Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
flashcenter_pp_ax_inst78ll_cn.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\76809449335627201121797450\WXFManager64.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\76809449335627201121797450\msvcp140.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\76809449335627201121797450\svaulpzg.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\76809449335627201121797450\vcruntime140.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\76809449335627201121797450\vcruntime140_1.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\is-C1P8K.tmp\flashcenter_pp_ax_inst78ll_cn.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\9430dad\99e5df4d8.exe (copy)
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\9430dad\is-URMQG.tmp
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\76809449335627201121797450\960AD1F5A671F16810.2f9
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\is-3DAJ2.tmp\_isetup\_setup64.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF, CR line terminators
|
dropped
|
There are 2 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\flashcenter_pp_ax_inst78ll_cn.exe
|
"C:\Users\user\Desktop\flashcenter_pp_ax_inst78ll_cn.exe"
|
||
|
C:\Users\user\AppData\Local\Temp\is-C1P8K.tmp\flashcenter_pp_ax_inst78ll_cn.tmp
|
"C:\Users\user\AppData\Local\Temp\is-C1P8K.tmp\flashcenter_pp_ax_inst78ll_cn.tmp" /SL5="$2042C,19484773,802304,C:\Users\user\Desktop\flashcenter_pp_ax_inst78ll_cn.exe"
|
||
|
C:\Users\user\AppData\Roaming\9430dad\99e5df4d8.exe
|
"C:\Users\user\AppData\Roaming\9430dad\99e5df4d8.exe" -p4f63a7bd -y -o"C:\Users\user\AppData\Local\Temp\is-3DAJ2.tmp\..\76809449335627201121797450\"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Users\user\AppData\Local\Temp\76809449335627201121797450\svaulpzg.exe
|
"C:\Users\user\AppData\Local\Temp\is-3DAJ2.tmp\..\76809449335627201121797450\svaulpzg.exe"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://crls.ssl.com/SSLcom-SubCA-EV-CodeSigning-RSA-4096-R3.crl0
|
unknown
|
||
|
https://jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU
|
unknown
|
||
|
http://ocsps.ssl.com0
|
unknown
|
||
|
http://crls.ssl.com/SSLcom-RootCA-EV-RSA-4096-R2.crl0
|
unknown
|
||
|
http://cert.ssl.com/SSLcom-SubCA-EV-CodeSigning-RSA-4096-R3.cer0_
|
unknown
|
||
|
http://www.winzip.com/authenticode.htm0
|
unknown
|
||
|
http://www.ssl.com/repository/SSLcom-RootCA-EV-RSA-4096-R2.crt0
|
unknown
|
||
|
https://www.remobjects.com/ps
|
unknown
|
||
|
https://www.innosetup.com/
|
unknown
|
||
|
https://www.ssl.com/repository0
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
298B000
|
direct allocation
|
page read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
B33000
|
heap
|
page read and write
|
||
|
7FFD944E0000
|
unkown
|
page readonly
|
||
|
21B9000
|
heap
|
page read and write
|
||
|
290D000
|
direct allocation
|
page read and write
|
||
|
293B000
|
direct allocation
|
page read and write
|
||
|
7FF7E3BE4000
|
unkown
|
page readonly
|
||
|
39A0000
|
direct allocation
|
page read and write
|
||
|
7FF7E3BEC000
|
unkown
|
page write copy
|
||
|
24D0000
|
heap
|
page read and write
|
||
|
246C000
|
direct allocation
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
B73000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
7F1E0000
|
direct allocation
|
page read and write
|
||
|
55ED000
|
heap
|
page read and write
|
||
|
55EF000
|
heap
|
page read and write
|
||
|
39CF000
|
direct allocation
|
page read and write
|
||
|
28F7000
|
direct allocation
|
page read and write
|
||
|
3CE3000
|
direct allocation
|
page read and write
|
||
|
55F1000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
