Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
file.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_file.exe_ba8a8a594ca8fa23cd1d4e3bee6863e38899ac_1ee2fc52_24ad378d-1248-43e8-844d-71fe83f31003\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\dll[1]
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\soft[1]
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F4wAzFA73Du5NVFF3Wt42\Bunifu_UI_v1.5.3.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F4wAzFA73Du5NVFF3Wt42\Y-Cleaner.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER43B4.tmp.dmp
|
Mini DuMP crash report, 14 streams, Fri Nov 29 20:13:21 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4471.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4491.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\download[1].htm
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\add[1].htm
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\download[1].htm
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\fuckingdllENCR[1].dll
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\key[1].htm
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\Desktop\Cleaner.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Icon
number=0, Archive, ctime=Fri Nov 29 19:13:20 2024, mtime=Fri Nov 29 19:13:20 2024, atime=Fri Nov 29 19:13:20 2024, length=1502720,
window=hide
|
modified
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7312 -s 644
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://185.156.72.65/soft/download
|
185.156.72.65
|
||
|
http://185.156.72.65/files/download65/files/download-e433ee860fe502924bLMEM
|
unknown
|
||
|
http://185.156.72.65/dll/downloadG
|
unknown
|
||
|
https://g-cleanit.hk
|
unknown
|
||
|
http://185.156.72.65/dll/download
|
185.156.72.65
|
||
|
http://185.156.72.65/dll/downloadQ
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://185.156.72.65/dll/key
|
185.156.72.65
|
||
|
http://185.156.72.65/files/download
|
185.156.72.65
|
||
|
http://www.ccleaner.comqhttps://take.rdrct-now.online/go/ZWKA?p78705p298845p1174
|
unknown
|
||
|
http://185.156.72.65/files/downloadN
|
unknown
|
||
|
https://iplogger.org/1Pz8p7
|
unknown
|
||
|
http://185.156.72.65/add?substr=mixtwo&s=three&sub=nosub
|
185.156.72.65
|
There are 3 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.156.72.65
|
unknown
|
Russian Federation
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{be32881d-9ae4-303b-ebb1-8ac691f815f3}\Root\InventoryApplicationFile\file.exe|634507f567776d77
|
ProgramId
|
|
|
|
\REGISTRY\A\{be32881d-9ae4-303b-ebb1-8ac691f815f3}\Root\InventoryApplicationFile\file.exe|634507f567776d77
|
FileId
|
|
|
|
\REGISTRY\A\{be32881d-9ae4-303b-ebb1-8ac691f815f3}\Root\InventoryApplicationFile\file.exe|634507f567776d77
|
LowerCaseLongPath
|
|
|
|
\REGISTRY\A\{be32881d-9ae4-303b-ebb1-8ac691f815f3}\Root\InventoryApplicationFile\file.exe|634507f567776d77
|
LongPathHash
|
|
|
|
\REGISTRY\A\{be32881d-9ae4-303b-ebb1-8ac691f815f3}\Root\InventoryApplicationFile\file.exe|634507f567776d77
|
Name
|
|
|
|
\REGISTRY\A\{be32881d-9ae4-303b-ebb1-8ac691f815f3}\Root\InventoryApplicationFile\file.exe|634507f567776d77
|
OriginalFileName
|
|
|
|
\REGISTRY\A\{be32881d-9ae4-303b-ebb1-8ac691f815f3}\Root\InventoryApplicationFile\file.exe|634507f567776d77
|
Publisher
|
|
|
|
\REGISTRY\A\{be32881d-9ae4-303b-ebb1-8ac691f815f3}\Root\InventoryApplicationFile\file.exe|634507f567776d77
|
Version
|
|
|
|
\REGISTRY\A\{be32881d-9ae4-303b-ebb1-8ac691f815f3}\Root\InventoryApplicationFile\file.exe|634507f567776d77
|
BinFileVersion
|
|
|
|
\REGISTRY\A\{be32881d-9ae4-303b-ebb1-8ac691f815f3}\Root\InventoryApplicationFile\file.exe|634507f567776d77
|
BinaryType
|
|
|
|
\REGISTRY\A\{be32881d-9ae4-303b-ebb1-8ac691f815f3}\Root\InventoryApplicationFile\file.exe|634507f567776d77
|
ProductName
|
|
|
|
\REGISTRY\A\{be32881d-9ae4-303b-ebb1-8ac691f815f3}\Root\InventoryApplicationFile\file.exe|634507f567776d77
