IOC Report
Siopel.exe

loading gif

Files

File Path
Type
Category
Malicious
Siopel.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
C:\Users\user\Desktop\_PruebaAcceso\_PruebaAcceso.txt
ASCII text, with CRLF line terminators
dropped
C:\Windows\SIOPEL.INI
Generic INItialization configuration [Negociacion]
dropped

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\Siopel.exe
"C:\Users\user\Desktop\Siopel.exe"
malicious

URLs

Name
IP
Malicious
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclFileUtils.pa
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclIniFiles.pas
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclSynch.pas
unknown
http://www.qusoft.com
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/windows/JclConsole.pas
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclBase.pas
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclResources.pa
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/windows/JclRegistry.pa
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclLogic.pas
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclStrings.pas
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclSysInfo.pas
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclMime.pas
unknown
http://www.winimage.com/zLibDll-1.2.3rbr
unknown
http://www.mae.com.ar
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclMath.pas
unknown
http://fastmm.sourceforge.net).
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclUnitVersioni
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclStreams.pas
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclSysUtils.pas
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/windows/JclWin32.pas
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclCharsets.pas
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclDateTime.pas
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclUnicode.pas
unknown
http://www.winimage.com/zLibDll
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclRTTI.pas
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/Jcl8087.pas
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/windows/JclShell.pas
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclStringConver
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclWideStrings.
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/windows/JclSecurity.pa
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclAnsiStrings.
unknown
There are 21 hidden URLs, click here to show them.