7FFDA54B8000
|
unkown
|
page read and write
|
||
|
3CB3000
|
direct allocation
|
page read and write
|
||
|
7FFDA54B0000
|
unkown
|
page readonly
|
||
|
E2E000
|
stack
|
page read and write
|
||
|
B65000
|
heap
|
page read and write
|
||
|
2C90000
|
heap
|
page read and write
|
||
|
3CD7000
|
direct allocation
|
page read and write
|
||
|
2C98000
|
heap
|
page read and write
|
||
|
21B1000
|
heap
|
page read and write
|
||
|
D1B92FF000
|
stack
|
page read and write
|
||
|
2C98000
|
heap
|
page read and write
|
||
|
69F000
|
stack
|
page read and write
|
||
|
7FF7E3BD0000
|
unkown
|
page readonly
|
||
|
430000
|
unkown
|
page read and write
|
||
|
B64000
|
heap
|
page read and write
|
||
|
2CD8000
|
heap
|
page read and write
|
||
|
29DC000
|
direct allocation
|
page read and write
|
||
|
7FFDA4349000
|
unkown
|
page read and write
|
||
|
2391000
|
heap
|
page read and write
|
||
|
7FFDA3560000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2488000
|
direct allocation
|
page read and write
|
||
|
29C6000
|
direct allocation
|
page read and write
|
||
|
748000
|
heap
|
page read and write
|
||
|
22F740F6000
|
heap
|
page read and write
|
||
|
29BF000
|
direct allocation
|
page read and write
|
||
|
2C91000
|
heap
|
page read and write
|
||
|
230000
|
unkown
|
page readonly
|
||
|
7C5000
|
heap
|
page read and write
|
||
|
247A000
|
direct allocation
|
page read and write
|
||
|
7FFDA54B1000
|
unkown
|
page execute read
|
||
|
21A8000
|
heap
|
page read and write
|
||
|
2C98000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
241A000
|
direct allocation
|
page read and write
|
||
|
55F1000
|
heap
|
page read and write
|
||
|
2E7000
|
unkown
|
page readonly
|
||
|
20E9000
|
heap
|
page read and write
|
||
|
2A91000
|
heap
|
page read and write
|
||
|
3A7E000
|
stack
|
page read and write
|
||
|
7FF7E3BEC000
|
unkown
|
page read and write
|
||
|
2397000
|
direct allocation
|
page read and write
|
||
|
27D0000
|
direct allocation
|
page read and write
|
||
|
3CA3000
|
direct allocation
|
page read and write
|
||
|
28F0000
|
direct allocation
|
page read and write
|
||
|
20E5000
|
heap
|
page read and write
|
||
|
73E000
|
stack
|
page read and write
|
||
|
2C98000
|
heap
|
page read and write
|
||
|
2E9000
|
unkown
|
page readonly
|
||
|
29CD000
|
direct allocation
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
23B4000
|
direct allocation
|
page read and write
|
||
|
CE6000
|
heap
|
page read and write
|
||
|
7FFD94567000
|
unkown
|
page readonly
|
||
|
3CAA000
|
direct allocation
|
page read and write
|
||
|
B56000
|
heap
|
page read and write
|
||
|
2381000
|
direct allocation
|
page read and write
|
||
|
22F74090000
|
heap
|
page read and write
|
||
|
2E10000
|
direct allocation
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
2420000
|
direct allocation
|
page read and write
|
||
|
7FFDA54B9000
|
unkown
|
page readonly
|
||
|
2390000
|
direct allocation
|
page read and write
|
||
|
2922000
|
direct allocation
|
page read and write
|
||
|
29E3000
|
direct allocation
|
page read and write
|
||
|
431000
|
unkown
|
page execute read
|
||
|
295E000
|
direct allocation
|
page read and write
|
||
|
21C1000
|
heap
|
page read and write
|
||
|
2128000
|
heap
|
page read and write
|
||
|
2404000
|
direct allocation
|
page read and write
|
||
|
7FF7E3BEE000
|
unkown
|
page readonly
|
||
|
430000
|
unkown
|
page write copy
|
||
|
1110000
|
heap
|
page read and write
|
||
|
21C1000
|
heap
|
page read and write
|
||
|
B3E000
|
heap
|
page read and write
|
||
|
23BB000
|
direct allocation
|
page read and write
|
||
|
2C98000
|
heap
|
page read and write
|
||
|
2D9000
|
unkown
|
page read and write
|
||
|
245D000
|
direct allocation
