Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
RKsVnThLLP.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RKsVnThLLP.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Payload.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Skype.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Payload.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Skype.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Windows.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Read-Only, Hidden, System, Archive,
ctime=Sat Nov 2 16:32:19 2024, mtime=Sat Nov 2 16:33:12 2024, atime=Sat Nov 2 16:32:09 2024, length=27648, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Windows.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, ctime=Sun Dec 31 23:25:52 1600, mtime=Sun Dec 31 23:25:52 1600,
atime=Sun Dec 31 23:25:52 1600, length=0, window=hide
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\RKsVnThLLP.exe
|
"C:\Users\user\Desktop\RKsVnThLLP.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Skype.exe
|
"C:\Users\user\AppData\Local\Temp\Skype.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Payload.exe
|
"C:\Users\user\AppData\Local\Temp\Payload.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Payload.exe
|
"C:\Users\user\AppData\Local\Temp\Payload.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows.exe
|
"C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows.exe"
|
|
|
|
C:\Windows\SysWOW64\attrib.exe
|
attrib +h +r +s "C:\Users\user\AppData\Local\Temp\Payload.exe"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://01.702.64.49
|
unknown
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
There are 17 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
94.46.207.10
|
unknown
|
United Kingdom
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER
|
di
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Windows2
|
|
|
|
HKEY_CURRENT_USER\Environment
|
SEE_MASK_NOZONECHECKS
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Windows
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Windows2
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
|
Windows2
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
|
Windows
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2AD1000
|
trusted library allocation
|
page read and write
|
|
|
|
2F98000
|
trusted library allocation
|
page read and write
|
|
|
|
760000
|
heap
|
page read and write
|
||
|
73A000
|
heap
|
page read and write
|
||
|
4EAE000
|
stack
|
page read and write
|
||
|
5A50000
|
trusted library allocation
|
page read and write
|
||
|
4A6E000
|
stack
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
143E000
|
stack
|
page read and write
|
||
|
5923000
|
heap
|
page read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
54EE000
|
stack
|
page read and write
|
||
|
947000
|
trusted library allocation
|
page execute and read and write
|
||
|
DF7000
|
stack
|
page read and write
|
||
|
5981000
|
trusted library allocation
|
page read and write
|
||
|
604000
|
trusted library allocation
|
page read and write
|
||
|
CFB000
|
stack
|
page read and write
|
||
|
5992000
|
trusted library allocation
|
page read and write
|
||
|
1120000
|
trusted library allocation
|
page read and write
|
||
|
5A40000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
1107000
|
trusted library allocation
|
page execute and read and write
|
||
|
CBA000
|
heap
|
page read and write
|
||
|
5727000
|
heap
|
page read and write
|
||
|
529E000
|
stack
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
70B0000
|
heap
|
page execute and read and write
|
||
|
7FC000
|
heap
|
page read and write
|
||
|
10E3000
|
trusted library allocation
|
page read and write
|
||
|
112F000
|
heap
|
page read and write
|
||
|
5B8E000
|
stack
|
page read and write
|
||
|
326F000
|
unkown
|
page read and write
|
||
|
3110000
|
heap
|
page read and write
|
||
|
5779000
|
trusted library allocation
|
page read and write
|
||
|
30AD000
|
stack
|
page read and write
|
||
|
3B7000
|
stack
|
page read and write
|
||
|
2F8F000
|
stack
|
page read and write
|
