Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
OaSEt8i2jE.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\speaker driver.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\d5385f57713d008f124c189489ec0ec8.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\OaSEt8i2jE.exe
|
"C:\Users\user\Desktop\OaSEt8i2jE.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\speaker driver.exe
|
"C:\Users\user\AppData\Local\Temp\speaker driver.exe"
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\AppData\Local\Temp\speaker driver.exe" "speaker driver.exe" ENABLE
|
|
|
|
C:\Users\user\AppData\Local\Temp\speaker driver.exe
|
"C:\Users\user\AppData\Local\Temp\speaker driver.exe" ..
|
|
|
|
C:\Users\user\AppData\Local\Temp\speaker driver.exe
|
"C:\Users\user\AppData\Local\Temp\speaker driver.exe" ..
|
|
|
|
C:\Users\user\AppData\Local\Temp\speaker driver.exe
|
"C:\Users\user\AppData\Local\Temp\speaker driver.exe" ..
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://go.microsoft.
|
unknown
|
||
|
http://go.microsoft.LinkId=42127
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
s-part-0017.t-0009.fb-t-msedge.net
|
13.107.253.45
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
193.41.226.233
|
unknown
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER
|
di
|
|
|
|
HKEY_CURRENT_USER\Environment
|
SEE_MASK_NOZONECHECKS
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
d5385f57713d008f124c189489ec0ec8
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced
|
Hidden
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\d5385f57713d008f124c189489ec0ec8
|
hp
|
||
|
HKEY_CURRENT_USER\SOFTWARE\d5385f57713d008f124c189489ec0ec8
|
i
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
|
d5385f57713d008f124c189489ec0ec8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\d5385f57713d008f124c189489ec0ec8
|
kl
|
||
|
HKEY_CURRENT_USER\SOFTWARE\d5385f57713d008f124c189489ec0ec8
|
kl
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2BD1000
|
trusted library allocation
|
page read and write
|
|
|
|
2D56000
|
trusted library allocation
|
page read and write
|
|
|
|
592000
|
unkown
|
page readonly
|
|
|
|
29EF000
|
stack
|
page read and write
|
||
|
33D8000
|
heap
|
page read and write
|
||
|
115D000
|
unkown
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
1350000
|
trusted library allocation
|
page read and write
|
||
|
33BA000
|
heap
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
33EB000
|
heap
|
page read and write
|
||
|
3403000
|
heap
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
5083000
|
heap
|
page read and write
|
||
|
30B7000
|
trusted library allocation
|
page read and write
|
||
|
179E000
|
stack
|
page read and write
|
||
|
1005000
|
heap
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
33CB000
|
heap
|
page read and write
|
||
|
A57000
|
heap
|
page read and write
|
||
|
58B0000
|
heap
|
page read and write
|
||
|
1139000
|
stack
|
page read and write
|
||
|
57BE000
|
stack
|
page read and write
|
||
|
B7A000
|
heap
|
page read and write
|
||
|
F2E000
|
stack
|
page read and write
|
||
|
5920000
|
heap
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
336B000
|
heap
|
page read and write
|
||
|
FC7000
|
trusted library allocation
|
page execute and read and write
|
||
|
B95000
|
heap
|
page read and write
|
||
|
33EF000
|
heap
|
page read and write
|
||
|
5ACE000
|
stack
|
page read and write
|
||
|
33D6000
|
heap
|
page read and write
|
||
|
16DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
DBE000
|
stack
|
page read and write
|
||
|
33D6000
|
heap
|
page read and write
|
||
|
3AF1000
|
trusted library allocation
|
page read and write
|
||
|
CBE000
|
stack
|
page read and write
|
||
|
520F000
|
stack
|
page read and write
|
||
|
309E000
|
stack
|
page read and write
|
||
|
529E000
|
stack
|
page read and write
|
||
|
3432000
|
heap
|
page read and write
|
||
|
10AE000
|
stack
|
page read and write
|
||
|
3D67000
|
trusted library allocation
|
page read and write
|
||
|
12BE000
|
stack
|
page read and write
|
||
|
4D6E000
|
stack
|
page read and write
|
||
|
33E2000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
33D7000
