Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
z1MRforsteamDRUM-A1_pdf.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\batchers
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\z1MRforsteamDRUM-A1_pdf.exe
|
"C:\Users\user\Desktop\z1MRforsteamDRUM-A1_pdf.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Users\user\Desktop\z1MRforsteamDRUM-A1_pdf.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://reallyfreegeoip.org
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/173.254.250.78$
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
http://checkip.dyndns.org/
|
193.122.6.168
|
||
|
https://reallyfreegeoip.org/xml/173.254.250.78
|
188.114.97.3
|
||
|
http://checkip.dyndns.com
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/173.254.250.78x
|
unknown
|
||
|
http://reallyfreegeoip.org
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
There are 1 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
reallyfreegeoip.org
|
188.114.97.3
|
|
|
|
checkip.dyndns.org
|
unknown
|
|
|
|
checkip.dyndns.com
|
193.122.6.168
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.97.3
|
reallyfreegeoip.org
|
European Union
|
|
|
|
193.122.6.168
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2A05000
|
heap
|
page read and write
|
|
|
|
2F19000
|
trusted library allocation
|
page read and write
|
|
|
|
30E5000
|
trusted library allocation
|
page read and write
|
|
|
|
52F0000
|
trusted library section
|
page read and write
|
|
|
|
3EB1000
|
trusted library allocation
|
page read and write
|
|
|
|
53B0000
|
trusted library section
|
page read and write
|
|
|
|
CF7000
|
stack
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
2950000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
610F000
|
stack
|
page read and write
|
||
|
43FD000
|
heap
|
page read and write
|
||
|
A87000
|
heap
|
page read and write
|
||
|
678F000
|
stack
|
page read and write
|
||
|
534A000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3196000
|
trusted library allocation
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
648E000
|
stack
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3F93000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
3159000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3149000
|
trusted library allocation
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3F86000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
306E000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
4041000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3F93000
|
heap
|
page read and write
|
||
|
2F02000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
640E000
|
stack
|
page read and write
|
||
|
3066000
|
trusted library allocation
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
2B00000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3F93000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FA1000
|
trusted library allocation
|
page read and write
|
||
|
534E000
|
trusted library allocation
|
page read and write
|
||
|
5470000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
2EF6000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
F40000
|
trusted library allocation
|
page read and write
|
||
|
68D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3F93000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
319B000
|
trusted library allocation
|
page read and write
|
||
|
6D40000
|
heap
|
page read and write
|
||
|
301A000
|
trusted library allocation
|
page read and write
|
||
|
2C90000
|
trusted library allocation
|
page read and write
|
||
|
5351000
|
trusted library allocation
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
30C9000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
4AB000
|
unkown
|
page readonly
|
||
|
2ED1000
|
trusted library allocation
|
page read and write
|
||
|
90A000
|
stack
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
309B000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
2904000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
2E4E000
|
stack
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
535D000
|
trusted library allocation
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3F0A000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
644D000
|
stack
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
2EFA000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
2EE7000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3F5A000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
5630000
|
heap
|
page read and write
|
||
|
2F06000
|
trusted library allocation
|
page read and write
|
||
|
3F93000
|
heap
|
page read and write
|
||
|
2EB7000
|
trusted library allocation
|
page read and write
|
||
|
DD5000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
2EC4000
|
trusted library allocation
|
page read and write
|
||
|
3056000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
5672000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3F93000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
2FF8000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
6790000
|
trusted library allocation
|
page execute and read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
2FC5000
|
trusted library allocation
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
2F17000
|
trusted library allocation
|
page read and write
|
||
|
2900000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
2AF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
5946000
|
trusted library allocation
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
2935000
|
trusted library allocation
|
page execute and read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
2F15000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
67B8000
|
trusted library allocation
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
2ECC000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
F20000
|
trusted library section
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
2C40000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
2922000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
592E000
|
stack
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3F93000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
542E000
|
stack
|
page read and write
|
||
|
56EE000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3F93000
|
heap
|
page read and write
|
||
|
301E000
|
trusted library allocation
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
308D000
|
trusted library allocation
|
page read and write
|
||
|
FFA000
|
heap
|
page read and write
|
||
|
53A0000
|
heap
|
page execute and read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
2C60000
|
heap
|
page execute and read and write
|
||
|
30D7000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3F93000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
668E000
|
stack
|
page read and write
|
||
|
291D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
2EDF000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
31A1000
|
trusted library allocation
|
page read and write
|
||
|
2F09000
|
trusted library allocation
|
page read and write
|
||
|
546D000
|
stack
|
page read and write
|
||
|
305E000
|
trusted library allocation
|
page read and write
|
||
|
67D0000
|
trusted library allocation
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3F93000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
293B000
|
trusted library allocation
|
page execute and read and write
|
||
|
482000
|
unkown
|
page readonly
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3F7D000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
