Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
FVR-N2411-07396.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\FVR-N2411-07396.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmpA6B9.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\ZeJFfrYmOnJKS.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\ZeJFfrYmOnJKS.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\ZeJFfrYmOnJKS.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_afwgsupc.i30.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_c5y2zi1h.gk2.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ebabrywo.lxv.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qrb43vfc.g4p.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpC1C3.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\188E93\31437F.lck
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2246122658-3693405117-2476756634-1003\89dad5d484a9f889a3a8dfca823edc3e_9e146be9-c76a-4720-bcdb-53011b87bd06
|
data
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\FVR-N2411-07396.exe
|
"C:\Users\user\Desktop\FVR-N2411-07396.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\ZeJFfrYmOnJKS.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\ZeJFfrYmOnJKS" /XML "C:\Users\user\AppData\Local\Temp\tmpA6B9.tmp"
|
|
|
|
C:\Users\user\Desktop\FVR-N2411-07396.exe
|
"C:\Users\user\Desktop\FVR-N2411-07396.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\ZeJFfrYmOnJKS.exe
|
C:\Users\user\AppData\Roaming\ZeJFfrYmOnJKS.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\ZeJFfrYmOnJKS" /XML "C:\Users\user\AppData\Local\Temp\tmpC1C3.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\ZeJFfrYmOnJKS.exe
|
"C:\Users\user\AppData\Roaming\ZeJFfrYmOnJKS.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://94.156.177.41/soja/five/fre.php
|
94.156.177.41
|
|
|
|
94.156.177.41/soja/five/fre.php
|
|
||
|
http://kbfvzoboss.bid/alien/fre.php
|
|||
|
http://alphastand.win/alien/fre.php
|
|||
|
http://alphastand.trade/alien/fre.php
|
|||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://alphastand.top/alien/fre.php
|
|||
|
http://www.ibsensoftware.com/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bg.microsoft.map.fastly.net
|
199.232.210.172
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
94.156.177.41
|
unknown
|
Bulgaria
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
CC8000
|
heap
|
page read and write
|
|
|
|
39E9000
|
trusted library allocation
|
page read and write
|
|
|
|
3A22000
|
trusted library allocation
|
page read and write
|
|
|
|
29E1000
|
trusted library allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
5540000
|
trusted library section
|
page read and write
|
|
|
|
28A5000
|
trusted library allocation
|
page read and write
|
|
|
|
28CF000
|
trusted library allocation
|
page read and write
|
|
|
|
2A61000
|
trusted library allocation
|
page read and write
|
|
|
|
B1BE000
|
stack
|
page read and write
|
||
|
6C59000
|
heap
|
page read and write
|
||
|
28C0000
|
trusted library allocation
|
page read and write
|
||
|
4A0000
|
remote allocation
|
page execute and read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
B07E000
|
stack
|
page read and write
|
||
|
B75F000
|
stack
|
page read and write
|
||
|
E8F000
|
stack
|
page read and write
|
||
|
C2E000
|
heap
|
page read and write
|
||
|
D70000
|
trusted library allocation
|
page read and write
|
||
|
5020000
|
heap
|
page read and write
|
||
|
B4FF000
|
stack
|
page read and write
|
||
|
282E000
|
stack
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
B8DE000
|
stack
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
4DB0000
|
heap
|
page read and write
|
||
|
4EE6000
|
trusted library allocation
|
page read and write
|
||
|
B9E000
|
heap
|
page read and write
|
||
|
4FEB000
|
stack
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