|
heap
|
page read and write
|
||
|
F26000
|
heap
|
page read and write
|
||
|
5810000
|
trusted library allocation
|
page execute and read and write
|
||
|
345E000
|
heap
|
page read and write
|
||
|
3BD1000
|
trusted library allocation
|
page read and write
|
||
|
B12000
|
trusted library allocation
|
page execute and read and write
|
||
|
33CC000
|
trusted library allocation
|
page read and write
|
||
|
3403000
|
heap
|
page read and write
|
||
|
33EA000
|
heap
|
page read and write
|
||
|
3429000
|
trusted library allocation
|
page read and write
|
||
|
58FC000
|
stack
|
page read and write
|
||
|
1481000
|
heap
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
B22000
|
trusted library allocation
|
page execute and read and write
|
||
|
136A000
|
trusted library allocation
|
page execute and read and write
|
||
|
345E000
|
heap
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
3457000
|
heap
|
page read and write
|
||
|
3381000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
DCB000
|
stack
|
page read and write
|
||
|
2D41000
|
trusted library allocation
|
page read and write
|
||
|
33A6000
|
heap
|
page read and write
|
||
|
33EF000
|
heap
|
page read and write
|
||
|
33E0000
|
heap
|
page read and write
|
||
|
57E0000
|
unclassified section
|
page read and write
|
||
|
16AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
345C000
|
heap
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
33B7000
|
heap
|
page read and write
|
||
|
FA2000
|
trusted library allocation
|
page execute and read and write
|
||
|
17F0000
|
heap
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
4F50000
|
trusted library allocation
|
page execute and read and write
|
||
|
5690000
|
heap
|
page read and write
|
||
|
1418000
|
heap
|
page read and write
|
||
|
B18000
|
heap
|
page read and write
|
||
|
CC5000
|
heap
|
page read and write
|
||
|
E6E000
|
heap
|
page read and write
|
||
|
3381000
|
heap
|
page read and write
|
||
|
1680000
|
trusted library allocation
|
page read and write
|
||
|
FEB000
|
trusted library allocation
|
page execute and read and write
|
||
|
B4A000
|
trusted library allocation
|
page execute and read and write
|
||
|
56BE000
|
stack
|
page read and write
|
||
|
33ED000
|
heap
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
CCB000
|
stack
|
page read and write
|
||
|
3381000
|
heap
|
page read and write
|
||
|
56A8000
|
heap
|
page read and write
|
||
|
ACD000
|
stack
|
page read and write
|
||
|
33EA000
|
heap
|
page read and write
|
||
|
33E6000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
1690000
|
heap
|
page read and write
|
||
|
E40000
|
trusted library allocation
|
page read and write
|
||
|
1750000
|
heap
|
page execute and read and write
|
||
|
FAA000
|
trusted library allocation
|
page execute and read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
5AAE000
|
stack
|
page read and write
|
||
|
569E000
|
heap
|
page read and write
|
||
|
1372000
|
trusted library allocation
|
page execute and read and write
|
||
|
33E8000
|
heap
|
page read and write
|
||
|
5180000
|
heap
|
page read and write
|
||
|
510E000
|
stack
|
page read and write
|
||
|
1392000
|
trusted library allocation
|
page execute and read and write
|
||
|
3360000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
5670000
|
heap
|
page read and write
|
||
|
33B9000
|
heap
|
page read and write
|
||
|
E2E000
|
stack
|
page read and write
|
||
|
5890000
|
heap
|
page read and write
|
||
|
3374000
|
heap
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
173E000
|
stack
|
page read and write
|
||
|
DAA000
|
trusted library allocation
|
page execute and read and write
|
||
|
345E000
|
heap
|
page read and write
|
||
|
1486000
|
heap
|
page read and write
|
||
|
33B9000
|
heap
|
page read and write
|
||
|
9AE000
|
stack
|
page read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
33CE000
|
heap
|
page read and write
|
||
|
4FC0000
|
heap
|
page read and write
|
||
|
FBA000
|
trusted library allocation
|
page execute and read and write
|
||
|
EEE000
|
stack
|
page read and write
|
||
|
FB0000
|
trusted library allocation
|
page read and write
|
||
|
F7E000
|
stack
|
