Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
ZAMOWIEN.BAT.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\k8457414
|
SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 2, database pages 56, cookie
0x24, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nssF88.tmp\LangDLL.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nssF88.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nswC99.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Tetranychus\tossehovederne\Applewoman\Circularness147.iag
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Tetranychus\tossehovederne\Applewoman\Isobronton.son
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Tetranychus\tossehovederne\Applewoman\Neurofysiolog.kno
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Tetranychus\tossehovederne\Applewoman\archontate.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Tetranychus\tossehovederne\Applewoman\foreaccounting.afn
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Tetranychus\tossehovederne\Applewoman\panerende.ret
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Tetranychus\tossehovederne\Unliquefiable.Fla
|
data
|
dropped
|
||
|
C:\Users\user\overlbene.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, ctime=Sun Dec 31 23:25:52 1600, mtime=Sun
Dec 31 23:25:52 1600, atime=Sun Dec 31 23:25:52 1600, length=0, window=hide
|
dropped
|
There are 3 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\ZAMOWIEN.BAT.exe
|
"C:\Users\user\Desktop\ZAMOWIEN.BAT.exe"
|
|
|
|
C:\Users\user\Desktop\ZAMOWIEN.BAT.exe
|
"C:\Users\user\Desktop\ZAMOWIEN.BAT.exe"
|
|
|
|
C:\Program Files (x86)\zwojYNvpHbLeEvMMuTenUtTXbuJNZmJMTDCZVBCvwDxlRuiypdrgAjIBhoxIn\iIQnSvahHYwDQ.exe
|
"C:\Program Files (x86)\zwojYNvpHbLeEvMMuTenUtTXbuJNZmJMTDCZVBCvwDxlRuiypdrgAjIBhoxIn\iIQnSvahHYwDQ.exe"
|
|
|
|
C:\Windows\SysWOW64\sdchange.exe
|
"C:\Windows\SysWOW64\sdchange.exe"
|
|
|
|
C:\Program Files (x86)\zwojYNvpHbLeEvMMuTenUtTXbuJNZmJMTDCZVBCvwDxlRuiypdrgAjIBhoxIn\iIQnSvahHYwDQ.exe
|
"C:\Program Files (x86)\zwojYNvpHbLeEvMMuTenUtTXbuJNZmJMTDCZVBCvwDxlRuiypdrgAjIBhoxIn\iIQnSvahHYwDQ.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.vayui.top/4twy/
|
172.67.145.234
|
|
|
|
http://www.officinadelpasso.shop/vlg0/?WPjx20M=qomJeF/TtZ0QUZ/lu9XGw5rEDKlC0VH3n7TxRqREffWgONqaapTJswa8a+ti36YSjfwaEcz7GfWHOzY8D/KxwVpCEXfXsdPRTHALBjA15rmVzjOLWJp7K7s=&bxJPx=a6h4-FrPGbkpc
|
195.110.124.133
|
|
|
|
http://www.vayui.top/4twy/?WPjx20M=mBCElVLkK93E7Nf+SfzPyEy2pe/+ELSSyRrruRXkg+zqtIWho1c/UIFICRtgbVPxo7eZFunASSkRDpjuJtL+SqF6mTOIbDVEeaMEgz/yh1+O2PfmmYS3a3E=&bxJPx=a6h4-FrPGbkpc
|
172.67.145.234
|
|
|
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
http://www.w3c.org/TR/1999/REC-html401-19991224/frameset.dtd
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
http://ectasia.sa.com/po.binca
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://inference.location.live.net/inferenceservice/v21/Pox/GetLocationUsingFingerprinte1e71f6b-214
|
unknown
|
||
|
http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd
|
unknown
|
||
|
http://ectasia.sa.com/po.binL
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://www.ftp.ftp://ftp.gopher.
