Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
scan_241205-801_draft_PO.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\ProgramData\remcos\logs.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\retsplejelovenes\Bioassayed\Komlk.sis
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\retsplejelovenes\Bioassayed\Mantid65.cel
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\retsplejelovenes\Bioassayed\Montclair.Hys130
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\retsplejelovenes\Bioassayed\Rneblikkets.Nom
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\retsplejelovenes\Bioassayed\gabby.def
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\retsplejelovenes\Bioassayed\hell.fyr
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\retsplejelovenes\Bioassayed\shylocking.gri
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\retsplejelovenes\Bioassayed\teknikumingenirs.ung
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Settings.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bhvB489.tmp
|
Extensible storage engine DataBase, version 0x620, checksum 0xcfacc3d9, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsc2347.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsi24EF.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nso26E6.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss24DE.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss257C.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsy2639.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\vxhtinfano
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
There are 10 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\scan_241205-801_draft_PO.exe
|
"C:\Users\user\Desktop\scan_241205-801_draft_PO.exe"
|
|
|
|
C:\Users\user\Desktop\scan_241205-801_draft_PO.exe
|
"C:\Users\user\Desktop\scan_241205-801_draft_PO.exe"
|
|
|
|
C:\Users\user\Desktop\scan_241205-801_draft_PO.exe
|
C:\Users\user\Desktop\scan_241205-801_draft_PO.exe /stext "C:\Users\user\AppData\Local\Temp\vxhtinfano"
|
|
|
|
C:\Users\user\Desktop\scan_241205-801_draft_PO.exe
|
C:\Users\user\Desktop\scan_241205-801_draft_PO.exe /stext "C:\Users\user\AppData\Local\Temp\fzumjfqbbwepy"
|
|
|
|
C:\Users\user\Desktop\scan_241205-801_draft_PO.exe
|
C:\Users\user\Desktop\scan_241205-801_draft_PO.exe /stext "C:\Users\user\AppData\Local\Temp\itzekyavpewuiglw"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=P
|
unknown
|
||
|
https://www.office.com/
|
unknown
|
||
|
http://geoplugin.net/json.gpmiW
|
unknown
|
||
|
http://www.imvu.comr
|
unknown
|
||
|
http://geoplugin.net/json.gpl
|
unknown
|
||
|
https://fp-afd.azurefd.us/apc/trans.gif?0cf92be82316943650f2ee723bc6949e
|
unknown
|
||
|
http://www.imvu.com
|
unknown
|
||
|
http://www.nirsoft.net
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingaotak
|
unknown
|
||
|
https://deff.nelreports.net/api/report?cat=msn
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://104.168.7.16/WonMNkIofA233.bin
|
104.168.7.16
|
||
|
http://www.imvu.comhttp://www.ebuddy.comhttps://www.google.com
|
unknown
|
||
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
|
https://www.google.com
|
unknown
|
||
|
https://fp-afd.azurefd.us/apc/trans.gif?94fb5ac9609bcb4cda0bf8acf1827073
|
unknown
|
||
|
https://ecs.nel.measure.office.net?TenantId=Skype&DestinationEndpoint=Edge-Prod-LAX31r5a&FrontEnd=AF
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingaot
|
unknown
|
||
|
https://maps.windows.com/windows-app-web-link
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingrms
|
unknown
|
||
|
https://www.google.com/accounts/servicelogin
|
unknown
|
||
|
https://login.yahoo.com/config/login
|
unknown
|
||
|
http://www.nirsoft.net/
|
unknown
|
||
|
http://www.imvu.comata