|
page read and write
|
||
|
2369000
|
direct allocation
|
page read and write
|
||
|
2390000
|
heap
|
page read and write
|
||
|
2310000
|
direct allocation
|
page read and write
|
||
|
2129000
|
heap
|
page read and write
|
||
|
CE7000
|
heap
|
page read and write
|
||
|
2C98000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
2A90000
|
heap
|
page read and write
|
||
|
2421000
|
direct allocation
|
page read and write
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
23C2000
|
direct allocation
|
page read and write
|
||
|
2D9000
|
unkown
|
page write copy
|
||
|
10F0000
|
direct allocation
|
page execute and read and write
|
||
|
5C7F000
|
stack
|
page read and write
|
||
|
299B000
|
direct allocation
|
page read and write
|
||
|
B5C000
|
heap
|
page read and write
|
||
|
413000
|
stack
|
page read and write
|
||
|
6DE000
|
stack
|
page read and write
|
||
|
1BC000
|
stack
|
page read and write
|
||
|
7FFDA35B2000
|
unkown
|
page readonly
|
||
|
22F740FC000
|
heap
|
page read and write
|
||
|
B4C000
|
heap
|
page read and write
|
||
|
2491000
|
heap
|
page read and write
|
||
|
D1B91FF000
|
stack
|
page read and write
|
||
|
21C1000
|
heap
|
page read and write
|
||
|
2B50000
|
heap
|
page read and write
|
||
|
23DF000
|
direct allocation
|
page read and write
|
||
|
7FFDA434A000
|
unkown
|
page readonly
|
||
|
2389000
|
direct allocation
|
page read and write
|
||
|
FAD000
|
stack
|
page read and write
|
||
|
23E6000
|
direct allocation
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
B2B000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
29F8000
|
direct allocation
|
page read and write
|
||
|
2510000
|
heap
|
page read and write
|
||
|
29A2000
|
direct allocation
|
page read and write
|
||
|
2411000
|
heap
|
page read and write
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
BB000
|
stack
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
6ED000
|
unkown
|
page read and write
|
||
|
2C10000
|
heap
|
page read and write
|
||
|
2481000
|
direct allocation
|
page read and write
|
||
|
7FFDA373C000
|
unkown
|
page readonly
|
||
|
20E6000
|
heap
|
page read and write
|
||
|
2215000
|
heap
|
page read and write
|
||
|
239E000
|
direct allocation
|
page read and write
|
||
|
2410000
|
heap
|
page read and write
|
||
|
2A11000
|
heap
|
page read and write
|
||
|
7FFDA54B5000
|
unkown
|
page readonly
|
||
|
23EF000
|
direct allocation
|
page read and write
|
||
|
7FFDA359D000
|
unkown
|
page readonly
|
||
|
21C1000
|
heap
|
page read and write
|
||
|
23D0000
|
heap
|
page read and write
|
||
|
B56000
|
heap
|
page read and write
|
||
|
2432000
|
direct allocation
|
page read and write
|
||
|
2E2000
|
unkown
|
page read and write
|
||
|
3990000
|
direct allocation
|
page read and write
|
||
|
55B0000
|
heap
|
page read and write
|
||
|
39BD000
|
direct allocation
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
3990000
|
direct allocation
|
page read and write
|
||
|
63E000
|
stack
|
page read and write
|
||
|
7FFD944E1000
|
unkown
|
page execute read
|
||
|
7F1FB000
|
direct allocation
|
page read and write
|
||
|
2440000
|
direct allocation
|
page read and write
|
||
|
B39000
|
heap
|
page read and write
|
||
|
2C99000
|
heap
|
page read and write
|
||
|
2EF3000
|
heap
|
page read and write
|
||
|
988000
|
heap
|
page read and write
|
||
|
2128000
|
heap
|
page read and write
|
||
|
B59000
|
heap
|
page read and write
|
||
|
2C98000
|
heap
|
page read and write
|
||
|
2590000
|
direct allocation
|
page read and write
|
||
|
2450000
|
heap
|
page read and write
|
||
|
2439000
|
direct allocation
|
page read and write
|
||
|
2456000
|
direct allocation
|
page read and write
|
||
|
21B9000
|