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
http://ectasia.sa.com/po.bin
|
103.83.194.50
|
||
|
http://www.vayui.top
|
unknown
|
There are 10 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
officinadelpasso.shop
|
195.110.124.133
|
|
|
|
ectasia.sa.com
|
103.83.194.50
|
||
|
www.vayui.top
|
172.67.145.234
|
||
|
www.tals.xyz
|
13.248.169.48
|
||
|
www.officinadelpasso.shop
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
195.110.124.133
|
officinadelpasso.shop
|
Italy
|
|
|
|
172.67.145.234
|
www.vayui.top
|
United States
|
||
|
103.83.194.50
|
ectasia.sa.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\lag\Uninstall\Regnls
|
Tailgates11
|
||
|
HKEY_CURRENT_USER\Chegre\Stres
|
Capersomeness
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
30B0000
|
system
|
page execute and read and write
|
|
|
|
324B0000
|
unclassified section
|
page execute and read and write
|
|
|
|
5530000
|
unkown
|
page execute and read and write
|
|
|
|
35D10000
|
unclassified section
|
page execute and read and write
|
|
|
|
4E10000
|
trusted library allocation
|
page read and write
|
|
|
|
4F1D000
|
direct allocation
|
page execute and read and write
|
|
|
|
920000
|
system
|
page execute and read and write
|
|
|
|
4E60000
|
trusted library allocation
|
page read and write
|
|
|
|
E17000
|
unkown
|
page readonly
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
52C2000
|
direct allocation
|
page execute and read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
50AD000
|
direct allocation
|
page execute and read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
3387000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute read
|
||
|
420000
|
unkown
|
page readonly
|
||
|
BA0000
|
unkown
|
page read and write
|
||
|
3273E000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
524D000
|
direct allocation
|
page execute and read and write
|
||
|
1BC8E904000
|
system
|
page execute and read and write
|
||
|
39CC000
|
stack
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
23D0000
|
unkown
|
page readonly
|
||
|
5B49000
|
unkown
|
page execute and read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
896F000
|
stack
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
330000
|
unkown
|
page readonly
|
||
|
1BC907C4000
|
trusted library allocation
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
E15000
|
unkown
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
9BD000
|
system
|
page execute and read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
7B0000
|
unkown
|
page readonly
|
||
|
5EA000
|
unkown
|
page execute read
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
BE4000
|
heap
|
page read and write
|
||
|
3368000
|
heap
|
page read and write
|
||
|
282E000
|
stack
|
page read and write
|
||
|
310000
|
unkown
|
page readonly
|
||
|
B80000
|
unkown
|
page readonly
|
||
|
810000
|
heap
|
page read and write
|
||
|
32590000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
2C50000
|
direct allocation
|
page read and write
|
||
|
9AD000
|
system
|
page execute and read and write
|
||
|
2C60000
|
direct allocation
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
33DA000
|
heap
|
page read and write
|
||
|
3164000
|
heap
|
page read and write
|
||
|
28B9000
|
heap
|
page read and write
|
||
|
1BC90615000
|
trusted library allocation
|
page read and write
|
||
|
9C9000
|
system
|
page execute and read and write
|
||
|
1BC8EB92000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
740000
|
unkown
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
8255000
|
heap
|
page read and write
|
||
|
8228000
|
heap
|
page read and write
|
||
|
8211000
|
heap
|
page read and write
|
||
|
9AE000
|
stack
|
page read and write
|
||
|
23A0000
|
unkown
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
3164000
|
heap
|
page read and write
|
||
|
4DCC000
|
stack
|
page read and write
|
||
|
7E0000
|
unkown
|
page readonly
|
||
|
3ACB000
|
stack
|
page read and write
|
||
|
5370000
|
trusted library allocation
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
886F000
|
stack
|
page read and write
|
||
|
E17000
|
unkown
|
page readonly
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
2893000
|
heap
|
page read and write
|
||
|
2E16000
|
unkown
|
page read and write
|
||
|
289C000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
591D000
|
direct allocation
|
page execute and read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
9CC000
|
system
|
page execute and read and write
|
||
|
289C000
|
heap
|
page read and write
|
||
|
A30000
|
unkown
|
page read and write
|
||
|
4B1000
|
unkown
|
page readonly
|
||
|
32B10000
|
unclassified section
|
page execute and read and write
|
||
|
333F000
|
stack
|
page read and write
|
||
|
179D000
|
remote allocation
|
page execute and read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
EF14000
|
system
|
page read and write
|
||
|
4C0000
|
unkown
|
page read and write
|
||
|
70000
|
unkown
|
page readonly
|
||
|
CE4000
|
heap
|
page read and write
|
||
|
8225000
|
heap
|
page read and write
|
||
|
A60000
|
unkown
|
page readonly
|
||
|
33F10000
|
unclassified section
|
page execute and read and write
|
||