|
ProductVersion
|
|
|
|
\REGISTRY\A\{be32881d-9ae4-303b-ebb1-8ac691f815f3}\Root\InventoryApplicationFile\file.exe|634507f567776d77
|
LinkDate
|
|
|
|
\REGISTRY\A\{be32881d-9ae4-303b-ebb1-8ac691f815f3}\Root\InventoryApplicationFile\file.exe|634507f567776d77
|
BinProductVersion
|
|
|
|
\REGISTRY\A\{be32881d-9ae4-303b-ebb1-8ac691f815f3}\Root\InventoryApplicationFile\file.exe|634507f567776d77
|
AppxPackageFullName
|
|
|
|
\REGISTRY\A\{be32881d-9ae4-303b-ebb1-8ac691f815f3}\Root\InventoryApplicationFile\file.exe|634507f567776d77
|
AppxPackageRelativeId
|
|
|
|
\REGISTRY\A\{be32881d-9ae4-303b-ebb1-8ac691f815f3}\Root\InventoryApplicationFile\file.exe|634507f567776d77
|
Size
|
|
|
|
\REGISTRY\A\{be32881d-9ae4-303b-ebb1-8ac691f815f3}\Root\InventoryApplicationFile\file.exe|634507f567776d77
|
Language
|
|
|
|
\REGISTRY\A\{be32881d-9ae4-303b-ebb1-8ac691f815f3}\Root\InventoryApplicationFile\file.exe|634507f567776d77
|
Usn
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
ClockTimeSeconds
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
TickCount
|
There are 11 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4A50000
|
direct allocation
|
page read and write
|
|
|
|
4A20000
|
direct allocation
|
page execute and read and write
|
|
|
|
400000
|
unkown
|
page execute and read and write
|
|
|
|
AEE000
|
heap
|
page read and write
|
||
|
A9E000
|
stack
|
page read and write
|
||
|
5493000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5985000
|
heap
|
page read and write
|
||
|
5496000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
4340000
|
direct allocation
|
page read and write
|
||
|
5337000
|
heap
|
page read and write
|
||
|
26BE000
|
stack
|
page read and write
|
||
|
5493000
|
heap
|
page read and write
|
||
|
5319000
|
heap
|
page read and write
|
||
|
5ADA000
|
heap
|
page read and write
|
||
|
3E5E000
|
stack
|
page read and write
|
||
|
54EF000
|
heap
|
page read and write
|
||
|
319F000
|
stack
|
page read and write
|
||
|
2E1E000
|
stack
|
page read and write
|
||
|
4E8E000
|
stack
|
page read and write
|
||
|
5A85000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4A10000
|
direct allocation
|
page execute and read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
10018000
|
direct allocation
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5A5D000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
3BDE000
|
stack
|
page read and write
|
||
|
309E000
|
stack
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
4A00000
|
direct allocation
|
page execute and read and write
|
||
|
4990000
|
direct allocation
|
page execute and read and write
|
||
|
466000
|
unkown
|
page write copy
|
||
|
5C28000
|
heap
|
page read and write
|
||
|
5337000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
3F5F000
|
stack
|
page read and write
|
||
|
5AAA000
|
heap
|
page read and write
|
||
|
5493000
|
heap
|
page read and write
|
||
|
2B9E000
|
stack
|
page read and write
|
||
|
510E000
|
stack
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
8B1000
|
unkown
|
page execute and read and write
|
||
|
5493000
|
heap
|
page read and write
|
||
|
345E000
|
stack
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5E00000
|
heap
|
page read and write
|
||
|
5A78000
|
heap
|
page read and write
|
||
|
31DE000
|
stack
|
page read and write
|
||
|
470000
|
unkown
|
page execute and read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
359E000
|
stack
|
page read and write
|
||
|
5319000
|
heap
|
page read and write
|
||
|
4340000
|
direct allocation
|
page read and write
|
||
|
5319000
|
heap
|
page read and write
|
||
|
391F000
|
stack
|
page read and write
|
||
|
5337000
|
heap
|
page read and write
|
||
|
4F8F000
|
stack
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
482C000
|
stack
|
page read and write
|
||
|
5C43000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5493000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
