Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
M2AB8BeHc4.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\M2AB8BeHc4.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_f3k1nbs3.lsl.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jizkrf2i.hpm.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qks2qhqx.nu2.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_x20j5onh.12m.ps1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\M2AB8BeHc4.exe
|
"C:\Users\user\Desktop\M2AB8BeHc4.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\M2AB8BeHc4.exe"
|
|
|
|
C:\Users\user\Desktop\M2AB8BeHc4.exe
|
"C:\Users\user\Desktop\M2AB8BeHc4.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
https://api.telegram.org
|
unknown
|
||
|
https://api.telegram.org/bot
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/173.254.250.72$
|
unknown
|
||
|
https://www.office.com/lB
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/173.254.250.72
|
188.114.97.3
|
||
|
http://o.pki.goog/s/we1/tOE0%
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:675052%0D%0ADate%20and%20Time:%2029/10/2024%20/%2018:30:13%0D%0ACountry%20Name:%20United%20States%0D%0A%5B%20675052%20Clicked%20on%20the%20File%20If%20you%20see%20nothing%20this's%20mean%20the%20system%20storage's%20empty.%20%5D
|
149.154.167.220
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
https://chrome.google.com/webstore?hl=en
|
unknown
|
||
|
http://varders.kozow.com:8081
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://checkip.dyndns.org/
|
158.101.44.242
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17Install
|
unknown
|
||
|
http://c.pki.goog/r/r4.crl0
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
https://chrome.google.com/webstore?hl=enlB
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://i.pki.goog/r4.crt0
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
||
|
http://i.pki.goog/we1.crt05
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:675052%0D%0ADate%20a
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
||
|
https://www.office.com/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://c.pki.goog/we1/LTZ9nL9sQRA.crl0
|
unknown
|
||
|
http://c.pki.goog/r/gsr1.crl0
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://aborters.duckdns.org:8081
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://anotherarmy.dns.army:8081
|
unknown
|
||
|
http://i.pki.goog/gsr1.crt0-
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
https://reallyfreegeoip.org
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Examples
|
unknown
|
||
|
http://51.38.247.67:8081/_send_.php?LCapplication/x-www-form-urlencoded
|
unknown
|
There are 47 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
reallyfreegeoip.org
|
188.114.97.3
|
|
|
|
api.telegram.org
|
149.154.167.220
|
|
|
|
checkip.dyndns.org
|
unknown
|
|
|
|
checkip.dyndns.com
|
158.101.44.242
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
|
|
|
188.114.97.3
|
reallyfreegeoip.org
|
European Union
|
|
|
|
158.101.44.242
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\M2AB8BeHc4_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\M2AB8BeHc4_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\M2AB8BeHc4_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\M2AB8BeHc4_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\M2AB8BeHc4_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\M2AB8BeHc4_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\M2AB8BeHc4_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\M2AB8BeHc4_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\M2AB8BeHc4_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\M2AB8BeHc4_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\M2AB8BeHc4_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\M2AB8BeHc4_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\M2AB8BeHc4_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\M2AB8BeHc4_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2D17000
|
trusted library allocation
|
page read and write
|
|
|
|
2C21000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