||
|
32AE000
|
stack
|
page read and write
|
||
|
5AF0000
|
heap
|
page read and write
|
||
|
A6E000
|
stack
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
71A3000
|
heap
|
page read and write
|
||
|
FB0000
|
heap
|
page execute and read and write
|
||
|
1121000
|
heap
|
page read and write
|
||
|
2D3B000
|
trusted library allocation
|
page execute and read and write
|
||
|
967000
|
heap
|
page read and write
|
||
|
10F0000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
trusted library allocation
|
page read and write
|
||
|
5966000
|
trusted library allocation
|
page read and write
|
||
|
6E40000
|
heap
|
page read and write
|
||
|
572E000
|
heap
|
page read and write
|
||
|
F4E000
|
stack
|
page read and write
|
||
|
4893000
|
heap
|
page read and write
|
||
|
5AB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
920000
|
trusted library allocation
|
page read and write
|
||
|
28E0000
|
heap
|
page execute and read and write
|
||
|
539F000
|
stack
|
page read and write
|
||
|
5720000
|
heap
|
page read and write
|
||
|
703F000
|
stack
|
page read and write
|
||
|
CD7000
|
heap
|
page read and write
|
||
|
1100000
|
trusted library allocation
|
page read and write
|
||
|
AAE000
|
stack
|
page read and write
|
||
|
73E000
|
heap
|
page read and write
|
||
|
EB3000
|
trusted library allocation
|
page execute and read and write
|
||
|
33D9000
|
trusted library allocation
|
page read and write
|
||
|
331F000
|
stack
|
page read and write
|
||
|
951000
|
heap
|
page read and write
|
||
|
5964000
|
trusted library allocation
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
3487000
|
heap
|
page read and write
|
||
|
610000
|
trusted library allocation
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
51DE000
|
stack
|
page read and write
|
||
|
542E000
|
stack
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
8C0000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
56A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5782000
|
heap
|
page read and write
|
||
|
7060000
|
trusted library allocation
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
3AD1000
|
trusted library allocation
|
page read and write
|
||
|
603000
|
trusted library allocation
|
page execute and read and write
|
||
|
4890000
|
heap
|
page read and write
|
||
|
C9C000
|
heap
|
page read and write
|
||
|
3F91000
|
trusted library allocation
|
page read and write
|
||
|
5B10000
|
heap
|
page execute and read and write
|
||
|
4810000
|
trusted library allocation
|
page read and write
|
||
|
53DE000
|
stack
|
page read and write
|
||
|
5986000
|
trusted library allocation
|
page read and write
|
||
|
3480000
|
heap
|
page read and write
|
||
|
6A3E000
|
stack
|
page read and write
|
||
|
4860000
|
trusted library allocation
|
page read and write
|
||
|
7D5000
|
heap
|
page read and write
|
||
|
F1E000
|
stack
|
page read and write
|
||
|
F90000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DDC000
|
stack
|
page read and write
|
||
|
2A2E000
|
stack
|
page read and write
|
||
|
9AE000
|
stack
|
page read and write
|
||
|
18DE000
|
stack
|
page read and write
|
||
|
442000
|
unkown
|
page write copy
|
||
|
292E000
|
stack
|
page read and write
|
||
|
5220000
|
trusted library allocation
|
page read and write
|
||
|
44CD000
|
stack
|
page read and write
|
||
|
2E69000
|
trusted library allocation
|
page read and write
|
||
|
2A90000
|
trusted library allocation
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
2BB000
|
stack
|
page read and write
|
||
|
5A60000
|
trusted library allocation
|
page read and write
|
||
|
938000
|
heap
|
page read and write
|
||
|
4831000
|
trusted library allocation
|
page read and write
|
||
|
2AC0000
|
heap
|
page read and write
|
||
|
4836000
|
trusted library allocation
|
page read and write
|
||
|
806F000
|
stack
|
page read and write
|
||
|
2E10000
|
trusted library allocation
|
page read and write
|
||
|
2D30000
|
trusted library allocation
|
page read and write
|
||
|
546F000
|
stack
|
page read and write
|
||
|
5113000
|
heap
|
page read and write
|
||
|
60CE000
