Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
a1K847qsM0.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
||
C:\Notepad.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Program Files (x86)\Explower.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Explower.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\a1K847qsM0.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\History\Explower.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Explower.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Explower.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\server.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\24983f03fb74576bbc5af6aa1085b23dWindows Update.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Explower.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Corporation.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Users\user\Desktop\Explower.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Users\user\Documents\Explower.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Users\user\Favorites\Explower.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Windows\SysWOW64\Explower.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\24983f03fb74576bbc5af6aa1085b23dWindows Update.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\Explower.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\Microsoft Corporation.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\app
|
Unicode text, UTF-8 (with BOM) text, with no line terminators
|
dropped
|
||
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 11 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\a1K847qsM0.exe
|
"C:\Users\user\Desktop\a1K847qsM0.exe"
|
||
C:\Users\user\AppData\Local\Temp\server.exe
|
"C:\Users\user\AppData\Local\Temp\server.exe"
|
||
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\AppData\Local\Temp\server.exe" "server.exe" ENABLE
|
||
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall delete allowedprogram "C:\Users\user\AppData\Local\Temp\server.exe"
|
||
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\AppData\Local\Temp\server.exe" "server.exe" ENABLE
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\24983f03fb74576bbc5af6aa1085b23dWindows Update.exe
|
"C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\24983f03fb74576bbc5af6aa1085b23dWindows Update.exe"
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\24983f03fb74576bbc5af6aa1085b23dWindows Update.exe
|
"C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\24983f03fb74576bbc5af6aa1085b23dWindows Update.exe"
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Explower.exe
|
"C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Explower.exe"
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Corporation.exe
|
"C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Corporation.exe"
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 2 hidden processes, click here to show them.
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
167.71.56.116
|
unknown
|
United States
|
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_CURRENT_USER\Environment
|
SEE_MASK_NOZONECHECKS
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
4458000
|
trusted library allocation
|
page read and write
|
||
D22000
|
unkown
|
page readonly
|
||
26E1000
|
trusted library allocation
|
page read and write
|
||
32D6000
|
heap
|
page read and write
|
||
56DC000
|
stack
|
page read and write
|
||
140B000
|
trusted library allocation
|
page execute and read and write
|
||
585E000
|
stack
|
page read and write
|
||
3237000
|
heap
|
page read and write
|
||
31AC000
|
heap
|
page read and write
|
||
1900000
|
heap
|
page read and write
|
||
3169000
|
heap
|
page read and write
|
||
327D000
|
heap
|
page read and write
|
||
4196000
|
trusted library allocation
|
page read and write
|
||
1232000
|
trusted library allocation
|
page execute and read and write
|
||
316B000
|
heap
|
page read and write
|
||
32DE000
|
heap
|
page read and write
|
||
3212000
|
heap
|
page read and write
|
||
325C000
|
heap
|
page read and write
|
||
315A000
|
heap
|
page read and write
|
||
599E000
|
stack
|
page read and write
|
||
32FC000
|
heap
|
page read and write
|
||
32F1000
|
trusted library allocation
|
page read and write
|
||
566F000
|
stack
|
page read and write
|
||
44D1000
|
trusted library allocation
|
page read and write
|
||
3110000
|
heap
|
page read and write
|
||
31AD000
|
heap
|
page read and write
|
||
DF0000
|
heap
|
page read and write
|
||
DAE000
|
stack
|
page read and write
|
||
55D6000
|
heap
|
page read and write
