Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
eddzD2MA12.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\436117\Mother.pif
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Temp\436117\v
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Appears
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Driver
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Educators
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Generations
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Images
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Ky
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Lol
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Purchased
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Ra
|
ASCII text, with very long lines (1468), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Ra.bat
|
ASCII text, with very long lines (1468), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Young
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\delays.tmp
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
There are 5 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\eddzD2MA12.exe
|
"C:\Users\user\Desktop\eddzD2MA12.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c copy Ra Ra.bat & Ra.bat
|
|
|
|
C:\Windows\SysWOW64\findstr.exe
|
findstr /I "wrsa opssvc"
|
|
|
|
C:\Windows\SysWOW64\findstr.exe
|
findstr -I "avastui avgui bdservicehost nswscsvc sophoshealth"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /c md 436117
|
|
|
|
C:\Windows\SysWOW64\findstr.exe
|
findstr /V "NuclearRemarksReliabilityComputation" Young
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /c copy /b ..\Ky + ..\Appears + ..\Educators + ..\Images + ..\Driver + ..\Generations + ..\Lol v
|
|
|
|
C:\Users\user\AppData\Local\Temp\436117\Mother.pif
|
Mother.pif v
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\tasklist.exe
|
tasklist
|
||
|
C:\Windows\SysWOW64\tasklist.exe
|
tasklist
|
||
|
C:\Windows\SysWOW64\choice.exe
|
choice /d y /t 5
|
There are 2 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.autoitscript.com/autoit3/J
|
unknown
|
||
|
https://t.me/
|
unknown
|
||
|
https://t.me/gos90tD
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
https://t.me/gos90t213
|
unknown
|
||
|
https://steamcommunity.com/profiles/76561199800374635do88eqMozilla/5.0
|
unknown
|
||
|
https://www.autoitscript.com/autoit3/
|
unknown
|
||
|
https://steamcommunity.com/profiles/76561199800374635
|
|||
|
https://t.me/gos90tdo88eqsqlo.dllMozilla/5.0
|
unknown
|
||
|
https://t.me/r
|
unknown
|
||
|
https://t.me/1
|
unknown
|
||
|
https://t.me/gos90t
|
There are 2 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
t.me
|
149.154.167.99
|
||
|
EMlHLrRfRkqrlGndWg.EMlHLrRfRkqrlGndWg
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
149.154.167.99
|
t.me
|
United Kingdom
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1330000
|
trusted library allocation
|
page read and write
|
|
|
|
12A0000
|
trusted library allocation
|
page read and write
|
|
|
|
13A1000
|
trusted library allocation
|
page read and write
|
|
|
|
4221000
|
direct allocation
|
page execute and read and write
|
|
|
|
13A0000
|
trusted library allocation
|
page read and write
|
|
|
|
11F1000
|
heap
|
page read and write
|
|
|
|
1329000
|
trusted library allocation
|
page read and write
|
|
|
|
1210000
|
heap
|
page read and write
|
|
|
|
12E5000
|
trusted library allocation
|
page read and write
|
|
|
|
1271000
|
heap
|
page read and write
|
|
|
|
132F000
|
trusted library allocation
|
page read and write
|
|
|
|
2FDE000
|
trusted library allocation
|
page read and write
|
|
|
|
71E000
|
stack
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
125D000
|
heap
|
page read and write
|
||
|
15A6000
|
trusted library allocation
|
page read and write
|
||
|
77E000
|
heap
|
page read and write
|
||
|
1287000
|
heap
|
page read and write
|
||
|
229000
|
unkown
|
page readonly
|
||
|
3731000
|
heap
|
page read and write
|
||
|
12A1000
|
trusted library allocation
|
page read and write
|
||
|
76D000
|
heap
|
page read and write
|
||
|
15A6000
|
trusted library allocation
|
page read and write
|
||
|
2CE0000
|
heap
|
page read and write
|
||
|
2F09000
|
trusted library allocation
|
page read and write
|
||