|
A20000
|
system
|
page execute and read and write
|
||
|
310000
|
unkown
|
page readonly
|
||
|
27A0000
|
direct allocation
|
page read and write
|
||
|
5F0000
|
unkown
|
page execute read
|
||
|
28AA000
|
heap
|
page read and write
|
||
|
322CB000
|
stack
|
page read and write
|
||
|
5251000
|
direct allocation
|
page execute and read and write
|
||
|
E30000
|
unkown
|
page readonly
|
||
|
84A0000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
1BC8EA90000
|
heap
|
page read and write
|
||
|
2510000
|
heap
|
page read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
32A8D000
|
direct allocation
|
page execute and read and write
|
||
|
1BC8EB70000
|
heap
|
page read and write
|
||
|
1BC8EB8F000
|
heap
|
page read and write
|
||
|
2ABF000
|
stack
|
page read and write
|
||
|
1BC907CE000
|
trusted library allocation
|
page read and write
|
||
|
3D0000
|
unkown
|
page readonly
|
||
|
39A000
|
stack
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
320000
|
unkown
|
page readonly
|
||
|
E0E000
|
unkown
|
page readonly
|
||
|
420000
|
unkown
|
page readonly
|
||
|
28AA000
|
heap
|
page read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
EB2C000
|
system
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
9B8000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4F6E000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
81BE000
|
stack
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
3412000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
53B2000
|
unclassified section
|
page read and write
|
||
|
2C80000
|
direct allocation
|
page read and write
|
||
|
E01000
|
unkown
|
page execute read
|
||
|
5E6000
|
unkown
|
page execute read
|
||
|
710000
|
unkown
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
2330000
|
unkown
|
page execute and read and write
|
||
|
4D29000
|
heap
|
page read and write
|
||
|
4E8000
|
heap
|
page read and write
|
||
|
D29000
|
heap
|
page read and write
|
||
|
33E7000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
33FF000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
25B0000
|
heap
|
page read and write
|
||
|
96E000
|
stack
|
page read and write
|
||
|
54CC000
|
unclassified section
|
page read and write
|
||
|
2C20000
|
direct allocation
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
33C7000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
A3B000
|
heap
|
page read and write
|
||
|
E30000
|
unkown
|
page readonly
|
||
|
7DA000
|
unkown
|
page read and write
|
||
|
4A0000
|
unkown
|
page read and write
|
||
|
3164000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
758000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4EFD000
|
heap
|
page read and write
|
||
|
27C0000
|
direct allocation
|
page read and write
|
||
|
4D20000
|
trusted library allocation
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
33E7000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
CAF000
|
stack
|
page read and write
|
||
|
4DE0000
|
direct allocation
|
page execute and read and write
|
||
|
3600000
|
heap
|
page read and write
|
||
|
25B0000
|
heap
|
page read and write
|
||
|
7A5000
|
unkown
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
2647000
|
heap
|
page read and write
|
||
|
E0E000
|
unkown
|
page readonly
|
||
|
408000
|
unkown
|
page readonly
|
||
|
227E000
|
unkown
|
page read and write
|
||
|
28B3000
|
heap
|
page read and write
|
||
|
52D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
5EE000
|
unkown
|
page execute read
|
||
|
626000
|
unkown
|
page execute read
|
||
|
1BC8EB6A000
|
heap
|
page read and write
|
||
|
721000
|
unkown
|
page readonly
|
||
|
730000
|
heap
|
page read and write
|
||
|
855000
|
heap
|
page read and write
|
||
|
823F000
|
heap
|
page read and write
|
||
|
8273000
|
heap
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
8210000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
E15000
|
unkown
|
page read and write
|
||
|
270F000
|
stack
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
9A4000
|
system
|
page execute and read and write
|
||
|
50A9000
|
direct allocation
|
page execute and read and write
|
||
|
3228D000
|
stack
|
page read and write
|
||
|
2760000
|
direct allocation
|
page read and write
|
||
|
2730000
|
direct allocation
|
page read and write
|
||
|
2C10000
|
direct allocation
|
page read and write
|
||
|
BE4000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4D4A000
|
heap
|
page read and write
|
||
|
2895000
|
heap
|
page read and write
|
||
|
8216000
|
heap
|
page read and write
|
||
|
327E000
|
stack
|
page read and write
|
||
|
1BC9060A000
|
trusted library allocation
|
page read and write
|
||
|
7B0000
|
unkown
|
page readonly
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
700000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page readonly
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
5A74000
|
unclassified section
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
3295E000
|
direct allocation
|
page execute and read and write
|
||
|
3235C000
|
stack
|
page read and write
|
||
|
2848000
|
heap
|
page read and write
|
||
|
E00000
|
unkown
|
page readonly
|
||
|
2B0F000
|
stack
|
page read and write
|
||
|
