IOC Report
17334752451c3a43189360a7e5b86f13b5ea7a6044304256a8f4c49ad5d5bd4831e72ee12e792.dat-decoded.exe

loading gif

Files

File Path
Type
Category
Malicious
17334752451c3a43189360a7e5b86f13b5ea7a6044304256a8f4c49ad5d5bd4831e72ee12e792.dat-decoded.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
malicious
C:\Users\user\AppData\Roaming\remcos\logs.dat
data
dropped
malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\json[1].json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\atkwdxhfhaecrerwdsjtdarotoqimtmgdh
Unicode text, UTF-16, little-endian text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\bhvA676.tmp
Extensible storage engine DataBase, version 0x620, checksum 0xc9448cc7, page size 32768, DirtyShutdown, Windows version 10.0
dropped
C:\Users\user\AppData\Local\Temp\bhvD249.tmp
Extensible storage engine DataBase, version 0x620, checksum 0xc9448cc7, page size 32768, DirtyShutdown, Windows version 10.0
dropped
C:\Users\user\AppData\Local\Temp\qvsnmq
Unicode text, UTF-16, little-endian text, with no line terminators
dropped

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\17334752451c3a43189360a7e5b86f13b5ea7a6044304256a8f4c49ad5d5bd4831e72ee12e792.dat-decoded.exe
"C:\Users\user\Desktop\17334752451c3a43189360a7e5b86f13b5ea7a6044304256a8f4c49ad5d5bd4831e72ee12e792.dat-decoded.exe"
malicious
C:\Users\user\Desktop\17334752451c3a43189360a7e5b86f13b5ea7a6044304256a8f4c49ad5d5bd4831e72ee12e792.dat-decoded.exe
C:\Users\user\Desktop\17334752451c3a43189360a7e5b86f13b5ea7a6044304256a8f4c49ad5d5bd4831e72ee12e792.dat-decoded.exe /stext "C:\Users\user\AppData\Local\Temp\qvsnmq"
malicious
C:\Users\user\Desktop\17334752451c3a43189360a7e5b86f13b5ea7a6044304256a8f4c49ad5d5bd4831e72ee12e792.dat-decoded.exe
C:\Users\user\Desktop\17334752451c3a43189360a7e5b86f13b5ea7a6044304256a8f4c49ad5d5bd4831e72ee12e792.dat-decoded.exe /stext "C:\Users\user\AppData\Local\Temp\wfgmexfquvwjormwxnmvqsfnckapqyps"
malicious
C:\Users\user\Desktop\17334752451c3a43189360a7e5b86f13b5ea7a6044304256a8f4c49ad5d5bd4831e72ee12e792.dat-decoded.exe
C:\Users\user\Desktop\17334752451c3a43189360a7e5b86f13b5ea7a6044304256a8f4c49ad5d5bd4831e72ee12e792.dat-decoded.exe /stext "C:\Users\user\AppData\Local\Temp\xjrvqnzhyavnhpgfptkxoggco"
malicious
C:\Users\user\Desktop\17334752451c3a43189360a7e5b86f13b5ea7a6044304256a8f4c49ad5d5bd4831e72ee12e792.dat-decoded.exe
C:\Users\user\Desktop\17334752451c3a43189360a7e5b86f13b5ea7a6044304256a8f4c49ad5d5bd4831e72ee12e792.dat-decoded.exe /stext "C:\Users\user\AppData\Local\Temp\atkwdxhfhaecrerwdsjtdarotoqimtmgdh"
malicious
C:\Users\user\Desktop\17334752451c3a43189360a7e5b86f13b5ea7a6044304256a8f4c49ad5d5bd4831e72ee12e792.dat-decoded.exe
C:\Users\user\Desktop\17334752451c3a43189360a7e5b86f13b5ea7a6044304256a8f4c49ad5d5bd4831e72ee12e792.dat-decoded.exe /stext "C:\Users\user\AppData\Local\Temp\azrbouitfbtqknwrahjxueeuvbutbfjrmv"
malicious
C:\Users\user\Desktop\17334752451c3a43189360a7e5b86f13b5ea7a6044304256a8f4c49ad5d5bd4831e72ee12e792.dat-decoded.exe
C:\Users\user\Desktop\17334752451c3a43189360a7e5b86f13b5ea7a6044304256a8f4c49ad5d5bd4831e72ee12e792.dat-decoded.exe /stext "C:\Users\user\AppData\Local\Temp\xmdugchyslpaasitdca"
malicious

URLs

Name
IP
Malicious
jawa123.duckdns.org
malicious
http://www.imvu.comr
unknown
https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=W
unknown
http://www.imvu.comta
unknown
https://ow1.res.office365.com/apc/trans.gif?29331761644ba41ebf9abf96ecc6fbad
unknown
https://aefd.nelreports.net/api/report?cat=bingth
unknown
https://86dd05e6f545b5502aade4a1946d3e9d.azr.footprintdns.com/apc/trans.gif?66601c3b572f284b9da07fcc
unknown
http://www.nirsoft.net
unknown
https://aefd.nelreports.net/api/report?cat=bingaotak
unknown
https://deff.nelreports.net/api/report?cat=msn
unknown
https://ecs.nel.measure.office.net?TenantId=ODSP_Sync_Client&DestinationEndpoint=Edge-Prod-BLUr5a&Fr
unknown
https://58293426822f9aaf9d7c729f28294583.azr.footprintdns.com/apc/trans.gif?fc66b8a78ab7a1394f56e742
unknown
https://ecs.nel.measure.office.net?TenantId=ODSP_Sync_Client&DestinationEndpoint=Edge-Prod-BL2r8e&Fr
unknown
http://www.imvu.comhttp://www.ebuddy.comhttps://www.google.com
unknown