879E000
|
stack
|
page read and write
|
||
|
4D20000
|
trusted library allocation
|
page read and write
|
||
|
27B0000
|
trusted library allocation
|
page read and write
|
||
|
6C0F000
|
stack
|
page read and write
|
||
|
825E000
|
stack
|
page read and write
|
||
|
5000000
|
heap
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
27C2000
|
trusted library allocation
|
page read and write
|
||
|
2B9E000
|
stack
|
page read and write
|
||
|
B27E000
|
stack
|
page read and write
|
||
|
27B3000
|
trusted library allocation
|
page read and write
|
||
|
6CC6000
|
heap
|
page read and write
|
||
|
306B000
|
heap
|
page read and write
|
||
|
5180000
|
trusted library allocation
|
page read and write
|
||
|
4EC4000
|
trusted library allocation
|
page read and write
|
||
|
B3BE000
|
stack
|
page read and write
|
||
|
B57E000
|
stack
|
page read and write
|
||
|
AD9F000
|
stack
|
page read and write
|
||
|
1498000
|
heap
|
page read and write
|
||
|
51A0000
|
trusted library section
|
page readonly
|
||
|
BB1C000
|
stack
|
page read and write
|
||
|
4EC0000
|
trusted library allocation
|
page read and write
|
||
|
6D59000
|
heap
|
page read and write
|
||
|
499C000
|
stack
|
page read and write
|
||
|
4B7C000
|
stack
|
page read and write
|
||
|
6D40000
|
heap
|
page read and write
|
||
|
F8F000
|
stack
|
page read and write
|
||
|
71F0000
|
trusted library allocation
|
page read and write
|
||
|
B06000
|
trusted library allocation
|
page execute and read and write
|
||
|
89BD000
|
stack
|
page read and write
|
||
|
D2D000
|
heap
|
page read and write
|
||
|
2A50000
|
heap
|
page read and write
|
||
|
6D71000
|
heap
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
2B5D000
|
stack
|
page read and write
|
||
|
27D7000
|
trusted library allocation
|
page execute and read and write
|
||
|
27F0000
|
trusted library allocation
|
page read and write
|
||
|
12D5000
|
heap
|
page read and write
|
||
|
3882000
|
trusted library allocation
|
page read and write
|
||
|
7210000
|
trusted library allocation
|
page read and write
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
B47E000
|
stack
|
page read and write
|
||
|
33A000
|
stack
|
page read and write
|
||
|
4FF0000
|
trusted library section
|
page readonly
|
||
|
4F00000
|
trusted library allocation
|
page read and write
|
||
|
2843000
|
heap
|
page read and write
|
||
|
4F58000
|
trusted library allocation
|
page read and write
|
||
|
B2FF000
|
stack
|
page read and write
|
||
|
5535000
|
heap
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
8118000
|
trusted library allocation
|
page read and write
|
||
|
28FE000
|
stack
|
page read and write
|
||
|
6D61000
|
heap
|
page read and write
|
||
|
51C0000
|
heap
|
page read and write
|
||
|
D07000
|
heap
|
page read and write
|
||
|
6DDE000
|
heap
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
849D000
|
stack
|
page read and write
|
||
|
C47000
|
heap
|
page read and write
|
||
|
AD0000
|
trusted library allocation
|
page read and write
|
||
|
726000
|
unkown
|
page readonly
|
||
|
AD4000
|
trusted library allocation
|
page read and write
|
||
|
4EED000
|
trusted library allocation
|
page read and write
|
||
|
D74000
|
trusted library allocation
|
page read and write
|
||
|
2850000
|
heap
|
page execute and read and write
|
||
|
694E000
|
heap
|
page read and write
|
||
|
2A5D000
|
trusted library allocation
|
page read and write
|
||
|
26B0000
|
heap
|
page read and write
|
||
|
B4E000
|
stack
|
page read and write
|
||
|
96E000
|
stack
|
page read and write
|
||
|
4FA0000
|
trusted library allocation
|
page read and write
|
||
|
D5E000
|
stack
|
page read and write
|
||
|
89E0000
|
trusted library section
|
page read and write
|
||
|
B2BE000
|
stack
|
page read and write
|
||
|
27BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
8112000
|
trusted library allocation
