Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
5B5BZzyieG.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\5B5BZzyieG.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\chargeable.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\5B5BZzyieG.exe
|
"C:\Users\user\Desktop\5B5BZzyieG.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
"C:\Users\user\AppData\Roaming\confuse\chargeable.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\AppData\Roaming\confuse\chargeable.exe" "chargeable.exe" ENABLE
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7828 -s 80
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
There are 15 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
doddyfire.linkpc.net
|
196.119.209.192
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
196.119.209.192
|
doddyfire.linkpc.net
|
Morocco
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
confuse
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
SysMain
|
|
|
|
HKEY_CURRENT_USER
|
di
|
|
|
|
HKEY_CURRENT_USER\Environment
|
SEE_MASK_NOZONECHECKS
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\e1a87040f2026369a233f9ae76301b7b
|
[kl]
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2A31000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2BCE000
|
stack
|
page read and write
|
||
|
D36000
|
stack
|
page read and write
|
||
|
E9E000
|
stack
|
page read and write
|
||
|
A98000
|
heap
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
F91000
|
heap
|
page read and write
|
||
|
64DE000
|
stack
|
page read and write
|
||
|
100F000
|
heap
|
page read and write
|
||
|
C1F000
|
stack
|
page read and write
|
||
|
131B000
|
stack
|
page read and write
|
||
|
E6A000
|
trusted library allocation
|
page execute and read and write
|
||
|
100D000
|
heap
|
page read and write
|
||
|
511B000
|
stack
|
page read and write
|
||
|
5260000
|
heap
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
4D1E000
|
stack
|
page read and write
|
||
|
5304000
|
heap
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
4D10000
|
heap
|
page read and write
|
||
|
6940000
|
heap
|
page read and write
|
||
|
629E000
|
stack
|
page read and write
|
||
|
F88000
|
heap
|
page read and write
|
||
|
CF4000
|
stack
|
page read and write
|
||
|
FBB000
|
heap
|
page read and write
|
||
|
9FD000
|
unkown
|
page read and write
|
||
|
1197000
|
trusted library allocation
|
page execute and read and write
|
||
|
97E000
|
stack
|
page read and write
|
||
|
4A7B000
|
stack
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
6562000
|
trusted library allocation
|
page read and write
|
||
|
885C000
|
stack
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
4EC5000
|
heap
|
page read and write
|
||
|
D39000
|
stack
|
page read and write
|
||
|
FC1000
|
heap
|
page read and write
|
||
|
CF9000
|
stack
|
page read and write
|
||
|
FCC000
|
heap
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
6DAE000
|
stack
|
page read and write
|
||
|
1031000
|
heap
|
page read and write
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
FC9000
|
heap
|
page read and write
|
||
|
F98000
|
heap
|
page read and write
|
||
|
4C90000
|
trusted library section
|
page readonly
|
||
|
118E000
|
stack
|
page read and write
|
||
|
FAB000
|
heap
|
page read and write
|
||
|
5360000
|
heap
|
page read and write
|
||
|
FAE000
|
heap
|
page read and write
|
||
|
872000
|
unkown
|
page readonly
|
||
|
2A2E000
|
trusted library allocation
|
page read and write
|
||
|
899E000
|
stack
|
page read and write
|
||
|
119B000
|
trusted library allocation
|
page execute and read and write
|
||
|
FBD000
|
heap
|
page read and write
|
||
|
615D000
|
stack
|
page read and write
|
||
|
F7A000
|
trusted library allocation
|
page execute and read and write
|
||
|
F98000
|
heap
|
page read and write
|
||
|
FEF000
|
heap
|
page read and write
|
||
|
CF6000
|
stack
|
page read and write
|
||
|
F82000
|
trusted library allocation
|
page execute and read and write
|
||
|
FC8000
|
heap
|
page read and write
|
||
|
F88000
|
heap
|
page read and write
|
||
|
F94000
|
heap
|
page read and write
|
||
|
FAB000
|
heap
|
page read and write
|
||
|
D1E000
|
stack
|
page read and write
|
||
|
E7A000
|
trusted library allocation
|
page execute and read and write
|
||
|
FB6000
|
heap
|