|
unknown
|
||
|
http://www.ebuddy.com
|
unknown
|
There are 15 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
geoplugin.net
|
178.237.33.50
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
162.251.122.87
|
unknown
|
Canada
|
|
|
|
104.168.7.16
|
unknown
|
United States
|
||
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\argentinsk\Uninstall\Afnationaliserendes
|
parameterlistes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-UOMZ21
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-UOMZ21
|
licence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-UOMZ21
|
time
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
32C2000
|
heap
|
page read and write
|
|
|
|
19F000
|
stack
|
page read and write
|
|
|
|
6434000
|
direct allocation
|
page execute and read and write
|
|
|
|
32DF000
|
heap
|
page read and write
|
|
|
|
210C000
|
heap
|
page read and write
|
||
|
2118000
|
heap
|
page read and write
|
||
|
2ADF000
|
heap
|
page read and write
|
||
|
211E000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
B00000
|
heap
|
page read and write
|
||
|
32FE000
|
heap
|
page read and write
|
||
|
2154000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
333A0000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
408000
|
unkown
|
page readonly
|
||
|
3400B000
|
heap
|
page read and write
|
||
|
2196000
|
heap
|
page read and write
|
||
|
4F5000
|
heap
|
page read and write
|
||
|
2AE2000
|
heap
|
page read and write
|
||
|
3401E000
|
heap
|
page read and write
|
||
|
2220000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7D5000
|
unkown
|
page readonly
|
||
|
3166000
|
heap
|
page read and write
|
||
|
216D000
|
heap
|
page read and write
|
||
|
3220000
|
direct allocation
|
page read and write
|
||
|
5550000
|
heap
|
page read and write
|
||
|
2131000
|
heap
|
page read and write
|
||
|
3240000
|
heap
|
page read and write
|
||
|
514000
|
heap
|
page read and write
|
||
|
815000
|
unkown
|
page readonly
|
||
|
210F000
|
heap
|
page read and write
|
||
|
3313000
|
heap
|
page read and write
|
||
|
30D8000
|
heap
|
page read and write
|
||
|
7834000
|
direct allocation
|
page execute and read and write
|
||
|
2111000
|
heap
|
page read and write
|
||
|
2530000
|
heap
|
page read and write
|
||
|
25DF000
|
heap
|
page read and write
|
||
|
51A9000
|
heap
|
page read and write
|
||
|
47F3000
|
heap
|
page read and write
|
||
|
29A0000
|
trusted library allocation
|
page read and write
|
||
|
798000
|
heap
|
page read and write
|
||
|
211F000
|
heap
|
page read and write
|
||
|
212D000
|
heap
|
page read and write
|
||
|
333C000
|
heap
|
page read and write
|
||
|
B3A000
|
heap
|
page read and write
|
||
|
CFF000
|
stack
|
page read and write
|
||
|
27A9000
|
heap
|
page read and write
|
||
|
5187000
|
heap
|
page read and write
|
||
|
32EF000
|
heap
|
page read and write
|
||
|
33C0A000
|
heap
|
page read and write
|
||
|
34019000
|
heap
|
page read and write
|
||
|
815000
|
unkown
|
page readonly
|
||
|
530000
|
heap
|
page read and write
|
||
|
29AB000
|
heap
|
page read and write
|
||
|
212B000
|
heap
|
page read and write
|
||
|
2FF2000
|
heap
|
page read and write
|
||
|
4DCC000
|
heap
|
page read and write
|
||
|
2CFC000
|
heap
|
page read and write
|
||
|
2178000
|
heap
|
page read and write
|
||
|
2123000
|
heap
|
page read and write
|
||
|
2119000
|
heap
|
page read and write
|
||
|
2130000
|
heap
|
page read and write
|
||
|
48FD000
|
heap
|
page read and write
|
||
|
4F7C000
|
heap
|
page read and write
|
||
|
211F000
|
heap
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
32AD000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
2D90000
|
direct allocation
|
page read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
32EF000