|
stack
|
page read and write
|
||
|
53D5000
|
trusted library allocation
|
page read and write
|
||
|
8D4000
|
trusted library allocation
|
page read and write
|
||
|
231F000
|
stack
|
page read and write
|
||
|
4A33000
|
heap
|
page execute and read and write
|
||
|
8E0000
|
trusted library allocation
|
page read and write
|
||
|
AED000
|
stack
|
page read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
5530000
|
trusted library allocation
|
page read and write
|
||
|
4880000
|
trusted library allocation
|
page read and write
|
||
|
4E2E000
|
stack
|
page read and write
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
5914000
|
heap
|
page read and write
|
||
|
A20000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A70000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DE0000
|
heap
|
page execute and read and write
|
||
|
C60000
|
unkown
|
page readonly
|
||
|
5934000
|
heap
|
page read and write
|
||
|
3521000
|
trusted library allocation
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
9FC000
|
stack
|
page read and write
|
||
|
582F000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
CF2000
|
heap
|
page read and write
|
||
|
483D000
|
trusted library allocation
|
page read and write
|
||
|
512E000
|
stack
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
60D000
|
trusted library allocation
|
page execute and read and write
|
||
|
93A000
|
trusted library allocation
|
page execute and read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
C37000
|
heap
|
page read and write
|
||
|
5A47000
|
trusted library allocation
|
page read and write
|
||
|
5734000
|
heap
|
page read and write
|
||
|
57CE000
|
stack
|
page read and write
|
||
|
53E0000
|
trusted library allocation
|
page read and write
|
||
|
23C0000
|
heap
|
page execute and read and write
|
||
|
511E000
|
stack
|
page read and write
|
||
|
5F7C000
|
stack
|
page read and write
|
||
|
7080000
|
trusted library allocation
|
page execute and read and write
|
||
|
DF9000
|
heap
|
page read and write
|
||
|
10D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A29000
|
stack
|
page read and write
|
||
|
5765000
|
trusted library allocation
|
page read and write
|
||
|
5680000
|
heap
|
page read and write
|
||
|
4A30000
|
heap
|
page execute and read and write
|
||
|
521E000
|
stack
|
page read and write
|
||
|
CE5000
|
heap
|
page read and write
|
||
|
5910000
|
heap
|
page execute and read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
CF7000
|
heap
|
page read and write
|
||
|
2D2A000
|
trusted library allocation
|
page execute and read and write
|
||
|
EE7000
|
trusted library allocation
|
page execute and read and write
|
||
|
34B3000
|
trusted library allocation
|
page read and write
|
||
|
8D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7190000
|
trusted library allocation
|
page execute and read and write
|
||
|
7070000
|
trusted library allocation
|
page read and write
|
||
|
23C0000
|
trusted library allocation
|
page read and write
|
||
|
4A4E000
|
stack
|
page read and write
|
||
|
94D000
|
heap
|
page read and write
|
||
|
5FCE000
|
stack
|
page read and write
|
||
|
7F1C000
|
stack
|
page read and write
|
||
|
92000
|
stack
|
page read and write
|
||
|
2D37000
|
trusted library allocation
|
page execute and read and write
|
||
|
5751000
|
heap
|
page read and write
|
||
|
7F790000
|
trusted library allocation
|
page execute and read and write
|
||
|
5797000
|
heap
|
page read and write
|
||
|
61D000
|
trusted library allocation
|
page execute and read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
B65000
|
heap
|
page read and write
|
||
|
5200000
|
heap
|
page read and write
|
||
|
4DEE000
|
stack
|
page read and write
|
||
|
53A4000
|
trusted library allocation
|
page read and write
|
||
|
5540000
|
heap
|
page read and write
|
||
|
8AF000
|
stack
|
page read and write
|
||
|
7C9000
|
heap
|
page read and write
|
||
|
571D000
|
heap
|
page read and write
|
||
|
4B60000
|
heap
|
page read and write
|
||
|
90B000
|
trusted library allocation
|
page execute and read and write
|
||
