||
|
D7CE000
|
stack
|
page read and write
|
||
|
5989000
|
heap
|
page read and write
|
||
|
1635000
|
trusted library allocation
|
page execute and read and write
|
||
|
753D000
|
stack
|
page read and write
|
||
|
4329000
|
trusted library allocation
|
page read and write
|
||
|
5EAA000
|
trusted library allocation
|
page read and write
|
||
|
33C9000
|
trusted library allocation
|
page read and write
|
||
|
5890000
|
trusted library allocation
|
page read and write
|
||
|
DA0000
|
trusted library allocation
|
page read and write
|
||
|
7075000
|
heap
|
page read and write
|
||
|
59AE000
|
heap
|
page read and write
|
||
|
3921000
|
trusted library allocation
|
page read and write
|
||
|
695F000
|
stack
|
page read and write
|
||
|
4E60000
|
trusted library allocation
|
page read and write
|
||
|
4FE0000
|
heap
|
page read and write
|
||
|
1870000
|
trusted library allocation
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
6C50000
|
heap
|
page read and write
|
||
|
7079000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
DD2000
|
trusted library allocation
|
page read and write
|
||
|
75D8000
|
heap
|
page read and write
|
||
|
ACA000
|
heap
|
page read and write
|
||
|
33EC000
|
trusted library allocation
|
page read and write
|
||
|
75DC000
|
heap
|
page read and write
|
||
|
5EA4000
|
trusted library allocation
|
page read and write
|
||
|
DC8E000
|
stack
|
page read and write
|
||
|
184D000
|
trusted library allocation
|
page read and write
|
||
|
4E80000
|
trusted library allocation
|
page read and write
|
||
|
5DDE000
|
stack
|
page read and write
|
||
|
70B5000
|
heap
|
page read and write
|
||
|
1718000
|
heap
|
page read and write
|
||
|
4E00000
|
heap
|
page read and write
|
||
|
D8E000
|
stack
|
page read and write
|
||
|
163B000
|
trusted library allocation
|
page execute and read and write
|
||
|
DE2000
|
trusted library allocation
|
page read and write
|
||
|
DEB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1604000
|
trusted library allocation
|
page read and write
|
||
|
560000
|
unkown
|
page readonly
|
||
|
2959000
|
trusted library allocation
|
page read and write
|
||
|
160D000
|
trusted library allocation
|
page execute and read and write
|
||
|
335C000
|
trusted library allocation
|
page read and write
|
||
|
1632000
|
trusted library allocation
|
page read and write
|
||
|
58EE000
|
stack
|
page read and write
|
||
|
33F0000
|
trusted library allocation
|
page read and write
|
||
|
16E0000
|
heap
|
page read and write
|
||
|
4FC0000
|
trusted library section
|
page readonly
|
||
|
59C4000
|
heap
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
6A90000
|
trusted library allocation
|
page read and write
|
||
|
41A000
|
remote allocation
|
page execute and read and write
|
||
|
6960000
|
heap
|
page read and write
|
||
|
4179000
|
trusted library allocation
|
page read and write
|
||
|
431D000
|
trusted library allocation
|
page read and write
|
||
|
16D0000
|
trusted library allocation
|
page read and write
|
||
|
74BE000
|
stack
|
page read and write
|
||
|
1841000
|
trusted library allocation
|
page read and write
|
||
|
1610000
|
trusted library allocation
|
page read and write
|
||
|
16FE000
|
heap
|
page read and write
|
||
|
183A000
|
trusted library allocation
|
page read and write
|
||
|
6A70000
|
trusted library allocation
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
6B00000
|
heap
|
page read and write
|
||
|
33DE000
|
trusted library allocation
|
page read and write
|
||
|
32F1000
|
trusted library allocation
|
page read and write
|
||
|
42F1000
|
trusted library allocation
|
page read and write
|
||
|
16C0000
|
trusted library allocation
|