|
heap
|
page read and write
|
||
|
5283000
|
heap
|
page read and write
|
||
|
2120000
|
heap
|
page read and write
|
||
|
815000
|
unkown
|
page readonly
|
||
|
550E000
|
heap
|
page read and write
|
||
|
514000
|
heap
|
page read and write
|
||
|
DFF000
|
stack
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
29A0000
|
trusted library allocation
|
page read and write
|
||
|
2531000
|
heap
|
page read and write
|
||
|
4AF8000
|
heap
|
page read and write
|
||
|
2121000
|
heap
|
page read and write
|
||
|
25D4000
|
remote allocation
|
page execute and read and write
|
||
|
514000
|
heap
|
page read and write
|
||
|
4D70000
|
direct allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
506B000
|
heap
|
page read and write
|
||
|
31F0000
|
direct allocation
|
page read and write
|
||
|
4D2B000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
9E000
|
stack
|
page read and write
|
||
|
341A0000
|
unclassified section
|
page execute and read and write
|
||
|
7C7000
|
unkown
|
page read and write
|
||
|
2111000
|
heap
|
page read and write
|
||
|
341D1000
|
direct allocation
|
page execute and read and write
|
||
|
514000
|
heap
|
page read and write
|
||
|
4F5000
|
heap
|
page read and write
|
||
|
211F000
|
heap
|
page read and write
|
||
|
53C4000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
520000
|
heap
|
page read and write
|
||
|
2D2C000
|
heap
|
page read and write
|
||
|
334C000
|
stack
|
page read and write
|
||
|
3250000
|
direct allocation
|
page read and write
|
||
|
3280000
|
heap
|
page read and write
|
||
|
7D8000
|
unkown
|
page readonly
|
||
|
211F000
|
heap
|
page read and write
|
||
|
3303000
|
heap
|
page read and write
|
||
|
26A1000
|
heap
|
page read and write
|
||
|
2118000
|
heap
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
5644000
|
heap
|
page read and write
|
||
|
7AB000
|
unkown
|
page read and write
|
||
|
7D8000
|
unkown
|
page readonly
|
||
|
33E21000
|
heap
|
page read and write
|
||
|
A6E000
|
stack
|
page read and write
|
||
|
34186000
|
unclassified section
|
page execute and read and write
|
||
|
212D000
|
heap
|
page read and write
|
||
|
3280000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
2125000
|
heap
|
page read and write
|
||
|
4931000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
177000
|
stack
|
page read and write
|
||
|
5A05000
|
heap
|
page read and write
|
||
|
7A50000
|
trusted library allocation
|
page read and write
|
||
|
4D90000
|
direct allocation
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
788000
|
unkown
|
page read and write
|
||
|
4AD6000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
5448000
|
heap
|
page read and write
|
||
|
3401D000
|
heap
|
page read and write
|
||
|
70F000
|
stack
|
page read and write
|
||
|
2196000
|
heap
|
page read and write
|
||
|
27A9000
|
heap
|
page read and write
|
||
|
3303000
|
heap
|
page read and write
|
||
|
1BD4000
|
remote allocation
|
page execute and read and write
|
||
|
2C5F000
|
stack
|
page read and write
|
||
|
55C9000
|
heap
|
page read and write
|
||
|
340B0000
|
unclassified section
|
page execute and read and write
|
||
|
514000
|
heap
|
page read and write
|
||
|
2B5E000
|
stack
|
page read and write
|
||
|
3400B000
|
heap
|
page read and write
|
||
|
5B75000
|
heap
|
page read and write
|
||
|
B08000
|
heap
|
page read and write
|
||
|
33C08000
|
heap
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
94E000
|
heap
|
page read and write
|
||
|
337CF000
|
stack
|
page read and write
|
||
|
5981000
|
heap
|
page read and write
|
||
|
211F000
|
heap
|
page read and write
|
||
|
2B0F000
|
stack
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
2813000
|
heap
|
page read and write
|
||
|
