Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
CAMNG3ONuN.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\CAMNG3ONuN.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmpF03F.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\oJFNpRAYB.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\oJFNpRAYB.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RegSvcs.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\oJFNpRAYB.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0wf5fn45.cwx.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1gij15ju.cxu.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_h51whqua.euh.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_j2eutcyl.an5.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nrgdsbzh.di3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qda3fenv.0vg.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_v5dg2rxz.1yr.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xxcqmjps.jlr.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpFF62.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 7 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\CAMNG3ONuN.exe
|
"C:\Users\user\Desktop\CAMNG3ONuN.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\CAMNG3ONuN.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\oJFNpRAYB.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\oJFNpRAYB" /XML "C:\Users\user\AppData\Local\Temp\tmpF03F.tmp"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\oJFNpRAYB.exe
|
C:\Users\user\AppData\Roaming\oJFNpRAYB.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\oJFNpRAYB" /XML "C:\Users\user\AppData\Local\Temp\tmpFF62.tmp"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
There are 16 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ronymahmoud.casacam.net
|
3.128.254.91
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
3.128.254.91
|
ronymahmoud.casacam.net
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER
|
di
|
||
|
HKEY_CURRENT_USER\SOFTWARE\8f1e01fb78d64f28
|
[kl]
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3381000
|
trusted library allocation
|
page read and write
|
|
|
|
2C51000
|
trusted library allocation
|
page read and write
|
|
|
|
2C32000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2872000
|
trusted library allocation
|
page read and write
|
|
|
|
2881000
|
trusted library allocation
|
page read and write
|
|
|
|
2C41000
|
trusted library allocation
|
page read and write
|
|
|
|
2891000
|
trusted library allocation
|
page read and write
|
|
|
|
AD0000
|
trusted library allocation
|
page read and write
|
||
|
5780000
|
trusted library allocation
|
page read and write
|
||
|
15E0000
|
trusted library allocation
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
3330000
|
trusted library allocation
|
page read and write
|
||
|
2690000
|
trusted library allocation
|
page read and write
|
||
|
27CF000
|
stack
|
page read and write
|
||
|
67AE000
|
stack
|
page read and write
|
||
|
4EC0000
|
trusted library section
|
page readonly
|
||
|
3627000
|
trusted library allocation
|
page read and write
|
||
|
811000
|
heap
|
page read and write
|
||
|
974E000
|
stack
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
9B30000
|
heap
|
page read and write
|
||
|
AAB000
|
stack
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
5420000
|
heap
|
page read and write
|
||
|
2E8D000
|
trusted library allocation
|
page read and write
|
||
|
AF2000
|
trusted library allocation
|
page read and write
|
||
|
A36C000
|
stack
|
page read and write
|
||
|
10F8000
|
trusted library allocation
|
page read and write
|
||
|
842000
|
heap
|
page read and write
|
||
|
267D000
|
trusted library allocation
|
page read and write
|
||
|
502E000
|
heap
|
page read and write
|
||
|
13D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
6CE0000
|
trusted library allocation
|
page read and write
|
||
|
13C0000
|
trusted library allocation
|
page read and write
|
||
|
2AD0000
|
trusted library allocation
|
page read and write
|
||
|
6F30000
|
trusted library allocation
|
page read and write
|
||
|
54DE000
|
stack
|
page read and write
|
||
|
13FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
328F000
|
unkown
|
page read and write
|
||
|
1037000
|
trusted library allocation
|
page execute and read and write
|
||
|
A3AF000
|
stack
|
page read and write
|
||
|
AF0000