page read and write
|
||
|
5BDE000
|
stack
|
page read and write
|
||
|
2921000
|
trusted library allocation
|
page read and write
|
||
|
6AA0000
|
trusted library allocation
|
page read and write
|
||
|
4EA0000
|
trusted library allocation
|
page read and write
|
||
|
977000
|
stack
|
page read and write
|
||
|
E10000
|
trusted library allocation
|
page execute and read and write
|
||
|
675F000
|
stack
|
page read and write
|
||
|
718E000
|
stack
|
page read and write
|
||
|
2810000
|
heap
|
page execute and read and write
|
||
|
33A8000
|
trusted library allocation
|
page read and write
|
||
|
6968000
|
heap
|
page read and write
|
||
|
7073000
|
heap
|
page read and write
|
||
|
4313000
|
trusted library allocation
|
page read and write
|
||
|
685E000
|
stack
|
page read and write
|
||
|
3408000
|
trusted library allocation
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
580E000
|
stack
|
page read and write
|
||
|
5395000
|
heap
|
page read and write
|
||
|
2800000
|
trusted library allocation
|
page read and write
|
||
|
75EE000
|
heap
|
page read and write
|
||
|
E00000
|
trusted library allocation
|
page read and write
|
||
|
33CE000
|
trusted library allocation
|
page read and write
|
||
|
6C00000
|
trusted library allocation
|
page execute and read and write
|
||
|
4DC1000
|
trusted library allocation
|
page read and write
|
||
|
4F60000
|
trusted library allocation
|
page execute and read and write
|
||
|
B570000
|
trusted library section
|
page read and write
|
||
|
8D5E000
|
stack
|
page read and write
|
||
|
17CE000
|
heap
|
page read and write
|
||
|
70A2000
|
heap
|
page read and write
|
||
|
DB3000
|
trusted library allocation
|
page execute and read and write
|
||
|
3413000
|
trusted library allocation
|
page read and write
|
||
|
4FF0000
|
heap
|
page read and write
|
||
|
27F0000
|
trusted library allocation
|
page read and write
|
||
|
4A5C000
|
stack
|
page read and write
|
||
|
336E000
|
trusted library allocation
|
page read and write
|
||
|
4DAB000
|
trusted library allocation
|
page read and write
|
||
|
181E000
|
stack
|
page read and write
|
||
|
DC3000
|
trusted library allocation
|
page read and write
|
||
|
182E000
|
trusted library allocation
|
page read and write
|
||
|
D90E000
|
stack
|
page read and write
|
||
|
58F3000
|
heap
|
page read and write
|
||
|
278E000
|
stack
|
page read and write
|
||
|
4320000
|
trusted library allocation
|
page read and write
|
||
|
58A0000
|
heap
|
page execute and read and write
|
||
|
8E5E000
|
stack
|
page read and write
|
||
|
5020000
|
trusted library allocation
|
page read and write
|
||
|
5010000
|
trusted library allocation
|
page execute and read and write
|
||
|
1826000
|
trusted library allocation
|
page read and write
|
||
|
B01000
|
heap
|
page read and write
|
||
|
562000
|
unkown
|
page readonly
|
||
|
291E000
|
stack
|
page read and write
|
||
|
8F9E000
|
stack
|
page read and write
|
||
|
162A000
|
trusted library allocation
|
page execute and read and write
|
||
|
70AB000
|
heap
|
page read and write
|
||
|
DB8E000
|
stack
|
page read and write
|
||
|
4DE0000
|
trusted library allocation
|
page read and write
|
||
|
FC9000
|
stack
|
page read and write
|
||
|
70C1000
|
heap
|
page read and write
|
||
|
4DBE000
|
trusted library allocation
|
page read and write
|
||
|
2AE2000
|
trusted library allocation
|
page read and write
|
||
|
5E5E000
|
stack
|
page read and write
|
||
|
4E62000
|
trusted library allocation
|
page read and write
|
||
|
5EA6000
|
trusted library allocation
|
page read and write
|
||
|
73BE000
|
stack
|
page read and write
|
||
|
189B000
|
trusted library allocation
|
page read and write
|
||
|
E04C000
