Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Kyuo21uNlG.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\tmp1DFD.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 11, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 11
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp3E61.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 11, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 11
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp4338.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 11, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 11
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp44D3.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 11, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 11
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp5350.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 11, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 11
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp6B02.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 11, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 11
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp797A.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 11, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 11
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp919.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 11, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 11
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpC141.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 11, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 11
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpE99F.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 11, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 11
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpEA59.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 11, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 11
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpEAB.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 11, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 11
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpF4BA.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 11, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 11
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Kyuo21uNlG.exe
|
"C:\Users\user\Desktop\Kyuo21uNlG.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://45.141.84.168:9000/wbinjget?q=8587D7BC4236146899B093C1B42EFE08
|
45.141.84.168
|
|
|
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://45.141.84.168:9000
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtabS
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
https://pastebin.com/raw/cLika3dt
|
unknown
|
There are 4 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
45.141.84.168
|
unknown
|
Russian Federation
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Kyuo21uNlG_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Kyuo21uNlG_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Kyuo21uNlG_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Kyuo21uNlG_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Kyuo21uNlG_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Kyuo21uNlG_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Kyuo21uNlG_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Kyuo21uNlG_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Kyuo21uNlG_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Kyuo21uNlG_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Kyuo21uNlG_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Kyuo21uNlG_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Kyuo21uNlG_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Kyuo21uNlG_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
422000
|
unkown
|
page readonly
|
|
|
|
5D1F000
|
trusted library allocation
|
page read and write
|
||
|
28EE000
|
trusted library allocation
|
page read and write
|
||
|
6BAE000
|
stack
|
page read and write
|
||
|
B5B000
|
trusted library allocation
|
page read and write
|
||
|
4DE4000
|
trusted library allocation
|
page read and write
|
||
|
2BB8000
|
trusted library allocation
|
page read and write
|
||
|
2A7F000
|
trusted library allocation
|
page read and write
|
||
|
2C8F000
|
trusted library allocation
|
page read and write
|
||
|
7A70000
|
trusted library allocation
|
page read and write
|
||
|
DB0000
|
trusted library allocation
|
page read and write
|
||
|
2A06000
|
trusted library allocation
|
page read and write
|
||
|
6F4C000
|
stack
|
page read and write
|
||
|
3A5C000
|
trusted library allocation
|
page read and write
|
||
|
708D000
|
stack
|
page read and write
|
||
|
2ADB000
|
trusted library allocation
|
page read and write
|
||
|
5DDA000
|
heap
|
page read and write
|
||
|
2D7C000
|
trusted library allocation
|
page read and write
|
||
|
ADB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A6A000
|
trusted library allocation
|
page read and write
|
||
|
2933000
|
trusted library allocation
|
page read and write
|
||