3190000
|
trusted library allocation
|
page read and write
|
||
|
3360000
|
heap
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
4C0000
|
unkown
|
page read and write
|
||
|
DA000
|
stack
|
page read and write
|
||
|
1BC8EB7C000
|
heap
|
page read and write
|
||
|
9EB000
|
heap
|
page read and write
|
||
|
25C2000
|
unkown
|
page read and write
|
||
|
1DC000
|
stack
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4B1000
|
unkown
|
page readonly
|
||
|
E15000
|
unkown
|
page read and write
|
||
|
23D0000
|
unkown
|
page readonly
|
||
|
324B0000
|
direct allocation
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
3F0000
|
unkown
|
page readonly
|
||
|
26DC000
|
unkown
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
33D4000
|
heap
|
page read and write
|
||
|
32230000
|
heap
|
page read and write
|
||
|
8310000
|
trusted library allocation
|
page read and write
|
||
|
50000
|
unkown
|
page readonly
|
||
|
758000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
1BC90621000
|
trusted library allocation
|
page read and write
|
||
|
5E8000
|
unkown
|
page execute read
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
2720000
|
direct allocation
|
page read and write
|
||
|
1BC9060E000
|
trusted library allocation
|
page read and write
|
||
|
253E000
|
stack
|
page read and write
|
||
|
510F000
|
stack
|
page read and write
|
||
|
33D4000
|
heap
|
page read and write
|
||
|
3214E000
|
stack
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
3218F000
|
stack
|
page read and write
|
||
|
2CB0000
|
direct allocation
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
5E4000
|
unkown
|
page execute read
|
||
|
23A0000
|
unkown
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
33B6000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
2770000
|
direct allocation
|
page read and write
|
||
|
32FE000
|
stack
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
8252000
|
heap
|
page read and write
|
||
|
237E000
|
unkown
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
740000
|
unkown
|
page read and write
|
||
|
32BE000
|
stack
|
page read and write
|
||
|
2C84000
|
unkown
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
821B000
|
heap
|
page read and write
|
||
|
2750000
|
direct allocation
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
5EC000
|
unkown
|
page execute read
|
||
|
2CA0000
|
direct allocation
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C20000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
2790000
|
direct allocation
|
page read and write
|
||
|
A60000
|
unkown
|
page readonly
|
||
|
2C00000
|
direct allocation
|
page read and write
|
||
|
25B4000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
E30000
|
unkown
|
page readonly
|
||
|
843C000
|
stack
|
page read and write
|
||
|
5AD6000
|
unkown
|
page execute and read and write
|
||
|
E15000
|
unkown
|
page read and write
|
||
|
2645000
|
heap
|
page read and write
|
||
|
28B3000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
730000
|
heap
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
29BE000
|
stack
|
page read and write
|
||
|
341E000
|
heap
|
page read and write
|
||
|
2740000
|
direct allocation
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
1BC90617000
|
trusted library allocation
|
page read and write
|
||
|
786000
|
unkown
|
page read and write
|
||
|
2840000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
320CE000
|
stack
|
page read and write
|
||
|
60000
|
unkown
|
page readonly
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
E01000
|
unkown
|
page execute read
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
1BC8E9A0000
|
heap
|
page read and write
|
||
|
4A0000
|
unkown
|
page read and write
|
||
|
327C0000
|
direct allocation
|
page execute and read and write
|
||
|
1BC90420000
|
trusted library allocation
|
page read and write
|
||
|
2682000
|
unkown
|
page read and write
|
||
|
E01000
|
unkown
|
page execute read
|
||
|
2240000
|
unkown
|
page readonly
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
8211000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
959B1FE000
|
stack
|
page read and write
|
||
|
3375000
|
heap
|
page read and write
|
||
|
568C000
|
unclassified section
|
page read and write
|
||
|
36329000
|
unclassified section
|
page execute and read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
328ED000
|
direct allocation
|
page execute and read and write
|
||
|
3386000
|
heap
|
page read and write
|
||
|
959A1FF000
|
stack
|
page read and write
|
||
|
4DD0000
|
heap
|
page read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
320000
|
unkown
|
page readonly
|
||
|
8240000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page readonly
|
||
|
2C90000
|
direct allocation
|
page read and write
|
||
|
2630000
|
heap
|
page read and write
|
||
|
8211000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
33FC000
|
heap
|
page read and write
|
||
|
289C000
|
unkown
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
6E354000
|
unkown
|
page readonly
|
||
|
DA000
|
stack
|
page read and write
|
||
|
710000
|
unkown
|
page read and write
|
||
|
28A7000
|
heap
|
page read and write
|
||
|