4147000
|
trusted library allocation
|
page read and write
|
|
|
|
3E28000
|
trusted library allocation
|
page read and write
|
||
|
2DB6000
|
trusted library allocation
|
page read and write
|
||
|
6B00000
|
heap
|
page read and write
|
||
|
957000
|
stack
|
page read and write
|
||
|
2E3A000
|
trusted library allocation
|
page read and write
|
||
|
2C92000
|
trusted library allocation
|
page read and write
|
||
|
3D4D000
|
trusted library allocation
|
page read and write
|
||
|
2E0E000
|
trusted library allocation
|
page read and write
|
||
|
3F8B000
|
trusted library allocation
|
page read and write
|
||
|
EF3E000
|
stack
|
page read and write
|
||
|
BD8000
|
heap
|
page read and write
|
||
|
1068000
|
heap
|
page read and write
|
||
|
639E000
|
stack
|
page read and write
|
||
|
2E06000
|
trusted library allocation
|
page read and write
|
||
|
2BDE000
|
trusted library allocation
|
page read and write
|
||
|
3E80000
|
trusted library allocation
|
page read and write
|
||
|
2DE2000
|
trusted library allocation
|
page read and write
|
||
|
C63000
|
heap
|
page read and write
|
||
|
C12000
|
heap
|
page read and write
|
||
|
4E30000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D90000
|
trusted library allocation
|
page read and write
|
||
|
3E7E000
|
trusted library allocation
|
page read and write
|
||
|
509B000
|
stack
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
71AE000
|
stack
|
page read and write
|
||
|
684E000
|
stack
|
page read and write
|
||
|
280F000
|
stack
|
page read and write
|
||
|
FA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A4C000
|
stack
|
page read and write
|
||
|
3D63000
|
trusted library allocation
|
page read and write
|
||
|
2830000
|
trusted library allocation
|
page execute and read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
2E08000
|
trusted library allocation
|
page read and write
|
||
|
5380000
|
trusted library allocation
|
page read and write
|
||
|
2CD9000
|
trusted library allocation
|
page read and write
|
||
|
3CDE000
|
trusted library allocation
|
page read and write
|
||
|
3F50000
|
trusted library allocation
|
page read and write
|
||
|
3D09000
|
trusted library allocation
|
page read and write
|
||
|
53B0000
|
heap
|
page read and write
|
||
|
48B8000
|
trusted library allocation
|
page read and write
|
||
|
69D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
EF7E000
|
stack
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
5040000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CF5000
|
trusted library allocation
|
page read and write
|
||
|
2876000
|
trusted library allocation
|
page read and write
|
||
|
26FC000
|
stack
|
page read and write
|
||
|
52C9000
|
heap
|
page read and write
|
||
|
70B0000
|
heap
|
page read and write
|
||
|
2F08000
|
trusted library allocation
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
2A65000
|
trusted library allocation
|
page read and write
|
||
|
70D9000
|
heap
|
page read and write
|
||
|
5050000
|
heap
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
2A00000
|
trusted library allocation
|
page read and write
|
||
|
E77E000
|
stack
|
page read and write
|
||
|
52F3000
|
heap
|
page read and write
|
||
|
6A50000
|
trusted library allocation
|
page execute and read and write
|
||
|
E92E000
|
stack
|
page read and write
|
||
|
28B1000
|
trusted library allocation
|
page read and write
|
||
|
4C2000
|
unkown
|
page readonly
|
||
|
BB7000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F78000
|
trusted library allocation
|
page read and write
|
||
|
6A80000
|
trusted library allocation
|
page read and write
|
||
|
28A0000
|
heap
|
page execute and read and write
|
||
|
BBB000
|
trusted library allocation
|
page execute and read and write
|
||
|
285B000
|
trusted library allocation
|
page read and write
|
||
|
3EAD000
|
trusted library allocation
|
page read and write
|
||
|
3FB6000
|
trusted library allocation
|
page read and write
|
||
|
2850000
|
trusted library allocation
|
page read and write
|
||
|
6A97000
|
trusted library allocation
|