|
29DA000
|
trusted library allocation
|
page read and write
|
||
|
29C0000
|
trusted library allocation
|
page read and write
|
||
|
4CDE000
|
trusted library allocation
|
page read and write
|
||
|
7190000
|
heap
|
page read and write
|
||
|
D5E000
|
unkown
|
page read and write
|
||
|
3912000
|
trusted library allocation
|
page read and write
|
||
|
57B000
|
stack
|
page read and write
|
||
|
2A4A000
|
trusted library allocation
|
page read and write
|
||
|
6CAD000
|
stack
|
page read and write
|
||
|
7430000
|
trusted library allocation
|
page read and write
|
||
|
4CEA000
|
trusted library allocation
|
page read and write
|
||
|
2B2D000
|
trusted library allocation
|
page read and write
|
||
|
2B6A000
|
trusted library allocation
|
page read and write
|
||
|
675E000
|
stack
|
page read and write
|
||
|
2D41000
|
trusted library allocation
|
page read and write
|
||
|
AA3000
|
trusted library allocation
|
page execute and read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
47F9000
|
trusted library allocation
|
page read and write
|
||
|
5D25000
|
trusted library allocation
|
page read and write
|
||
|
2C95000
|
trusted library allocation
|
page read and write
|
||
|
2A63000
|
trusted library allocation
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
BA3000
|
heap
|
page read and write
|
||
|
B50000
|
trusted library allocation
|
page read and write
|
||
|
A90000
|
trusted library allocation
|
page read and write
|
||
|
2D8F000
|
trusted library allocation
|
page read and write
|
||
|
4CF1000
|
trusted library allocation
|
page read and write
|
||
|
2A35000
|
trusted library allocation
|
page read and write
|
||
|
6F50000
|
heap
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
2997000
|
trusted library allocation
|
page read and write
|
||
|
4DF0000
|
trusted library allocation
|
page read and write
|
||
|
5DF5000
|
heap
|
page read and write
|
||
|
2897000
|
trusted library allocation
|
page read and write
|
||
|
CDE000
|
stack
|
page read and write
|
||
|
C9F000
|
stack
|
page read and write
|
||
|
2976000
|
trusted library allocation
|
page read and write
|
||
|
2AA3000
|
trusted library allocation
|
page read and write
|
||
|
718D000
|
stack
|
page read and write
|
||
|
4D23000
|
trusted library allocation
|
page read and write
|
||
|
2D9D000
|
trusted library allocation
|
page read and write
|
||
|
6DE9000
|
stack
|
page read and write
|
||
|
DA0000
|
trusted library allocation
|
page read and write
|
||
|
5DA4000
|
heap
|
page read and write
|
||
|
5440000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D3B000
|
trusted library allocation
|
page read and write
|
||
|
AC6000
|
trusted library allocation
|
page execute and read and write
|
||
|
BA7000
|
heap
|
page read and write
|
||
|
2D16000
|
trusted library allocation
|
page read and write
|
||
|
2B83000
|
trusted library allocation
|
page read and write
|
||
|
5D05000
|
trusted library allocation
|
page read and write
|
||
|
7EEB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4DC0000
|
heap
|
page execute and read and write
|
||
|
29FB000
|
trusted library allocation
|
page read and write
|
||
|
AD5000
|
trusted library allocation
|
page execute and read and write
|
||
|
AAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D40000
|
trusted library allocation
|
page read and write
|
||
|
E30000
|
trusted library allocation
|
page read and write
|
||
|
D9E000
|
stack
|
page read and write
|
||
|
BEA000
|
heap
|
page read and write
|
||
|
685F000
|
stack
|
page read and write
|
||
|
28F0000
|
trusted library allocation
|
page read and write
|
||
|
6A20000
|
trusted library allocation
|
page execute and read and write
|
||
|
C02000
|
heap
|
page read and write
|
||
|
2BF1000
|
trusted library allocation
|
page read and write
|
||
|
28B6000
|
trusted library allocation
|
page read and write
|
||
|
29CC000
|
trusted library allocation
|
page read and write
|
||
|
2A98000
|
trusted library allocation
|
page read and write
|
||
|
28A4000
|
trusted library allocation
|
page read and write
|
||
|
4CF6000
|
trusted library allocation
|
page read and write
|
||
|
2C54000
|
trusted library allocation
|
page read and write
|
||
|
2A8A000
|
trusted library allocation
|
page read and write
|
||
|
28C5000
|
trusted library allocation
|
page read and write
|
||
|
2A58000
|
trusted library allocation
|
page read and write
|
||
|
4D53000
|
heap
|
page read and write
|
||
|
8F8000
|
stack
|
page read and write
|
||
|
2A75000
|
trusted library allocation
|
page read and write
|
||
|
2D76000
|
trusted library allocation
|
page read and write
|
||
|
28D9000
|
trusted library allocation
|
page read and write
|
||
|
2D79000
|
trusted library allocation
|
page read and write
|
||
|
5D92000
|
heap
|
page read and write
|
||
|
AA0000
|
trusted library allocation
|
page read and write
|
||
|
B6E000
|
heap
|
page read and write
|
||
|
6B2E000
|
stack
|
page read and write
|
||
|
72ED000
|
stack
|
page read and write
|
||
|
5EE0000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
trusted library allocation
|
page read and write
|
||
|
2CC6000
|