page read and write
|
||
|
FC9000
|
heap
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
319E000
|
trusted library allocation
|
page read and write
|
||
|
84DE000
|
stack
|
page read and write
|
||
|
FEF000
|
heap
|
page read and write
|
||
|
2FA8000
|
trusted library allocation
|
page read and write
|
||
|
52C0000
|
heap
|
page read and write
|
||
|
F48000
|
heap
|
page read and write
|
||
|
135E000
|
stack
|
page read and write
|
||
|
F84000
|
heap
|
page read and write
|
||
|
60E0000
|
trusted library allocation
|
page read and write
|
||
|
4C94000
|
trusted library section
|
page readonly
|
||
|
F94000
|
heap
|
page read and write
|
||
|
5250000
|
heap
|
page read and write
|
||
|
703E000
|
stack
|
page read and write
|
||
|
FAF000
|
heap
|
page read and write
|
||
|
103A000
|
heap
|
page read and write
|
||
|
4C5E000
|
stack
|
page read and write
|
||
|
FEF000
|
heap
|
page read and write
|
||
|
FBC000
|
heap
|
page read and write
|
||
|
F72000
|
trusted library allocation
|
page execute and read and write
|
||
|
9B2000
|
trusted library allocation
|
page execute and read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
9E2000
|
trusted library allocation
|
page read and write
|
||
|
625E000
|
stack
|
page read and write
|
||
|
FB2000
|
trusted library allocation
|
page read and write
|
||
|
91A000
|
stack
|
page read and write
|
||
|
F99000
|
heap
|
page read and write
|
||
|
52AC000
|
stack
|
page read and write
|
||
|
9CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
C3A000
|
stack
|
page read and write
|
||
|
F95000
|
heap
|
page read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
FB8000
|
heap
|
page read and write
|
||
|
FB7000
|
trusted library allocation
|
page execute and read and write
|
||
|
FEF000
|
heap
|
page read and write
|
||
|
1560000
|
trusted library allocation
|
page read and write
|
||
|
4D20000
|
heap
|
page read and write
|
||
|
4EC0000
|
heap
|
page read and write
|
||
|
F07000
|
heap
|
page read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
8F5000
|
heap
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
FCE000
|
heap
|
page read and write
|
||
|
6F2E000
|
stack
|
page read and write
|
||
|
100D000
|
heap
|
page read and write
|
||
|
E6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
F61000
|
heap
|
page read and write
|
||
|
5020000
|
trusted library allocation
|
page read and write
|
||
|
1420000
|
trusted library allocation
|
page read and write
|
||
|
995000
|
heap
|
page read and write
|
||
|
F99000
|
heap
|
page read and write
|
||
|
52B5000
|
heap
|
page read and write
|
||
|
FBF000
|
heap
|
page read and write
|
||
|
1580000
|
trusted library allocation
|
page execute and read and write
|
||
|
100D000
|
heap
|
page read and write
|
||
|
E82000
|
trusted library allocation
|
page execute and read and write
|
||
|
FC1000
|
heap
|
page read and write
|
||
|
530F000
|
heap
|
page read and write
|
||
|
FB5000
|
heap
|
page read and write
|
||
|
786000
|
stack
|
page read and write
|
||
|
9C0000
|
trusted library allocation
|
page read and write
|
||
|
66C000
|
stack
|
page read and write
|
||
|
39A1000
|
trusted library allocation
|
page read and write
|
||
|
F98000
|
heap
|
page read and write
|
||
|
F94000
|
heap
|
page read and write
|
||
|
F7F000
|
heap
|
page read and write
|
||
|
FAE000
|
heap
|
page read and write
|
||
|
FCB000
|
heap
|
page read and write
|
||
|
FC6000
|
heap
|
page read and write
|
||
|
F97000
|
trusted library allocation
|
page execute and read and write
|
||
|
A94000
|
heap
|
page read and write
|
||
|
E77000
|
trusted library allocation
|
page execute and read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
1033000
|
heap
|
page read and write
|
||
|
E62000
|
trusted library allocation
|
page execute and read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
317B000
|
trusted library allocation
|
page read and write
|
||
|
E8A000
|
trusted library allocation
|
page execute and read and write
|
||
|
F60000
|
trusted library allocation
|
page read and write
|
||
|
1192000
|
trusted library allocation
|
page read and write
|
||
|
4CD0000
|
heap
|
page read and write
|
||
|
4EE0000
|
heap
|
page read and write
|
||
|
9F0000
|
trusted library allocation
|
page read and write
|
||
|
1368000
|
trusted library allocation
|