page read and write
|
||
|
F03000
|
trusted library allocation
|
page execute and read and write
|
||
|
793D000
|
stack
|
page read and write
|
||
|
50E0000
|
trusted library allocation
|
page read and write
|
||
|
69C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
9FA000
|
stack
|
page read and write
|
||
|
2BBE000
|
stack
|
page read and write
|
||
|
3E82000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
72AF000
|
stack
|
page read and write
|
||
|
EDFE000
|
stack
|
page read and write
|
||
|
3FA6000
|
trusted library allocation
|
page read and write
|
||
|
6A22000
|
trusted library allocation
|
page read and write
|
||
|
3D01000
|
trusted library allocation
|
page read and write
|
||
|
70F6000
|
heap
|
page read and write
|
||
|
F20000
|
trusted library allocation
|
page read and write
|
||
|
2C10000
|
heap
|
page execute and read and write
|
||
|
3CFD000
|
trusted library allocation
|
page read and write
|
||
|
77FD000
|
stack
|
page read and write
|
||
|
2C83000
|
trusted library allocation
|
page read and write
|
||
|
E6E000
|
stack
|
page read and write
|
||
|
85A000
|
stack
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
2DD7000
|
trusted library allocation
|
page read and write
|
||
|
52E6000
|
trusted library allocation
|
page read and write
|
||
|
6A70000
|
trusted library allocation
|
page execute and read and write
|
||
|
B92000
|
trusted library allocation
|
page read and write
|
||
|
3F75000
|
trusted library allocation
|
page read and write
|
||
|
3F43000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
52B0000
|
heap
|
page read and write
|
||
|
69E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C18000
|
heap
|
page read and write
|
||
|
EA2E000
|
stack
|
page read and write
|
||
|
3E07000
|
trusted library allocation
|
page read and write
|
||
|
B8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
EE5000
|
heap
|
page read and write
|
||
|
698E000
|
stack
|
page read and write
|
||
|
2810000
|
heap
|
page read and write
|
||
|
3C88000
|
trusted library allocation
|
page read and write
|
||
|
5300000
|
heap
|
page read and write
|
||
|
F04000
|
trusted library allocation
|
page read and write
|
||
|
B74000
|
trusted library allocation
|
page read and write
|
||
|
2BCB000
|
trusted library allocation
|
page read and write
|
||
|
F32000
|
trusted library allocation
|
page read and write
|
||
|
52F0000
|
heap
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
125E000
|
stack
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
5304000
|
heap
|
page read and write
|
||
|
4E80000
|
heap
|
page read and write
|
||
|
2BCE000
|
trusted library allocation
|
page read and write
|
||
|
26BE000
|
stack
|
page read and write
|
||
|
3EB5000
|
trusted library allocation
|
page read and write
|
||
|
2BE1000
|
trusted library allocation
|
page read and write
|
||
|
65DD000
|
stack
|
page read and write
|
||
|
7048000
|
heap
|
page read and write
|
||
|
B70000
|
trusted library allocation
|
page read and write
|
||
|
3E04000
|
trusted library allocation
|
page read and write
|
||
|
2BF2000
|
trusted library allocation
|
page read and write
|
||
|
3022000
|
trusted library allocation
|
page read and write
|
||
|
3108000
|
trusted library allocation
|
page read and write
|
||
|
286E000
|
trusted library allocation
|
page read and write
|
||
|
2CE1000
|
trusted library allocation
|
page read and write
|
||
|
6F3E000
|
stack
|
page read and write
|
||
|
709F000
|
heap
|
page read and write
|
||
|
73F0000
|
trusted library allocation
|
page read and write
|
||
|
7082000
|
heap
|
page read and write
|
||
|
B9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
287D000
|
trusted library allocation
|
page read and write
|
||
|
50C0000
|
trusted library allocation
|
page read and write
|
||
|
2CDD000
|
trusted library allocation
|
page read and write
|
||
|
3CDC000
|
trusted library allocation
|
page read and write
|
||
|
649E000
|
stack
|
page read and write
|
||
|
304F000
|
trusted library allocation
|
page read and write
|
||
|
108A000
|
heap
|
page read and write
|
||
|
2F6B000
|
trusted library allocation