heap
|
page read and write
|
||
|
23C9000
|
direct allocation
|
page read and write
|
||
|
2C98000
|
heap
|
page read and write
|
||
|
2DB000
|
unkown
|
page read and write
|
||
|
291B000
|
direct allocation
|
page read and write
|
||
|
B62000
|
heap
|
page read and write
|
||
|
2C98000
|
heap
|
page read and write
|
||
|
D2E000
|
stack
|
page read and write
|
||
|
21C1000
|
heap
|
page read and write
|
||
|
6E0000
|
unkown
|
page read and write
|
||
|
93F000
|
stack
|
page read and write
|
||
|
E6D000
|
stack
|
page read and write
|
||
|
39B3000
|
direct allocation
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
2490000
|
heap
|
page read and write
|
||
|
7FFD94535000
|
unkown
|
page readonly
|
||
|
430000
|
unkown
|
page readonly
|
||
|
231000
|
unkown
|
page execute read
|
||
|
8CF000
|
stack
|
page read and write
|
||
|
6F0000
|
unkown
|
page write copy
|
||
|
2448000
|
direct allocation
|
page read and write
|
||
|
7FFDA4344000
|
unkown
|
page readonly
|
||
|
29EA000
|
direct allocation
|
page read and write
|
||
|
2C98000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
3190000
|
trusted library allocation
|
page read and write
|
||
|
D1B90FC000
|
stack
|
page read and write
|
||
|
2E5000
|
unkown
|
page write copy
|
||
|
7FFDA35A9000
|
unkown
|
page read and write
|
||
|
2914000
|
direct allocation
|
page read and write
|
||
|
21B1000
|
heap
|
page read and write
|
||
|
3CE0000
|
direct allocation
|
page read and write
|
||
|
7F4EB000
|
direct allocation
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
28C0000
|
direct allocation
|
page read and write
|
||
|
2AD0000
|
heap
|
page read and write
|
||
|
22F740C0000
|
heap
|
page read and write
|
||
|
B43000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
6E5000
|
unkown
|
page read and write
|
||
|
21B9000
|
heap
|
page read and write
|
||
|
2949000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
55F1000
|
heap
|
page read and write
|
||
|
220000
|
heap
|
page read and write
|
||
|
2520000
|
heap
|
page read and write
|
||
|
244F000
|
direct allocation
|
page read and write
|
||
|
7FFD94563000
|
unkown
|
page read and write
|
||
|
7FF7E3BE4000
|
unkown
|
page readonly
|
||
|
21C1000
|
heap
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
7FFDA4331000
|
unkown
|
page execute read
|
||
|
B6B000
|
heap
|
page read and write
|
||
|
20E1000
|
heap
|
page read and write
|
||
|
22F7410C000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
22F74410000
|
heap
|
page read and write
|
||
|
28D3000
|
direct allocation
|
page read and write
|
||
|
2206000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
5B7E000
|
stack
|
page read and write
|
||
|
7FFDA3561000
|
unkown
|
page execute read
|
||
|
2511000
|
heap
|
page read and write
|
||
|
55B1000
|
heap
|
page read and write
|
||
|
7FF7E3BD0000
|
unkown
|
page readonly
|
||
|
2950000
|
direct allocation
|
page read and write
|
||
|
21A9000
|
heap
|
page read and write
|
||
|
2473000
|
direct allocation
|
page read and write
|
||
|
2984000
|
direct allocation
|
page read and write
|
||
|
23D8000
|
direct allocation
|
page read and write
|
||
|
23F6000
|
direct allocation
|
page read and write
|
||
|
28E9000
|
direct allocation
|
page read and write
|
||
|
29B0000
|
direct allocation
|
page read and write
|
||
|
2938000
|
direct allocation
|
page read and write
|
||
|
56B1000
|
heap
|
page read and write
|
||
|
B6C000
|
heap
|
page read and write
|
||
|
429000
|
unkown
|
page readonly
|
||
|
295B000
|
direct allocation
|
page read and write
|
||
|
21B9000
|
heap
|
page read and write
|
||
|
55F1000
|
heap
|
page read and write
|
||
|
AEC000
|
stack
|
page read and write
|
||
|
23FD000
|
direct allocation
