Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Codecs.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, InstallShield self-extracting archive
|
initial sample
|
||
|
C:\Users\user\AppData\Local\Temp\_ISTMP1.DIR\_INS5576._MP
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Temp\_ISTMP1.DIR\ZDataI51.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_ISTMP1.DIR\_INS0432.INI
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_ISTMP1.DIR\_ISTMP0.DIR\4d7894.DLL (copy)
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_ISTMP1.DIR\_ISTMP0.DIR\Corecomp.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_ISTMP1.DIR\_ISTMP0.DIR\Ctl3d32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_ISTMP1.DIR\_ISTMP0.DIR\IsUninst.728
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_ISTMP1.DIR\_ISTMP0.DIR\IsUninst.exe (copy)
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_ISTMP1.DIR\_ISTMP0.DIR\IsUninst.exe.orig
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_ISTMP1.DIR\_ISTMP0.DIR\_isres.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_ISTMP1.DIR\_ISTMP0.DIR\value.shl
|
Generic INItialization configuration [General]
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_ISTMP1.DIR\_WUTL951.DLL
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ext1B91.tmp
|
Generic INItialization configuration [Dialog1001]
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\pft1C0F~tmp\DATA.TAG
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\pft1C0F~tmp\SETUP.INI
|
Generic INItialization configuration [ISUPDATE]
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\pft1C0F~tmp\Setup.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\pft1C0F~tmp\TxsH263.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\pft1C0F~tmp\_ISDel.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\pft1C0F~tmp\_Setup.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\pft1C0F~tmp\_inst32i.ex_
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\pft1C0F~tmp\_sys1.cab
|
InstallShield CAB
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\pft1C0F~tmp\_sys1.hdr
|
InstallShield CAB
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\pft1C0F~tmp\_user1.cab
|
InstallShield CAB
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\pft1C0F~tmp\_user1.hdr
|
InstallShield CAB
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\pft1C0F~tmp\data1.cab
|
InstallShield CAB
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\pft1C0F~tmp\data1.hdr
|
InstallShield CAB
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\pft1C0F~tmp\lang.dat
|
Generic INItialization configuration [0x0409]
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\pft1C0F~tmp\layout.bin
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\pft1C0F~tmp\os.dat
|
Generic INItialization configuration [0x0009]
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\pft1C0F~tmp\pftw1.pkg
|
Microsoft Cabinet archive data, many, 773515 bytes, 19 files, at 0x2c +A "\Disk1\DATA.TAG" +A "\Disk1\data1.cab", ID 12345,
number 1, 34 datablocks, 0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\pft1C0F~tmp\setup.ins
|
COM executable for DOS
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\pft1C0F~tmp\setup.lid
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\pft1C0F~tmp\txsadp32.acm
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\plf1B90.tmp
|
Generic INItialization configuration [Dialog1001]
|
dropped
|
||
|
C:\Windows\IsUninst.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\SysWOW64\TxsH263.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\SysWOW64\txsadp32.acm
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\_delis32.ini
|
JSON data
|
modified
|
||
|
C:\Windows\_isenv31.ini
|
data
|
dropped
|
||
|
C:\Windows\_iserr31.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 31 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\AppData\Local\Temp\_ISTMP1.DIR\_INS5576._MP
|
C:\Users\user\AppData\Local\Temp\_ISTMP1.DIR\_INS5576._MP
|
|
|
|
C:\Users\user\Desktop\Codecs.exe
|
"C:\Users\user\Desktop\Codecs.exe"
|
||
|
C:\Users\user\AppData\Local\Temp\pft1C0F~tmp\Setup.exe
|
"C:\Users\user\AppData\Local\Temp\pft1C0F~tmp\Setup.exe" /SMS
|
||
|
C:\Users\user\AppData\Local\Temp\pft1C0F~tmp\_ISDel.exe
|
C:\Users\user\AppData\Local\Temp\pft1C0F~tmp\_ISDEL.EXE
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.installshield.com
|
unknown
|
||
|
http://www.marchnetworks.com
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32
|
msacm.txsadpcm
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32
|
vidc.T263
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\drivers.desc
|
txsadp32.acm
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Multimedia\Audio Compression Manager\Priority v4.00
|
Priority1
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\drivers.desc
|
TxsH263.dll
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
27B0000
|
trusted library allocation
|
page read and write
|
||
|
485000
|
heap
|
page read and write
|
||
|
4950000
|
trusted library allocation
|
page read and write
|
||
|
47A000
|
heap
|
page read and write
|
||
|
826000
|
heap
|
page read and write
|
||
|
472000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
4950000
|
trusted library allocation
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
27B0000
|
trusted library allocation
|
page read and write
|
||
|
4850000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
30F0000
|
trusted library allocation
|
page read and write
|
||
|
414000
|
unkown
|
page write copy
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
2670000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
20CE000
|
stack
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
236E000
|
stack
|
page read and write
|
||
|
409000
|
unkown
|
page readonly
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
26C0000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
405000
|
unkown
|
page read and write
|
||
|