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
2890000
|
trusted library allocation
|
page read and write
|
||
|
EABE000
|
stack
|
page read and write
|
||
|
1156000
|
heap
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
F1BC000
|
stack
|
page read and write
|
||
|
688E000
|
stack
|
page read and write
|
||
|
2E9B000
|
trusted library allocation
|
page read and write
|
||
|
5420000
|
trusted library section
|
page read and write
|
||
|
2700000
|
heap
|
page read and write
|
||
|
B5E000
|
stack
|
page read and write
|
||
|
3F57000
|
trusted library allocation
|
page read and write
|
||
|
3DCA000
|
trusted library allocation
|
page read and write
|
||
|
1050000
|
trusted library allocation
|
page read and write
|
||
|
B90000
|
trusted library allocation
|
page read and write
|
||
|
70D0000
|
heap
|
page read and write
|
||
|
69A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3D05000
|
trusted library allocation
|
page read and write
|
||
|
2BE6000
|
trusted library allocation
|
page read and write
|
||
|
2BC6000
|
trusted library allocation
|
page read and write
|
||
|
6AD0000
|
heap
|
page read and write
|
||
|
4E40000
|
trusted library allocation
|
page read and write
|
||
|
3C21000
|
trusted library allocation
|
page read and write
|
||
|
3D6A000
|
trusted library allocation
|
page read and write
|
||
|
38B1000
|
trusted library allocation
|
page read and write
|
||
|
F3B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FF4000
|
trusted library allocation
|
page read and write
|
||
|
BB2000
|
trusted library allocation
|
page read and write
|
||
|
F9E000
|
stack
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
6990000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
trusted library allocation
|
page read and write
|
||
|
6518000
|
heap
|
page read and write
|
||
|
4DA0000
|
trusted library allocation
|
page read and write
|
||
|
2E31000
|
trusted library allocation
|
page read and write
|
||
|
3EF2000
|
trusted library allocation
|
page read and write
|
||
|
783D000
|
stack
|
page read and write
|
||
|
3F72000
|
trusted library allocation
|
page read and write
|
||
|
E72E000
|
stack
|
page read and write
|
||
|
2670000
|
trusted library allocation
|
page read and write
|
||
|
56EF000
|
stack
|
page read and write
|
||
|
703E000
|
stack
|
page read and write
|
||
|
50F0000
|
trusted library allocation
|
page read and write
|
||
|
2C6F000
|
trusted library allocation
|
page read and write
|
||
|
3D4B000
|
trusted library allocation
|
page read and write
|
||
|
F26000
|
trusted library allocation
|
page execute and read and write
|
||
|
51F0000
|
trusted library allocation
|
page read and write
|
||
|
3F63000
|
trusted library allocation
|
page read and write
|
||
|
6A90000
|
trusted library allocation
|
page read and write
|
||
|
661F000
|
stack
|
page read and write
|
||
|
3FBD000
|
trusted library allocation
|
page read and write
|
||
|
538D000
|
trusted library allocation
|
page read and write
|
||
|
2A08000
|
trusted library allocation
|
page read and write
|
||
|
B60000
|
trusted library allocation
|
page read and write
|
||
|
51CE000
|
stack
|
page read and write
|
||
|
2AB0000
|
heap
|
page read and write
|
||
|
2DB0000
|
trusted library allocation
|
page read and write
|
||
|
5100000
|
heap
|
page execute and read and write
|
||
|
6AC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F0A000
|
trusted library allocation
|
page read and write
|
||
|
38B9000
|
trusted library allocation
|
page read and write
|
||
|
4D1F000
|
stack
|
page read and write
|
||
|
4E93000
|
heap
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
6AB0000
|
trusted library allocation
|
page read and write
|
||
|
4108000
|
trusted library allocation
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
2840000
|
trusted library allocation
|
page read and write
|
||
|
52A5000
|
heap
|
page read and write
|
||
|
3CD8000
|
trusted library allocation
|
page read and write
|
||
|
BDE000
|
heap
|
page read and write
|
||
|
4E20000
|
trusted library allocation
|
page read and write
|
||
|
3CF5000