IPs

IP
Domain
Country
Malicious
127.0.0.1
unknown
unknown

Registry

Path
Value
Malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{380BFC1D-3E4F-41DD-ACBD-CE03C2E4923D}
NULL
malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{380BFC1D-3E4F-41DD-ACBD-CE03C2E4923D}\LocalServer32
NULL
malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1E40C6E5-AA3F-4C70-8149-BF0B28650A39}\1.0
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1E40C6E5-AA3F-4C70-8149-BF0B28650A39}\1.0\FLAGS
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1E40C6E5-AA3F-4C70-8149-BF0B28650A39}\1.0\0\win32
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1E40C6E5-AA3F-4C70-8149-BF0B28650A39}\1.0\HELPDIR
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{EEB983E4-B2B1-471F-B2BB-C26C6D27537C}
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{EEB983E4-B2B1-471F-B2BB-C26C6D27537C}\ProxyStubClsid32
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{EEB983E4-B2B1-471F-B2BB-C26C6D27537C}\TypeLib
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{EEB983E4-B2B1-471F-B2BB-C26C6D27537C}\TypeLib
Version
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EEB983E4-B2B1-471F-B2BB-C26C6D27537C}
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EEB983E4-B2B1-471F-B2BB-C26C6D27537C}\ProxyStubClsid32
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EEB983E4-B2B1-471F-B2BB-C26C6D27537C}\TypeLib
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EEB983E4-B2B1-471F-B2BB-C26C6D27537C}\TypeLib
Version
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E0F0889E-DD1A-4515-8232-DD24DDBD36A3}
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E0F0889E-DD1A-4515-8232-DD24DDBD36A3}\ProxyStubClsid32
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E0F0889E-DD1A-4515-8232-DD24DDBD36A3}\TypeLib
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E0F0889E-DD1A-4515-8232-DD24DDBD36A3}\TypeLib
Version
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E0F0889E-DD1A-4515-8232-DD24DDBD36A3}
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E0F0889E-DD1A-4515-8232-DD24DDBD36A3}\ProxyStubClsid32
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E0F0889E-DD1A-4515-8232-DD24DDBD36A3}\TypeLib
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E0F0889E-DD1A-4515-8232-DD24DDBD36A3}\TypeLib
Version
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{26EC72B4-E861-4AE0-ABBE-BFC2F61CB743}
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{26EC72B4-E861-4AE0-ABBE-BFC2F61CB743}\TypeLib
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{26EC72B4-E861-4AE0-ABBE-BFC2F61CB743}\TypeLib
Version
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{26EC72B4-E861-4AE0-ABBE-BFC2F61CB743}
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{26EC72B4-E861-4AE0-ABBE-BFC2F61CB743}\ProxyStubClsid32
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{26EC72B4-E861-4AE0-ABBE-BFC2F61CB743}\TypeLib
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{26EC72B4-E861-4AE0-ABBE-BFC2F61CB743}\TypeLib
Version
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FCEF1F83-FB6D-436C-964E-56C0323E0255}
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FCEF1F83-FB6D-436C-964E-56C0323E0255}\ProxyStubClsid32
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FCEF1F83-FB6D-436C-964E-56C0323E0255}\TypeLib
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FCEF1F83-FB6D-436C-964E-56C0323E0255}\TypeLib
Version
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FCEF1F83-FB6D-436C-964E-56C0323E0255}
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C6448A64-7EC0-4EC6-84CE-42DD1B9BB386}
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C6448A64-7EC0-4EC6-84CE-42DD1B9BB386}\ProxyStubClsid32
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C6448A64-7EC0-4EC6-84CE-42DD1B9BB386}\TypeLib
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C6448A64-7EC0-4EC6-84CE-42DD1B9BB386}\TypeLib
Version
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C6448A64-7EC0-4EC6-84CE-42DD1B9BB386}
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2CB155A7-6758-4B03-AAC7-7C26FA15F4A9}
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2CB155A7-6758-4B03-AAC7-7C26FA15F4A9}\ProxyStubClsid32
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2CB155A7-6758-4B03-AAC7-7C26FA15F4A9}\TypeLib
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2CB155A7-6758-4B03-AAC7-7C26FA15F4A9}\TypeLib
Version
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2CB155A7-6758-4B03-AAC7-7C26FA15F4A9}
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2CB155A7-6758-4B03-AAC7-7C26FA15F4A9}\ProxyStubClsid32
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2CB155A7-6758-4B03-AAC7-7C26FA15F4A9}\TypeLib
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2CB155A7-6758-4B03-AAC7-7C26FA15F4A9}\TypeLib
Version
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2C402B3D-B7A4-4D5C-875F-A40AE74907F8}
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2C402B3D-B7A4-4D5C-875F-A40AE74907F8}\ProxyStubClsid32
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2C402B3D-B7A4-4D5C-875F-A40AE74907F8}\TypeLib