2131000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
57DE000
|
heap
|
page read and write
|
||
|
2142000
|
heap
|
page read and write
|
||
|
473000
|
system
|
page execute and read and write
|
||
|
3322B000
|
stack
|
page read and write
|
||
|
3303000
|
heap
|
page read and write
|
||
|
98C000
|
heap
|
page read and write
|
||
|
33A8E000
|
stack
|
page read and write
|
||
|
4D80000
|
direct allocation
|
page read and write
|
||
|
2111000
|
heap
|
page read and write
|
||
|
213B000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
5A49000
|
heap
|
page read and write
|
||
|
1FF8000
|
heap
|
page read and write
|
||
|
3288000
|
heap
|
page read and write
|
||
|
4E9E000
|
stack
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
4F5000
|
heap
|
page read and write
|
||
|
45C000
|
system
|
page execute and read and write
|
||
|
34123000
|
unclassified section
|
page execute and read and write
|
||
|
4CCB000
|
heap
|
page read and write
|
||
|
45D000
|
system
|
page execute and read and write
|
||
|
514000
|
heap
|
page read and write
|
||
|
2100000
|
heap
|
page read and write
|
||
|
2127000
|
heap
|
page read and write
|
||
|
7D5000
|
unkown
|
page readonly
|
||
|
4E2E000
|
heap
|
page read and write
|
||
|
33B91000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
58BD000
|
heap
|
page read and write
|
||
|
232F000
|
stack
|
page read and write
|
||
|
2178000
|
heap
|
page read and write
|
||
|
48BB000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
538000
|
heap
|
page read and write
|
||
|
5261000
|
heap
|
page read and write
|
||
|
B4F000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
786000
|
unkown
|
page read and write
|
||
|
2130000
|
heap
|
page read and write
|
||
|
31C0000
|
direct allocation
|
page read and write
|
||
|
32FE000
|
heap
|
page read and write
|
||
|
2196000
|
heap
|
page read and write
|
||
|
AEE000
|
stack
|
page read and write
|
||
|
76F000
|
stack
|
page read and write
|
||
|
59C3000
|
heap
|
page read and write
|
||
|
4F5000
|
heap
|
page read and write
|
||
|
513E000
|
heap
|
page read and write
|
||
|
210C000
|
heap
|
page read and write
|
||
|
1AB0000
|
remote allocation
|
page execute and read and write
|
||
|
211C000
|
heap
|
page read and write
|
||
|
2812000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
25D9000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
456000
|
system
|
page execute and read and write
|
||
|
50D4000
|
heap
|
page read and write
|
||
|
2159000
|
heap
|
page read and write
|
||
|
2131000
|
heap
|
page read and write
|
||
|
3210000
|
direct allocation
|
page read and write
|
||
|
4D60000
|
direct allocation
|
page read and write
|
||
|
2120000
|
heap
|
page read and write
|
||
|
213A000
|
heap
|
page read and write
|
||
|
50B2000
|
heap
|
page read and write
|
||
|
51F3000
|
heap
|
page read and write
|
||
|
34007000
|
heap
|
page read and write
|
||
|
34019000
|
heap
|
page read and write
|
||
|
33FCB000
|
heap
|
page read and write
|
||
|
2AD4000
|
heap
|
page read and write
|
||
|
3230000
|
direct allocation
|
page read and write
|
||
|
7D5000
|
unkown
|
page readonly
|
||
|
210C000
|
heap
|
page read and write
|
||
|
2123000
|
heap
|
page read and write
|
||
|
511C000
|
heap
|
page read and write
|
||
|
3260000
|
direct allocation
|
page read and write
|
||
|
2121000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
7D8000
|
unkown
|
page readonly
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
7A4000
|
unkown
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
3313000
|
heap
|
page read and write
|
||
|
4D40000
|
direct allocation
|
page read and write
|
||
|
3301000
|
heap
|
page read and write
|
||
|
4F5000
|
heap
|
page read and write
|
||
|
514000
|
heap
|
page read and write
|
||
|
54F000
|