|
trusted library allocation
|
page read and write
|
||
|
260C000
|
stack
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
3370000
|
heap
|
page execute and read and write
|
||
|
5074000
|
trusted library section
|
page readonly
|
||
|
107F000
|
stack
|
page read and write
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
1020000
|
trusted library allocation
|
page read and write
|
||
|
57A0000
|
heap
|
page read and write
|
||
|
2D94000
|
trusted library allocation
|
page read and write
|
||
|
33DC000
|
trusted library allocation
|
page read and write
|
||
|
14E7000
|
heap
|
page read and write
|
||
|
13DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AB1000
|
trusted library allocation
|
page read and write
|
||
|
2DA6000
|
trusted library allocation
|
page read and write
|
||
|
54E0000
|
trusted library allocation
|
page read and write
|
||
|
2D50000
|
trusted library allocation
|
page read and write
|
||
|
9A2E000
|
stack
|
page read and write
|
||
|
13E3000
|
trusted library allocation
|
page read and write
|
||
|
D6B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B60000
|
heap
|
page read and write
|
||
|
2640000
|
heap
|
page read and write
|
||
|
28E4000
|
trusted library allocation
|
page read and write
|
||
|
3337000
|
trusted library allocation
|
page read and write
|
||
|
E22000
|
heap
|
page read and write
|
||
|
4CA0000
|
trusted library allocation
|
page read and write
|
||
|
CAD000
|
stack
|
page read and write
|
||
|
3170000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
546E000
|
stack
|
page read and write
|
||
|
A3AD000
|
stack
|
page read and write
|
||
|
2E1E000
|
stack
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
ADD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3188000
|
trusted library allocation
|
page read and write
|
||
|
5000000
|
heap
|
page read and write
|
||
|
4C70000
|
heap
|
page read and write
|
||
|
3070000
|
heap
|
page read and write
|
||
|
56CE000
|
trusted library allocation
|
page read and write
|
||
|
6D7E000
|
stack
|
page read and write
|
||
|
3E35000
|
trusted library allocation
|
page read and write
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
7368000
|
heap
|
page read and write
|
||
|
4ED0000
|
heap
|
page read and write
|
||
|
2B20000
|
trusted library allocation
|
page read and write
|
||
|
3CAC000
|
trusted library allocation
|
page read and write
|
||
|
50C0000
|
heap
|
page read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
724E000
|
stack
|
page read and write
|
||
|
2949000
|
trusted library allocation
|
page read and write
|
||
|
2A9B000
|
trusted library allocation
|
page read and write
|
||
|
2D40000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AE0000
|
trusted library allocation
|
page read and write
|
||
|
7F230000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C92000
|
trusted library allocation
|
page read and write
|
||
|
2E90000
|
heap
|
page read and write
|
||
|
1770000
|
heap
|
page read and write
|
||
|
5DE0000
|
heap
|
page read and write
|
||
|
702E000
|
stack
|
page read and write
|
||
|
48CC000
|
stack
|
page read and write
|
||
|
5C7E000
|
stack
|
page read and write
|
||
|
285B000
|
trusted library allocation
|
page read and write
|
||
|
2D61000
|
trusted library allocation
|
page read and write
|
||
|
57A3000
|
heap
|
page read and write
|
||
|
AF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
2528000
|
trusted library allocation
|
page read and write
|
||
|
103B000
|
trusted library allocation
|
page execute and read and write
|
||
|
9DAD000
|
stack
|
page read and write
|
||
|
9C6E000
|
stack
|
page read and write
|
||
|
5070000
|
trusted library section
|
page readonly
|
||
|
3BC2000
|
trusted library allocation
|
page read and write
|
||
|
2C90000
|
heap
|
page read and write
|
||
|
137E000
|
stack
|
page read and write
|
||
|
2E7F000
|
unkown
|
page read and write
|
||
|
1350000
|
trusted library allocation
|
page read and write
|
||
|
56C0000
|
trusted library allocation
|
page read and write
|
||
|
55AE000
|
stack
|
page read and write
|
||
|
707F000
|
stack
|
page read and write
|
||
|
12F7000
|
stack
|
page read and write
|
||
|
975000
|
heap
|
page read and write
|
||
|
9E7F000
|
stack
|
page read and write
|
||
|
AE0000
|
trusted library allocation
|
page read and write
|
||
|
1650000
|
trusted library allocation
|