https://rum8.perf.linkedin.com/apc/trans.gif?fe61b216ccbcc1bca02cb20f2e94fb51
unknown
https://www.google.com
unknown
https://fp-afdx-bpdee4gtg6frejfd.z01.azurefd.net/apc/trans.gif?a9bddedb22fa9ee1d455a5d5a89b950c
unknown
http://geoplugin.net/json.gp/C
unknown
https://maps.windows.com/windows-app-web-link
unknown
https://cxcs.microsoft.net/api/settings/en-GB/xml/settings-tipset?release=20h1&sku=Professional&plat
unknown
https://fp-afdx-bpdee4gtg6frejfd.z01.azurefd.net/apc/trans.gif?60caefc8ca640843bccad421cfaadcc8
unknown
https://login.yahoo.com/config/login
unknown
http://geoplugin.net/json.gpWVK
unknown
http://geoplugin.net/json.gprVn
unknown
http://www.nirsoft.net/
unknown
https://ow1.res.office365.com/apc/trans.gif?17a81fd4cdc7fc73a2b4cf5b67ff816d
unknown
https://86dd05e6f545b5502aade4a1946d3e9d.azr.footprintdns.com/apc/trans.gif?f67d919da1a9ba8a5672367d
unknown
https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Condition/AAehR3S.svg
unknown
https://www.office.com/
unknown
https://ow1.res.office365.com/apc/trans.gif?2f153f40414852a5ead98f4103d563a8
unknown
https://acae307a6acdd4e64531be6276770618.azr.footprintdns.com/apc/trans.gif?a176b93f037f93b5720edf68
unknown
https://sin06prdapp01-canary-opaph.netmon.azure.com/apc/trans.gif?909b77fc750668f20e07288ff0ed43e2
unknown
https://18a72a1f5c7b170c6cc0a459d463264e.azr.footprintdns.com/apc/trans.gif?c9b5e9d2b836931c8ddd4e8d
unknown
https://18a72a1f5c7b170c6cc0a459d463264e.azr.footprintdns.com/apc/trans.gif?18b635b804a8d6ad0a1fa437
unknown
http://www.imvu.com
unknown
https://aefd.nelreports.net/api/report?cat=wsb
unknown
https://acae307a6acdd4e64531be6276770618.azr.footprintdns.com/apc/trans.gif?467894188c5d788807342326
unknown
https://4c4f378c706610974da9cb9d99fe3116.azr.footprintdns.com/apc/trans.gif?1c89d9658c6af83a02d98b03
unknown
http://geoplugin.net/json.gp
178.237.33.50
http://geoplugin.net/
unknown
https://aefd.nelreports.net/api/report?cat=bingaot
unknown
https://login.windows.net/common/oauth2/authorize?response_type=code&client_id=d3590ed6-52b3-4102-ae
unknown
https://4c4f378c706610974da9cb9d99fe3116.azr.footprintdns.com/apc/trans.gif?74b620657ac570f7999e6ad7
unknown
https://ecs.nel.measure.office.net?TenantId=Skype&DestinationEndpoint=Edge-Prod-BL2r8e&FrontEnd=AFD
unknown
https://aefd.nelreports.net/api/report?cat=bingrms
unknown
https://rum8.perf.linkedin.com/apc/trans.gif?690daf9375f3d267a5b7b08fbc174993
unknown
https://www.google.com/accounts/servicelogin
unknown
https://58293426822f9aaf9d7c729f28294583.azr.footprintdns.com/apc/trans.gif?cf2d8bf3b68a3e37eef992d5
unknown
https://login.microsoftonline.com/common/oauth2/authorize?response_type=code&client_id=d3590ed6-52b3
unknown
https://ow1.res.office365.com/apc/trans.gif?a50e32ebd978eda4d21928b1dbc78135
unknown
https://sin06prdapp01-canary-opaph.netmon.azure.com/apc/trans.gif?c6931b9e725f95cf9c20849dd6498c59
unknown
http://www.ebuddy.com
unknown
There are 42 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
jawa123.duckdns.org
154.216.20.244
malicious
geoplugin.net
178.237.33.50

IPs

IP
Domain
Country
Malicious
154.216.20.244
jawa123.duckdns.org
Seychelles
malicious
178.237.33.50
geoplugin.net
Netherlands

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\net-YA1YXM
exepath
HKEY_CURRENT_USER\SOFTWARE\net-YA1YXM
licence

Memdumps

Base Address
Regiontype
Protect
Malicious
5EE000
heap
page read and write
malicious
456000
unkown
page readonly
malicious
5EE000
heap
page read and write
malicious
5EE000
heap
page read and write
malicious
5EE000
heap
page read and write
malicious
456000
unkown
page readonly
malicious
5EE000
heap
page read and write
malicious
5EE000
heap
page read and write
malicious
456000
unkown
page readonly
malicious
5EE000
heap
page read and write
malicious
5EE000
heap
page read and write
malicious
5EE000
heap
page read and write
malicious
5EE000
heap
page read and write
malicious
456000
unkown
page readonly
malicious
5EE000
heap
page read and write
malicious
456000
unkown
page readonly
malicious
5EE000
heap
page read and write
malicious
5EE000
heap
page read and write
malicious
456000
unkown
page readonly
malicious
456000
unkown
page readonly
malicious
5EE000
heap
page read and write
malicious
5EE000
heap
page read and write
malicious