heap
|
page read and write
|
||
|
66E000
|
stack
|
page read and write
|
||
|
341BB000
|
unclassified section
|
page execute and read and write
|
||
|
2138000
|
heap
|
page read and write
|
||
|
96E000
|
stack
|
page read and write
|
||
|
214A000
|
heap
|
page read and write
|
||
|
A05000
|
heap
|
page read and write
|
||
|
4FE2000
|
heap
|
page read and write
|
||
|
33F8B000
|
heap
|
page read and write
|
||
|
3401D000
|
heap
|
page read and write
|
||
|
29A0000
|
trusted library allocation
|
page read and write
|
||
|
2125000
|
heap
|
page read and write
|
||
|
2128000
|
heap
|
page read and write
|
||
|
514000
|
heap
|
page read and write
|
||
|
5215000
|
heap
|
page read and write
|
||
|
4DA0000
|
direct allocation
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
4C8C000
|
heap
|
page read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
7D8000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
91D000
|
heap
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
514000
|
heap
|
page read and write
|
||
|
4DD0000
|
direct allocation
|
page read and write
|
||
|
26AB000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2159000
|
heap
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
32FE000
|
heap
|
page read and write
|
||
|
3410D000
|
unclassified section
|
page execute and read and write
|
||
|
3312D000
|
stack
|
page read and write
|
||
|
3400B000
|
heap
|
page read and write
|
||
|
344B000
|
stack
|
page read and write
|
||
|
33FBB000
|
heap
|
page read and write
|
||
|
815000
|
unkown
|
page readonly
|
||
|
341D0000
|
direct allocation
|
page read and write
|
||
|
7D5000
|
unkown
|
page readonly
|
||
|
3338F000
|
stack
|
page read and write
|
||
|
9F4000
|
heap
|
page read and write
|
||
|
3400B000
|
heap
|
page read and write
|
||
|
3054000
|
heap
|
page read and write
|
||
|
334FE000
|
stack
|
page read and write
|
||
|
26A0000
|
heap
|
page read and write
|
||
|
4973000
|
heap
|
page read and write
|
||
|
6E34000
|
direct allocation
|
page execute and read and write
|
||
|
2130000
|
heap
|
page read and write
|
||
|
336CC000
|
stack
|
page read and write
|
||
|
2BE3000
|
heap
|
page read and write
|
||
|
2120000
|
heap
|
page read and write
|
||
|
34004000
|
heap
|
page read and write
|
||
|
2153000
|
heap
|
page read and write
|
||
|
4EF5000
|
heap
|
page read and write
|
||
|
2141000
|
heap
|
page read and write
|
||
|
B36000
|
heap
|
page read and write
|
||
|
2531000
|
heap
|
page read and write
|
||
|
6C720000
|
unkown
|
page readonly
|
||
|
2130000
|
heap
|
page read and write
|
||
|
7B2000
|
unkown
|
page read and write
|
||
|
31E0000
|
direct allocation
|
page read and write
|
||
|
5049000
|
heap
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
575F000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
193000
|
stack
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
6310000
|
trusted library allocation
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
4F5000
|
heap
|
page read and write
|
||
|
4C08000
|
heap
|
page read and write
|
||
|
6C723000
|
unkown
|
page readonly
|
||
|
34109000
|
unclassified section
|
page execute and read and write
|
||
|
17C000
|
stack
|
page read and write
|
||
|
32F3000
|
heap
|
page read and write
|
||
|
2125000
|
heap
|
page read and write
|
||
|
3394E000
|
stack
|
page read and write
|
||
|
21F0000
|
trusted library allocation
|
page read and write
|
||
|
3200000
|
direct allocation
|
page read and write
|
||
|
25D4000
|
heap
|
page read and write
|
||
|
5406000
|
heap
|
page read and write
|
||
|
4F39000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
49D7000
|
heap
|
page read and write
|
||
|
1F9E000
|
stack
|
page read and write
|
||
|
4B1A000
|
heap
|
page read and write
|
||
|
7AC000
|
heap