1BC90610000
|
trusted library allocation
|
page read and write
|
||
|
E00000
|
unkown
|
page readonly
|
||
|
71000
|
heap
|
page read and write
|
||
|
2D50000
|
heap
|
page read and write
|
||
|
1BC90701000
|
trusted library allocation
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
E30000
|
unkown
|
page readonly
|
||
|
7AB000
|
unkown
|
page read and write
|
||
|
959B9FF000
|
stack
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
32742000
|
heap
|
page read and write
|
||
|
4ECF000
|
stack
|
page read and write
|
||
|
3E0000
|
unkown
|
page readonly
|
||
|
1BC907AF000
|
trusted library allocation
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
3428000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
882E000
|
stack
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
1BC90410000
|
heap
|
page read and write
|
||
|
1DC000
|
stack
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
B80000
|
unkown
|
page readonly
|
||
|
440000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
8211000
|
heap
|
page read and write
|
||
|
88EF000
|
stack
|
page read and write
|
||
|
1660000
|
remote allocation
|
page execute and read and write
|
||
|
1BC907BE000
|
trusted library allocation
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
788000
|
unkown
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
250E000
|
stack
|
page read and write
|
||
|
2780000
|
direct allocation
|
page read and write
|
||
|
9EF000
|
heap
|
page read and write
|
||
|
4FCF000
|
stack
|
page read and write
|
||
|
342E000
|
heap
|
page read and write
|
||
|
8211000
|
heap
|
page read and write
|
||
|
60000
|
unkown
|
page readonly
|
||
|
2C40000
|
direct allocation
|
page read and write
|
||
|
3386000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
513000
|
heap
|
page read and write
|
||
|
25B4000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
81FE000
|
stack
|
page read and write
|
||
|
1BC90700000
|
trusted library allocation
|
page read and write
|
||
|
8234000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
3100000
|
heap
|
page read and write
|
||
|
826F000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
28AA000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
28A7000
|
heap
|
page read and write
|
||
|
3D0000
|
unkown
|
page readonly
|
||
|
344A000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
1BC8EAC0000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
500E000
|
stack
|
page read and write
|
||
|
70000
|
unkown
|
page readonly
|
||
|
5C06000
|
unclassified section
|
page read and write
|
||
|
5370000
|
trusted library allocation
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
324B0000
|
direct allocation
|
page read and write
|
||
|
3210E000
|
stack
|
page read and write
|
||
|
3730000
|
unkown
|
page execute and read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
1BC90603000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
262E000
|
stack
|
page read and write
|
||
|
27D0000
|
direct allocation
|
page read and write
|
||
|
32615000
|
heap
|
page read and write
|
||
|
28B9000
|
heap
|
page read and write
|
||
|
735000
|
heap
|
page read and write
|
||
|
5472000
|
unclassified section
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
A0C000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
782000
|
unkown
|
page read and write
|
||
|
892E000
|
stack
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
824B000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
1BC8EB8A000
|
heap
|
page read and write
|
||
|
2630000
|
heap
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
2640000
|
heap
|
page read and write
|
||
|
362B6000
|
unclassified section
|
page execute and read and write
|
||
|
7E0000
|
unkown
|
page readonly
|
||
|
8211000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
1BC8E8C0000
|
system
|
page execute and read and write
|
||
|
2C30000
|
direct allocation
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
823A000
|
heap
|
page read and write
|
||
|
8255000
|
heap
|
page read and write
|
||
|
5F2000
|
unkown
|
page execute read
|
||
|
1BC90420000
|
trusted library allocation
|
page read and write
|
||
|
6E350000
|
unkown
|
page readonly
|
||
|
E0E000
|
unkown
|
page readonly
|
||
|
88AE000
|
stack
|
page read and write
|
||
|
328E9000
|
direct allocation
|
page execute and read and write
|
||
|
7B3000
|
unkown
|
page read and write
|
||
|
32460000
|
direct allocation
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
33C2000
|
heap
|
page read and write
|
||
|
4B30000
|
unkown
|
page execute and read and write
|
||
|
8200000
|
trusted library allocation
|
page read and write
|
||
|
3078000
|
stack
|
page read and write
|
||
|
3140000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
E17000
|
unkown
|
page readonly
|
||
|
330000
|
unkown
|
page readonly
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
2882000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
2380000
|
unkown
|
page readonly
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
3F0000
|
unkown
|
page readonly
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
2D30000
|
unkown
|
page execute and read and write
|
||
|
3438000
|
heap
|