5EE000
heap
page read and write
malicious
5EE000
heap
page read and write
malicious
5EE000
heap
page read and write
malicious
5EE000
heap
page read and write
malicious
5EE000
heap
page read and write
malicious
5EE000
heap
page read and write
malicious
5EE000
heap
page read and write
malicious
5EE000
heap
page read and write
malicious
618000
heap
page read and write
21B8000
heap
page read and write
5FE000
heap
page read and write
2990000
trusted library allocation
page read and write
578000
heap
page read and write
2767000
heap
page read and write
2179000
heap
page read and write
21B5000
heap
page read and write
3DFD000
heap
page read and write
2797000
heap
page read and write
430000
heap
page read and write
2100000
heap
page read and write
21BD000
heap
page read and write
83F000
stack
page read and write
193000
stack
page read and write
61B000
heap
page read and write
80F000
stack
page read and write
5D4000
heap
page read and write
565000
heap
page read and write
7EE000
stack
page read and write
3DF2000
heap
page read and write
564000
heap
page read and write
603000
heap
page read and write
2112000
heap
page read and write
61B000
heap
page read and write
2661000
heap
page read and write
5D4000
heap
page read and write
2768000
heap
page read and write
8DD000
heap
page read and write
5FE000
heap
page read and write
5C2000
heap
page read and write
400000
system
page execute and read and write
61B000
heap
page read and write
60C000
heap
page read and write
910000
heap
page read and write
4C5000
heap
page read and write
4FE000
stack
page read and write
720000
heap
page read and write
1F0000
heap
page read and write
21EE000
heap
page read and write
92D000
heap
page read and write
475000
unkown
page readonly
19A000
stack
page read and write
605000
heap
page read and write
61B000
heap
page read and write
259C000
heap
page read and write
401000
unkown
page execute read
2108000
heap
page read and write
9D6000
heap
page read and write
61F000
heap
page read and write
21A1000
heap
page read and write
60C000
heap
page read and write
21A0000
heap
page read and write
2990000
trusted library allocation
page read and write
5D2000
heap
page read and write
2660000
heap
page read and write
4C4000
heap
page read and write
5FE000
heap
page read and write
21A1000
heap
page read and write
2691000
heap
page read and write
603000
heap
page read and write
61B000
heap
page read and write
61B000
heap
page read and write
21B5000
heap
page read and write
401000
unkown
page execute read
21B5000
heap
page read and write
5D2000
heap
page read and write
4404000
heap
page read and write
89F000
stack
page read and write
21B0000
heap
page read and write
4C4000
heap
page read and write
400000
unkown
page readonly
20F9000
heap
page read and write
2990000
trusted library allocation
page read and write
22BF000
stack
page read and write
61C000
heap
page read and write
60C000
heap
page read and write
21B4000
heap
page read and write
2105000
heap
page read and write
2108000
heap
page read and write
5DE000
stack
page read and write
9C000
stack
page read and write
5D4000
heap
page read and write
564000
heap
page read and write
2108000
heap
page read and write
25CD000
heap
page read and write
618000
heap
page read and write
21CA000
heap
page read and write
750000
heap
page read and write
5C2000
heap
page read and write
530000
heap
page read and write
603000
heap
page read and write
21B8000
heap
page read and write
600000
heap
page read and write
71F000
heap
page read and write
5D4000
heap
page read and write
600000
heap
page read and write
2133000
heap
page read and write
21A1000
heap
page read and write
60C000
heap
page read and write
21AE000
heap
page read and write
61B000
heap
page read and write
5D2000
heap
page read and write
60C000
heap
page read and write
9C000
stack
page read and write
2960000
trusted library allocation
page read and write
2761000
heap
page read and write
210C000
heap
page read and write
618000
heap
page read and write
61C000
heap
page read and write
217D000
heap
page read and write
618000
heap
page read and write
603000
heap
page read and write
1F4000
heap
page read and write
21B8000
heap
page read and write
3DF5000
heap
page read and write
20F9000
heap