|
trusted library allocation
|
page read and write
|
||
|
53A0000
|
heap
|
page execute and read and write
|
||
|
3C49000
|
trusted library allocation
|
page read and write
|
||
|
3F80000
|
trusted library allocation
|
page read and write
|
||
|
307E000
|
trusted library allocation
|
page read and write
|
||
|
50D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
52C0000
|
heap
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page execute and read and write
|
||
|
F2A000
|
trusted library allocation
|
page execute and read and write
|
||
|
73ED000
|
stack
|
page read and write
|
||
|
52A0000
|
heap
|
page read and write
|
||
|
2E13000
|
trusted library allocation
|
page read and write
|
||
|
CF7000
|
stack
|
page read and write
|
||
|
FFE000
|
stack
|
page read and write
|
||
|
1096000
|
heap
|
page read and write
|
||
|
4DA5000
|
trusted library allocation
|
page read and write
|
||
|
2DD5000
|
trusted library allocation
|
page read and write
|
||
|
4E10000
|
heap
|
page read and write
|
||
|
69B0000
|
trusted library allocation
|
page read and write
|
||
|
2AA0000
|
trusted library allocation
|
page read and write
|
||
|
2871000
|
trusted library allocation
|
page read and write
|
||
|
3D72000
|
trusted library allocation
|
page read and write
|
||
|
3E99000
|
trusted library allocation
|
page read and write
|
||
|
3FA0000
|
trusted library allocation
|
page read and write
|
||
|
72C0000
|
heap
|
page read and write
|
||
|
2BDA000
|
trusted library allocation
|
page read and write
|
||
|
2F99000
|
trusted library allocation
|
page read and write
|
||
|
4E1E000
|
stack
|
page read and write
|
||
|
5290000
|
trusted library allocation
|
page read and write
|
||
|
2C9A000
|
trusted library allocation
|
page read and write
|
||
|
2C88000
|
trusted library allocation
|
page read and write
|
||
|
3D11000
|
trusted library allocation
|
page read and write
|
||
|
F37000
|
trusted library allocation
|
page execute and read and write
|
||
|
6E00000
|
heap
|
page read and write
|
||
|
2E04000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
2BC0000
|
trusted library allocation
|
page read and write
|
||
|
DCE000
|
stack
|
page read and write
|
||
|
652E000
|
heap
|
page read and write
|
||
|
3D51000
|
trusted library allocation
|
page read and write
|
||
|
ECF000
|
stack
|
page read and write
|
||
|
1040000
|
trusted library allocation
|
page read and write
|
||
|
2C81000
|
trusted library allocation
|
page read and write
|
||
|
BA7000
|
heap
|
page read and write
|
||
|
EF0000
|
trusted library allocation
|
page read and write
|
||
|
115B000
|
heap
|
page read and write
|
||
|
F0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
A95000
|
heap
|
page read and write
|
||
|
2DAC000
|
trusted library allocation
|
page read and write
|
||
|
3FA4000
|
trusted library allocation
|
page read and write
|
||
|
7054000
|
heap
|
page read and write
|
||
|
2C7B000
|
trusted library allocation
|
page read and write
|
||
|
2E6B000
|
trusted library allocation
|
page read and write
|
||
|
30AC000
|
trusted library allocation
|
page read and write
|
||
|
67CE000
|
stack
|
page read and write
|
||
|
680E000
|
stack
|
page read and write
|
||
|
EBBE000
|
stack
|
page read and write
|
||
|
3FC5000
|
trusted library allocation
|
page read and write
|
||
|
2BED000
|
trusted library allocation
|
page read and write
|
||
|
2CE9000
|
trusted library allocation
|
page read and write
|
||
|
3E93000
|
trusted library allocation
|
page read and write
|
||
|
2F38000
|
trusted library allocation
|
page read and write
|
||
|
3DD3000
|
trusted library allocation
|
page read and write
|
||
|
3EA1000
|
trusted library allocation
|
page read and write
|
||
|
B73000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DCF000
|
trusted library allocation
|
page read and write
|
||
|
28C9000
|
trusted library allocation
|
page read and write
|
||
|
2CB1000
|
trusted library allocation
|
page read and write
|
||
|
BF8000
|
heap
|
page read and write
|
||
|
69F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
52E4000
|
trusted library allocation