|
stack
|
page read and write
|
||
|
E30000
|
trusted library allocation
|
page read and write
|
||
|
DA0D000
|
stack
|
page read and write
|
||
|
33A4000
|
trusted library allocation
|
page read and write
|
||
|
4E50000
|
heap
|
page read and write
|
||
|
16AE000
|
stack
|
page read and write
|
||
|
A2E000
|
stack
|
page read and write
|
||
|
14B0000
|
heap
|
page read and write
|
||
|
52FE000
|
stack
|
page read and write
|
||
|
D6CE000
|
stack
|
page read and write
|
||
|
74FD000
|
stack
|
page read and write
|
||
|
16D4000
|
trusted library allocation
|
page read and write
|
||
|
72B0000
|
trusted library allocation
|
page read and write
|
||
|
4DA0000
|
trusted library allocation
|
page read and write
|
||
|
170A000
|
heap
|
page read and write
|
||
|
1846000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
heap
|
page read and write
|
||
|
8E9E000
|
stack
|
page read and write
|
||
|
5060000
|
heap
|
page execute and read and write
|
||
|
33D4000
|
trusted library allocation
|
page read and write
|
||
|
3397000
|
trusted library allocation
|
page read and write
|
||
|
B43D000
|
stack
|
page read and write
|
||
|
B6B000
|
heap
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
7AB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
584E000
|
stack
|
page read and write
|
||
|
4FBC000
|
stack
|
page read and write
|
||
|
336C000
|
trusted library allocation
|
page read and write
|
||
|
5CDF000
|
stack
|
page read and write
|
||
|
338B000
|
trusted library allocation
|
page read and write
|
||
|
340D000
|
trusted library allocation
|
page read and write
|
||
|
3359000
|
trusted library allocation
|
page read and write
|
||
|
183E000
|
trusted library allocation
|
page read and write
|
||
|
6C40000
|
heap
|
page read and write
|
||
|
32C0000
|
trusted library allocation
|
page read and write
|
||
|
B140000
|
heap
|
page read and write
|
||
|
6A70000
|
trusted library allocation
|
page execute and read and write
|
||
|
326E000
|
stack
|
page read and write
|
||
|
1620000
|
trusted library allocation
|
page read and write
|
||
|
33AC000
|
trusted library allocation
|
page read and write
|
||
|
182B000
|
trusted library allocation
|
page read and write
|
||
|
1820000
|
trusted library allocation
|
page read and write
|
||
|
4E70000
|
trusted library allocation
|
page execute and read and write
|
||
|
69BD000
|
heap
|
page read and write
|
||
|
16E8000
|
heap
|
page read and write
|
||
|
75F0000
|
heap
|
page read and write
|
||
|
4DC6000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
trusted library allocation
|
page read and write
|
||
|
5E1E000
|
stack
|
page read and write
|
||
|
3401000
|
trusted library allocation
|
page read and write
|
||
|
33E7000
|
trusted library allocation
|
page read and write
|
||
|
58F0000
|
heap
|
page read and write
|
||
|
7290000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
1660000
|
trusted library allocation
|
page read and write
|
||
|
DB0000
|
trusted library allocation
|
page read and write
|
||
|
ACE000
|
heap
|
page read and write
|
||
|
1440000
|
heap
|
page read and write
|
||
|
274E000
|
stack
|
page read and write
|
||
|
DE7000
|
trusted library allocation
|
page execute and read and write
|
||
|
53A0000
|
trusted library section
|
page read and write
|
||
|
72A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
DCD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7068000
|
heap
|
page read and write
|
||
|
B33D000
|
stack
|
page read and write
|
||
|
DD6000
|
trusted library allocation
|
page execute and read and write
|
||
|
32AD000
|
stack
|
page read and write
|
||
|
6E70000
|
heap
|
page read and write
|
||
|
A9E000
|
stack
|