page read and write
|
||
|
FB7000
|
heap
|
page read and write
|
||
|
1436000
|
heap
|
page read and write
|
||
|
F8B000
|
heap
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
1032000
|
heap
|
page read and write
|
||
|
F97000
|
heap
|
page read and write
|
||
|
FAA000
|
heap
|
page read and write
|
||
|
F79000
|
heap
|
page read and write
|
||
|
500E000
|
stack
|
page read and write
|
||
|
FAA000
|
heap
|
page read and write
|
||
|
FB2000
|
heap
|
page read and write
|
||
|
1034000
|
heap
|
page read and write
|
||
|
5970000
|
heap
|
page read and write
|
||
|
FAB000
|
heap
|
page read and write
|
||
|
FC3000
|
heap
|
page read and write
|
||
|
FC4000
|
heap
|
page read and write
|
||
|
CFE000
|
stack
|
page read and write
|
||
|
FB8000
|
heap
|
page read and write
|
||
|
5382000
|
heap
|
page read and write
|
||
|
100D000
|
heap
|
page read and write
|
||
|
4ED0000
|
heap
|
page read and write
|
||
|
F94000
|
heap
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
113E000
|
stack
|
page read and write
|
||
|
F84000
|
heap
|
page read and write
|
||
|
11F0000
|
heap
|
page execute and read and write
|
||
|
3157000
|
trusted library allocation
|
page read and write
|
||
|
5360000
|
unclassified section
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
5030000
|
heap
|
page read and write
|
||
|
F8A000
|
trusted library allocation
|
page execute and read and write
|
||
|
52AD000
|
stack
|
page read and write
|
||
|
F61000
|
heap
|
page read and write
|
||
|
E9E000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
F97000
|
heap
|
page read and write
|
||
|
F88000
|
heap
|
page read and write
|
||
|
ECF000
|
heap
|
page read and write
|
||
|
52B3000
|
heap
|
page read and write
|
||
|
FEF000
|
heap
|
page read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
EFF000
|
heap
|
page read and write
|
||
|
5398000
|
heap
|
page read and write
|
||
|
4BB0000
|
trusted library allocation
|
page read and write
|
||
|
F9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
F91000
|
heap
|
page read and write
|
||
|
FBD000
|
heap
|
page read and write
|
||
|
ED0000
|
heap
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
FB8000
|
heap
|
page read and write
|
||
|
5040000
|
trusted library allocation
|
page execute and read and write
|
||
|
9FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
875C000
|
stack
|
page read and write
|
||
|
1540000
|
trusted library allocation
|
page execute and read and write
|
||
|
6BFE000
|
stack
|
page read and write
|
||
|
FEF000
|
heap
|
page read and write
|
||
|
FEF000
|
heap
|
page read and write
|
||
|
FAE000
|
heap
|
page read and write
|
||
|
F91000
|
heap
|
page read and write
|
||
|
FBF000
|
heap
|
page read and write
|
||
|
FAE000
|
heap
|
page read and write
|
||
|
108E000
|
stack
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
5910000
|
heap
|
page read and write
|
||
|
83C0000
|
heap
|
page read and write
|
||
|
FED000
|
heap
|
page read and write
|
||
|
A0B000
|
trusted library allocation
|
page execute and read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
100D000
|
heap
|
page read and write
|
||
|
AB5000
|
heap
|
page read and write
|
||
|
F16000
|
heap
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
A2A000
|
heap
|
page read and write
|
||
|
871E000
|
stack
|
page read and write
|
||
|
3134000
|
trusted library allocation
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
FEF000
|
heap
|
page read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
FA2000
|
trusted library allocation
|
page execute and read and write
|
||
|
6EAE000
|
stack
|
page read and write
|
||
|
FAA000
|
heap
|
page read and write
|
||
|
4B90000
|
trusted library allocation
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
F88000
|
heap
|
page read and write
|
||
|
68A000
|
stack
|
page read and write
|
||
|
FBB000
|
heap
|
page read and write
|
||
|
538F000
|
heap
|
page read and write
|
||
|
5FDE000
|
heap
|
page read and write
|
||
|
6540000
|
trusted library allocation
|
page read and write
|
||
|
5FD0000
|
heap
|
page read and write
|
||
|
FB1000
|
heap
|
page read and write
|
||
|
100D000
|
heap
|
page read and write
|
||
|
5050000
|
trusted library allocation
|
page read and write
|
||
|
FCC000
|
heap
|
page read and write
|
||
|
E72000
|