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2C402B3D-B7A4-4D5C-875F-A40AE74907F8}\TypeLib
Version
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2C402B3D-B7A4-4D5C-875F-A40AE74907F8}
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2C402B3D-B7A4-4D5C-875F-A40AE74907F8}\TypeLib
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2C402B3D-B7A4-4D5C-875F-A40AE74907F8}\TypeLib
Version
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C2727789-1241-446D-847B-6526F32E34BF}
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C2727789-1241-446D-847B-6526F32E34BF}\ProxyStubClsid32
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C2727789-1241-446D-847B-6526F32E34BF}
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1909F6F3-3889-41B0-AD3D-0F9517C278A6}
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1909F6F3-3889-41B0-AD3D-0F9517C278A6}
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Siopel.Operaciones
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Siopel.Operaciones\Clsid
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{380BFC1D-3E4F-41DD-ACBD-CE03C2E4923D}\ProgID
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{380BFC1D-3E4F-41DD-ACBD-CE03C2E4923D}\Version
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{380BFC1D-3E4F-41DD-ACBD-CE03C2E4923D}\TypeLib
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{76410EAD-74CA-4E04-91D2-8254DD094C88}
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{76410EAD-74CA-4E04-91D2-8254DD094C88}\LocalServer32
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Siopel.Pizarras
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Siopel.Pizarras\Clsid
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{76410EAD-74CA-4E04-91D2-8254DD094C88}\ProgID
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{76410EAD-74CA-4E04-91D2-8254DD094C88}\Version
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{76410EAD-74CA-4E04-91D2-8254DD094C88}\TypeLib
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CDF9E88D-BE52-41E4-9EE4-DD9A52482893}
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CDF9E88D-BE52-41E4-9EE4-DD9A52482893}\LocalServer32
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Siopel.Pizarra
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Siopel.Pizarra\Clsid
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CDF9E88D-BE52-41E4-9EE4-DD9A52482893}\ProgID
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CDF9E88D-BE52-41E4-9EE4-DD9A52482893}\TypeLib
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Siopel.Tablas\Clsid
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A04CB05A-D6C8-4D31-A868-E651984D3EA6}\ProgID
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A04CB05A-D6C8-4D31-A868-E651984D3EA6}\Version
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A04CB05A-D6C8-4D31-A868-E651984D3EA6}\TypeLib
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0FF3BF23-0D16-4581-B776-D6FC12619547}
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0FF3BF23-0D16-4581-B776-D6FC12619547}\LocalServer32
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Siopel.Especies\Clsid
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0FF3BF23-0D16-4581-B776-D6FC12619547}\ProgID
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0FF3BF23-0D16-4581-B776-D6FC12619547}\Version
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D8B90072-DDF5-4C87-BB15-81F4940BB937}\LocalServer32
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Siopel.Aplicacion
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Siopel.Aplicacion\Clsid
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D8B90072-DDF5-4C87-BB15-81F4940BB937}\ProgID
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D8B90072-DDF5-4C87-BB15-81F4940BB937}\Version
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2C4D58C9-A440-4285-A771-04A1995ABE96}
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Siopel.Oferta
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Siopel.Oferta\Clsid
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2C4D58C9-A440-4285-A771-04A1995ABE96}\ProgID
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2C4D58C9-A440-4285-A771-04A1995ABE96}\Version
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2C4D58C9-A440-4285-A771-04A1995ABE96}\TypeLib
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A0FF3942-AF81-464A-8B19-E11FB5A69B7B}
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A0FF3942-AF81-464A-8B19-E11FB5A69B7B}\LocalServer32
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Siopel.Ruedas
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Siopel.Ruedas\Clsid
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A0FF3942-AF81-464A-8B19-E11FB5A69B7B}\ProgID
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A0FF3942-AF81-464A-8B19-E11FB5A69B7B}\Version
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A0FF3942-AF81-464A-8B19-E11FB5A69B7B}\TypeLib
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.NDF
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Suite SIOPEL: Negociaci n.Escritorio
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Suite SIOPEL: Negociaci n.Escritorio\shell\open\command