page read and write
2240000
heap
page read and write
21A4000
heap
page read and write
21B8000
heap
page read and write
564000
heap
page read and write
1F4000
heap
page read and write
2180000
heap
page read and write
2108000
heap
page read and write
2960000
trusted library allocation
page read and write
626000
heap
page read and write
5C8000
heap
page read and write
2799000
heap
page read and write
210C000
heap
page read and write
60C000
heap
page read and write
4C4000
heap
page read and write
564000
heap
page read and write
2101000
heap
page read and write
565000
heap
page read and write
603000
heap
page read and write
459000
system
page execute and read and write
A13000
heap
page read and write
21B1000
heap
page read and write
452000
system
page execute and read and write
5D4000
heap
page read and write
45A000
heap
page read and write
21B8000
heap
page read and write
21C8000
heap
page read and write
5FE000
heap
page read and write
2791000
heap
page read and write
21EE000
heap
page read and write
45D000
system
page execute and read and write
564000
heap
page read and write
5D2000
heap
page read and write
21B8000
heap
page read and write
2100000
heap
page read and write
5FE000
heap
page read and write
2105000
heap
page read and write
605000
heap
page read and write
460000
heap
page read and write
565000
heap
page read and write
2112000
heap
page read and write
213D000
heap
page read and write
219C000
heap
page read and write
2105000
heap
page read and write
20FB000
heap
page read and write
17C000
stack
page read and write
400000
system
page execute and read and write
5FE000
heap
page read and write
9DD000
heap
page read and write
21CE000
heap
page read and write
A2C000
heap
page read and write
60C000
heap
page read and write
2795000
heap
page read and write
603000
heap
page read and write
5FE000
heap
page read and write
60C000
heap
page read and write
2105000
heap
page read and write
46E000
unkown
page write copy
92D000
heap
page read and write
930000
heap
page read and write
210B000
heap
page read and write
2108000
heap
page read and write
5D4000
heap
page read and write
58E000
stack
page read and write
2108000
heap
page read and write
5D4000
heap
page read and write
400000
unkown
page readonly
625000
heap
page read and write
475000
unkown
page readonly
20F9000
heap
page read and write
1F4000
heap
page read and write
8D3000
heap
page read and write
5C2000
heap
page read and write
5FE000
heap
page read and write
564000
heap
page read and write
215C000
heap
page read and write
1F4000
heap
page read and write
605000
heap
page read and write
21A6000
heap
page read and write
211E000
heap
page read and write
46E000
unkown
page write copy
4910000
heap
page read and write
5D2000
heap
page read and write
B0F000
stack
page read and write
600000
heap
page read and write
475000
unkown
page readonly
21BB000
heap
page read and write
38F7000
heap
page read and write
5D2000
heap
page read and write
210C000
heap
page read and write
2220000
heap
page read and write
400000
unkown
page readonly
5D4000
heap
page read and write
452000
system
page execute and read and write
42FB000
heap
page read and write
269A000
heap
page read and write
219D000
heap
page read and write
4919000
heap
page read and write
2960000
trusted library allocation
page read and write
A1D000
heap
page read and write
594000
heap
page read and write
626000
heap
page read and write
21B1000
heap
page read and write
2190000
heap
page read and write
21CA000
heap
page read and write
564000
heap
page read and write
60C000
heap
page read and write
20F1000
heap
page read and write
20D0000
heap
page read and write
2111000
heap
page read and write
604000
heap
page read and write
5FE000
heap
page read and write
565000
heap
page read and write
2600000
heap
page read and write
5FE000
heap
page read and write
60C000
heap
page read and write
A20000
heap
page read and write
219C000
heap
page read and write
17C000
stack
page read and write
5C8000
heap
page read and write
5FE000
heap
page read and write
61B000
heap
page read and write
21B0000
heap
page read and write
603000
heap
page read and write
44F000
system
page execute and read and write
20F1000
heap
page read and write
61B000
heap
page read and write
21CA000