|
page read and write
|
||
|
7030000
|
trusted library allocation
|
page read and write
|
||
|
28A0000
|
heap
|
page read and write
|
||
|
4ECB000
|
trusted library allocation
|
page read and write
|
||
|
5530000
|
heap
|
page read and write
|
||
|
4F52000
|
trusted library allocation
|
page read and write
|
||
|
7CC000
|
stack
|
page read and write
|
||
|
4A0000
|
remote allocation
|
page execute and read and write
|
||
|
8110000
|
trusted library allocation
|
page read and write
|
||
|
AF7000
|
stack
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
4F70000
|
trusted library allocation
|
page read and write
|
||
|
2FD000
|
stack
|
page read and write
|
||
|
B33C000
|
stack
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
6E10000
|
trusted library allocation
|
page execute and read and write
|
||
|
CDC000
|
heap
|
page read and write
|
||
|
8F7000
|
stack
|
page read and write
|
||
|
4D12000
|
trusted library allocation
|
page read and write
|
||
|
B43C000
|
stack
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
6B0E000
|
stack
|
page read and write
|
||
|
2F2F000
|
stack
|
page read and write
|
||
|
3EE000
|
unkown
|
page read and write
|
||
|
3906000
|
trusted library allocation
|
page read and write
|
||
|
B1B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5220000
|
trusted library allocation
|
page execute and read and write
|
||
|
270E000
|
stack
|
page read and write
|
||
|
29DE000
|
stack
|
page read and write
|
||
|
C61000
|
heap
|
page read and write
|
||
|
7F1C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
27A4000
|
trusted library allocation
|
page read and write
|
||
|
CCE000
|
stack
|
page read and write
|
||
|
2840000
|
trusted library allocation
|
page execute and read and write
|
||
|
AE7000
|
heap
|
page read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
6E20000
|
trusted library allocation
|
page read and write
|
||
|
6C9B000
|
heap
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
B00000
|
trusted library allocation
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
4D50000
|
trusted library allocation
|
page read and write
|
||
|
B80000
|
trusted library allocation
|
page read and write
|
||
|
C2A000
|
heap
|
page read and write
|
||
|
4D80000
|
heap
|
page read and write
|
||
|
5A9000
|
stack
|
page read and write
|
||
|
8A7E000
|
stack
|
page read and write
|
||
|
4EE1000
|
trusted library allocation
|
page read and write
|
||
|
4D30000
|
trusted library allocation
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
4FB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6C40000
|
heap
|
page read and write
|
||
|
27C6000
|
trusted library allocation
|
page execute and read and write
|
||
|
692000
|
unkown
|
page readonly
|
||
|
6CA9000
|
heap
|
page read and write
|
||
|
4F10000
|
trusted library allocation
|
page read and write
|
||
|
80F0000
|
trusted library allocation
|
page read and write
|
||
|
B0A000
|
trusted library allocation
|
page execute and read and write
|
||
|
27A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7B9000
|
stack
|
page read and write
|
||
|
3060000
|
heap
|
page read and write
|
||
|
2C43000
|
trusted library allocation
|
page read and write
|
||
|
2861000
|
trusted library allocation
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
3BC2000
|
trusted library allocation
|
page read and write
|
||
|
2B5F000
|
stack
|
page read and write
|
||
|
32A0000
|
heap
|
page read and write
|
||
|
5010000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
4F90000
|
heap
|
page read and write
|
||
|
FFE000
|
stack
|
page read and write
|
||
|
489C000
|
stack
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
63F000
|
unkown
|
page read and write
|
||
|
2B9A000
|
stack
|
page read and write
|
||
|
4F25000
|
trusted library allocation
|
page read and write
|
||
|
AFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
27D2000
|
trusted library allocation
|
page read and write
|
||
|
AC9E000
|
stack
|
page read and write
|
||
|
4EF2000
|
trusted library allocation
|
page read and write
|
||
|
13EE000
|
stack
|
page read and write
|
||
|
4FD3000
|
heap
|
page read and write
|
||
|
FFC000
|
stack
|
page read and write
|
||
|
5B50000
|
heap
|
page read and write
|
||
|
BA1C000
|
stack
|
page read and write
|
||
|
4CFE000
|
trusted library allocation
|
page read and write
|
||
|
6CC000
|
stack
|
page read and write
|
||
|
815E000
|
stack
|
page read and write
|
||
|
4F60000
|
trusted library allocation
|
page execute and read and write
|
||
|
283E000
|
stack
|
page read and write
|
||
|
AF7E000
|
stack
|
page read and write
|
||
|
B89F000
|
stack
|
page read and write
|
||
|
AD3000
|
trusted library allocation
|
page execute and read and write
|
||
|
4CE4000
|
trusted library allocation
|
page read and write
|
||
|
51CD000
|
stack
|
page read and write
|
||
|
52E0000
|
trusted library allocation
|
page read and write
|
||
|
2AC3000
|
trusted library allocation
|
page read and write
|
||
|
4EDE000
|
trusted library allocation
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
E5E000
|
stack
|
page read and write
|
||
|
2830000
|
trusted library allocation
|
page read and write
|
||
|
CD8000
|
trusted library allocation
|
page read and write
|
||
|
AF0000
|
trusted library allocation
|
page read and write
|
||
|
7200000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F2E000
|
unkown
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
B02000
|
trusted library allocation
|
page read and write
|
||
|
3AE5000
|
trusted library allocation
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
5840000
|
heap
|
page read and write
|
||
|
4F90000
|
trusted library allocation
|
page read and write
|
||
|
5850000
|
heap
|
page read and write
|
||
|
6DAE000
|
heap
|
page read and write
|
||
|
AC0000
|
trusted library allocation
|
page read and write
|
||
|
3A28000
|
trusted library allocation
|
page read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
4CEB000
|
trusted library allocation
|
page read and write
|
||
|
28D0000
|
heap
|
page read and write
|
||
|
27DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
D76000
|
trusted library allocation
|
page read and write
|
||
|
BC5000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
3869000
|
trusted library allocation
|
page read and write
|
||
|
396B000
|
trusted library allocation
|
page read and write
|
||
|
52D0000
|
trusted library allocation
|
page read and write
|
||
|
3A87000
|
trusted library allocation
|
page read and write
|
||
|
AF3000
|
trusted library allocation
|
page read and write
|
||
|
289B000
|
stack
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
4D70000
|
heap
|
page execute and read and write
|
||
|
C54000
|
heap
|
page read and write
|
||
|
C4D000
|
heap
|
page read and write
|
||
|
4D06000
|
trusted library allocation
|
page read and write
|
||
|
12AE000
|
stack
|
page read and write
|
||
|
B95000
|
heap
|
page read and write
|
||
|
5015000
|
heap
|
page read and write
|
||
|
5270000
|
trusted library allocation
|
page read and write
|
||
|
B17000
|
trusted library allocation
|
page execute and read and write
|
||
|
548D000
|
stack
|
page read and write
|
||
|
6F7F000
|
stack
|
page read and write
|
||
|
6E7E000
|
stack
|
page read and write
|
||
|
521C000
|
stack
|
page read and write
|
||
|
4F50000
|
trusted library allocation
|
page read and write
|
||
|
26BA000
|
heap
|
page read and write
|
||
|
2710000
|
heap
|
page read and write
|
||
|
B40000
|
trusted library allocation
|
page execute and read and write
|
||
|
690000
|
unkown
|
page readonly
|
||
|
C05000
|
heap
|
page read and write
|
||
|
84DE000
|
stack
|
page read and write
|
||
|
38A2000