2250000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
1F5000
|
heap
|
page read and write
|
||
|
826000
|
heap
|
page read and write
|
||
|
2130000
|
direct allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
48B000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
2020000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2590000
|
trusted library allocation
|
page read and write
|
||
|
99000
|
stack
|
page read and write
|
||
|
30F0000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
3EE0000
|
trusted library allocation
|
page read and write
|
||
|
304A000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
205E000
|
stack
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2830000
|
trusted library allocation
|
page read and write
|
||
|
7D7000
|
heap
|
page read and write
|
||
|
412000
|
unkown
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
4950000
|
trusted library allocation
|
page read and write
|
||
|
2DEF000
|
stack
|
page read and write
|
||
|
49B000
|
heap
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
412000
|
unkown
|
page readonly
|
||
|
86A000
|
heap
|
page read and write
|
||
|
476000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
49B000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
120000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
815000
|
heap
|
page read and write
|
||
|
4950000
|
trusted library allocation
|
page read and write
|
||
|
695000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
826000
|
heap
|
page read and write
|
||
|
490000
|
heap
|
page read and write
|
||
|
45D000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
829000
|
heap
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
49B000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2050000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
7A2000
|
heap
|
page read and write
|
||
|
4850000
|
heap
|
page read and write
|
||
|
813000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
4950000
|
trusted library allocation
|
page read and write
|
||
|
2370000
|
heap
|
page read and write
|
||
|
812000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
47D000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2590000
|
trusted library allocation
|
page read and write
|
||
|
3EE0000
|
trusted library allocation
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
301D000
|
heap
|
page read and write
|
||
|
84D000
|
heap
|
page read and write
|
||
|
80E000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
7DB000
|
heap
|
page read and write
|
||
|
4850000
|
trusted library allocation
|
page read and write
|
||
|
33CF000
|
stack
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
7E1000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
99000
|
stack
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
212F000
|
stack
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
836000
|
heap
|
page read and write
|
||
|
4950000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
268F000
|
stack
|
page read and write
|
||
|
1FCE000
|
stack
|
page read and write
|
||
|
5C5000
|
heap
|
page read and write
|
||
|
5CA000
|
heap
|
page read and write
|
||
|
851000
|
heap
|
page read and write
|
||
|
595000
|
heap
|
page read and write
|
||
|
481000
|
unkown
|
page write copy
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
5C5000
|
heap
|
page read and write
|
||
|
26C0000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
4DA0000
|
trusted library allocation
|
page read and write
|
||
|
492000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
1F80000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
91000
|
stack
|
page read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
1FB0000
|
heap
|
page read and write
|
||
|
2230000
|
direct allocation
|
page read and write
|
||
|
DC000
|
stack
|
page read and write
|
||
|
1F4F000
|
stack
|
page read and write
|
||
|
4950000
|
trusted library allocation
|
page read and write
|
||
|
20E0000
|
direct allocation
|
page read and write
|
||
|
413000
|
unkown
|
page readonly
|
||
|
4950000
|
trusted library allocation
|
page read and write
|
||
|
26A0000
|
heap
|
page read and write
|
||
|
2250000
|
trusted library allocation
|
page read and write
|
||
|
823000
|
heap
|
page read and write
|
||
|
3028000
|
heap
|
page read and write
|
||
|
815000
|
heap
|
page read and write
|
||
|
40F000
|
unkown
|
page read and write
|
||
|
473000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
7F8000
|
heap
|
page read and write
|
||
|
476000
|
heap
|
page read and write
|
||
|
2770000
|
heap
|
page read and write
|
||
|
2C7F000
|
stack
|
page read and write
|
||
|
47F0000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2023000
|
heap
|
page read and write
|
||
|
68B000
|
heap
|
page read and write
|
||
|
300B000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
3010000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
829000
|
heap
|
page read and write
|
||
|
3EE0000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
40D000
|
unkown
|
page readonly
|
||
|
4950000
|
trusted library allocation
|
page read and write
|
||
|
20CE000
|
stack
|
page read and write
|
||
|
4950000
|
trusted library allocation
|
page read and write
|
||
|
404000
|
unkown
|
page readonly
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
7EF000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
1F8E000
|
stack
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
27B0000
|
trusted library allocation
|
page read and write
|
||
|
222E000
|
stack
|
page read and write
|
||
|
350F000
|
stack
|
page read and write
|
||
|
26C0000
|
trusted library allocation
|
page read and write
|
||
|
806000
|
heap
|
page read and write
|
||
|
40F000
|
unkown
|
page write copy
|
||
|
481000
|
unkown
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
210E000
|
stack
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
4950000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
3EE0000
|