|
||
3215000
|
heap
|
page read and write
|
||
3225000
|
heap
|
page read and write
|
||
59EE000
|
stack
|
page read and write
|
||
32CF000
|
heap
|
page read and write
|
||
A42000
|
trusted library allocation
|
page read and write
|
||
326C000
|
heap
|
page read and write
|
||
1120000
|
heap
|
page read and write
|
||
13E0000
|
trusted library allocation
|
page read and write
|
||
890000
|
heap
|
page read and write
|
||
487E000
|
stack
|
page read and write
|
||
32D3000
|
heap
|
page read and write
|
||
3318000
|
trusted library allocation
|
page read and write
|
||
32EF000
|
heap
|
page read and write
|
||
5ACE000
|
stack
|
page read and write
|
||
57D8000
|
heap
|
page read and write
|
||
44D4000
|
trusted library allocation
|
page read and write
|
||
3257000
|
heap
|
page read and write
|
||
4EA0000
|
heap
|
page read and write
|
||
31A9000
|
heap
|
page read and write
|
||
DB3000
|
stack
|
page read and write
|
||
3269000
|
heap
|
page read and write
|
||
18A0000
|
heap
|
page execute and read and write
|
||
324C000
|
heap
|
page read and write
|
||
1550000
|
trusted library allocation
|
page read and write
|
||
3483000
|
trusted library allocation
|
page read and write
|
||
4E70000
|
heap
|
page read and write
|
||
55E6000
|
heap
|
page read and write
|
||
53BE000
|
stack
|
page read and write
|
||
F40000
|
heap
|
page read and write
|
||
595F000
|
stack
|
page read and write
|
||
1200000
|
heap
|
page read and write
|
||
32D4000
|
heap
|
page read and write
|
||
61AE000
|
stack
|
page read and write
|
||
325E000
|
heap
|
page read and write
|
||
32B2000
|
heap
|
page read and write
|
||
325C000
|
heap
|
page read and write
|
||
3140000
|
heap
|
page read and write
|
||
3224000
|
heap
|
page read and write
|
||
3261000
|
heap
|
page read and write
|
||
4A9B000
|
stack
|
page read and write
|
||
31AD000
|
heap
|
page read and write
|
||
57D0000
|
heap
|
page read and write
|
||
55E9000
|
heap
|
page read and write
|
||
55EA000
|
heap
|
page read and write
|
||
326D000
|
heap
|
page read and write
|
||
DBE000
|
stack
|
page read and write
|
||
57DA000
|
heap
|
page read and write
|
||
3320000
|
trusted library allocation
|
page read and write
|
||
134E000
|
heap
|
page read and write
|
||
3218000
|
heap
|
page read and write
|
||
1700000
|
heap
|
page execute and read and write
|
||
324C000
|
heap
|
page read and write
|
||
317A000
|
heap
|
page read and write
|
||
32A3000
|
heap
|
page read and write
|
||
348A000
|
trusted library allocation
|
page read and write
|
||
57C1000
|
heap
|
page read and write
|
||
318D000
|
heap
|
page read and write
|
||
3236000
|
heap
|
page read and write
|
||
1322000
|
trusted library allocation
|
page execute and read and write
|
||
32AD000
|
heap
|
page read and write
|
||
DF0000
|
heap
|
page read and write
|
||
DB3000
|
stack
|
page read and write
|
||
55E6000
|
heap
|
page read and write
|
||
BEC000
|
stack
|
page read and write
|
||
569B000
|
stack
|
page read and write
|
||
146E000
|
heap
|
page read and write
|
||
5914000
|
trusted library allocation
|
page read and write
|
||
517D000
|
stack
|
page read and write
|
||
4281000
|
trusted library allocation
|
page read and write
|
||
132A000
|
trusted library allocation
|
page execute and read and write
|
||
1487000
|
heap
|
page read and write
|
||
55DA000
|
heap
|
page read and write
|
||
3278000
|
heap
|
page read and write
|
||
594E000
|
stack
|
page read and write
|
||
3263000
|
heap
|
page read and write
|
||
159E000
|
stack
|
page read and write
|
||
326D000
|
heap
|
page read and write
|
||
1A0F000
|
stack
|
page read and write
|
||
55D5000
|
heap
|
page read and write
|
||
326C000
|
heap
|
page read and write
|
||
1230000
|
trusted library allocation
|
page read and write
|
||
85E000
|
stack
|
page read and write
|
||
3199000
|
heap
|
page read and write
|
||
5DCD000
|
stack
|
page read and write
|
||
5BCE000
|
stack
|
page read and write
|
||
55DC000
|
stack
|
page read and write
|
||
4890000
|
trusted library allocation
|
page read and write
|
||
320F000
|
heap
|
page read and write
|
||
1400000
|
trusted library allocation
|
page read and write
|
||
326D000
|
heap
|
page read and write
|
||
32F1000
|
heap
|
page read and write
|
||
586E000
|
stack
|
page read and write
|
||
1340000
|
heap
|
page read and write
|
||
1700000
|
heap
|
page read and write
|
||
3221000
|
heap
|
page read and write
|
||
660000
|
heap
|
page read and write
|
||
1020000
|
heap
|
page read and write
|
||
588C000
|
trusted library allocation
|
page read and write
|
||
A3A000
|
trusted library allocation
|