70B000
|
unkown
|
page execute and write copy
|
||
|
331E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
395E000
|
stack
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
4340000
|
direct allocation
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
2A1F000
|
stack
|
page read and write
|
||
|
5AC2000
|
heap
|
page read and write
|
||
|
8C0000
|
heap
|
page read and write
|
||
|
BBF000
|
heap
|
page read and write
|
||
|
4970000
|
direct allocation
|
page execute and read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
381E000
|
stack
|
page read and write
|
||
|
52E2000
|
heap
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
5581000
|
heap
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
598D000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5ADE000
|
heap
|
page read and write
|
||
|
5337000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
4340000
|
direct allocation
|
page read and write
|
||
|
2F1F000
|
stack
|
page read and write
|
||
|
4450000
|
trusted library allocation
|
page read and write
|
||
|
598D000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5496000
|
heap
|
page read and write
|
||
|
530C000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5337000
|
heap
|
page read and write
|
||
|
4790000
|
heap
|
page read and write
|
||
|
5581000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5337000
|
heap
|
page read and write
|
||
|
4940000
|
direct allocation
|
page execute and read and write
|
||
|
3B9F000
|
stack
|
page read and write
|
||
|
5986000
|
heap
|
page read and write
|
||
|
5FB000
|
unkown
|
page execute and read and write
|
||
|
492F000
|
stack
|
page read and write
|
||
|
2CDE000
|
stack
|
page read and write
|
||
|
50CB000
|
stack
|
page read and write
|
||
|
2B5F000
|
stack
|
page read and write
|
||
|
52E4000
|
heap
|
page read and write
|
||
|
10001000
|
direct allocation
|
page execute read
|
||
|
26D7000
|
heap
|
page read and write
|
||
|
BAA000
|
heap
|
page read and write
|
||
|
5319000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
4340000
|
direct allocation
|
page read and write
|
||
|
5B6F000
|
heap
|
page read and write
|
||
|
4340000
|
direct allocation
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5DA4000
|
heap
|
page read and write
|
||
|
5496000
|
heap
|
page read and write
|
||
|
5AE5000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
4D1E000
|
stack
|
page read and write
|
||
|
A0E000
|
stack
|
page read and write
|
||
|
5352000
|
heap
|
page read and write
|
||
|
5496000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
9C5000
|
heap
|
page read and write
|
||
|
5AD4000
|
heap
|
page read and write
|
||
|
52EA000
|
heap
|
page read and write
|
||
|
5C5B000
|
heap
|
page read and write
|
||
|
5353000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5309000
|
heap
|
page read and write
|
||
|
5493000
|
heap
|
page read and write
|
||
|
5419000
|
heap
|
page read and write
|
||
|
4980000
|
direct allocation
|
page execute and read and write
|
||
|
5C4B000
|
heap
|
page read and write
|
||
|
5D9C000
|
heap
|
page read and write
|
||
|
3F9E000
|
stack
|
page read and write
|
||
|
28DF000
|
stack
|
page read and write
|
||
|
5581000
|
heap
|
page read and write
|
||
|
3A9E000
|
stack
|
page read and write
|
||
|
5493000
|
heap
|
page read and write
|
||
|
5337000
|
heap
|
page read and write
|
||
|
5309000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
47E0000
|
direct allocation
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5580000
|
heap
|
page read and write
|
||
|
480B000
|
direct allocation
|
page read and write
|
||
|
4340000
|
direct allocation
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5319000
|
heap
|
page read and write
|
||
|
5493000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5980000
|
heap
|
page read and write
|
||
|
49F0000
|
direct allocation
|
page execute and read and write
|
||
|