|
787000
|
heap
|
page read and write
|
||
|
216000
|
unkown
|
page readonly
|
||
|
787000
|
heap
|
page read and write
|
||
|
77E000
|
heap
|
page read and write
|
||
|
29A0000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
4C7E000
|
stack
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
75D000
|
heap
|
page read and write
|
||
|
77E000
|
heap
|
page read and write
|
||
|
24D0000
|
heap
|
page read and write
|
||
|
48DE000
|
stack
|
page read and write
|
||
|
15A5000
|
trusted library allocation
|
page read and write
|
||
|
2F04000
|
trusted library allocation
|
page read and write
|
||
|
784000
|
heap
|
page read and write
|
||
|
15A6000
|
trusted library allocation
|
page read and write
|
||
|
2F09000
|
trusted library allocation
|
page read and write
|
||
|
2F07000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
2F09000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
15A4000
|
trusted library allocation
|
page read and write
|
||
|
24AE000
|
stack
|
page read and write
|
||
|
15AF000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
778000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
15AD000
|
trusted library allocation
|
page read and write
|
||
|
15A3000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
12A1000
|
trusted library allocation
|
page read and write
|
||
|
769000
|
heap
|
page read and write
|
||
|
ED4000
|
heap
|
page read and write
|
||
|
769000
|
heap
|
page read and write
|
||
|
76D000
|
heap
|
page read and write
|
||
|
15A6000
|
trusted library allocation
|
page read and write
|
||
|
778000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
2F05000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
220000
|
unkown
|
page write copy
|
||
|
1210000
|
heap
|
page read and write
|
||
|
3230000
|
heap
|
page read and write
|
||
|
26D4000
|
heap
|
page read and write
|
||
|
52C000
|
stack
|
page read and write
|
||
|
4920000
|
heap
|
page read and write
|
||
|
8FF000
|
stack
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
2F0A000
|
trusted library allocation
|
page read and write
|
||
|
771000
|
heap
|
page read and write
|
||
|
12A1000
|
trusted library allocation
|
page read and write
|
||
|
12A1000
|
trusted library allocation
|
page read and write
|
||
|
2F03000
|
trusted library allocation
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
1287000
|
heap
|
page read and write
|
||
|
75D000
|
heap
|
page read and write
|
||
|
15AC000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
778000
|
heap
|
page read and write
|
||
|
12A1000
|
trusted library allocation
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
2EF4000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
12FB000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
2AFC000
|
heap
|
page read and write
|
||
|
4940000
|
heap
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
12A1000
|
trusted library allocation
|
page read and write
|
||
|
126A000
|
heap
|
page read and write
|
||
|
D0E000
|
stack
|
page read and write
|
||
|
15AF000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
77E000
|
heap
|
page read and write
|
||
|
2F05000
|
trusted library allocation
|
page read and write
|
||
|
DCE000
|
stack
|
page read and write
|
||
|
2A24000
|
heap
|
page read and write
|
||
|
373C000
|
stack
|
page read and write
|
||
|
76D000
|
heap
|
page read and write
|
||
|
15AD000
|
trusted library allocation
|
page read and write
|
||
|
2A48000
|
heap
|
page read and write
|
||
|
2B07000
|
heap
|
page read and write
|
||
|
769000
|
heap
|
page read and write
|
||
|
1408000
|
trusted library allocation
|
page read and write
|
||
|
2F00000
|
trusted library allocation
|
page read and write
|
||
|
220000
|
unkown
|
page read and write
|
||
|
29D0000
|
heap
|
page read and write
|
||
|
224000
|
unkown
|
page write copy
|
||
|
BFC000
|
stack
|
page read and write
|
||
|
771000
|
heap
|
page read and write
|
||
|
15A6000
|
trusted library allocation
|
page read and write
|
||
|
2F01000
|
trusted library allocation
|
page read and write
|
||
|
2B0D000
|
heap
|
page read and write
|
||
|
2A1F000
|
stack
|
page read and write
|
||
|
75D000
|
heap
|
page read and write
|
||
|
76D000
|
heap
|
page read and write
|
||
|
12A1000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