|
10F6000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
54E0000
|
heap
|
page execute and read and write
|
||
|
54AE000
|
stack
|
page read and write
|
||
|
600000
|
trusted library allocation
|
page read and write
|
||
|
C6E000
|
stack
|
page read and write
|
||
|
C62000
|
unkown
|
page readonly
|
||
|
765000
|
heap
|
page read and write
|
||
|
444000
|
unkown
|
page readonly
|
||
|
10ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
85B000
|
stack
|
page read and write
|
||
|
7AE000
|
stack
|
page read and write
|
||
|
EC0000
|
trusted library allocation
|
page read and write
|
||
|
552E000
|
stack
|
page read and write
|
||
|
2A70000
|
trusted library allocation
|
page execute and read and write
|
||
|
4DAE000
|
stack
|
page read and write
|
||
|
92F000
|
stack
|
page read and write
|
||
|
4870000
|
trusted library allocation
|
page read and write
|
||
|
5D05000
|
trusted library allocation
|
page read and write
|
||
|
73FF000
|
stack
|
page read and write
|
||
|
F8C000
|
stack
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
525E000
|
stack
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
5F0000
|
trusted library allocation
|
page read and write
|
||
|
11E5000
|
heap
|
page read and write
|
||
|
1102000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
5690000
|
heap
|
page read and write
|
||
|
5972000
|
trusted library allocation
|
page read and write
|
||
|
2410000
|
heap
|
page read and write
|
||
|
5090000
|
trusted library allocation
|
page read and write
|
||
|
A7A000
|
stack
|
page read and write
|
||
|
7F6E000
|
stack
|
page read and write
|
||
|
23AE000
|
stack
|
page read and write
|
||
|
942000
|
trusted library allocation
|
page read and write
|
||
|
CDA000
|
heap
|
page read and write
|
||
|
2E6B000
|
trusted library allocation
|
page read and write
|
||
|
5210000
|
trusted library allocation
|
page read and write
|
||
|
251F000
|
stack
|
page read and write
|
||
|
58DE000
|
stack
|
page read and write
|
||
|
936000
|
trusted library allocation
|
page execute and read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
482E000
|
trusted library allocation
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
577B000
|
trusted library allocation
|
page read and write
|
||
|
55EF000
|
stack
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
1167000
|
heap
|
page read and write
|
||
|
5714000
|
heap
|
page read and write
|
||
|
592C000
|
heap
|
page read and write
|
||
|
CE1000
|
heap
|
page read and write
|
||
|
56EA000
|
heap
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
BC5000
|
heap
|
page read and write
|
||
|
1191000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
12FD000
|
stack
|
page read and write
|
||
|
6A62000
|
trusted library allocation
|
page read and write
|
||
|
10FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
55EC000
|
stack
|
page read and write
|
||
|
59EC000
|
stack
|
page read and write
|
||
|
269E000
|
trusted library allocation
|
page read and write
|
||
|
4AD8000
|
trusted library allocation
|
page read and write
|
||
|
2D10000
|
trusted library allocation
|
page read and write
|
||
|
7C2000
|
heap
|
page read and write
|
||
|
5001000
|
trusted library allocation
|
page read and write
|
||
|
6A40000
|
trusted library allocation
|
page read and write
|
||
|
10D4000
|
trusted library allocation
|
page read and write
|
||
|
561F000
|
stack
|
page read and write
|
||
|
570F000
|
heap
|
page read and write
|
||
|
7600000
|
trusted library allocation
|
page execute and read and write
|
||
|
5D10000
|
heap
|
page execute and read and write
|
||
|
532F000
|
stack
|
page read and write
|
||
|
54AE000
|
stack
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
38D1000
|
trusted library allocation
|
page read and write
|
||
|
23D1000
|
trusted library allocation
|
page read and write
|
||
|
4F10000
|
heap
|
page read and write
|
||
|
7E1C000
|
stack
|
page read and write
|
||
|
2D9E000
|
stack
|
page read and write
|
||
|
51E0000
|
trusted library allocation
|
page read and write
|
||
|
5A30000
|
trusted library allocation
|