|
page read and write
|
||
|
29F1000
|
direct allocation
|
page read and write
|
||
|
6F7000
|
unkown
|
page readonly
|
||
|
3CBE000
|
direct allocation
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
55E000
|
stack
|
page read and write
|
||
|
2994000
|
direct allocation
|
page read and write
|
||
|
29B8000
|
direct allocation
|
page read and write
|
||
|
2168000
|
heap
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page readonly
|
||
|
20E0000
|
heap
|
page read and write
|
||
|
2EF0000
|
heap
|
page read and write
|
||
|
2ABF000
|
direct allocation
|
page read and write
|
||
|
3E0000
|
heap
|
page read and write
|
||
|
B76000
|
heap
|
page read and write
|
||
|
22F740A0000
|
heap
|
page read and write
|
||
|
B18000
|
heap
|
page read and write
|
||
|
429000
|
unkown
|
page readonly
|
||
|
2B91000
|
heap
|
page read and write
|
||
|
2464000
|
direct allocation
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
2A50000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7FF7E3BEE000
|
unkown
|
page readonly
|
||
|
1117000
|
heap
|
page read and write
|
||
|
6F5000
|
unkown
|
page readonly
|
||
|
3050000
|
direct allocation
|
page read and write
|
||
|
242A000
|
direct allocation
|
page read and write
|
||
|
2200000
|
heap
|
page read and write
|
||
|
2128000
|
heap
|
page read and write
|
||
|
7FF7E3BD1000
|
unkown
|
page execute read
|
||
|
22F7410F000
|
heap
|
page read and write
|
||
|
3CC7000
|
direct allocation
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
6DE000
|
unkown
|
page read and write
|
||
|
B63000
|
heap
|
page read and write
|
||
|
39AB000
|
direct allocation
|
page read and write
|
||
|
7FFDA35AF000
|
unkown
|
page readonly
|
||
|
296D000
|
direct allocation
|
page read and write
|
||
|
B4C000
|
heap
|
page read and write
|
||
|
77E000
|
stack
|
page read and write
|
||
|
7FFDA35AC000
|
unkown
|
page readonly
|
||
|
748000
|
unkown
|
page readonly
|
||
|
21B1000
|
heap
|
page read and write
|
||
|
B48000
|
heap
|
page read and write
|
||
|
21B1000
|
heap
|
page read and write
|
||
|
28FE000
|
direct allocation
|
page read and write
|
||
|
21C1000
|
heap
|
page read and write
|
||
|
B71000
|
heap
|
page read and write
|
||
|
22F74107000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
2C98000
|
heap
|
page read and write
|
||
|
2974000
|
direct allocation
|
page read and write
|
||
|
29D4000
|
direct allocation
|
page read and write
|
||
|
23AD000
|
direct allocation
|
page read and write
|
||
|
29B0000
|
direct allocation
|
page read and write
|
||
|
10AE000
|
stack
|
page read and write
|
||
|
56B0000
|
heap
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
F6E000
|
stack
|
page read and write
|
||
|
28E2000
|
direct allocation
|
page read and write
|
||
|
2F03000
|
heap
|
page read and write
|
||
|
20E5000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
2966000
|
direct allocation
|
page read and write
|
||
|
22F740F0000
|
heap
|
page read and write
|
||
|
3A3E000
|
stack
|
page read and write
|
||
|
23D1000
|
direct allocation
|
page read and write
|
||
|
7FFDA4330000
|
unkown
|
page readonly
|
||
|
2906000
|
direct allocation
|
page read and write
|
||
|
6DE000
|
unkown
|
page write copy
|
||
|
39D0000
|
heap
|
page read and write
|
||
|
7FF7E3BD1000
|
unkown
|
page execute read
|
||
|
23A5000
|
direct allocation
|
page read and write
|
||
|
2B90000
|
heap
|
page read and write
|
||
|
21B9000
|
heap
|
page read and write
|
||
|
293E000
|
direct allocation
|
page read and write
|
||
|
55F1000
|
heap
|
page read and write
|
||
|
7FFDA35B3000
|
unkown
|
page execute read
|
||
|
B6E000
|
heap
|
page read and write
|
There are 333 hidden memdumps, click here to show them.