4E1F000
|
stack
|
page read and write
|
||
|
37DF000
|
stack
|
page read and write
|
||
|
10011000
|
direct allocation
|
page readonly
|
||
|
47E0000
|
direct allocation
|
page read and write
|
||
|
5352000
|
heap
|
page read and write
|
||
|
4340000
|
direct allocation
|
page read and write
|
||
|
5319000
|
heap
|
page read and write
|
||
|
2F5E000
|
stack
|
page read and write
|
||
|
4A9E000
|
stack
|
page read and write
|
||
|
3CDF000
|
stack
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
4340000
|
direct allocation
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
27DF000
|
stack
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5337000
|
heap
|
page read and write
|
||
|
598A000
|
heap
|
page read and write
|
||
|
5C4D000
|
heap
|
page read and write
|
||
|
5337000
|
heap
|
page read and write
|
||
|
466000
|
unkown
|
page read and write
|
||
|
32DF000
|
stack
|
page read and write
|
||
|
4370000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5319000
|
heap
|
page read and write
|
||
|
5A84000
|
heap
|
page read and write
|
||
|
5496000
|
heap
|
page read and write
|
||
|
53EA000
|
heap
|
page read and write
|
||
|
5496000
|
heap
|
page read and write
|
||
|
B9E000
|
heap
|
page read and write
|
||
|
5456000
|
heap
|
page read and write
|
||
|
4350000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5337000
|
heap
|
page read and write
|
||
|
4362000
|
heap
|
page read and write
|
||
|
5496000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5AF1000
|
heap
|
page read and write
|
||
|
5985000
|
heap
|
page read and write
|
||
|
5319000
|
heap
|
page read and write
|
||
|
4340000
|
direct allocation
|
page read and write
|
||
|
421E000
|
stack
|
page read and write
|
||
|
4340000
|
direct allocation
|
page read and write
|
||
|
5353000
|
heap
|
page read and write
|
||
|
5493000
|
heap
|
page read and write
|
||
|
5337000
|
heap
|
page read and write
|
||
|
2DDF000
|
stack
|
page read and write
|
||
|
5493000
|
heap
|
page read and write
|
||
|
116F000
|
stack
|
page read and write
|
||
|
341F000
|
stack
|
page read and write
|
||
|
5260000
|
heap
|
page read and write
|
||
|
5493000
|
heap
|
page read and write
|
||
|
5B3D000
|
heap
|
page read and write
|
||
|
5319000
|
heap
|
page read and write
|
||
|
70C000
|
unkown
|
page execute and write copy
|
||
|
5982000
|
heap
|
page read and write
|
||
|
5493000
|
heap
|
page read and write
|
||
|
5337000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5DA6000
|
heap
|
page read and write
|
||
|
B8C000
|
heap
|
page read and write
|
||
|
5496000
|
heap
|
page read and write
|
||
|
49D0000
|
direct allocation
|
page execute and read and write
|
||
|
291E000
|
stack
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5493000
|
heap
|
page read and write
|
||
|
5352000
|
heap
|
page read and write
|
||
|
199000
|
stack
|
page read and write
|
||
|
4340000
|
direct allocation
|
page read and write
|
||
|
47E0000
|
direct allocation
|
page read and write
|
||
|
A4E000
|
stack
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
4CDF000
|
stack
|
page read and write
|
||
|
431F000
|
stack
|
page read and write
|
||
|
4340000
|
direct allocation
|
page read and write
|
||
|
2A5E000
|
stack
|
page read and write
|
||
|
5337000
|
heap
|
page read and write
|
||
|
5B94000
|
heap
|
page read and write
|
||
|
5319000
|
heap
|
page read and write
|
||
|
369F000
|
stack
|
page read and write
|
||
|
5352000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5ADC000
|
heap
|
page read and write
|
||
|
267F000
|
stack
|
page read and write
|
||
|
4950000
|
direct allocation
|
page execute and read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
ADC000
|
stack
|
page read and write
|
||
|
AEA000
|
heap
|
page read and write
|
||
|
52E2000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5C4A000
|
heap
|
page read and write
|
||
|
4360000
|
heap
|
page read and write
|
||
|