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Suite SIOPEL: Negociaci n.Escritorio\shell\open\ddeexec
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Suite SIOPEL: Negociaci n.Escritorio\shell\open\ddeexec\Application
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Suite SIOPEL: Negociaci n.Escritorio\shell\open\ddeexec\ifexec
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Suite SIOPEL: Negociaci n.Escritorio\shell\open\ddeexec\topic
NULL
There are 101 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
1D9B000
heap
page read and write
1BC4000
unkown
page read and write
1DC2000
heap
page read and write
E11000
unkown
page write copy
19B000
stack
page read and write
46DD000
direct allocation
page read and write
580000
unkown
page read and write
46D9000
direct allocation
page read and write
4768000
direct allocation
page read and write
1DCE000
heap
page read and write
41DE000
stack
page read and write
47AE000
stack
page read and write
14C0000
unkown
page read and write
15C2000
unkown
page read and write
1CD0000
heap
page read and write
6F10000
trusted library allocation
page read and write
48AF000
stack
page read and write
3AA2000
direct allocation
page read and write
1CC0000
heap
page read and write
3AD0000
direct allocation
page read and write
498F000
direct allocation
page read and write
1DD8000
heap
page read and write
4950000
trusted library allocation
page read and write
4A8E000
direct allocation
page read and write
1949000
unkown
page read and write
3A84000
direct allocation
page read and write
1DDB000
heap
page read and write
49C3000
direct allocation
page read and write
1D9C000
heap
page read and write
3A40000
direct allocation
page read and write
1DE0000
heap
page read and write
7F9A0000
direct allocation
page read and write
D34000
unkown
page write copy
466F000
stack
page read and write
3B6A000
direct allocation
page read and write
3A9B000
direct allocation
page read and write
1F0000
heap
page read and write
1DC2000
heap
page read and write
44ED000
direct allocation
page read and write
4707000
direct allocation
page read and write
3AC2000
direct allocation
page read and write
1DD2000
heap
page read and write
1D10000
heap
page read and write
D33000
unkown
page execute and read and write
7F8EE000
direct allocation
page read and write
1B35000
unkown
page read and write
1DE8000
heap
page read and write
49C5000
direct allocation
page read and write
1AA6000
unkown
page read and write
704F000
stack
page read and write
4331000
direct allocation
page read and write
7FDCE000
direct allocation
page read and write
39D0000
heap
page read and write
4987000
direct allocation
page read and write
1D54000
heap
page read and write
1854000
unkown
page read and write
3B54000
direct allocation
page read and write
7F660000
direct allocation
page read and write
4989000
direct allocation
page read and write
1DC2000
heap
page read and write
49A7000
direct allocation
page read and write
3AE5000
direct allocation
page read and write
3A4B000
direct allocation
page read and write
4A80000
direct allocation
page read and write
49BF000
direct allocation
page read and write
1B86000
unkown
page read and write
42C000
unkown
page read and write
18B3000
unkown
page read and write
7FB10000
direct allocation
page read and write
46D5000
direct allocation
page read and write
1D9D000
heap
page read and write
D84000
unkown
page write copy
138C000
unkown
page read and write
D34000
unkown
page read and write
4A66000
direct allocation
page read and write
49A9000
direct allocation
page read and write
3AF3000
direct allocation
page read and write
6F0E000
direct allocation
page read and write
4223000
heap
page read and write
1DC4000
heap
page read and write
1BBE000
unkown
page read and write
7FDF0000
direct allocation
page read and write
6F10000
trusted library allocation
page read and write
7F9A0000
direct allocation
page read and write
1BB6000
unkown
page read and write
1DD3000
heap
page read and write
1DD7000
heap
page read and write
1DD2000
heap
page read and write
D7F000
unkown
page write copy
1DC8000
heap
page read and write
6E8D000
direct allocation
page read and write
3A7C000
direct allocation
page read and write
1771000
unkown
page read and write
3B1F000
direct allocation
page read and write
3B10000
direct allocation
page read and write
4A04000
direct allocation
page read and write
1DDB000
heap
page read and write
1545000
unkown
page read and write
1DCD000
heap
page read and write
3A86000
direct allocation
page read and write
3ADE000
direct allocation
page read and write
7FE10000
direct allocation
page read and write
49F1000
direct allocation
page read and write
3B4D000
direct allocation
page read and write
8480000
heap
page read and write
177000
stack
page read and write
1D98000
heap
page read and write
46A0000
direct allocation
page read and write
6F10000
trusted library allocation
page read and write
40E9000
direct allocation
page read and write
43F8000
direct allocation
page read and write
49AB000
direct allocation
page read and write
1DD2000
heap
page read and write
1BEB000
unkown
page write copy
3980000
direct allocation