heap
page read and write
60C000
heap
page read and write
A1D000
heap
page read and write
570000
heap
page read and write
440000
heap
page read and write
60C000
heap
page read and write
2105000
heap
page read and write
626000
heap
page read and write
2795000
heap
page read and write
5C2000
heap
page read and write
9DD000
heap
page read and write
5C2000
heap
page read and write
5FE000
heap
page read and write
600000
heap
page read and write
2104000
heap
page read and write
2761000
heap
page read and write
5C8000
heap
page read and write
3DFD000
heap
page read and write
44F000
system
page execute and read and write
1F4000
heap
page read and write
222A000
heap
page read and write
21AC000
heap
page read and write
2108000
heap
page read and write
20FC000
heap
page read and write
20EC000
heap
page read and write
61B000
heap
page read and write
565000
heap
page read and write
5D2000
heap
page read and write
213F000
heap
page read and write
1F4000
heap
page read and write
5FE000
heap
page read and write
475000
unkown
page readonly
61B000
heap
page read and write
6DF000
stack
page read and write
626000
heap
page read and write
540000
heap
page read and write
177000
stack
page read and write
61B000
heap
page read and write
5D4000
heap
page read and write
926000
heap
page read and write
605000
heap
page read and write
21CC000
heap
page read and write
605000
heap
page read and write
60C000
heap
page read and write
21B8000
heap
page read and write
401000
unkown
page execute read
9C000
stack
page read and write
21BD000
heap
page read and write
605000
heap
page read and write
5FE000
heap
page read and write
5C2000
heap
page read and write
60C000
heap
page read and write
4C4000
heap
page read and write
2769000
heap
page read and write
910000
heap
page read and write
61C000
heap
page read and write
5CF000
heap
page read and write
5CE000
stack
page read and write
626000
heap
page read and write
4C4000
heap
page read and write
5FE000
heap
page read and write
2179000
heap
page read and write
21C2000
heap
page read and write
4BE000
stack
page read and write
211A000
heap
page read and write
2190000
heap
page read and write
2108000
heap
page read and write
21C2000
heap
page read and write
61C000
heap
page read and write
64E000
stack
page read and write
5C8000
heap
page read and write
1F4000
heap
page read and write
21BD000
heap
page read and write
4C0000
heap
page read and write
4C5000
heap
page read and write
20FE000
heap
page read and write
61F000
heap
page read and write
2177000
heap
page read and write
2601000
heap
page read and write
603000
heap
page read and write
74F000
stack
page read and write
564000
heap
page read and write
20C0000
heap
page read and write
220D000
heap
page read and write
61C000
heap
page read and write
2177000
heap
page read and write
600000
heap
page read and write
565000
heap
page read and write
5D2000
heap
page read and write
2960000
trusted library allocation
page read and write
600000
heap
page read and write
400000
unkown
page readonly
61C000
heap
page read and write
21AE000
heap
page read and write
1F0000
heap
page read and write
21B8000
heap
page read and write
604000
heap
page read and write
4C4000
heap
page read and write
2765000
heap
page read and write
21BB000
heap
page read and write
2260000
heap
page read and write
550000
heap
page read and write
46E000
unkown
page write copy
21A1000
heap
page read and write
21A1000
heap
page read and write
400000
unkown
page readonly
401000
unkown
page execute read
400000
unkown
page readonly
2765000
heap
page read and write
626000
heap
page read and write
605000
heap
page read and write
21CF000
stack
page read and write
2799000
heap
page read and write
60C000
heap
page read and write
210C000
heap
page read and write
21B5000
heap
page read and write
5C8000
heap
page read and write
60C000
heap
page read and write
604000
heap
page read and write
71F000
heap
page read and write
1F4000
heap
page read and write
5D2000
heap
page read and write
215F000
heap
page read and write
61B000
heap
page read and write
21A9000
heap
page read and write
600000
heap
page read and write
2601000
heap
page read and write
5FE000
heap
page read and write
473000
system
page execute and read and write
2661000
heap