page read and write
|
||
|
33AC000
|
heap
|
page read and write
|
||
|
55CB000
|
stack
|
page read and write
|
||
|
54CC000
|
stack
|
page read and write
|
||
|
12D5000
|
heap
|
page read and write
|
||
|
159F000
|
stack
|
page read and write
|
||
|
4DFE000
|
stack
|
page read and write
|
||
|
33CC000
|
heap
|
page read and write
|
||
|
141B000
|
heap
|
page read and write
|
||
|
569F000
|
heap
|
page read and write
|
||
|
4F60000
|
trusted library allocation
|
page read and write
|
||
|
DC4000
|
stack
|
page read and write
|
||
|
9A5000
|
heap
|
page read and write
|
||
|
33D6000
|
heap
|
page read and write
|
||
|
355E000
|
stack
|
page read and write
|
||
|
16BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
16E0000
|
heap
|
page read and write
|
||
|
4EDD000
|
stack
|
page read and write
|
||
|
1890000
|
heap
|
page read and write
|
||
|
586E000
|
stack
|
page read and write
|
||
|
FD2000
|
trusted library allocation
|
page execute and read and write
|
||
|
16B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
345D000
|
heap
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
567E000
|
stack
|
page read and write
|
||
|
FDA000
|
trusted library allocation
|
page execute and read and write
|
||
|
9F8000
|
heap
|
page read and write
|
||
|
B0E000
|
stack
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
56D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
33E1000
|
trusted library allocation
|
page read and write
|
||
|
B3A000
|
trusted library allocation
|
page execute and read and write
|
||
|
FB2000
|
trusted library allocation
|
page execute and read and write
|
||
|
5510000
|
heap
|
page read and write
|
||
|
95E000
|
stack
|
page read and write
|
||
|
E9E000
|
heap
|
page read and write
|
||
|
558B000
|
stack
|
page read and write
|
||
|
33BA000
|
heap
|
page read and write
|
||
|
33EB000
|
heap
|
page read and write
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
501F000
|
stack
|
page read and write
|
||
|
16C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
16A7000
|
trusted library allocation
|
page execute and read and write
|
||
|
1415000
|
heap
|
page read and write
|
||
|
33D1000
|
heap
|
page read and write
|
||
|
596E000
|
stack
|
page read and write
|
||
|
1362000
|
trusted library allocation
|
page execute and read and write
|
||
|
345D000
|
heap
|
page read and write
|
||
|
569E000
|
heap
|
page read and write
|
||
|
5080000
|
heap
|
page read and write
|
||
|
DA2000
|
trusted library allocation
|
page execute and read and write
|
||
|
342C000
|
trusted library allocation
|
page read and write
|
||
|
56A8000
|
heap
|
page read and write
|
||
|
1860000
|
trusted library allocation
|
page read and write
|
||
|
3330000
|
heap
|
page read and write
|
||
|
550F000
|
stack
|
page read and write
|
||
|
33E8000
|
heap
|
page read and write
|
||
|
4FD0000
|
trusted library allocation
|
page read and write
|
||
|
519E000
|
stack
|
page read and write
|
||
|
4F1E000
|
stack
|
page read and write
|
||
|
33B0000
|
heap
|
page read and write
|
||
|
33EF000
|
heap
|
page read and write
|
||
|
4FBE000
|
stack
|
page read and write
|
||
|
569E000
|
heap
|
page read and write
|
||
|
33CD000
|
heap
|
page read and write
|
||
|
507E000
|
stack
|
page read and write
|
||
|
4381000
|
trusted library allocation
|
page read and write
|
||
|
5A90000
|
heap
|
page read and write
|
||
|
154E000
|
stack
|
page read and write
|
||
|
1370000
|
trusted library allocation
|
page read and write
|
||
|
554C000
|
stack
|
page read and write
|
||
|
16BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
3456000
|
heap
|
page read and write
|
||
|
33D1000
|
heap
|
page read and write
|
||
|
3454000
|
heap
|
page read and write
|
||
|
33A9000
|
heap
|
page read and write
|
||
|
4D7D000
|
stack
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
33A9000
|
heap
|
page read and write
|
||
|
4DBC000
|
stack
|
page read and write
|
||
|
33A5000
|
heap
|
page read and write
|
||
|
33B0000
|
heap
|
page read and write
|
||
|
33A6000
|
heap
|
page read and write
|
||
|
33A5000
|
heap
|
page read and write
|
||
|
B00000
|
trusted library allocation
|
page read and write
|
||
|
503E000