15A3000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
78C000
|
heap
|
page read and write
|
||
|
1287000
|
heap
|
page read and write
|
||
|
2A24000
|
heap
|
page read and write
|
||
|
243D000
|
stack
|
page read and write
|
||
|
BD2000
|
stack
|
page read and write
|
||
|
15A9000
|
trusted library allocation
|
page read and write
|
||
|
2AC0000
|
heap
|
page read and write
|
||
|
13E5000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
34FE000
|
stack
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
2F01000
|
trusted library allocation
|
page read and write
|
||
|
75D000
|
heap
|
page read and write
|
||
|
75D000
|
heap
|
page read and write
|
||
|
15A5000
|
trusted library allocation
|
page read and write
|
||
|
675000
|
heap
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
2A2B000
|
heap
|
page read and write
|
||
|
13F9000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
4A70000
|
heap
|
page read and write
|
||
|
769000
|
heap
|
page read and write
|
||
|
160000
|
unkown
|
page readonly
|
||
|
2AEB000
|
heap
|
page read and write
|
||
|
2E50000
|
trusted library allocation
|
page read and write
|
||
|
2EF0000
|
heap
|
page read and write
|
||
|
2F08000
|
trusted library allocation
|
page read and write
|
||
|
A1F000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
161000
|
unkown
|
page execute read
|
||
|
778000
|
heap
|
page read and write
|
||
|
507F000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
98000
|
stack
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
72A000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
2A23000
|
heap
|
page read and write
|
||
|
12E5000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
2F0C000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
2AEB000
|
heap
|
page read and write
|
||
|
2ADD000
|
heap
|
page read and write
|
||
|
769000
|
heap
|
page read and write
|
||
|
769000
|
heap
|
page read and write
|
||
|
771000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
2920000
|
heap
|
page read and write
|
||
|
2F07000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
2A3A000
|
heap
|
page read and write
|
||
|
2335000
|
heap
|
page read and write
|
||
|
6EE000
|
stack
|
page read and write
|
||
|
15A3000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
2A2A000
|
heap
|
page read and write
|
||
|
2EBE000
|
stack
|
page read and write
|
||
|
29EF000
|
stack
|
page read and write
|
||
|
2A4E000
|
heap
|
page read and write
|
||
|
4A0F000
|
stack
|
page read and write
|
||
|
421C000
|
stack
|
page read and write
|
||
|
26D0000
|
heap
|
page read and write
|
||
|
2A24000
|
heap
|
page read and write
|
||
|
2A3A000
|
heap
|
page read and write
|
||
|
498F000
|
stack
|
page read and write
|
||
|
481F000
|
stack
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
2A23000
|
heap
|
page read and write
|
||
|
12A1000
|
trusted library allocation
|
page read and write
|
||
|
2F00000
|
trusted library allocation
|
page read and write
|
||
|
76D000
|
heap
|
page read and write
|
||
|
78C000
|
heap
|
page read and write
|
||
|
F4A000
|
heap
|
page read and write
|
||
|
15AD000
|
trusted library allocation
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3230000
|
remote allocation
|
page read and write
|
||
|
771000
|
heap
|
page read and write
|
||
|
2F0A000
|
trusted library allocation
|
page read and write
|
||
|
22FC000
|
stack
|
page read and write
|
||
|
769000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
10CA000
|
heap
|
page read and write
|
||
|
BDD000
|
stack
|
page read and write
|
||
|
2F0B000
|
trusted library allocation
|
page read and write
|
||
|
1086000
|
heap
|
page read and write
|
||
|
4461000
|
direct allocation
|
page execute and read and write
|
||
|
76D000
|
heap
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
2F0E000
|
trusted library allocation
|
page read and write
|
||
|
2C0E000
|
stack
|
page read and write
|
||
|
787000
|
heap
|
page read and write
|
||
|
2AE3000
|
heap
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
2C4E000
|
stack
|
page read and write
|
||
|
771000
|
heap
|
page read and write
|
||
|
787000
|
heap
|
page read and write
|
||
|
769000
|
heap
|
page read and write
|
||
|
15A4000
|
trusted library allocation
|
page read and write