page execute and read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
588C000
|
stack
|
page read and write
|
||
|
330F000
|
stack
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
5798000
|
trusted library allocation
|
page read and write
|
||
|
5190000
|
trusted library allocation
|
page read and write
|
||
|
2676000
|
trusted library allocation
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
D50000
|
trusted library allocation
|
page read and write
|
||
|
5790000
|
trusted library allocation
|
page read and write
|
||
|
3350000
|
trusted library allocation
|
page read and write
|
||
|
2D3D000
|
stack
|
page read and write
|
||
|
16D7000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C30000
|
heap
|
page execute and read and write
|
||
|
3D88000
|
trusted library allocation
|
page read and write
|
||
|
2B70000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C12000
|
trusted library allocation
|
page read and write
|
||
|
739B000
|
heap
|
page read and write
|
||
|
2AAE000
|
trusted library allocation
|
page read and write
|
||
|
266E000
|
trusted library allocation
|
page read and write
|
||
|
D52000
|
trusted library allocation
|
page read and write
|
||
|
5180000
|
trusted library allocation
|
page read and write
|
||
|
A02C000
|
stack
|
page read and write
|
||
|
24B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
1408000
|
heap
|
page read and write
|
||
|
3E31000
|
trusted library allocation
|
page read and write
|
||
|
AC0000
|
trusted library allocation
|
page read and write
|
||
|
581E000
|
stack
|
page read and write
|
||
|
50C3000
|
heap
|
page read and write
|
||
|
25C0000
|
heap
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
F4E000
|
stack
|
page read and write
|
||
|
1475000
|
heap
|
page read and write
|
||
|
133E000
|
stack
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
2ABD000
|
trusted library allocation
|
page read and write
|
||
|
C0E000
|
stack
|
page read and write
|
||
|
4FE0000
|
trusted library allocation
|
page read and write
|
||
|
139E000
|
stack
|
page read and write
|
||
|
DFA000
|
heap
|
page read and write
|
||
|
A4AE000
|
stack
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
2B2D000
|
stack
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
1014000
|
trusted library allocation
|
page read and write
|
||
|
AD4000
|
trusted library allocation
|
page read and write
|
||
|
1004000
|
trusted library allocation
|
page read and write
|
||
|
265B000
|
trusted library allocation
|
page read and write
|
||
|
AED000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D65000
|
trusted library allocation
|
page read and write
|
||
|
3160000
|
trusted library allocation
|
page read and write
|
||
|
4FF0000
|
heap
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
A12D000
|
stack
|
page read and write
|
||
|
6E8C000
|
heap
|
page read and write
|
||
|
106A000
|
heap
|
page read and write
|
||
|
9D6E000
|
stack
|
page read and write
|
||
|
6E30000
|
heap
|
page read and write
|
||
|
38B0000
|
trusted library allocation
|
page read and write
|
||
|
1063000
|
heap
|
page read and write
|
||
|
13D0000
|
trusted library allocation
|
page read and write
|
||
|
56DA000
|
trusted library allocation
|
page read and write
|
||
|
566E000
|
stack
|
page read and write
|
||
|
16D2000
|
trusted library allocation
|
page read and write
|
||
|
DA8000
|
heap
|
page read and write
|
||
|
2671000
|
trusted library allocation
|
page read and write
|
||
|
27D1000
|
trusted library allocation
|
page read and write
|
||
|
D62000
|
trusted library allocation
|
page read and write
|
||
|
B37000
|
stack
|
page read and write
|
||
|
3B91000
|
trusted library allocation
|
page read and write
|
||
|
251E000
|
stack
|
page read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
2B91000
|
trusted library allocation
|
page read and write
|
||
|
D3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1090000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DD0000
|
trusted library allocation
|
page read and write
|
||
|
311F000
|
stack
|
page read and write
|
||
|
11CC000
|
stack
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
9D7E000
|
stack
|
page read and write
|
||
|
187F000
|
stack
|
page read and write
|
||
|
58C9000
|
stack
|
page read and write
|
||
|
9EAE000
|
stack
|
page read and write
|
||
|
717E000
|
stack
|
page read and write
|
||
|
978E000
|
stack
|