|
stack
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
D62000
|
trusted library allocation
|
page execute and read and write
|
||
|
1445000
|
heap
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
33E8000
|
heap
|
page read and write
|
||
|
56CC000
|
stack
|
page read and write
|
||
|
33CC000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
DCE000
|
stack
|
page read and write
|
||
|
F90000
|
trusted library allocation
|
page read and write
|
||
|
B37000
|
trusted library allocation
|
page execute and read and write
|
||
|
33CC000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
3696000
|
heap
|
page read and write
|
||
|
5AD0000
|
heap
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
569F000
|
heap
|
page read and write
|
||
|
33DD000
|
heap
|
page read and write
|
||
|
E60000
|
trusted library allocation
|
page read and write
|
||
|
F90000
|
trusted library allocation
|
page read and write
|
||
|
545E000
|
stack
|
page read and write
|
||
|
33E8000
|
heap
|
page read and write
|
||
|
D8A000
|
trusted library allocation
|
page execute and read and write
|
||
|
33DD000
|
heap
|
page read and write
|
||
|
515E000
|
stack
|
page read and write
|
||
|
119E000
|
stack
|
page read and write
|
||
|
DBB000
|
trusted library allocation
|
page execute and read and write
|
||
|
569E000
|
heap
|
page read and write
|
||
|
3394000
|
heap
|
page read and write
|
||
|
5692000
|
heap
|
page read and write
|
||
|
102E000
|
stack
|
page read and write
|
||
|
50CC000
|
stack
|
page read and write
|
||
|
56E0000
|
heap
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
5700000
|
heap
|
page read and write
|
||
|
A3B000
|
stack
|
page read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
16CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
33E4000
|
trusted library allocation
|
page read and write
|
||
|
33CB000
|
heap
|
page read and write
|
||
|
16D2000
|
trusted library allocation
|
page execute and read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
B42000
|
trusted library allocation
|
page execute and read and write
|
||
|
5671000
|
heap
|
page read and write
|
||
|
A66000
|
heap
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
33ED000
|
heap
|
page read and write
|
||
|
33D8000
|
heap
|
page read and write
|
||
|
56CD000
|
stack
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
16B2000
|
trusted library allocation
|
page execute and read and write
|
||
|
3410000
|
heap
|
page read and write
|
||
|
B9E000
|
stack
|
page read and write
|
||
|
B36000
|
stack
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
5C9000
|
stack
|
page read and write
|
||
|
13DF000
|
stack
|
page read and write
|
||
|
574E000
|
stack
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
33A9000
|
heap
|
page read and write
|
||
|
1650000
|
heap
|
page read and write
|
||
|
B57000
|
trusted library allocation
|
page execute and read and write
|
||
|
1136000
|
stack
|
page read and write
|
||
|
4D48000
|
trusted library allocation
|
page read and write
|
||
|
A25000
|
heap
|
page read and write
|
||
|
586F000
|
stack
|
page read and write
|
||
|
33C5000
|
trusted library allocation
|
page read and write
|
||
|
582E000
|
stack
|
page read and write
|
||
|
52A0000
|
heap
|
page read and write
|
||
|
FE2000
|
trusted library allocation
|
page read and write
|
||
|
557D000
|
stack
|
page read and write
|
||
|
5910000
|
heap
|
page read and write
|
||
|
16A2000
|
trusted library allocation
|
page execute and read and write
|
||
|
3455000
|
heap
|
page read and write
|
||
|
59AE000
|
stack
|
page read and write
|
||
|
33EF000
|
heap
|
page read and write
|
||
|
3403000
|
heap
|
page read and write
|
||
|
569E000
|
heap
|
page read and write
|
||
|
4EFE000
|
stack
|
page read and write
|
||
|
13BD000
|
heap
|
page read and write
|
||
|
33AE000
|
heap
|
page read and write
|
||
|
A0D000
|
heap
|
page read and write
|
||
|
33E5000
|
heap
|
page read and write
|
||
|
550B000
|
stack
|
page read and write
|
||
|
33EA000
|
heap
|
page read and write
|
||
|
56A1000
|
heap
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
56AC000
|
stack
|
page read and write
|
||
|
33D1000
|
heap
|