page read and write
600000
heap
page read and write
21B0000
heap
page read and write
4C5000
heap
page read and write
5C2000
heap
page read and write
600000
heap
page read and write
9D6000
heap
page read and write
38F2000
heap
page read and write
210C000
heap
page read and write
626000
heap
page read and write
540000
heap
page read and write
61B000
heap
page read and write
2798000
heap
page read and write
A10000
heap
page read and write
5D0000
heap
page read and write
38F3000
heap
page read and write
2990000
trusted library allocation
page read and write
21A6000
heap
page read and write
4409000
heap
page read and write
2794000
heap
page read and write
21A6000
heap
page read and write
600000
heap
page read and write
5C2000
heap
page read and write
600000
heap
page read and write
60C000
heap
page read and write
6F0000
heap
page read and write
2108000
heap
page read and write
211B000
heap
page read and write
60C000
heap
page read and write
7AF000
stack
page read and write
2108000
heap
page read and write
626000
heap
page read and write
2600000
heap
page read and write
21C8000
heap
page read and write
61C000
heap
page read and write
38FE000
heap
page read and write
603000
heap
page read and write
20F1000
heap
page read and write
61B000
heap
page read and write
60C000
heap
page read and write
604000
heap
page read and write
1F0000
heap
page read and write
2765000
heap
page read and write
20EC000
heap
page read and write
21A1000
heap
page read and write
21B5000
heap
page read and write
920000
heap
page read and write
4C4000
heap
page read and write
600000
heap
page read and write
400000
system
page execute and read and write
60D000
heap
page read and write
2104000
heap
page read and write
9C000
stack
page read and write
5C2000
heap
page read and write
2795000
heap
page read and write
62C000
heap
page read and write
5C5000
heap
page read and write
5D2000
heap
page read and write
21B8000
heap
page read and write
1F4000
heap
page read and write
2990000
trusted library allocation
page read and write
2799000
heap
page read and write
7FE000
stack
page read and write
5D2000
heap
page read and write
19C000
stack
page read and write
2108000
heap
page read and write
600000
heap
page read and write
7BF000
stack
page read and write
20F1000
heap
page read and write
4C4000
heap
page read and write
19C000
stack
page read and write
2108000
heap
page read and write
564000
heap
page read and write
462000
heap
page read and write
1F4000
heap
page read and write
213D000
heap
page read and write
61B000
heap
page read and write
5D4000
heap
page read and write
1F0000
heap
page read and write
21D0000
trusted library allocation
page read and write
21B8000
heap
page read and write
4916000
heap
page read and write
60C000
heap
page read and write
21B0000
heap
page read and write
400000
unkown
page readonly
219F000
heap
page read and write
211A000
heap
page read and write
20FB000
heap
page read and write
60C000
heap
page read and write
21A8000
heap
page read and write
193000
stack
page read and write
4C4000
heap
page read and write
46E000
unkown
page write copy
2769000
heap
page read and write
4C5000
heap
page read and write
600000
heap
page read and write
564000
heap
page read and write
61B000
heap
page read and write
222C000
heap
page read and write
640000
heap
page read and write
21D0000
trusted library allocation
page read and write
19A000
stack
page read and write
2108000
heap
page read and write
2691000
heap
page read and write
603000
heap
page read and write
60C000
heap
page read and write
61F000
heap
page read and write
21B1000
heap
page read and write
2601000
heap
page read and write
4C5000
heap
page read and write
18F000
stack
page read and write
61B000
heap
page read and write
605000
heap
page read and write
1F4000
heap
page read and write
21B8000
heap
page read and write
603000
heap
page read and write
9D0000
heap
page read and write
618000
heap
page read and write
5D4000
heap
page read and write
8D0000
heap
page read and write
626000
heap
page read and write
4C4000
heap
page read and write
211B000
heap
page read and write
41B000
system
page execute and read and write
2798000
heap
page read and write
2170000
heap
page read and write
5FE000
heap
page read and write