page read and write
|
||
|
27CE000
|
stack
|
page read and write
|
||
|
5980000
|
heap
|
page read and write
|
||
|
6A80000
|
trusted library allocation
|
page read and write
|
||
|
7050000
|
heap
|
page read and write
|
||
|
588E000
|
stack
|
page read and write
|
||
|
29EB000
|
trusted library allocation
|
page read and write
|
||
|
1630000
|
trusted library allocation
|
page read and write
|
||
|
DC0000
|
trusted library allocation
|
page read and write
|
||
|
DBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3929000
|
trusted library allocation
|
page read and write
|
||
|
87A000
|
stack
|
page read and write
|
||
|
728F000
|
stack
|
page read and write
|
||
|
DB4000
|
trusted library allocation
|
page read and write
|
||
|
75E0000
|
heap
|
page read and write
|
||
|
B03000
|
heap
|
page read and write
|
||
|
B54E000
|
stack
|
page read and write
|
||
|
161D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3362000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1791000
|
heap
|
page read and write
|
||
|
14F0000
|
heap
|
page read and write
|
||
|
DF4B000
|
stack
|
page read and write
|
||
|
4FD0000
|
heap
|
page read and write
|
||
|
1637000
|
trusted library allocation
|
page execute and read and write
|
||
|
4349000
|
trusted library allocation
|
page read and write
|
||
|
5380000
|
trusted library allocation
|
page read and write
|
||
|
6A87000
|
trusted library allocation
|
page read and write
|
||
|
DDCF000
|
stack
|
page read and write
|
||
|
A55000
|
heap
|
page read and write
|
||
|
7370000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E66000
|
trusted library allocation
|
page read and write
|
||
|
707F000
|
heap
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
DDA000
|
trusted library allocation
|
page execute and read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
14E0000
|
trusted library allocation
|
page read and write
|
||
|
655F000
|
stack
|
page read and write
|
||
|
2805000
|
trusted library allocation
|
page read and write
|
||
|
B97000
|
heap
|
page read and write
|
||
|
6C10000
|
trusted library allocation
|
page read and write
|
||
|
D8CE000
|
stack
|
page read and write
|
||
|
1600000
|
trusted library allocation
|
page read and write
|
||
|
70B2000
|
heap
|
page read and write
|
||
|
75C0000
|
heap
|
page read and write
|
||
|
1603000
|
trusted library allocation
|
page execute and read and write
|
||
|
B76000
|
heap
|
page read and write
|
||
|
1860000
|
heap
|
page read and write
|
||
|
7AA0000
|
trusted library allocation
|
page read and write
|
||
|
706D000
|
heap
|
page read and write
|
||
|
665E000
|
stack
|
page read and write
|
||
|
1626000
|
trusted library allocation
|
page execute and read and write
|
||
|
548E000
|
stack
|
page read and write
|
||
|
E40000
|
trusted library allocation
|
page read and write
|
||
|
4F50000
|
trusted library allocation
|
page read and write
|
||
|
1622000
|
trusted library allocation
|
page read and write
|
||
|
6A60000
|
trusted library allocation
|
page execute and read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
18C0000
|
heap
|
page read and write
|
||
|
495C000
|
stack
|
page read and write
|
||
|
4DCD000
|
trusted library allocation
|
page read and write
|
||
|
10F7000
|
heap
|
page read and write
|
||
|
14F5000
|
heap
|
page read and write
|
||
|
32E0000
|
heap
|
page execute and read and write
|
||
|
7EF50000
|
trusted library allocation
|
page execute and read and write
|
||
|
7540000
|
trusted library allocation
|
page read and write
|
||
|
AD5A000
|
trusted library allocation
|
page read and write
|
||
|
1640000
|
heap
|
page read and write
|
There are 272 hidden memdumps, click here to show them.