page read and write
|
||
|
4EB0000
|
trusted library allocation
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
32460000
|
direct allocation
|
page read and write
|
||
|
219D000
|
remote allocation
|
page execute and read and write
|
||
|
8277000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
721000
|
unkown
|
page readonly
|
||
|
4CD000
|
unkown
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
826A000
|
heap
|
page read and write
|
||
|
6FC000
|
stack
|
page read and write
|
||
|
8246000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
25C2000
|
unkown
|
page read and write
|
||
|
1BC8E908000
|
system
|
page execute and read and write
|
||
|
D25000
|
heap
|
page read and write
|
||
|
39A000
|
stack
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
257E000
|
stack
|
page read and write
|
||
|
303B000
|
stack
|
page read and write
|
||
|
511E000
|
direct allocation
|
page execute and read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
E912000
|
system
|
page read and write
|
||
|
7E0000
|
unkown
|
page readonly
|
||
|
70000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
3245C000
|
stack
|
page read and write
|
||
|
26CE000
|
stack
|
page read and write
|
||
|
32B02000
|
direct allocation
|
page execute and read and write
|
||
|
1BC8EB92000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
4C27000
|
heap
|
page read and write
|
||
|
2380000
|
unkown
|
page readonly
|
||
|
3405000
|
heap
|
page read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
E00000
|
unkown
|
page readonly
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
5370000
|
trusted library allocation
|
page read and write
|
||
|
8201000
|
heap
|
page read and write
|
||
|
E00000
|
unkown
|
page readonly
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
33510000
|
unclassified section
|
page execute and read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
24FC000
|
stack
|
page read and write
|
||
|
3E0000
|
unkown
|
page readonly
|
||
|
2C70000
|
direct allocation
|
page read and write
|
||
|
1BC90500000
|
trusted library allocation
|
page read and write
|
||
|
34910000
|
unclassified section
|
page execute and read and write
|
||
|
324B0000
|
direct allocation
|
page read and write
|
||
|
327B3000
|
heap
|
page read and write
|
||
|
E0E000
|
unkown
|
page readonly
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
2240000
|
unkown
|
page readonly
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
33DA000
|
heap
|
page read and write
|
||
|
4D0000
|
unkown
|
page read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
260F000
|
stack
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
A40000
|
unkown
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4130000
|
unkown
|
page execute and read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
2859000
|
heap
|
page read and write
|
||
|
7AF000
|
unkown
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
1BC8EB60000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
3432000
|
heap
|
page read and write
|
||
|
959A9FE000
|
stack
|
page read and write
|
||
|
BAF000
|
stack
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4DF0000
|
heap
|
page read and write
|
||
|
50000
|
unkown
|
page readonly
|
||
|
28A7000
|
heap
|
page read and write
|
||
|
4E8000
|
heap
|
page read and write
|
||
|
3246D000
|
heap
|
page read and write
|
||
|
33D1000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
289C000
|
heap
|
page read and write
|
||
|
6FC000
|
stack
|
page read and write
|
||
|
2893000
|
heap
|
page read and write
|
||
|
4F80000
|
direct allocation
|
page execute and read and write
|
||
|
BA0000
|
unkown
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
3377000
|
heap
|
page read and write
|
||
|
3221F000
|
stack
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
6E356000
|
unkown
|
page readonly
|
||
|
33D1000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
23C0000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
3375000
|
heap
|
page read and write
|
||
|
95999FC000
|
stack
|
page read and write
|
||
|
268F000
|
stack
|
page read and write
|
||
|
289C000
|
unkown
|
page read and write
|
||
|
847D000
|
stack
|
page read and write
|
||
|
E17000
|
unkown
|
page readonly
|
||
|
6E351000
|
unkown
|
page execute read
|
||
|
8220000
|
heap
|
page read and write
|
||
|
32A91000
|
direct allocation
|
page execute and read and write
|
||
|
23C0000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
3160000
|
heap
|
page read and write
|
||
|
4EF9000
|
heap
|
page read and write
|
||
|
321DE000
|
stack
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
649000
|
unkown
|
page execute read
|
||
|
1BC90600000
|
trusted library allocation
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
35310000
|
unclassified section
|
page execute and read and write
|
||
|
27B0000
|
direct allocation
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
E01000
|
unkown
|
page execute read
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
4C21000
|
heap
|
page read and write
|
||
|
E852000
|
system
|
page read and write
|
||
|
3385000
|
heap
|
page read and write
|
There are 651 hidden memdumps, click here to show them.