20E0000
heap
page read and write
60C000
heap
page read and write
79E000
stack
page read and write
564000
heap
page read and write
2105000
heap
page read and write
2762000
heap
page read and write
9C000
stack
page read and write
600000
heap
page read and write
2769000
heap
page read and write
21B5000
heap
page read and write
21C1000
heap
page read and write
5FE000
heap
page read and write
2765000
heap
page read and write
2768000
heap
page read and write
2117000
heap
page read and write
20E0000
heap
page read and write
21A9000
heap
page read and write
46E000
unkown
page write copy
2764000
heap
page read and write
2105000
heap
page read and write
930000
heap
page read and write
21B5000
heap
page read and write
38FA000
heap
page read and write
2108000
heap
page read and write
5C0000
heap
page read and write
219C000
heap
page read and write
5D2000
heap
page read and write
222A000
heap
page read and write
20EC000
heap
page read and write
2101000
heap
page read and write
500000
heap
page read and write
401000
unkown
page execute read
21B4000
heap
page read and write
564000
heap
page read and write
9DD000
heap
page read and write
53E000
stack
page read and write
400000
system
page execute and read and write
459000
system
page execute and read and write
5C2000
heap
page read and write
21BD000
heap
page read and write
217D000
heap
page read and write
4A0000
heap
page read and write
20F1000
heap
page read and write
21D0000
heap
page read and write
5FE000
heap
page read and write
4C5000
heap
page read and write
61B000
heap
page read and write
20F8000
heap
page read and write
2100000
heap
page read and write
A23000
heap
page read and write
401000
unkown
page execute read
2120000
heap
page read and write
222C000
heap
page read and write
5C2000
heap
page read and write
61C000
heap
page read and write
605000
heap
page read and write
60C000
heap
page read and write
5D4000
heap
page read and write
20F1000
heap
page read and write
21B8000
heap
page read and write
20F0000
heap
page read and write
4C4000
heap
page read and write
4C4000
heap
page read and write
2108000
heap
page read and write
21A9000
heap
page read and write
21E3000
heap
page read and write
2990000
trusted library allocation
page read and write
60C000
heap
page read and write
21AE000
heap
page read and write
210C000
heap
page read and write
45D000
system
page execute and read and write
3DF7000
heap
page read and write
605000
heap
page read and write
20F9000
heap
page read and write
4917000
heap
page read and write
2088000
heap
page read and write
21B1000
heap
page read and write
4C4000
heap
page read and write
4C4000
heap
page read and write
217D000
heap
page read and write
2105000
heap
page read and write
2100000
heap
page read and write
2690000
heap
page read and write
2105000
heap
page read and write
46E000
unkown
page write copy
60C000
heap
page read and write
1F4000
heap
page read and write
38FB000
heap
page read and write
2108000
heap
page read and write
473000
system
page execute and read and write
2101000
heap
page read and write
20ED000
heap
page read and write
2227000
heap
page read and write
603000
heap
page read and write
1F4000
heap
page read and write
2108000
heap
page read and write
560000
heap
page read and write
1F0000
heap
page read and write
2601000
heap
page read and write
2227000
heap
page read and write
5D2000
heap
page read and write
600000
heap
page read and write
61B000
heap
page read and write
5FE000
heap
page read and write
2790000
heap
page read and write
21A9000
heap
page read and write
603000
heap
page read and write
21B8000
heap
page read and write
20FE000
heap
page read and write
5FE000
heap
page read and write
2792000
heap
page read and write
211A000
heap
page read and write
20FB000
heap
page read and write
626000
heap
page read and write
20FE000
heap
page read and write
21B8000
heap
page read and write
400000
system
page execute and read and write
600000
heap
page read and write
2661000
heap
page read and write
1F4000
heap
page read and write
60C000
heap
page read and write
21B1000
heap
page read and write
5D4000
heap
page read and write
5FE000
heap
page read and write
475000
unkown
page readonly
5C2000
heap
page read and write
5D2000
heap
page read and write