page read and write
|
||
|
3C32000
|
trusted library allocation
|
page read and write
|
||
|
2D98000
|
trusted library allocation
|
page read and write
|
||
|
331E000
|
stack
|
page read and write
|
||
|
1010000
|
trusted library allocation
|
page read and write
|
||
|
2D5A000
|
trusted library allocation
|
page read and write
|
||
|
370000
|
unkown
|
page readonly
|
||
|
56D2000
|
trusted library allocation
|
page read and write
|
||
|
9B2D000
|
stack
|
page read and write
|
||
|
542E000
|
stack
|
page read and write
|
||
|
D34000
|
trusted library allocation
|
page read and write
|
||
|
67F2000
|
trusted library allocation
|
page read and write
|
||
|
2A8E000
|
stack
|
page read and write
|
||
|
6E5D000
|
heap
|
page read and write
|
||
|
148F000
|
heap
|
page read and write
|
||
|
3420000
|
heap
|
page read and write
|
||
|
26B0000
|
trusted library allocation
|
page read and write
|
||
|
71BD000
|
stack
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
1078000
|
heap
|
page read and write
|
||
|
56CB000
|
trusted library allocation
|
page read and write
|
||
|
5779000
|
stack
|
page read and write
|
||
|
A22E000
|
stack
|
page read and write
|
||
|
2D09000
|
trusted library allocation
|
page read and write
|
||
|
2BE0000
|
heap
|
page read and write
|
||
|
5930000
|
heap
|
page execute and read and write
|
||
|
5510000
|
heap
|
page read and write
|
||
|
2682000
|
trusted library allocation
|
page read and write
|
||
|
88C000
|
heap
|
page read and write
|
||
|
3340000
|
trusted library allocation
|
page read and write
|
||
|
3078000
|
heap
|
page read and write
|
||
|
787000
|
stack
|
page read and write
|
||
|
D56000
|
trusted library allocation
|
page execute and read and write
|
||
|
A26F000
|
stack
|
page read and write
|
||
|
6D3E000
|
stack
|
page read and write
|
||
|
5DF0000
|
heap
|
page read and write
|
||
|
2650000
|
trusted library allocation
|
page read and write
|
||
|
2643000
|
heap
|
page read and write
|
||
|
4E50000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DC6000
|
trusted library allocation
|
page read and write
|
||
|
56C6000
|
trusted library allocation
|
page read and write
|
||
|
1080000
|
trusted library allocation
|
page read and write
|
||
|
6F20000
|
trusted library allocation
|
page read and write
|
||
|
32CE000
|
stack
|
page read and write
|
||
|
2620000
|
trusted library allocation
|
page read and write
|
||
|
13C3000
|
trusted library allocation
|
page read and write
|
||
|
1434000
|
heap
|
page read and write
|
||
|
D5A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1003000
|
trusted library allocation
|
page execute and read and write
|
||
|
3872000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
3C70000
|
trusted library allocation
|
page read and write
|
||
|
16F0000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
6F2D000
|
trusted library allocation
|
page read and write
|
||
|
2AD4000
|
trusted library allocation
|
page read and write
|
||
|
5080000
|
heap
|
page read and write
|
||
|
992F000
|
stack
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
D8A000
|
heap
|
page read and write
|
||
|
68A000
|
stack
|
page read and write
|
||
|
1030000
|
trusted library allocation
|
page read and write
|
||
|
9700000
|
trusted library allocation
|
page execute and read and write
|
||
|
13F6000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DC4000
|
trusted library allocation
|
page read and write
|
||
|
9EBD000
|
stack
|
page read and write
|
||
|
16DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7350000
|
heap
|
page read and write
|
||
|
4389000
|
trusted library allocation
|
page read and write
|
||
|
F69000
|
stack
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
51A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7340000
|
heap
|
page read and write
|
||
|
9FBE000
|
stack
|
page read and write
|
||
|
67D0000
|
trusted library allocation
|
page read and write
|
||
|
556E000
|
stack
|
page read and write
|
||
|
2610000
|
trusted library allocation
|
page execute and read and write
|
||
|
123F000
|
stack
|
page read and write
|
||
|
819000
|
heap
|
page read and write
|
||
|
D30000
|
trusted library allocation
|
page read and write
|
||
|
7DE000
|
heap
|
page read and write
|
||
|
346F000
|
stack
|
page read and write
|
||
|
2E31000
|
trusted library allocation
|
page read and write
|
||
|
2A90000
|