|
trusted library allocation
|
page read and write
|
||
|
B30000
|
trusted library allocation
|
page read and write
|
||
|
7F6E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
B98000
|
heap
|
page read and write
|
||
|
5240000
|
heap
|
page execute and read and write
|
||
|
6D5D000
|
heap
|
page read and write
|
||
|
B65E000
|
stack
|
page read and write
|
||
|
ADD000
|
trusted library allocation
|
page execute and read and write
|
||
|
5280000
|
trusted library allocation
|
page read and write
|
||
|
6CAF000
|
heap
|
page read and write
|
||
|
39CA000
|
trusted library allocation
|
page read and write
|
||
|
B1FE000
|
stack
|
page read and write
|
||
|
7342000
|
trusted library allocation
|
page read and write
|
||
|
7219000
|
trusted library allocation
|
page read and write
|
||
|
27CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
3861000
|
trusted library allocation
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
4FD0000
|
heap
|
page read and write
|
||
|
4F20000
|
trusted library allocation
|
page read and write
|
||
|
B3FE000
|
stack
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
168F000
|
stack
|
page read and write
|
||
|
4CE0000
|
trusted library allocation
|
page read and write
|
||
|
EFC000
|
stack
|
page read and write
|
||
|
27C0000
|
trusted library allocation
|
page read and write
|
||
|
B12000
|
trusted library allocation
|
page read and write
|
||
|
51B0000
|
heap
|
page read and write
|
||
|
10BF000
|
stack
|
page read and write
|
||
|
39E1000
|
trusted library allocation
|
page read and write
|
||
|
27D0000
|
trusted library allocation
|
page read and write
|
||
|
4F50000
|
trusted library allocation
|
page read and write
|
||
|
2F6F000
|
unkown
|
page read and write
|
||
|
49E8000
|
trusted library allocation
|
page read and write
|
||
|
4F30000
|
trusted library allocation
|
page read and write
|
||
|
51D0000
|
heap
|
page read and write
|
||
|
B79E000
|
stack
|
page read and write
|
||
|
5520000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
27A0000
|
trusted library allocation
|
page read and write
|
||
|
AF3F000
|
stack
|
page read and write
|
||
|
4D01000
|
trusted library allocation
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
8B7E000
|
stack
|
page read and write
|
||
|
9D5000
|
heap
|
page read and write
|
||
|
4D25000
|
trusted library allocation
|
page read and write
|
||
|
ED0000
|
trusted library allocation
|
page read and write
|
||
|
EE7000
|
heap
|
page read and write
|
||
|
2840000
|
heap
|
page read and write
|
||
|
8100000
|
trusted library allocation
|
page execute and read and write
|
||
|
5250000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A42000
|
trusted library allocation
|
page read and write
|
||
|
4D0D000
|
trusted library allocation
|
page read and write
|
||
|
2C9F000
|
stack
|
page read and write
|
||
|
E9E000
|
stack
|
page read and write
|
||
|
6C40000
|
heap
|
page read and write
|
||
|
27AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
B0BE000
|
stack
|
page read and write
|
||
|
6940000
|
heap
|
page read and write
|
||
|
4FA2000
|
trusted library allocation
|
page read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
2850000
|
heap
|
page execute and read and write
|
||
|
B9DE000
|
stack
|
page read and write
|
||
|
6C69000
|
heap
|
page read and write
|
||
|
1490000
|
heap
|
page read and write
|
||
|
6D9B000
|
heap
|
page read and write
|
||
|
BB7000
|
heap
|
page read and write
|
||
|
4FC0000
|
trusted library allocation
|
page read and write
|
||
|
5B71000
|
heap
|
page read and write
|
||
|
27E0000
|
heap
|
page read and write
|
||
|
BD3000
|
heap
|
page read and write
|
||
|
5B40000
|
heap
|
page read and write
|
||
|
9AE000
|
stack
|
page read and write
|
||
|
293F000
|
stack
|
page read and write
|
There are 320 hidden memdumps, click here to show them.