page read and write
|
||
|
5205000
|
heap
|
page read and write
|
||
|
481B000
|
trusted library allocation
|
page read and write
|
||
|
515F000
|
stack
|
page read and write
|
||
|
54DE000
|
stack
|
page read and write
|
||
|
802000
|
heap
|
page read and write
|
||
|
6E4E000
|
heap
|
page read and write
|
||
|
AFC000
|
stack
|
page read and write
|
||
|
2E60000
|
trusted library allocation
|
page read and write
|
||
|
2521000
|
trusted library allocation
|
page read and write
|
||
|
402000
|
unkown
|
page execute read
|
||
|
28C0000
|
heap
|
page read and write
|
||
|
4EEE000
|
stack
|
page read and write
|
||
|
5754000
|
heap
|
page read and write
|
||
|
A30000
|
trusted library allocation
|
page read and write
|
||
|
598D000
|
trusted library allocation
|
page read and write
|
||
|
32C0000
|
heap
|
page read and write
|
||
|
9A6000
|
heap
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
56D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
306D000
|
stack
|
page read and write
|
||
|
69E0000
|
trusted library allocation
|
page read and write
|
||
|
EB4000
|
trusted library allocation
|
page read and write
|
||
|
CA0000
|
trusted library allocation
|
page read and write
|
||
|
772000
|
heap
|
page read and write
|
||
|
5960000
|
trusted library allocation
|
page read and write
|
||
|
72F000
|
stack
|
page read and write
|
||
|
7DDF000
|
stack
|
page read and write
|
||
|
AB0000
|
heap
|
page execute and read and write
|
||
|
593F000
|
heap
|
page read and write
|
||
|
2D50000
|
trusted library allocation
|
page read and write
|
||
|
26EA000
|
trusted library allocation
|
page read and write
|
||
|
286E000
|
stack
|
page read and write
|
||
|
596E000
|
trusted library allocation
|
page read and write
|
||
|
59A0000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
5CCF000
|
stack
|
page read and write
|
||
|
7FDF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
23B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
110A000
|
heap
|
page read and write
|
||
|
4A8E000
|
stack
|
page read and write
|
||
|
2A6C000
|
stack
|
page read and write
|
||
|
5C50000
|
heap
|
page read and write
|
||
|
10EE000
|
heap
|
page read and write
|
||
|
D67000
|
heap
|
page read and write
|
||
|
7F6000
|
heap
|
page read and write
|
||
|
957000
|
stack
|
page read and write
|
||
|
930000
|
trusted library allocation
|
page read and write
|
||
|
2F91000
|
trusted library allocation
|
page read and write
|
||
|
2CF0000
|
trusted library allocation
|
page read and write
|
||
|
C44000
|
heap
|
page read and write
|
||
|
23D0000
|
trusted library allocation
|
page read and write
|
||
|
2D20000
|
trusted library allocation
|
page read and write
|
||
|
5A2E000
|
stack
|
page read and write
|
||
|
592F000
|
stack
|
page read and write
|
||
|
50A0000
|
heap
|
page read and write
|
||
|
A50000
|
trusted library allocation
|
page read and write
|
||
|
E08000
|
heap
|
page read and write
|
||
|
D36000
|
heap
|
page read and write
|
||
|
4C6E000
|
stack
|
page read and write
|
||
|
500E000
|
stack
|
page read and write
|
||
|
57E9000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
529E000
|
stack
|
page read and write
|
||
|
5080000
|
trusted library allocation
|
page execute and read and write
|
||
|
EEB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A80000
|
trusted library allocation
|
page read and write
|
||
|
197000
|
stack
|
page read and write
|
||
|
522B000
|
trusted library allocation
|
page read and write
|
||
|
2D03000
|
trusted library allocation
|
page execute and read and write
|
||
|
348A000
|
heap
|
page read and write
|
||
|
4FEE000
|
stack
|
page read and write
|
||
|
5CD4000
|
trusted library allocation
|
page read and write
|
||
|
72FE000
|
stack
|
page read and write
|
||
|
58E0000
|
heap
|
page read and write
|
||
|
95A000
|
heap
|
page read and write
|
||
|
10EA000
|
heap
|
page read and write
|
||
|
EC3000
|
trusted library allocation
|
page read and write
|
||
|
55F0000
|
trusted library section
|
page readonly
|
||
|
94B000
|
trusted library allocation
|
page execute and read and write