3DFB000
heap
page read and write
564000
heap
page read and write
8FF000
stack
page read and write
222A000
heap
page read and write
564000
heap
page read and write
60C000
heap
page read and write
600000
heap
page read and write
2960000
trusted library allocation
page read and write
600000
heap
page read and write
2101000
heap
page read and write
5FE000
heap
page read and write
21B0000
heap
page read and write
60C000
heap
page read and write
20FB000
heap
page read and write
61F000
heap
page read and write
600000
heap
page read and write
940000
trusted library allocation
page read and write
2791000
heap
page read and write
2767000
heap
page read and write
60C000
heap
page read and write
1F0000
heap
page read and write
5D2000
heap
page read and write
8DD000
heap
page read and write
600000
heap
page read and write
4C5000
heap
page read and write
600000
heap
page read and write
2220000
heap
page read and write
210B000
heap
page read and write
21B8000
heap
page read and write
92D000
heap
page read and write
61B000
heap
page read and write
21BD000
heap
page read and write
5A0000
heap
page read and write
2760000
heap
page read and write
648000
heap
page read and write
2797000
heap
page read and write
2660000
heap
page read and write
60C000
heap
page read and write
5D2000
heap
page read and write
4C4000
heap
page read and write
600000
heap
page read and write
21A6000
heap
page read and write
475000
unkown
page readonly
21BD000
heap
page read and write
401000
unkown
page execute read
2105000
heap
page read and write
2105000
heap
page read and write
5D2000
heap
page read and write
626000
heap
page read and write
4C4000
heap
page read and write
5EE000
heap
page read and write
3DEE000
heap
page read and write
2761000
heap
page read and write
626000
heap
page read and write
60C000
heap
page read and write
626000
heap
page read and write
6F8000
heap
page read and write
2791000
heap
page read and write
8EF000
stack
page read and write
600000
heap
page read and write
61B000
heap
page read and write
21B8000
heap
page read and write
2170000
heap
page read and write
4402000
heap
page read and write
5D4000
heap
page read and write
475000
unkown
page readonly
6AE000
stack
page read and write
60C000
heap
page read and write
926000
heap
page read and write
5D4000
heap
page read and write
21CC000
heap
page read and write
20EF000
heap
page read and write
5FE000
heap
page read and write
600000
heap
page read and write
2960000
trusted library allocation
page read and write
61B000
heap
page read and write
5D2000
heap
page read and write
1F4000
heap
page read and write
564000
heap
page read and write
41B000
system
page execute and read and write
A2D000
heap
page read and write
21B5000
heap
page read and write
21A1000
heap
page read and write
565000
heap
page read and write
604000
heap
page read and write
20F1000
heap
page read and write
565000
heap
page read and write
4406000
heap
page read and write
46E000
unkown
page write copy
20F1000
heap
page read and write
61B000
heap
page read and write
5D4000
heap
page read and write
1F4000
heap
page read and write
2101000
heap
page read and write
21A9000
heap
page read and write
21B5000
heap
page read and write
60C000
heap
page read and write
21B8000
heap
page read and write
448000
heap
page read and write
21A6000
heap
page read and write
4400000
heap
page read and write
177000
stack
page read and write
49E000
stack
page read and write
4807000
heap
page read and write
20FB000
heap
page read and write
60C000
heap
page read and write
21B5000
heap
page read and write
1F4000
heap
page read and write
2691000
heap
page read and write
2179000
heap
page read and write
5D2000
heap
page read and write
9C000
stack
page read and write
5D4000
heap
page read and write
20F4000
heap
page read and write
20F9000
heap
page read and write
4919000
heap
page read and write
18F000
stack
page read and write
5C2000
heap
page read and write
564000
heap
page read and write
21B5000
heap
page read and write
21A1000
heap
page read and write
940000
trusted library allocation
page read and write
610000
heap
page read and write
4C5000
heap
page read and write
400000
system
page execute and read and write
There are 771 hidden memdumps, click here to show them.