2913000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3F93000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3F93000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
52EE000
|
stack
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3F93000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
2ECE000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
2920000
|
trusted library allocation
|
page read and write
|
||
|
3F93000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FA4000
|
trusted library allocation
|
page read and write
|
||
|
2EBC000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
67E8000
|
trusted library allocation
|
page read and write
|
||
|
3F93000
|
heap
|
page read and write
|
||
|
5944000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
2ECA000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3F93000
|
heap
|
page read and write
|
||
|
2937000
|
trusted library allocation
|
page execute and read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
2ED7000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
2EE5000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
290D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
FF4000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
65CF000
|
stack
|
page read and write
|
||
|
2EFE000
|
trusted library allocation
|
page read and write
|
||
|
2CA3000
|
heap
|
page read and write
|
||
|
5370000
|
trusted library allocation
|
page execute and read and write
|
||
|
5950000
|
trusted library allocation
|
page execute and read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
2EC6000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
620E000
|
stack
|
page read and write
|
||
|
F9F000
|
heap
|
page read and write
|
||
|
3F93000
|
heap
|
page read and write
|
||
|
3016000
|
trusted library allocation
|
page read and write
|
||
|
3F97000
|
trusted library allocation
|
page read and write
|
||
|
5356000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
2EC8000
|
trusted library allocation
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
2F0B000
|
trusted library allocation
|
page read and write
|
||
|
3F93000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3F0A000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
594A000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
2EB1000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
299E000
|
stack
|
page read and write
|
||
|
58AE000
|
stack
|
page read and write
|
||
|
3F93000
|
heap
|
page read and write
|
||
|
600F000
|
stack
|
page read and write
|
||
|
FF7000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3022000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
3B97000
|
heap
|
page read and write
|
||
|
292A000
|
trusted library allocation
|
page execute and read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
29DE000
|
stack
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
64CE000
|
stack
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
30C5000
|
trusted library allocation
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FFD000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3F93000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
300D000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
30A9000
|
trusted library allocation
|
page read and write
|
||
|
318F000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
2FCD000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
630E000
|
stack
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3144000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
5530000
|
heap
|
page read and write
|
||
|
5336000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
314F000
|
trusted library allocation
|
page read and write
|
||
|
533B000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
2930000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
2910000
|
trusted library allocation
|
page read and write
|
||
|
2C3E000
|
stack
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
5480000
|
trusted library allocation
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
67A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAD000
|
trusted library allocation
|
page read and write
|
||
|
3F93000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
2F00000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
F68000
|
heap
|
page read and write
|
||
|
2EF4000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
426000
|
system
|
page execute and read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
58EE000
|
stack
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3167000
|
trusted library allocation
|
page read and write
|
||
|
2E8E000
|
stack
|
page read and write
|
||
|
2EED000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
2EE3000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
67C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FE0000
|
trusted library allocation
|
page read and write
|
||
|
6800000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2F0F000
|
trusted library allocation
|
page read and write
|
||
|
660E000
|
stack
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
2EE9000
|
trusted library allocation
|
page read and write
|
||
|
3F93000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
2B20000
|
trusted library allocation
|
page read and write
|
||
|
306A000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3F40000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3080000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
305A000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
2926000
|
trusted library allocation
|
page execute and read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
2903000
|
trusted library allocation
|
page execute and read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
2F04000
|
trusted library allocation
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
2EE1000
|
trusted library allocation
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3062000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
2932000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3162000
|
trusted library allocation
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
43B000
|
system
|
page execute and read and write
|
||
|
5634000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
6880000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3F93000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
2EA0000
|
heap
|
page read and write
|
||
|
3F93000
|
heap
|
page read and write
|
||
|
67B0000
|
trusted library allocation
|
page read and write
|
||
|
FFF000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
533E000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3F93000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
FCA000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
2EC2000
|
trusted library allocation
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
316C000
|
trusted library allocation
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
490000
|
unkown
|
page write copy
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
2EEB000
|
trusted library allocation
|
page read and write
|
||
|
2C50000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
67E1000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
664E000
|
stack
|
page read and write
|
||
|
67F0000
|
trusted library allocation
|
page read and write
|
||
|
3F93000
|
heap
|
page read and write
|
||
|
3FAE000
|
heap
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
||
|
5330000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
heap
|
page read and write
|
There are 568 hidden memdumps, click here to show them.