|
page read and write
|
||
|
2123000
|
heap
|
page read and write
|
||
|
2135000
|
heap
|
page read and write
|
||
|
4899000
|
heap
|
page read and write
|
||
|
54CC000
|
heap
|
page read and write
|
||
|
31F0000
|
heap
|
page read and write
|
||
|
5382000
|
heap
|
page read and write
|
||
|
77C000
|
unkown
|
page read and write
|
||
|
29A0000
|
trusted library allocation
|
page read and write
|
||
|
2130000
|
heap
|
page read and write
|
||
|
983000
|
heap
|
page read and write
|
||
|
31D0000
|
direct allocation
|
page read and write
|
||
|
3303000
|
heap
|
page read and write
|
||
|
52B9000
|
heap
|
page read and write
|
||
|
58E000
|
stack
|
page read and write
|
||
|
2159000
|
heap
|
page read and write
|
||
|
3301000
|
heap
|
page read and write
|
||
|
217A000
|
heap
|
page read and write
|
||
|
3192000
|
heap
|
page read and write
|
||
|
27A1000
|
heap
|
page read and write
|
||
|
2111000
|
heap
|
page read and write
|
||
|
32EF000
|
heap
|
page read and write
|
||
|
213A000
|
heap
|
page read and write
|
||
|
4E2E000
|
stack
|
page read and write
|
||
|
34007000
|
heap
|
page read and write
|
||
|
514000
|
heap
|
page read and write
|
||
|
4F9E000
|
heap
|
page read and write
|
||
|
2280000
|
heap
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
4A3B000
|
heap
|
page read and write
|
||
|
4B40000
|
heap
|
page read and write
|
||
|
2FD4000
|
remote allocation
|
page execute and read and write
|
||
|
91F000
|
stack
|
page read and write
|
||
|
2133000
|
heap
|
page read and write
|
||
|
34007000
|
heap
|
page read and write
|
||
|
4ED3000
|
heap
|
page read and write
|
||
|
34007000
|
heap
|
page read and write
|
||
|
32FEF000
|
stack
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
4BE6000
|
heap
|
page read and write
|
||
|
2812000
|
heap
|
page read and write
|
||
|
94E000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
9AE000
|
stack
|
page read and write
|
||
|
2120000
|
heap
|
page read and write
|
||
|
2111000
|
heap
|
page read and write
|
||
|
5666000
|
heap
|
page read and write
|
||
|
33F13000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
2127000
|
heap
|
page read and write
|
||
|
7D3000
|
unkown
|
page read and write
|
||
|
55EB000
|
heap
|
page read and write
|
||
|
548A000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
2114000
|
heap
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
2135000
|
heap
|
page read and write
|
||
|
4E50000
|
heap
|
page read and write
|
||
|
946000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
94E000
|
heap
|
page read and write
|
||
|
4740000
|
heap
|
page read and write
|
||
|
2130000
|
heap
|
page read and write
|
||
|
34007000
|
heap
|
page read and write
|
||
|
211E000
|
heap
|
page read and write
|
||
|
3418C000
|
unclassified section
|
page execute and read and write
|
||
|
815000
|
unkown
|
page readonly
|
||
|
56E2000
|
heap
|
page read and write
|
||
|
27A0000
|
heap
|
page read and write
|
||
|
4857000
|
heap
|
page read and write
|
||
|
B49000
|
heap
|
page read and write
|
||
|
29A0000
|
trusted library allocation
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
3358C000
|
stack
|
page read and write
|
||
|
33FBC000
|
heap
|
page read and write
|
||
|
311A000
|
heap
|
page read and write
|
||
|
514000
|
heap
|
page read and write
|
||
|
210E000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
3390F000
|
stack
|
page read and write
|
||
|
33C08000
|
heap
|
page read and write
|
||
|
4C4A000
|
heap
|
page read and write
|
||
|
211C000
|
heap
|
page read and write
|
||
|
2196000
|
heap
|
page read and write
|
||
|
211C000
|
heap
|
page read and write
|
||
|
2120000
|
heap
|
page read and write
|
||
|
2125000
|
heap
|
page read and write
|
||
|
252F000
|
stack