|
||
|
2AA0000
|
heap
|
page read and write
|
||
|
10F4000
|
heap
|
page read and write
|
||
|
75D000
|
heap
|
page read and write
|
||
|
15AE000
|
trusted library allocation
|
page read and write
|
||
|
12A1000
|
trusted library allocation
|
page read and write
|
||
|
2F02000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
547E000
|
stack
|
page read and write
|
||
|
15A9000
|
trusted library allocation
|
page read and write
|
||
|
15A5000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
77E000
|
heap
|
page read and write
|
||
|
2AA7000
|
heap
|
page read and write
|
||
|
1035000
|
heap
|
page read and write
|
||
|
15A0000
|
trusted library allocation
|
page read and write
|
||
|
587F000
|
stack
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
77E000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
161E000
|
stack
|
page read and write
|
||
|
F5F000
|
heap
|
page read and write
|
||
|
2CDF000
|
stack
|
page read and write
|
||
|
22BE000
|
stack
|
page read and write
|
||
|
6BE000
|
stack
|
page read and write
|
||
|
40B000
|
unkown
|
page write copy
|
||
|
15A0000
|
trusted library allocation
|
page read and write
|
||
|
2A4E000
|
heap
|
page read and write
|
||
|
3750000
|
heap
|
page read and write
|
||
|
4A40000
|
heap
|
page read and write
|
||
|
2F05000
|
trusted library allocation
|
page read and write
|
||
|
2E50000
|
trusted library allocation
|
page read and write
|
||
|
91F000
|
stack
|
page read and write
|
||
|
15A6000
|
trusted library allocation
|
page read and write
|
||
|
40B000
|
unkown
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
771000
|
heap
|
page read and write
|
||
|
7A2000
|
heap
|
page read and write
|
||
|
2F08000
|
trusted library allocation
|
page read and write
|
||
|
1287000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
2A4E000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
76D000
|
heap
|
page read and write
|
||
|
5BA000
|
stack
|
page read and write
|
||
|
63E000
|
stack
|
page read and write
|
||
|
3730000
|
heap
|
page read and write
|
||
|
2A20000
|
heap
|
page read and write
|
||
|
76D000
|
heap
|
page read and write
|
||
|
2F08000
|
trusted library allocation
|
page read and write
|
||
|
2F02000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
2F05000
|
trusted library allocation
|
page read and write
|
||
|
2A3E000
|
heap
|
page read and write
|
||
|
7A2000
|
heap
|
page read and write
|
||
|
2E50000
|
trusted library allocation
|
page read and write
|
||
|
76D000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
1282000
|
heap
|
page read and write
|
||
|
2F0D000
|
trusted library allocation
|
page read and write
|
||
|
15A3000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
778000
|
heap
|
page read and write
|
||
|
485E000
|
stack
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
2AEC000
|
heap
|
page read and write
|
||
|
29BE000
|
stack
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
769000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
790000
|
heap
|
page read and write
|
||
|
2330000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
2CE7000
|
heap
|
page read and write
|
||
|
2B0D000
|
heap
|
page read and write
|
||
|
3309000
|
heap
|
page read and write
|
||
|
3E1C000
|
stack
|
page read and write
|
||
|
2F07000
|
trusted library allocation
|
page read and write
|
||
|
2A6E000
|
stack
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
31FE000
|
stack
|
page read and write
|
||
|
2A27000
|
heap
|
page read and write
|
||
|
1287000
|
heap
|
page read and write
|
||
|
75D000
|
heap
|
page read and write
|
||
|
1254000
|
heap
|
page read and write
|
||
|
2AF9000
|
heap
|
page read and write
|
||
|
769000
|
heap
|
page read and write
|
||
|
76D000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
75D000
|
heap
|
page read and write
|
||
|
2AF9000
|
heap
|
page read and write
|
||
|
41F000
|
unkown
|
page read and write
|
||
|
77E000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
2A23000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
4F4000
|
unkown
|
page readonly
|
||
|
461000
|
unkown
|
page read and write
|
||
|
15A6000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
10AA000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
2B08000
|
heap
|