page read and write
|
||
|
569D000
|
heap
|
page read and write
|
||
|
185E000
|
stack
|
page read and write
|
||
|
B4E000
|
heap
|
page read and write
|
||
|
915000
|
heap
|
page read and write
|
||
|
DCF000
|
stack
|
page read and write
|
||
|
3403000
|
heap
|
page read and write
|
||
|
569B000
|
heap
|
page read and write
|
||
|
1870000
|
trusted library allocation
|
page execute and read and write
|
||
|
FE7000
|
trusted library allocation
|
page execute and read and write
|
||
|
B2C000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E6D000
|
stack
|
page read and write
|
||
|
56E0000
|
heap
|
page read and write
|
||
|
F0D000
|
heap
|
page read and write
|
||
|
3431000
|
heap
|
page read and write
|
||
|
10B0000
|
trusted library allocation
|
page read and write
|
||
|
3425000
|
trusted library allocation
|
page read and write
|
||
|
3410000
|
heap
|
page read and write
|
||
|
33EB000
|
heap
|
page read and write
|
||
|
33B6000
|
heap
|
page read and write
|
||
|
43E1000
|
trusted library allocation
|
page read and write
|
||
|
130E000
|
stack
|
page read and write
|
||
|
555F000
|
stack
|
page read and write
|
||
|
D70000
|
trusted library allocation
|
page read and write
|
||
|
B36000
|
heap
|
page read and write
|
||
|
169E000
|
stack
|
page read and write
|
||
|
16FB000
|
trusted library allocation
|
page execute and read and write
|
||
|
10E0000
|
heap
|
page execute and read and write
|
||
|
DB7000
|
trusted library allocation
|
page execute and read and write
|
||
|
33DD000
|
heap
|
page read and write
|
||
|
142D000
|
heap
|
page read and write
|
||
|
2AF4000
|
trusted library allocation
|
page read and write
|
||
|
568D000
|
stack
|
page read and write
|
||
|
33A5000
|
heap
|
page read and write
|
||
|
331E000
|
unkown
|
page read and write
|
||
|
E68000
|
heap
|
page read and write
|
||
|
33A9000
|
heap
|
page read and write
|
||
|
137C000
|
trusted library allocation
|
page execute and read and write
|
||
|
345D000
|
heap
|
page read and write
|
||
|
59CE000
|
stack
|
page read and write
|
||
|
33D8000
|
heap
|
page read and write
|
||
|
5AB0000
|
heap
|
page read and write
|
||
|
33DE000
|
heap
|
page read and write
|
||
|
33D2000
|
heap
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
33AA000
|
heap
|
page read and write
|
||
|
B5B000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F40000
|
trusted library allocation
|
page read and write
|
||
|
3384000
|
trusted library allocation
|
page read and write
|
||
|
103B000
|
stack
|
page read and write
|
||
|
1136000
|
stack
|
page read and write
|
||
|
D50000
|
trusted library allocation
|
page read and write
|
||
|
D7A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F3E000
|
stack
|
page read and write
|
||
|
B26000
|
trusted library allocation
|
page execute and read and write
|
||
|
D6A000
|
trusted library allocation
|
page execute and read and write
|
||
|
507A000
|
stack
|
page read and write
|
||
|
16B0000
|
heap
|
page read and write
|
||
|
33AD000
|
heap
|
page read and write
|
||
|
566D000
|
stack
|
page read and write
|
||
|
B1A000
|
trusted library allocation
|
page execute and read and write
|
||
|
16F7000
|
trusted library allocation
|
page execute and read and write
|
||
|
17E0000
|
trusted library allocation
|
page read and write
|
||
|
33B5000
|
heap
|
page read and write
|
||
|
FCA000
|
trusted library allocation
|
page execute and read and write
|
||
|
5697000
|
heap
|
page read and write
|
||
|
D72000
|
trusted library allocation
|
page execute and read and write
|
||
|
33B6000
|
heap
|
page read and write
|
||
|
33E2000
|
heap
|
page read and write
|
||
|
57FC000
|
stack
|
page read and write
|
||
|
33B8000
|
heap
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
13A8000
|
heap
|
page read and write
|
||
|
33D2000
|
heap
|
page read and write
|
||
|
E50000
|
trusted library allocation
|
page execute and read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
3410000
|
heap
|
page read and write
|
||
|
33AF000
|
heap
|
page read and write
|
||
|
4CB000
|
stack
|
page read and write
|
||
|
1376000
|
trusted library allocation
|
page execute and read and write
|
||
|
83B000
|
stack
|