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
2135000
|
heap
|
page read and write
|
||
|
330ED000
|
stack
|
page read and write
|
||
|
4D50000
|
direct allocation
|
page read and write
|
||
|
33A4F000
|
stack
|
page read and write
|
||
|
2130000
|
heap
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
214B000
|
heap
|
page read and write
|
||
|
34007000
|
heap
|
page read and write
|
||
|
333FE000
|
stack
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
459000
|
system
|
page execute and read and write
|
||
|
2111000
|
heap
|
page read and write
|
||
|
5FF000
|
heap
|
page read and write
|
||
|
4D30000
|
direct allocation
|
page read and write
|
||
|
2C0D000
|
heap
|
page read and write
|
||
|
4DB0000
|
direct allocation
|
page read and write
|
||
|
514000
|
heap
|
page read and write
|
||
|
2121000
|
heap
|
page read and write
|
||
|
2111000
|
heap
|
page read and write
|
||
|
29A0000
|
trusted library allocation
|
page read and write
|
||
|
815000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
26C5000
|
heap
|
page read and write
|
||
|
782000
|
unkown
|
page read and write
|
||
|
593F000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
26C0000
|
heap
|
page read and write
|
||
|
2153000
|
heap
|
page read and write
|
||
|
269F000
|
stack
|
page read and write
|
||
|
5A8B000
|
heap
|
page read and write
|
||
|
4F5000
|
heap
|
page read and write
|
||
|
2154000
|
heap
|
page read and write
|
||
|
6310000
|
direct allocation
|
page execute and read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
2133000
|
heap
|
page read and write
|
||
|
6C721000
|
unkown
|
page execute read
|
||
|
2130000
|
heap
|
page read and write
|
||
|
5EE000
|
stack
|
page read and write
|
||
|
2131000
|
heap
|
page read and write
|
||
|
5340000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
81E000
|
stack
|
page read and write
|
||
|
26A1000
|
heap
|
page read and write
|
||
|
20F0000
|
heap
|
page read and write
|
||
|
33E20000
|
heap
|
page read and write
|
||
|
4F5000
|
heap
|
page read and write
|
||
|
7D5000
|
unkown
|
page readonly
|
||
|
2120000
|
heap
|
page read and write
|
||
|
4F17000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
213E000
|
heap
|
page read and write
|
||
|
3380C000
|
stack
|
page read and write
|
||
|
2EB0000
|
heap
|
page read and write
|
||
|
214C000
|
heap
|
page read and write
|
||
|
2130000
|
heap
|
page read and write
|
||
|
212D000
|
heap
|
page read and write
|
||
|
7A6000
|
unkown
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
1FE0000
|
heap
|
page read and write
|
||
|
34022000
|
heap
|
page read and write
|
||
|
32FE000
|
heap
|
page read and write
|
||
|
212D000
|
heap
|
page read and write
|
||
|
4B82000
|
heap
|
page read and write
|
||
|
2130000
|
heap
|
page read and write
|
||
|
31B0000
|
direct allocation
|
page read and write
|
||
|
815000
|
unkown
|
page readonly
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
7D8000
|
unkown
|
page readonly
|
||
|
4CE000
|
stack
|
page read and write
|
||
|
3400B000
|
heap
|
page read and write
|
||
|
2813000
|
heap
|
page read and write
|
||
|
33FFB000
|
heap
|
page read and write
|
||
|
BA6000
|
heap
|
page read and write
|
||
|
94D000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
29A5000
|
heap
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
211C000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
514000
|
heap
|
page read and write
|
||
|
583C000
|
heap
|
page read and write
|
||
|
514000
|
heap
|
page read and write
|
||
|
213A000
|
heap
|
page read and write
|
||
|
33B8F000
|
stack
|
page read and write
|
||
|
21F0000
|
trusted library allocation
|
page read and write
|
||
|
5E8000
|
heap
|
page read and write
|
||
|
5572000
|
heap
|
page read and write
|