|
page read and write
|
||
|
3E0F000
|
trusted library allocation
|
page read and write
|
||
|
ECFE000
|
stack
|
page read and write
|
||
|
3F68000
|
trusted library allocation
|
page read and write
|
||
|
6A00000
|
trusted library allocation
|
page read and write
|
||
|
103C000
|
stack
|
page read and write
|
||
|
38FA000
|
trusted library allocation
|
page read and write
|
||
|
B660000
|
trusted library section
|
page read and write
|
||
|
3F5D000
|
trusted library allocation
|
page read and write
|
||
|
3D3B000
|
trusted library allocation
|
page read and write
|
||
|
64A0000
|
heap
|
page read and write
|
||
|
4C0000
|
unkown
|
page readonly
|
||
|
B1E000
|
stack
|
page read and write
|
||
|
4DB0000
|
trusted library allocation
|
page read and write
|
||
|
654A000
|
heap
|
page read and write
|
||
|
EE3E000
|
stack
|
page read and write
|
||
|
F50000
|
trusted library allocation
|
page read and write
|
||
|
2CE5000
|
trusted library allocation
|
page read and write
|
||
|
2FC6000
|
trusted library allocation
|
page read and write
|
||
|
7040000
|
heap
|
page read and write
|
||
|
2C96000
|
trusted library allocation
|
page read and write
|
||
|
5030000
|
heap
|
page read and write
|
||
|
3D2D000
|
trusted library allocation
|
page read and write
|
||
|
3D53000
|
trusted library allocation
|
page read and write
|
||
|
F22000
|
trusted library allocation
|
page read and write
|
||
|
F0BC000
|
stack
|
page read and write
|
||
|
B96000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E22000
|
trusted library allocation
|
page read and write
|
||
|
F07E000
|
stack
|
page read and write
|
||
|
4E70000
|
trusted library section
|
page readonly
|
||
|
52EA000
|
trusted library allocation
|
page read and write
|
||
|
3C2B000
|
trusted library allocation
|
page read and write
|
||
|
3DD5000
|
trusted library allocation
|
page read and write
|
||
|
F1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
2B25000
|
trusted library allocation
|
page read and write
|
||
|
4E90000
|
heap
|
page read and write
|
||
|
3C43000
|
trusted library allocation
|
page read and write
|
||
|
520E000
|
stack
|
page read and write
|
||
|
3DB2000
|
trusted library allocation
|
page read and write
|
||
|
3ED2000
|
trusted library allocation
|
page read and write
|
||
|
6E0E000
|
heap
|
page read and write
|
||
|
3EA9000
|
trusted library allocation
|
page read and write
|
||
|
2DD3000
|
trusted library allocation
|
page read and write
|
||
|
2CF1000
|
trusted library allocation
|
page read and write
|
||
|
3F99000
|
trusted library allocation
|
page read and write
|
||
|
70CD000
|
heap
|
page read and write
|
||
|
2CED000
|
trusted library allocation
|
page read and write
|
||
|
66CE000
|
stack
|
page read and write
|
||
|
6AA0000
|
trusted library allocation
|
page read and write
|
||
|
30DA000
|
trusted library allocation
|
page read and write
|
||
|
1054000
|
trusted library allocation
|
page read and write
|
||
|
B80000
|
trusted library allocation
|
page read and write
|
||
|
3D0D000
|
trusted library allocation
|
page read and write
|
||
|
3D03000
|
trusted library allocation
|
page read and write
|
||
|
3EDF000
|
trusted library allocation
|
page read and write
|
||
|
2C00000
|
trusted library allocation
|
page read and write
|
||
|
6A60000
|
trusted library allocation
|
page read and write
|
||
|
50CB000
|
trusted library allocation
|
page read and write
|
||
|
5440000
|
trusted library allocation
|
page execute and read and write
|
||
|
72B0000
|
heap
|
page read and write
|
||
|
3EEF000
|
trusted library allocation
|
page read and write
|
||
|
52EE000
|
heap
|
page read and write
|
||
|
3CEE000
|
trusted library allocation
|
page read and write
|
||
|
2DDD000
|
trusted library allocation
|
page read and write
|
||
|
3D0F000
|
trusted library allocation
|
page read and write
|
||
|
B7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
CCC000
|
heap
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
F35000
|
trusted library allocation
|
page execute and read and write
|
There are 356 hidden memdumps, click here to show them.