trusted library allocation
|
page read and write
|
||
|
2CE1000
|
trusted library allocation
|
page read and write
|
||
|
2B62000
|
trusted library allocation
|
page read and write
|
||
|
501E000
|
stack
|
page read and write
|
||
|
4FDF000
|
stack
|
page read and write
|
||
|
2C5A000
|
trusted library allocation
|
page read and write
|
||
|
29D2000
|
trusted library allocation
|
page read and write
|
||
|
2916000
|
trusted library allocation
|
page read and write
|
||
|
2D21000
|
trusted library allocation
|
page read and write
|
||
|
2892000
|
trusted library allocation
|
page read and write
|
||
|
2AAA000
|
trusted library allocation
|
page read and write
|
||
|
2D6A000
|
trusted library allocation
|
page read and write
|
||
|
2CBC000
|
trusted library allocation
|
page read and write
|
||
|
2D6C000
|
trusted library allocation
|
page read and write
|
||
|
2B3F000
|
trusted library allocation
|
page read and write
|
||
|
5062000
|
trusted library allocation
|
page read and write
|
||
|
2C1D000
|
trusted library allocation
|
page read and write
|
||
|
4D20000
|
trusted library allocation
|
page read and write
|
||
|
27EE000
|
stack
|
page read and write
|
||
|
93D000
|
stack
|
page read and write
|
||
|
2BC2000
|
trusted library allocation
|
page read and write
|
||
|
7590000
|
heap
|
page read and write
|
||
|
5D50000
|
heap
|
page read and write
|
||
|
6A00000
|
trusted library allocation
|
page read and write
|
||
|
420000
|
unkown
|
page readonly
|
||
|
6110000
|
trusted library allocation
|
page read and write
|
||
|
6CEA000
|
stack
|
page read and write
|
||
|
5F4E000
|
stack
|
page read and write
|
||
|
4DFB000
|
trusted library allocation
|
page read and write
|
||
|
AD7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2909000
|
trusted library allocation
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
B68000
|
heap
|
page read and write
|
||
|
5EC1000
|
trusted library allocation
|
page read and write
|
||
|
B00000
|
trusted library allocation
|
page execute and read and write
|
||
|
5D00000
|
trusted library allocation
|
page read and write
|
||
|
7AE0000
|
heap
|
page read and write
|
||
|
5EA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D30000
|
trusted library allocation
|
page read and write
|
||
|
E28000
|
trusted library allocation
|
page read and write
|
||
|
4D45000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
trusted library allocation
|
page read and write
|
||
|
296C000
|
trusted library allocation
|
page read and write
|
||
|
E1C000
|
stack
|
page read and write
|
||
|
28D3000
|
trusted library allocation
|
page read and write
|
||
|
2B5F000
|
trusted library allocation
|
page read and write
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
2919000
|
trusted library allocation
|
page read and write
|
||
|
AF0000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6870000
|
trusted library allocation
|
page execute and read and write
|
||
|
5E50000
|
trusted library allocation
|
page read and write
|
||
|
2CC9000
|
trusted library allocation
|
page read and write
|
||
|
E47000
|
heap
|
page read and write
|
||
|
5D2F000
|
trusted library allocation
|
page read and write
|
||
|
ACA000
|
trusted library allocation
|
page execute and read and write
|
||
|
37F1000
|
trusted library allocation
|
page read and write
|
||
|
4F00000
|
trusted library allocation
|
page read and write
|
||
|
2D07000
|
trusted library allocation
|
page read and write
|
||
|
4D50000
|
heap
|
page read and write
|
||
|
B47000
|
heap
|
page read and write
|
||
|
71A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
69C0000
|
trusted library section
|
page read and write
|
||
|
5ED0000
|
trusted library allocation
|
page execute and read and write
|
||
|
69F0000
|
trusted library allocation
|
page read and write
|
||
|
AB0000
|
trusted library allocation
|
page read and write
|
||
|
5EB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
29CF000
|
trusted library allocation
|
page read and write
|
||
|
795D000
|
stack
|
page read and write
|
||
|
68BB000
|
stack
|
page read and write
|
||
|
28DE000
|
trusted library allocation
|
page read and write
|
||
|
5D09000
|
trusted library allocation
|
page read and write
|
||
|
2BC8000
|
trusted library allocation
|
page read and write
|
||
|
5D54000
|
heap
|
page read and write
|
||
|
2BB6000
|
trusted library allocation
|
page read and write
|
||
|
28A2000
|
trusted library allocation
|
page read and write
|
||
|
5F00000
|
trusted library allocation
|
page execute and read and write
|
||
|
5AFE000
|
stack
|
page read and write
|
||
|
AC0000
|
trusted library allocation
|
page read and write
|
||
|
AA4000
|
trusted library allocation
|
page read and write
|
||
|
2BE9000
|
trusted library allocation
|
page read and write
|
||
|
9A5000
|
heap
|
page read and write
|
||
|
D1E000
|
stack
|
page read and write
|
||
|
2CDB000
|
trusted library allocation
|
page read and write
|
||
|
60FE000
|
stack
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
5DED000
|
heap
|
page read and write
|
||
|
AD0000
|
trusted library allocation
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