||
|
2111000
|
heap
|
page read and write
|
||
|
2142000
|
heap
|
page read and write
|
||
|
6C725000
|
unkown
|
page readonly
|
||
|
27A8000
|
heap
|
page read and write
|
||
|
2130000
|
heap
|
page read and write
|
||
|
4A7D000
|
heap
|
page read and write
|
||
|
94D000
|
heap
|
page read and write
|
||
|
2119000
|
heap
|
page read and write
|
||
|
7DF000
|
stack
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
585E000
|
heap
|
page read and write
|
||
|
58DF000
|
heap
|
page read and write
|
||
|
2166000
|
heap
|
page read and write
|
||
|
2125000
|
heap
|
page read and write
|
||
|
7D5000
|
unkown
|
page readonly
|
||
|
57BC000
|
heap
|
page read and write
|
||
|
2120000
|
heap
|
page read and write
|
||
|
18F000
|
stack
|
page read and write
|
||
|
3400B000
|
heap
|
page read and write
|
||
|
3368D000
|
stack
|
page read and write
|
||
|
49B5000
|
heap
|
page read and write
|
||
|
3313000
|
heap
|
page read and write
|
||
|
214C000
|
heap
|
page read and write
|
||
|
2133000
|
heap
|
page read and write
|
||
|
33E9A000
|
heap
|
page read and write
|
||
|
33F13000
|
heap
|
page read and write
|
||
|
3270000
|
heap
|
page read and write
|
||
|
2121000
|
heap
|
page read and write
|
||
|
91D000
|
heap
|
page read and write
|
||
|
34130000
|
unclassified section
|
page execute and read and write
|
||
|
7D5000
|
unkown
|
page readonly
|
||
|
33B91000
|
heap
|
page read and write
|
||
|
7D8000
|
unkown
|
page readonly
|
||
|
5AD2000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
4BA4000
|
heap
|
page read and write
|
||
|
47A4000
|
heap
|
page read and write
|
||
|
210C000
|
heap
|
page read and write
|
||
|
4DD6000
|
heap
|
page read and write
|
||
|
33C83000
|
heap
|
page read and write
|
||
|
4DC0000
|
direct allocation
|
page read and write
|
||
|
2AEE000
|
heap
|
page read and write
|
||
|
41B000
|
system
|
page execute and read and write
|
||
|
4A19000
|
heap
|
page read and write
|
||
|
33C08000
|
heap
|
page read and write
|
||
|
514000
|
heap
|
page read and write
|
||
|
514000
|
heap
|
page read and write
|
||
|
6310000
|
trusted library allocation
|
page read and write
|
||
|
341E6000
|
direct allocation
|
page execute and read and write
|
||
|
2111000
|
heap
|
page read and write
|
||
|
3303000
|
heap
|
page read and write
|
||
|
4782000
|
heap
|
page read and write
|
||
|
913000
|
heap
|
page read and write
|
||
|
33F8B000
|
heap
|
page read and write
|
||
|
5004000
|
heap
|
page read and write
|
||
|
4EA0000
|
heap
|
page read and write
|
||
|
2120000
|
heap
|
page read and write
|
||
|
56C0000
|
heap
|
page read and write
|
||
|
26A1000
|
heap
|
page read and write
|
||
|
33B90000
|
heap
|
page read and write
|
||
|
30B6000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
573D000
|
heap
|
page read and write
|
||
|
33F12000
|
heap
|
page read and write
|
||
|
33E21000
|
heap
|
page read and write
|
||
|
2120000
|
heap
|
page read and write
|
||
|
211F000
|
heap
|
page read and write
|
||
|
4835000
|
heap
|
page read and write
|
||
|
98C000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
2120000
|
heap
|
page read and write
|
||
|
211E000
|
heap
|
page read and write
|
||
|
211E000
|
heap
|
page read and write
|
||
|
2131000
|
heap
|
page read and write
|
||
|
4E70000
|
heap
|
page read and write
|
||
|
214D000
|
heap
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
4D6B000
|
heap
|
page read and write
|
||
|
2154000
|
heap
|
page read and write
|
||
|
3328E000
|
stack
|
page read and write
|
||
|
3275000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
3240000
|
direct allocation
|
page read and write
|
||
|
7D8000
|
unkown
|
page readonly
|
||
|
514000
|
heap
|
page read and write
|
There are 590 hidden memdumps, click here to show them.