page read and write
|
||
|
505E000
|
stack
|
page read and write
|
||
|
9A8000
|
heap
|
page read and write
|
||
|
16F0000
|
trusted library allocation
|
page read and write
|
||
|
33C9000
|
trusted library allocation
|
page read and write
|
||
|
164E000
|
stack
|
page read and write
|
||
|
33EB000
|
heap
|
page read and write
|
||
|
5C6000
|
stack
|
page read and write
|
||
|
33BA000
|
heap
|
page read and write
|
||
|
1000000
|
heap
|
page execute and read and write
|
||
|
11E5000
|
heap
|
page read and write
|
||
|
B2A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1387000
|
trusted library allocation
|
page execute and read and write
|
||
|
3397000
|
heap
|
page read and write
|
||
|
DCF000
|
stack
|
page read and write
|
||
|
1880000
|
trusted library allocation
|
page read and write
|
||
|
B1E000
|
heap
|
page read and write
|
||
|
3D41000
|
trusted library allocation
|
page read and write
|
||
|
17C0000
|
trusted library allocation
|
page read and write
|
||
|
103B000
|
stack
|
page read and write
|
||
|
590000
|
unkown
|
page readonly
|
||
|
3371000
|
heap
|
page read and write
|
||
|
55C0000
|
trusted library allocation
|
page read and write
|
||
|
33AF000
|
heap
|
page read and write
|
||
|
139A000
|
trusted library allocation
|
page execute and read and write
|
||
|
598F000
|
stack
|
page read and write
|
||
|
4E90000
|
heap
|
page read and write
|
||
|
4E1C000
|
stack
|
page read and write
|
||
|
102F000
|
stack
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
CCF000
|
stack
|
page read and write
|
||
|
33B1000
|
heap
|
page read and write
|
||
|
33E3000
|
heap
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
3670000
|
heap
|
page read and write
|
||
|
572E000
|
stack
|
page read and write
|
||
|
3410000
|
heap
|
page read and write
|
||
|
33CB000
|
heap
|
page read and write
|
||
|
10C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C8E000
|
stack
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
7F6B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
33DD000
|
heap
|
page read and write
|
||
|
DF0000
|
heap
|
page execute and read and write
|
||
|
936000
|
stack
|
page read and write
|
||
|
1139000
|
stack
|
page read and write
|
||
|
55E0000
|
trusted library allocation
|
page read and write
|
||
|
B20000
|
trusted library allocation
|
page read and write
|
||
|
B86000
|
heap
|
page read and write
|
||
|
3381000
|
heap
|
page read and write
|
||
|
16FE000
|
stack
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
137A000
|
trusted library allocation
|
page execute and read and write
|
||
|
517E000
|
stack
|
page read and write
|
||
|
3410000
|
heap
|
page read and write
|
||
|
1710000
|
heap
|
page read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
33B8000
|
heap
|
page read and write
|
||
|
3690000
|
heap
|
page read and write
|
||
|
33ED000
|
heap
|
page read and write
|
||
|
345A000
|
heap
|
page read and write
|
||
|
3431000
|
heap
|
page read and write
|
||
|
16AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1488000
|
heap
|
page read and write
|
||
|
557F000
|
stack
|
page read and write
|
||
|
4F1E000
|
stack
|
page read and write
|
||
|
B39000
|
stack
|
page read and write
|
||
|
16A0000
|
trusted library allocation
|
page read and write
|
||
|
D7C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AF1000
|
trusted library allocation
|
page read and write
|
||
|
565E000
|
stack
|
page read and write
|
||
|
33DE000
|
heap
|
page read and write
|
||
|
569E000
|
heap
|
page read and write
|
||
|
11CE000
|
stack
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
17D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
13D5000
|
heap
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
D0F000
|
stack
|
page read and write
|
||
|
584F000
|
stack
|
page read and write
|
||
|
33CF000
|
heap
|
page read and write
|
||
|
3410000
|
heap
|
page read and write
|
||
|
1750000
|
heap
|
page execute and read and write
|
||
|
141D000
|
heap
|
page read and write
|
||
|
588E000
|
stack
|
page read and write
|
||
|
138A000
|
trusted library allocation
|
page execute and read and write
|
There are 464 hidden memdumps, click here to show them.