page read and write
|
||
|
769000
|
heap
|
page read and write
|
||
|
2F0F000
|
trusted library allocation
|
page read and write
|
||
|
13A1000
|
trusted library allocation
|
page read and write
|
||
|
15A7000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
2F07000
|
trusted library allocation
|
page read and write
|
||
|
771000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
19A000
|
stack
|
page read and write
|
||
|
771000
|
heap
|
page read and write
|
||
|
BBE000
|
stack
|
page read and write
|
||
|
2A3F000
|
heap
|
page read and write
|
||
|
787000
|
heap
|
page read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
787000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
2F0B000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
15A8000
|
trusted library allocation
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
DE6000
|
heap
|
page read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
EA8000
|
heap
|
page read and write
|
||
|
2A00000
|
heap
|
page read and write
|
||
|
49CE000
|
stack
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
1F0000
|
unkown
|
page readonly
|
||
|
76D000
|
heap
|
page read and write
|
||
|
161000
|
unkown
|
page execute read
|
||
|
6F8000
|
heap
|
page read and write
|
||
|
778000
|
heap
|
page read and write
|
||
|
771000
|
heap
|
page read and write
|
||
|
771000
|
heap
|
page read and write
|
||
|
15A6000
|
trusted library allocation
|
page read and write
|
||
|
13EC000
|
trusted library allocation
|
page read and write
|
||
|
2F06000
|
trusted library allocation
|
page read and write
|
||
|
494E000
|
stack
|
page read and write
|
||
|
2F0B000
|
trusted library allocation
|
page read and write
|
||
|
12A1000
|
trusted library allocation
|
page read and write
|
||
|
2F00000
|
trusted library allocation
|
page read and write
|
||
|
771000
|
heap
|
page read and write
|
||
|
15AD000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
4220000
|
direct allocation
|
page read and write
|
||
|
2F0A000
|
trusted library allocation
|
page read and write
|
||
|
2A49000
|
heap
|
page read and write
|
||
|
12FB000
|
trusted library allocation
|
page read and write
|
||
|
2A21000
|
heap
|
page read and write
|
||
|
101B000
|
heap
|
page read and write
|
||
|
77E000
|
heap
|
page read and write
|
||
|
771000
|
heap
|
page read and write
|
||
|
2A2D000
|
heap
|
page read and write
|
||
|
2F03000
|
trusted library allocation
|
page read and write
|
||
|
12A1000
|
trusted library allocation
|
page read and write
|
||
|
4473000
|
direct allocation
|
page execute and read and write
|
||
|
15A4000
|
trusted library allocation
|
page read and write
|
||
|
2F05000
|
trusted library allocation
|
page read and write
|
||
|
77E000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
289C000
|
stack
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
29A6000
|
heap
|
page read and write
|
||
|
491F000
|
stack
|
page read and write
|
||
|
2F0C000
|
trusted library allocation
|
page read and write
|
||
|
4F4000
|
unkown
|
page readonly
|
||
|
3731000
|
heap
|
page read and write
|
||
|
2B0D000
|
heap
|
page read and write
|
||
|
15A4000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
15AA000
|
trusted library allocation
|
page read and write
|
||
|
15AA000
|
trusted library allocation
|
page read and write
|
||
|
216000
|
unkown
|
page readonly
|
||
|
3731000
|
heap
|
page read and write
|
||
|
778000
|
heap
|
page read and write
|
||
|
15DE000
|
stack
|
page read and write
|
||
|
363C000
|
stack
|
page read and write
|
||
|
2F0C000
|
trusted library allocation
|
page read and write
|
||
|
2B0F000
|
heap
|
page read and write
|
||
|
15A5000
|
trusted library allocation
|
page read and write
|
||
|
75A000
|
heap
|
page read and write
|
||
|
1F0000
|
unkown
|
page readonly
|
||
|
77E000
|
heap
|
page read and write
|
||
|
15A6000
|
trusted library allocation
|
page read and write
|
||
|
75D000
|
heap
|
page read and write
|
||
|
2A23000
|
heap
|
page read and write
|
||
|
1344000
|
trusted library allocation
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
15A6000
|
trusted library allocation
|
page read and write
|
||
|
29D6000
|
heap
|
page read and write
|
||
|
D4F000
|
stack
|
page read and write
|
||
|
12A1000
|
trusted library allocation
|