trusted library allocation
|
page read and write
|
||
|
2C4E000
|
stack
|
page read and write
|
||
|
5500000
|
heap
|
page read and write
|
||
|
5320000
|
heap
|
page execute and read and write
|
||
|
28E6000
|
trusted library allocation
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
5D80000
|
heap
|
page read and write
|
||
|
2B80000
|
heap
|
page execute and read and write
|
||
|
372000
|
unkown
|
page readonly
|
||
|
67B0000
|
trusted library section
|
page read and write
|
||
|
AFA000
|
trusted library allocation
|
page execute and read and write
|
||
|
9B3E000
|
stack
|
page read and write
|
||
|
102A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FD0000
|
trusted library allocation
|
page read and write
|
||
|
11D0000
|
trusted library allocation
|
page read and write
|
||
|
5B7E000
|
stack
|
page read and write
|
||
|
733E000
|
stack
|
page read and write
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
540E000
|
stack
|
page read and write
|
||
|
56C4000
|
trusted library allocation
|
page read and write
|
||
|
FF0000
|
trusted library allocation
|
page read and write
|
||
|
52E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
A3A000
|
stack
|
page read and write
|
||
|
13ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FD2000
|
trusted library allocation
|
page read and write
|
||
|
D0F000
|
stack
|
page read and write
|
||
|
2DC0000
|
trusted library allocation
|
page read and write
|
||
|
6F7E000
|
stack
|
page read and write
|
||
|
2AD6000
|
trusted library allocation
|
page read and write
|
||
|
706D000
|
stack
|
page read and write
|
||
|
A12C000
|
stack
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
4E70000
|
heap
|
page read and write
|
||
|
24B0000
|
trusted library allocation
|
page read and write
|
||
|
2D84000
|
trusted library allocation
|
page read and write
|
||
|
6E3B000
|
heap
|
page read and write
|
||
|
315C000
|
stack
|
page read and write
|
||
|
590E000
|
stack
|
page read and write
|
||
|
6C30000
|
heap
|
page read and write
|
||
|
2DA9000
|
trusted library allocation
|
page read and write
|
||
|
5000000
|
trusted library allocation
|
page execute and read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
2E3E000
|
unkown
|
page read and write
|
||
|
6EBE000
|
stack
|
page read and write
|
||
|
3FA000
|
unkown
|
page readonly
|
||
|
50A0000
|
trusted library allocation
|
page read and write
|
||
|
2E20000
|
heap
|
page execute and read and write
|
||
|
947000
|
heap
|
page read and write
|
||
|
4C20000
|
trusted library allocation
|
page read and write
|
||
|
11E7000
|
heap
|
page read and write
|
||
|
4EE5000
|
heap
|
page read and write
|
||
|
DC7000
|
heap
|
page read and write
|
||
|
2630000
|
trusted library allocation
|
page read and write
|
||
|
F8E000
|
stack
|
page read and write
|
||
|
26A5000
|
trusted library allocation
|
page read and write
|
||
|
7EF000
|
heap
|
page read and write
|
||
|
54F5000
|
heap
|
page read and write
|
||
|
1423000
|
heap
|
page read and write
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
7D8000
|
heap
|
page read and write
|
||
|
4EE0000
|
heap
|
page read and write
|
||
|
4C90000
|
trusted library allocation
|
page read and write
|
||
|
13F0000
|
trusted library allocation
|
page read and write
|
||
|
F7E000
|
stack
|
page read and write
|
||
|
303E000
|
unkown
|
page read and write
|
||
|
24BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
56E6000
|
trusted library allocation
|
page read and write
|
||
|
56DE000
|
trusted library allocation
|
page read and write
|
||
|
3360000
|
trusted library allocation
|
page read and write
|
||
|
6CD0000
|
trusted library allocation
|
page read and write
|
||
|
3170000
|
heap
|
page read and write
|
||
|
D40000
|
trusted library allocation
|
page read and write
|
||
|
5020000
|
heap
|
page read and write
|
||
|
10EE000
|
stack
|
page read and write
|
||
|
6CF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
AD3000
|
trusted library allocation
|
page execute and read and write
|
||
|
59C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
13D4000
|
trusted library allocation
|
page read and write
|
||
|
2FFA000
|
heap
|
page read and write
|
||
|
571F000
|
stack
|
page read and write
|
||
|
3344000
|
trusted library allocation
|
page read and write
|
||
|
2AF0000
|
trusted library allocation
|
page read and write
|
||
|
4381000
|
trusted library allocation