2BC5000
|
trusted library allocation
|
page read and write
|
||
|
2D13000
|
trusted library allocation
|
page read and write
|
||
|
2941000
|
trusted library allocation
|
page read and write
|
||
|
B10000
|
heap
|
page execute and read and write
|
||
|
28A0000
|
trusted library allocation
|
page read and write
|
||
|
2A3F000
|
trusted library allocation
|
page read and write
|
||
|
97E000
|
stack
|
page read and write
|
||
|
5E18000
|
heap
|
page read and write
|
||
|
ABD000
|
trusted library allocation
|
page execute and read and write
|
||
|
505E000
|
stack
|
page read and write
|
||
|
38F5000
|
trusted library allocation
|
page read and write
|
||
|
29F3000
|
trusted library allocation
|
page read and write
|
||
|
2BDB000
|
trusted library allocation
|
page read and write
|
||
|
F4E000
|
stack
|
page read and write
|
||
|
5FB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4DE0000
|
trusted library allocation
|
page read and write
|
||
|
2C8A000
|
trusted library allocation
|
page read and write
|
||
|
4CEE000
|
trusted library allocation
|
page read and write
|
||
|
27F1000
|
trusted library allocation
|
page read and write
|
||
|
4CFD000
|
trusted library allocation
|
page read and write
|
||
|
AD2000
|
trusted library allocation
|
page read and write
|
||
|
5D2A000
|
trusted library allocation
|
page read and write
|
||
|
5E60000
|
trusted library allocation
|
page read and write
|
||
|
71ED000
|
stack
|
page read and write
|
||
|
537B000
|
stack
|
page read and write
|
||
|
6E4D000
|
stack
|
page read and write
|
||
|
7CEE000
|
stack
|
page read and write
|
||
|
4D26000
|
trusted library allocation
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
757E000
|
stack
|
page read and write
|
||
|
5E22000
|
heap
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
2B5C000
|
trusted library allocation
|
page read and write
|
||
|
B87000
|
heap
|
page read and write
|
||
|
38FE000
|
trusted library allocation
|
page read and write
|
||
|
4DBD000
|
stack
|
page read and write
|
||
|
2968000
|
trusted library allocation
|
page read and write
|
||
|
2B75000
|
trusted library allocation
|
page read and write
|
||
|
29C2000
|
trusted library allocation
|
page read and write
|
||
|
747E000
|
stack
|
page read and write
|
||
|
295D000
|
trusted library allocation
|
page read and write
|
||
|
6A10000
|
heap
|
page read and write
|
||
|
785E000
|
stack
|
page read and write
|
||
|
2B0A000
|
trusted library allocation
|
page read and write
|
||
|
2D3A000
|
trusted library allocation
|
page read and write
|
||
|
2924000
|
trusted library allocation
|
page read and write
|
||
|
5E70000
|
trusted library allocation
|
page read and write
|
||
|
498E000
|
stack
|
page read and write
|
||
|
29E5000
|
trusted library allocation
|
page read and write
|
||
|
4CDB000
|
trusted library allocation
|
page read and write
|
||
|
2990000
|
trusted library allocation
|
page read and write
|
||
|
60BE000
|
stack
|
page read and write
|
||
|
2D19000
|
trusted library allocation
|
page read and write
|
||
|
4CD6000
|
trusted library allocation
|
page read and write
|
||
|
5E08000
|
heap
|
page read and write
|
||
|
5D18000
|
trusted library allocation
|
page read and write
|
||
|
296E000
|
trusted library allocation
|
page read and write
|
||
|
390F000
|
trusted library allocation
|
page read and write
|
||
|
5060000
|
trusted library allocation
|
page read and write
|
||
|
2D84000
|
trusted library allocation
|
page read and write
|
||
|
2B1F000
|
trusted library allocation
|
page read and write
|
||
|
5CFF000
|
stack
|
page read and write
|
||
|
DC0000
|
trusted library allocation
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
291C000
|
trusted library allocation
|
page read and write
|
||
|
527E000
|
unkown
|
page read and write
|
||
|
4EF0000
|
trusted library allocation
|
page read and write
|
||
|
5D02000
|
trusted library allocation
|
page read and write
|
||
|
38ED000
|
trusted library allocation
|
page read and write
|
||
|
2982000
|
trusted library allocation
|
page read and write
|
||
|
2949000
|
trusted library allocation
|
page read and write
|
||
|
BA1000
|
heap
|
page read and write
|
||
|
69E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3916000
|
trusted library allocation
|
page read and write
|
||
|
2B38000
|
trusted library allocation
|
page read and write
|
||
|
2D2C000
|
trusted library allocation
|
page read and write
|
||
|
4F10000
|
trusted library allocation
|
page execute and read and write
|
||
|
DC9000
|
trusted library allocation
|
page read and write
|
||
|
2CD6000
|
trusted library allocation
|
page read and write
|
||
|
2C41000
|
trusted library allocation
|
page read and write
|
||
|
5FA0000
|
trusted library allocation
|
page read and write
|
||
|
AC2000
|
trusted library allocation
|
page read and write
|
||
|
69BD000
|
stack
|
page read and write
|
||
|
5D6C000
|
heap
|
page read and write
|
||
|
2B8B000
|
trusted library allocation
|
page read and write
|
||
|
4CD0000
|
trusted library allocation
|
page read and write
|
There are 273 hidden memdumps, click here to show them.