page read and write
|
||
|
D20000
|
trusted library allocation
|
page read and write
|
||
|
2F07000
|
trusted library allocation
|
page read and write
|
||
|
2F09000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
72E000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
2F09000
|
trusted library allocation
|
page read and write
|
||
|
83E000
|
stack
|
page read and write
|
||
|
2B0D000
|
heap
|
page read and write
|
||
|
2F05000
|
trusted library allocation
|
page read and write
|
||
|
D00000
|
direct allocation
|
page execute and read and write
|
||
|
778000
|
heap
|
page read and write
|
||
|
11A4000
|
heap
|
page read and write
|
||
|
165E000
|
stack
|
page read and write
|
||
|
56C000
|
stack
|
page read and write
|
||
|
778000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
12A1000
|
trusted library allocation
|
page read and write
|
||
|
2F0A000
|
trusted library allocation
|
page read and write
|
||
|
15A1000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
2A29000
|
heap
|
page read and write
|
||
|
1287000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
2A4F000
|
heap
|
page read and write
|
||
|
76D000
|
heap
|
page read and write
|
||
|
15A2000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
778000
|
heap
|
page read and write
|
||
|
25DF000
|
stack
|
page read and write
|
||
|
15A1000
|
trusted library allocation
|
page read and write
|
||
|
2F0B000
|
trusted library allocation
|
page read and write
|
||
|
2F08000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
15AA000
|
trusted library allocation
|
page read and write
|
||
|
2AFD000
|
heap
|
page read and write
|
||
|
2C9E000
|
stack
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
15A6000
|
trusted library allocation
|
page read and write
|
||
|
2ADF000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
296E000
|
stack
|
page read and write
|
||
|
1328000
|
trusted library allocation
|
page read and write
|
||
|
13A1000
|
trusted library allocation
|
page read and write
|
||
|
15A7000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
2970000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
EC3000
|
heap
|
page read and write
|
||
|
3230000
|
remote allocation
|
page read and write
|
||
|
489F000
|
stack
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
12A1000
|
trusted library allocation
|
page read and write
|
||
|
2F0B000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
160000
|
unkown
|
page readonly
|
||
|
3740000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
76A000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
15A2000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
63C000
|
stack
|
page read and write
|
||
|
2AF9000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
2F09000
|
trusted library allocation
|
page read and write
|
||
|
2A3A000
|
heap
|
page read and write
|
||
|
28DC000
|
stack
|
page read and write
|
||
|
77E000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
3CC000
|
stack
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
15A1000
|
trusted library allocation
|
page read and write
|
||
|
15A4000
|
trusted library allocation
|
page read and write
|
||
|
1114000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
15A9000
|
trusted library allocation
|
page read and write
|
||
|
110F000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
296F000
|
stack
|
page read and write
|
||
|
2A4E000
|
heap
|
page read and write
|
||
|
35FF000
|
stack
|
page read and write
|
||
|
3DDF000
|
stack
|
page read and write
|
||
|
12A1000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
77E000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
75D000
|
heap
|
page read and write
|
||
|
487F000
|
stack
|
page read and write
|
||
|
2AC8000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
||
|
2E50000
|
heap
|
page read and write
|
||
|
12CE000
|
trusted library allocation
|
page read and write
|
||
|
BCE000
|
stack
|
page read and write
|
||
|
2F05000
|
trusted library allocation
|
page read and write
|
||
|
229000
|
unkown
|
page readonly
|
||
|
3230000
|
remote allocation
|
page read and write
|
||
|
123D000
|
heap
|
page read and write
|
||
|
3731000
|
heap
|
page read and write
|
There are 542 hidden memdumps, click here to show them.