trusted library allocation
|
page read and write
|
||
|
153E000
|
stack
|
page read and write
|
||
|
A5F000
|
heap
|
page read and write
|
||
|
A2E000
|
heap
|
page read and write
|
||
|
FAD000
|
heap
|
page read and write
|
||
|
101E000
|
stack
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
E60000
|
trusted library allocation
|
page read and write
|
||
|
FC5000
|
heap
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
538F000
|
heap
|
page read and write
|
||
|
FC5000
|
heap
|
page read and write
|
||
|
870000
|
unkown
|
page readonly
|
||
|
4D23000
|
heap
|
page read and write
|
||
|
538F000
|
heap
|
page read and write
|
||
|
F93000
|
heap
|
page read and write
|
||
|
3F11000
|
trusted library allocation
|
page read and write
|
||
|
29A1000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
CEE000
|
stack
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
5220000
|
trusted library section
|
page readonly
|
||
|
5880000
|
trusted library allocation
|
page execute and read and write
|
||
|
538F000
|
heap
|
page read and write
|
||
|
9C2000
|
trusted library allocation
|
page execute and read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
5033000
|
heap
|
page read and write
|
||
|
639E000
|
stack
|
page read and write
|
||
|
2FA1000
|
trusted library allocation
|
page read and write
|
||
|
DE5000
|
heap
|
page read and write
|
||
|
E80000
|
heap
|
page execute and read and write
|
||
|
526B000
|
stack
|
page read and write
|
||
|
177C000
|
stack
|
page read and write
|
||
|
52F9000
|
stack
|
page read and write
|
||
|
100F000
|
heap
|
page read and write
|
||
|
94B000
|
stack
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
5394000
|
heap
|
page read and write
|
||
|
9E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
5520000
|
trusted library allocation
|
page execute and read and write
|
||
|
F95000
|
heap
|
page read and write
|
||
|
F93000
|
heap
|
page read and write
|
||
|
FC6000
|
heap
|
page read and write
|
||
|
861E000
|
stack
|
page read and write
|
||
|
5900000
|
heap
|
page read and write
|
||
|
11DE000
|
stack
|
page read and write
|
||
|
1276000
|
heap
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
52B0000
|
heap
|
page read and write
|
||
|
F80000
|
trusted library allocation
|
page read and write
|
||
|
4E2D000
|
stack
|
page read and write
|
||
|
88E000
|
unkown
|
page readonly
|
||
|
F51000
|
heap
|
page read and write
|
||
|
5399000
|
heap
|
page read and write
|
||
|
FAE000
|
heap
|
page read and write
|
||
|
83D0000
|
trusted library section
|
page read and write
|
||
|
FC6000
|
heap
|
page read and write
|
||
|
1237000
|
heap
|
page read and write
|
||
|
FC8000
|
heap
|
page read and write
|
||
|
538F000
|
heap
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
E5A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5391000
|
heap
|
page read and write
|
||
|
9F2000
|
trusted library allocation
|
page execute and read and write
|
||
|
10F9000
|
heap
|
page read and write
|
||
|
7A50000
|
heap
|
page read and write
|
||
|
100E000
|
heap
|
page read and write
|
||
|
103C000
|
heap
|
page read and write
|
||
|
F76000
|
heap
|
page read and write
|
||
|
9CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
9EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
FB2000
|
heap
|
page read and write
|
||
|
ED5000
|
heap
|
page read and write
|
||
|
FCC000
|
heap
|
page read and write
|
||
|
1039000
|
heap
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
6EEE000
|
stack
|
page read and write
|
||
|
E52000
|
trusted library allocation
|
page execute and read and write
|
||
|
789000
|
stack
|
page read and write
|
||
|
35BD000
|
trusted library allocation
|
page read and write
|
||
|
FBB000
|
trusted library allocation
|
page execute and read and write
|
||
|
F99000
|
heap
|
page read and write
|
||
|
FC8000
|
heap
|
page read and write
|
||
|
F8B000
|
heap
|
page read and write
|
||
|
1068000
|
heap
|
page read and write
|
||
|
52D0000
|
heap
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
FBB000
|
heap
|
page read and write
|
||
|
4BA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
525F000
|
stack
|
page read and write
|
||
|
66CF000
|
stack
|
page read and write
|
||
|
4CC0000
|
heap
|
page read and write
|
||
|
FC4000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