|
page read and write
|
||
|
2B00000
|
trusted library allocation
|
page read and write
|
||
|
1048000
|
heap
|
page read and write
|
||
|
63B0000
|
heap
|
page read and write
|
||
|
4EBB000
|
stack
|
page read and write
|
||
|
6BD0000
|
heap
|
page read and write
|
||
|
1760000
|
trusted library allocation
|
page execute and read and write
|
||
|
6E2E000
|
stack
|
page read and write
|
||
|
A8E000
|
stack
|
page read and write
|
||
|
5610000
|
heap
|
page execute and read and write
|
||
|
9C40000
|
heap
|
page read and write
|
||
|
24D0000
|
trusted library allocation
|
page read and write
|
||
|
4C80000
|
trusted library allocation
|
page execute and read and write
|
||
|
3CF5000
|
trusted library allocation
|
page read and write
|
||
|
147E000
|
heap
|
page read and write
|
||
|
D8E000
|
heap
|
page read and write
|
||
|
7100000
|
trusted library allocation
|
page read and write
|
||
|
16D0000
|
trusted library allocation
|
page read and write
|
||
|
13A5000
|
heap
|
page read and write
|
||
|
142A000
|
heap
|
page read and write
|
||
|
2C8D000
|
stack
|
page read and write
|
||
|
2AB6000
|
trusted library allocation
|
page read and write
|
||
|
4F2E000
|
stack
|
page read and write
|
||
|
37D1000
|
trusted library allocation
|
page read and write
|
||
|
33E9000
|
trusted library allocation
|
page read and write
|
||
|
A26C000
|
stack
|
page read and write
|
||
|
2C5A000
|
trusted library allocation
|
page read and write
|
||
|
54F0000
|
heap
|
page read and write
|
||
|
BA7000
|
stack
|
page read and write
|
||
|
2DB5000
|
trusted library allocation
|
page read and write
|
||
|
D67000
|
trusted library allocation
|
page execute and read and write
|
||
|
F05000
|
heap
|
page read and write
|
||
|
26C0000
|
heap
|
page execute and read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
D33000
|
trusted library allocation
|
page execute and read and write
|
||
|
56E1000
|
trusted library allocation
|
page read and write
|
||
|
4FEE000
|
stack
|
page read and write
|
||
|
2CA4000
|
trusted library allocation
|
page read and write
|
||
|
A2AE000
|
stack
|
page read and write
|
||
|
5170000
|
heap
|
page read and write
|
||
|
4C8C000
|
stack
|
page read and write
|
||
|
7F7000
|
heap
|
page read and write
|
||
|
3D3F000
|
trusted library allocation
|
page read and write
|
||
|
56ED000
|
trusted library allocation
|
page read and write
|
||
|
5090000
|
heap
|
page read and write
|
||
|
33E7000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
55EE000
|
stack
|
page read and write
|
||
|
1493000
|
heap
|
page read and write
|
||
|
2AF5000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
remote allocation
|
page execute and read and write
|
||
|
2D79000
|
stack
|
page read and write
|
||
|
E24000
|
heap
|
page read and write
|
||
|
133E000
|
stack
|
page read and write
|
||
|
173E000
|
stack
|
page read and write
|
||
|
289A000
|
trusted library allocation
|
page read and write
|
||
|
CFE000
|
stack
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
96F0000
|
trusted library allocation
|
page read and write
|
||
|
714E000
|
stack
|
page read and write
|
||
|
573C000
|
stack
|
page read and write
|
||
|
2ACC000
|
trusted library allocation
|
page read and write
|
||
|
2AC2000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
9C3D000
|
stack
|
page read and write
|
||
|
5040000
|
heap
|
page read and write
|
||
|
26A0000
|
trusted library allocation
|
page read and write
|
||
|
14B5000
|
heap
|
page read and write
|
||
|
1740000
|
heap
|
page read and write
|
||
|
A16E000
|
stack
|
page read and write
|
||
|
9A3E000
|
stack
|
page read and write
|
||
|
6ED0000
|
trusted library section
|
page read and write
|
||
|
D20000
|
trusted library allocation
|
page read and write
|
||
|
10AF000
|
heap
|
page read and write
|
||
|
70FC000
|
trusted library allocation
|
page read and write
|
||
|
70F0000
|
trusted library allocation
|
page read and write
|
||
|
2B6A000
|
stack
|
page read and write
|
||
|
506B000
|
stack
|
page read and write
|
||
|
56F2000
|
trusted library allocation
|
page read and write
|
||
|
1436000
|
heap
|
page read and write
|
||
|
D4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
24B2000
|
trusted library allocation
|
page read and write
|
||
|
13E0000
|
trusted library allocation
|
page read and write
|
There are 451 hidden memdumps, click here to show them.