|
||
|
535E000
|
stack
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
58CE000
|
stack
|
page read and write
|
||
|
56C0000
|
trusted library allocation
|
page read and write
|
||
|
10AF000
|
stack
|
page read and write
|
||
|
2528000
|
trusted library allocation
|
page read and write
|
||
|
5BCE000
|
stack
|
page read and write
|
||
|
C51000
|
heap
|
page read and write
|
||
|
CBE000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
5220000
|
trusted library allocation
|
page read and write
|
||
|
539E000
|
stack
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
56E0000
|
heap
|
page read and write
|
||
|
B2E000
|
stack
|
page read and write
|
||
|
5D50000
|
heap
|
page read and write
|
||
|
5BE000
|
stack
|
page read and write
|
||
|
57E0000
|
trusted library allocation
|
page read and write
|
||
|
536E000
|
stack
|
page read and write
|
||
|
7CDE000
|
stack
|
page read and write
|
||
|
57E000
|
stack
|
page read and write
|
||
|
5229000
|
trusted library allocation
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
5734000
|
trusted library allocation
|
page read and write
|
||
|
C1E000
|
heap
|
page read and write
|
||
|
33D1000
|
trusted library allocation
|
page read and write
|
||
|
32B0000
|
heap
|
page read and write
|
||
|
46BE000
|
stack
|
page read and write
|
||
|
357E000
|
trusted library allocation
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
5E7B000
|
stack
|
page read and write
|
||
|
D34000
|
heap
|
page read and write
|
||
|
625000
|
heap
|
page read and write
|
||
|
5AA0000
|
heap
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
7040000
|
trusted library section
|
page read and write
|
||
|
8E3000
|
trusted library allocation
|
page read and write
|
||
|
28D1000
|
trusted library allocation
|
page read and write
|
||
|
10E0000
|
trusted library allocation
|
page read and write
|
||
|
2D04000
|
trusted library allocation
|
page read and write
|
||
|
116B000
|
heap
|
page read and write
|
||
|
596B000
|
trusted library allocation
|
page read and write
|
||
|
5110000
|
heap
|
page read and write
|
||
|
8FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
5008000
|
trusted library allocation
|
page read and write
|
||
|
4850000
|
trusted library allocation
|
page read and write
|
||
|
C6A000
|
unkown
|
page readonly
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
5A8D000
|
stack
|
page read and write
|
||
|
5780000
|
trusted library allocation
|
page read and write
|
||
|
907000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D13000
|
trusted library allocation
|
page read and write
|
||
|
597E000
|
trusted library allocation
|
page read and write
|
||
|
C18000
|
heap
|
page read and write
|
||
|
10DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
49F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
9B4000
|
heap
|
page read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
10C0000
|
trusted library allocation
|
page read and write
|
||
|
EDA000
|
trusted library allocation
|
page execute and read and write
|
||
|
402000
|
unkown
|
page execute read
|
||
|
CED000
|
heap
|
page read and write
|
||
|
5770000
|
trusted library allocation
|
page read and write
|
||
|
58F0000
|
heap
|
page read and write
|
||
|
960000
|
trusted library allocation
|
page read and write
|
||
|
110B000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A20000
|
heap
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
551E000
|
stack
|
page read and write
|
||
|
71A0000
|
heap
|
page read and write
|
||
|
EAE000
|
stack
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
322E000
|
unkown
|
page read and write
|
||
|
15D0000
|
heap
|
page read and write
|
||
|
10BE000
|
stack
|
page read and write
|
||
|
70A0000
|
trusted library allocation
|
page read and write
|
||
|
B77000
|
stack
|
page read and write
|
||
|
A60000
|
trusted library allocation
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
932000
|
trusted library allocation
|
page read and write
|
||
|
55AF000
|
stack
|
page read and write
|
There are 434 hidden memdumps, click here to show them.