page read and write
4217000
direct allocation
page read and write
1B63000
unkown
page read and write
44D8000
direct allocation
page read and write
1DD7000
heap
page read and write
1DD3000
heap
page read and write
3970000
direct allocation
page read and write
7FDF0000
direct allocation
page read and write
433E000
direct allocation
page read and write
401000
unkown
page write copy
D60000
unkown
page read and write
4166000
direct allocation
page read and write
49AD000
direct allocation
page read and write
4770000
direct allocation
page read and write
6F4C000
stack
page read and write
11D2000
unkown
page read and write
3A5B000
direct allocation
page read and write
3C4C000
direct allocation
page read and write
4A78000
direct allocation
page read and write
4AA8000
direct allocation
page read and write
3AC9000
direct allocation
page read and write
1DC4000
heap
page read and write
1BCC000
unkown
page read and write
7FB70000
direct allocation
page read and write
1D1E000
heap
page read and write
4A91000
direct allocation
page read and write
1D1A000
heap
page read and write
1DE0000
heap
page read and write
1DC2000
heap
page read and write
4220000
heap
page read and write
498D000
direct allocation
page read and write
1DCE000
heap
page read and write
3B02000
direct allocation
page read and write
179A000
unkown
page read and write
3AA7000
direct allocation
page read and write
3B26000
direct allocation
page read and write
1977000
unkown
page read and write
1DCD000
heap
page read and write
1DD2000
heap
page read and write
49E8000
direct allocation
page read and write
4980000
direct allocation
page read and write
7FABE000
direct allocation
page read and write
178D000
unkown
page read and write
6210000
trusted library allocation
page read and write
3A36000
heap
page read and write
1DCE000
heap
page read and write
D71000
unkown
page read and write
3D76000
direct allocation
page read and write
4985000
direct allocation
page read and write
1D8E000
heap
page read and write
1B60000
unkown
page read and write
4A49000
direct allocation
page read and write
3AAD000
direct allocation
page read and write
472A000
direct allocation
page read and write
3B15000
direct allocation
page read and write
1DE4000
heap
page read and write
E9C000
unkown
page read and write
3A40000
direct allocation
page read and write
1DCA000
heap
page read and write
7FBF0000
direct allocation
page read and write
4930000
heap
page read and write
4064000
direct allocation
page read and write
6F10000
trusted library allocation
page read and write
1AFC000
unkown
page read and write
1DA8000
heap
page read and write
464A000
direct allocation
page read and write
498B000
direct allocation
page read and write
1CD5000
heap
page read and write
49F8000
direct allocation
page read and write
1DE0000
heap
page read and write
3980000
direct allocation
page read and write
451B000
direct allocation
page read and write
7FB10000
direct allocation
page read and write
3AFB000
direct allocation
page read and write
7FD70000
direct allocation
page read and write
3A30000
heap
page read and write
4983000
direct allocation
page read and write
D3B000
unkown
page read and write
1B31000
unkown
page read and write
4344000
direct allocation
page read and write
3B13000
direct allocation
page read and write
4AA1000
direct allocation
page read and write
3A3A000
heap
page read and write
1DD6000
heap
page read and write
4274000
direct allocation
page read and write
39E0000
direct allocation
page execute and read and write
6F10000
trusted library allocation
page read and write
D7F000
unkown
page read and write
1DC2000
heap
page read and write
1DC4000
heap
page read and write
475A000
direct allocation
page read and write
3A40000
direct allocation
page read and write
4457000
direct allocation
page read and write
D40000
unkown
page read and write
4A0C000
direct allocation
page read and write
7FE40000
direct allocation
page read and write
D77000
unkown
page read and write
1673000
unkown
page read and write
3AEC000
direct allocation
page read and write
400000
unkown
page readonly
3F30000
direct allocation
page read and write
6F10000
trusted library allocation
page read and write
1DCD000
heap
page read and write
D69000
unkown
page read and write
4762000
direct allocation
page read and write
39C0000
heap
page read and write
4704000
direct allocation
page read and write
94000
stack
page read and write
4316000
direct allocation
page read and write
1DD2000
heap
page read and write
7FBEE000
direct allocation
page read and write
1DCD000
heap
page read and write
1DC4000
heap
page read and write
1DD7000
heap
page read and write
1DC2000
heap
page read and write
7FD40000
direct allocation
page read and write
49A5000
direct allocation
page read and write
1DC2000
heap
page read and write
42CA000
direct allocation
page read and write
7FC30000
direct allocation
page read and write
1DD6000
heap
page read and write
1DCA000
heap
page read and write
3970000
heap
page read and write
D7B000
unkown
page read and write
17A0000
unkown
page read and write
1934000
unkown
page read and write
10A8000
unkown
page read and write
There are 231 hidden memdumps, click here to show them.