53EA000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5981000
|
heap
|
page read and write
|
||
|
8AD000
|
unkown
|
page execute and read and write
|
||
|
53EA000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5352000
|
heap
|
page read and write
|
||
|
36DE000
|
stack
|
page read and write
|
||
|
6FC000
|
unkown
|
page execute and read and write
|
||
|
4BDE000
|
stack
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
541A000
|
heap
|
page read and write
|
||
|
3D1E000
|
stack
|
page read and write
|
||
|
5337000
|
heap
|
page read and write
|
||
|
5319000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5351000
|
heap
|
page read and write
|
||
|
5419000
|
heap
|
page read and write
|
||
|
5989000
|
heap
|
page read and write
|
||
|
5337000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
BD5000
|
heap
|
page read and write
|
||
|
5496000
|
heap
|
page read and write
|
||
|
5493000
|
heap
|
page read and write
|
||
|
26C0000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
26D0000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5319000
|
heap
|
page read and write
|
||
|
5BDC000
|
heap
|
page read and write
|
||
|
47B0000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
49E0000
|
direct allocation
|
page execute and read and write
|
||
|
5352000
|
heap
|
page read and write
|
||
|
CDF000
|
stack
|
page read and write
|
||
|
49C0000
|
direct allocation
|
page execute and read and write
|
||
|
4320000
|
heap
|
page read and write
|
||
|
5A3E000
|
heap
|
page read and write
|
||
|
4940000
|
direct allocation
|
page execute and read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
40DE000
|
stack
|
page read and write
|
||
|
3E1F000
|
stack
|
page read and write
|
||
|
47E0000
|
direct allocation
|
page read and write
|
||
|
5AFB000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5506000
|
heap
|
page read and write
|
||
|
45F000
|
unkown
|
page execute and read and write
|
||
|
4960000
|
direct allocation
|
page execute and read and write
|
||
|
409F000
|
stack
|
page read and write
|
||
|
4B9F000
|
stack
|
page read and write
|
||
|
4340000
|
direct allocation
|
page read and write
|
||
|
3A5F000
|
stack
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5981000
|
heap
|
page read and write
|
||
|
5ABB000
|
heap
|
page read and write
|
||
|
5496000
|
heap
|
page read and write
|
||
|
4FCE000
|
stack
|
page read and write
|
||
|
5496000
|
heap
|
page read and write
|
||
|
5A1D000
|
heap
|
page read and write
|
||
|
5A18000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5493000
|
heap
|
page read and write
|
||
|
5319000
|
heap
|
page read and write
|
||
|
5337000
|
heap
|
page read and write
|
||
|
52E2000
|
heap
|
page read and write
|
||
|
8AE000
|
unkown
|
page execute and write copy
|
||
|
10000000
|
direct allocation
|
page read and write
|
||
|
355F000
|
stack
|
page read and write
|
||
|
49B0000
|
direct allocation
|
page execute and read and write
|
||
|
305F000
|
stack
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5BF9000
|
heap
|
page read and write
|
||
|
520E000
|
stack
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
1001A000
|
direct allocation
|
page read and write
|
||
|
5980000
|
heap
|
page read and write
|
||
|
2C9F000
|
stack
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
8B2000
|
unkown
|
page execute and write copy
|
||
|
5C37000
|
heap
|
page read and write
|
||
|
5337000
|
heap
|
page read and write
|
||
|
49A0000
|
direct allocation
|
page execute and read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5496000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
5496000
|
heap
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
70B000
|
unkown
|
page execute and read and write
|
||
|
54D9000
|
heap
|
page read and write
|
||
|
41DF000
|
stack
|
page read and write
|
||
|
5352000
|
heap
|
page read and write
|
There are 347 hidden memdumps, click here to show them.