trusted library allocation
|
page read and write
|
||
|
3EE0000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
12A000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
48B000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2570000
|
heap
|
page read and write
|
||
|
2250000
|
trusted library allocation
|
page read and write
|
||
|
20D3000
|
heap
|
page read and write
|
||
|
84D000
|
heap
|
page read and write
|
||
|
318E000
|
stack
|
page read and write
|
||
|
404000
|
unkown
|
page readonly
|
||
|
2F2F000
|
stack
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
6A8000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
27B0000
|
trusted library allocation
|
page read and write
|
||
|
695000
|
heap
|
page read and write
|
||
|
2010000
|
heap
|
page read and write
|
||
|
2230000
|
trusted library allocation
|
page read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
78B000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
835000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2030000
|
direct allocation
|
page read and write
|
||
|
40DF000
|
stack
|
page read and write
|
||
|
58E000
|
stack
|
page read and write
|
||
|
340E000
|
stack
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
7E7000
|
heap
|
page read and write
|
||
|
26B0000
|
direct allocation
|
page read and write
|
||
|
492000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
4D5000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
40D000
|
unkown
|
page readonly
|
||
|
312F000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
221E000
|
stack
|
page read and write
|
||
|
2780000
|
direct allocation
|
page read and write
|
||
|
498000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2CEE000
|
stack
|
page read and write
|
||
|
7EB000
|
heap
|
page read and write
|
||
|
3EE0000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2530000
|
trusted library allocation
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
818000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
20D0000
|
heap
|
page read and write
|
||
|
303A000
|
heap
|
page read and write
|
||
|
201E000
|
stack
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
414000
|
unkown
|
page read and write
|
||
|
7ED000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
1F60000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
130000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2123000
|
heap
|
page read and write
|
||
|
26AA000
|
heap
|
page read and write
|
||
|
303B000
|
heap
|
page read and write
|
||
|
30F0000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
3EE0000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2CAF000
|
stack
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
418000
|
unkown
|
page readonly
|
||
|
815000
|
heap
|
page read and write
|
||
|
3EE0000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
407000
|
unkown
|
page read and write
|
||
|
4950000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
27B0000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
1FE0000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
4950000
|
trusted library allocation
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
2BAF000
|
stack
|
page read and write
|
||
|
3FDF000
|
stack
|
page read and write
|
||
|
2230000
|
trusted library allocation
|
page read and write
|
||
|
26C0000
|
trusted library allocation
|
page read and write
|
||
|
4950000
|
trusted library allocation
|
page read and write
|
||
|
150000
|
heap
|
page read and write
|
||
|
460000
|
heap
|
page read and write
|
||
|
1EC0000
|
heap
|
page read and write
|
||
|
83A000
|
heap
|
page read and write
|
||
|
80E000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page readonly
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
65A000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
4950000
|
trusted library allocation
|
page read and write
|
||
|
84B000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2230000
|
trusted library allocation
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
405000
|
unkown
|
page write copy
|
||
|
418000
|
unkown
|
page readonly
|
||
|
3130000
|
heap
|
page read and write
|
||
|
328F000
|
stack
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
823000
|
heap
|
page read and write
|
||
|
47E000
|
unkown
|
page readonly
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
32CE000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
27B0000
|
trusted library allocation
|
page read and write
|
||
|
4950000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
829000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
304A000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2120000
|
heap
|
page read and write
|
||
|
818000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4950000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2020000
|
heap
|
page read and write
|
||
|
160000
|
heap
|
page read and write
|
||
|
47E000
|
unkown
|
page readonly
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
47A000
|
heap
|
page read and write
|
||
|
3EE0000
|
trusted library allocation
|
page read and write
|
||
|
492000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
66F000
|
heap
|
page read and write
|
||
|
2E2E000
|
stack
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
4950000
|
trusted library allocation
|
page read and write
|
||
|
2230000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
823000
|
heap
|
page read and write
|
||
|
818000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2240000
|
heap
|
page read and write
|
||
|
44B000
|
heap
|
page read and write
|
||
|
413000
|
unkown
|
page readonly
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
1B0000
|
heap
|
page read and write
|
||
|
2250000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
2024000
|
heap
|
page read and write
|
||
|
412000
|
unkown
|
page readonly
|
||
|
2F70000
|
heap
|
page read and write
|
There are 387 hidden memdumps, click here to show them.