52B0000
|
heap
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
1038000
|
heap
|
page read and write
|
||
|
76D000
|
stack
|
page read and write
|
||
|
FAA000
|
heap
|
page read and write
|
||
|
F66000
|
trusted library allocation
|
page read and write
|
||
|
15A0000
|
heap
|
page execute and read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
F97000
|
heap
|
page read and write
|
||
|
9A0000
|
trusted library allocation
|
page read and write
|
||
|
2F11000
|
trusted library allocation
|
page read and write
|
||
|
FBF000
|
heap
|
page read and write
|
||
|
7F9D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
FC6000
|
heap
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
5391000
|
heap
|
page read and write
|
||
|
F87000
|
heap
|
page read and write
|
||
|
1039000
|
heap
|
page read and write
|
||
|
8C0000
|
heap
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
F96000
|
heap
|
page read and write
|
||
|
F91000
|
heap
|
page read and write
|
||
|
E0E000
|
stack
|
page read and write
|
||
|
FBC000
|
heap
|
page read and write
|
||
|
1031000
|
heap
|
page read and write
|
||
|
F94000
|
heap
|
page read and write
|
||
|
F2E000
|
stack
|
page read and write
|
||
|
5381000
|
heap
|
page read and write
|
||
|
FBB000
|
heap
|
page read and write
|
||
|
F03000
|
heap
|
page read and write
|
||
|
AAD000
|
heap
|
page read and write
|
||
|
D5E000
|
stack
|
page read and write
|
||
|
1780000
|
heap
|
page read and write
|
||
|
6CFE000
|
stack
|
page read and write
|
||
|
100D000
|
heap
|
page read and write
|
||
|
100D000
|
heap
|
page read and write
|
||
|
CFB000
|
stack
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
1107000
|
heap
|
page read and write
|
||
|
FB5000
|
heap
|
page read and write
|
||
|
1190000
|
trusted library allocation
|
page read and write
|
||
|
4B7E000
|
stack
|
page read and write
|
||
|
2F9E000
|
trusted library allocation
|
page read and write
|
||
|
5381000
|
heap
|
page read and write
|
||
|
9BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
100D000
|
heap
|
page read and write
|
||
|
EB7000
|
heap
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
F95000
|
heap
|
page read and write
|
||
|
FB2000
|
heap
|
page read and write
|
||
|
FB1000
|
heap
|
page read and write
|
||
|
51DE000
|
stack
|
page read and write
|
||
|
FCA000
|
heap
|
page read and write
|
||
|
7B5E000
|
stack
|
page read and write
|
||
|
85DE000
|
stack
|
page read and write
|
||
|
40E1000
|
trusted library allocation
|
page read and write
|
||
|
EEE000
|
unkown
|
page read and write
|
||
|
538A000
|
heap
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
103C000
|
heap
|
page read and write
|
||
|
5397000
|
heap
|
page read and write
|
||
|
652E000
|
stack
|
page read and write
|
||
|
F61000
|
heap
|
page read and write
|
||
|
5398000
|
heap
|
page read and write
|
||
|
F54000
|
heap
|
page read and write
|
||
|
FAA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1109000
|
heap
|
page read and write
|
||
|
103E000
|
heap
|
page read and write
|
||
|
F84000
|
heap
|
page read and write
|
||
|
1037000
|
heap
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
30E1000
|
trusted library allocation
|
page read and write
|
||
|
1094000
|
heap
|
page read and write
|
||
|
E98000
|
heap
|
page read and write
|
||
|
5260000
|
heap
|
page read and write
|
||
|
889E000
|
stack
|
page read and write
|
||
|
E4E000
|
stack
|
page read and write
|
||
|
FC4000
|
heap
|
page read and write
|
||
|
4C8B000
|
stack
|
page read and write
|
||
|
FCB000
|
heap
|
page read and write
|
||
|
FBD000
|
heap
|
page read and write
|
||
|
FBC000
|
heap
|
page read and write
|
||
|
A07000
|
trusted library allocation
|
page execute and read and write
|
||
|
4EB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A75000
|
trusted library allocation
|
page read and write
|
||
|
521D000
|
stack
|
page read and write
|
||
|
E5F000
|
stack
|
page read and write
|
||
|
105C000
|
stack
|
page read and write
|
||
|
F8A000
|
heap
|
page read and write
|
||
|
63DE000
|
stack
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
107C000
|
heap
|
page read and write
|
||
|
FEF000
|
heap
|
page read and write
|
||
|
FB3000
|
heap
|
page read and write
|
There are 439 hidden memdumps, click here to show them.