page execute and read and write
|
||
576E000
|
stack
|
page read and write
|
||
32EF000
|
heap
|
page read and write
|
||
31AC000
|
heap
|
page read and write
|
||
545000
|
heap
|
page read and write
|
||
19A000
|
stack
|
page read and write
|
||
55EC000
|
heap
|
page read and write
|
||
32DE000
|
heap
|
page read and write
|
||
3258000
|
heap
|
page read and write
|
||
1402000
|
trusted library allocation
|
page execute and read and write
|
||
3262000
|
heap
|
page read and write
|
||
57CC000
|
heap
|
page read and write
|
||
5080000
|
heap
|
page read and write
|
||
3258000
|
heap
|
page read and write
|
||
3255000
|
heap
|
page read and write
|
||
32B3000
|
heap
|
page read and write
|
||
15BC000
|
trusted library allocation
|
page execute and read and write
|
||
5700000
|
heap
|
page read and write
|
||
15F0000
|
trusted library allocation
|
page read and write
|
||
32B0000
|
trusted library allocation
|
page read and write
|
||
57DC000
|
heap
|
page read and write
|
||
3234000
|
heap
|
page read and write
|
||
535C000
|
stack
|
page read and write
|
||
600C000
|
stack
|
page read and write
|
||
604E000
|
stack
|
page read and write
|
||
124E000
|
stack
|
page read and write
|
||
57B8000
|
heap
|
page read and write
|
||
32A3000
|
heap
|
page read and write
|
||
8FA000
|
trusted library allocation
|
page execute and read and write
|
||
1590000
|
trusted library allocation
|
page read and write
|
||
4ADC000
|
stack
|
page read and write
|
||
DBE000
|
stack
|
page read and write
|
||
5670000
|
trusted library allocation
|
page read and write
|
||
31AD000
|
heap
|
page read and write
|
||
545C000
|
stack
|
page read and write
|
||
31A2000
|
heap
|
page read and write
|
||
33EF000
|
unkown
|
page read and write
|
||
120E000
|
stack
|
page read and write
|
||
55D5000
|
heap
|
page read and write
|
||
164F000
|
stack
|
page read and write
|
||
31AA000
|
heap
|
page read and write
|
||
325C000
|
heap
|
page read and write
|
||
324E000
|
heap
|
page read and write
|
||
32A7000
|
heap
|
page read and write
|
||
4F20000
|
heap
|
page read and write
|
||
53CC000
|
stack
|
page read and write
|
||
2CAE000
|
stack
|
page read and write
|
||
5B0E000
|
stack
|
page read and write
|
||
326D000
|
heap
|
page read and write
|
||
3252000
|
heap
|
page read and write
|
||
31CE000
|
heap
|
page read and write
|
||
564E000
|
stack
|
page read and write
|
||
326C000
|
heap
|
page read and write
|
||
317C000
|
heap
|
page read and write
|
||
331D000
|
trusted library allocation
|
page read and write
|
||
3131000
|
heap
|
page read and write
|
||
32FB000
|
heap
|
page read and write
|
||
32EF000
|
heap
|
page read and write
|
||
3451000
|
trusted library allocation
|
page read and write
|
||
F50000
|
heap
|
page read and write
|
||
325A000
|
heap
|
page read and write
|
||
57D0000
|
heap
|
page read and write
|
||
328D000
|
heap
|
page read and write
|
||
326E000
|
heap
|
page read and write
|
||
31AC000
|
heap
|
page read and write
|
||
91A000
|
trusted library allocation
|
page execute and read and write
|
||
325B000
|
heap
|
page read and write
|
||
CBB000
|
stack
|
page read and write
|
||
1327000
|
trusted library allocation
|
page execute and read and write
|
||
55D1000
|
heap
|
page read and write
|
||
1290000
|
heap
|
page read and write
|
||
18B0000
|
trusted library allocation
|
page read and write
|
||
2C60000
|
heap
|
page read and write
|
||
32EF000
|
heap
|
page read and write
|
||
328C000
|
heap
|
page read and write
|
||
55E2000
|
heap
|
page read and write
|
||
31CE000
|
heap
|
page read and write
|
||
31CE000
|
heap
|
page read and write
|
||
CBB000
|
stack
|
page read and write
|
||
900000
|
trusted library allocation
|
page read and write
|
||
3200000
|
heap
|
page read and write
|
||
32D6000
|
heap
|
page read and write
|
||
31AD000
|
heap
|
page read and write
|
||
3224000
|
heap
|
page read and write
|
||
3200000
|
heap
|
page read and write
|
||
3261000
|
heap
|
page read and write
|
||
3228000
|
heap
|
page read and write
|
||
5280000
|
heap
|
page read and write
|
||
DCB000
|
stack
|
page read and write
|
||
DCB000
|
stack
|
page read and write
|
||
185E000
|
stack
|
page read and write
|
||
4BDD000
|
stack
|
page read and write
|
||
57DA000
|
heap
|
page read and write
|
||
32A7000
|
heap
|
page read and write
|
||
3200000
|
heap
|
page read and write
|
||
31AC000
|
heap
|
page read and write
|
||
BBE000
|
stack
|
page read and write
|
||
496C000
|
stack
|
page read and write
|
||
126E000
|
stack
|
page read and write
|
||
540000
|
heap
|
page read and write
|
||
34F6000
|
trusted library allocation
|
page read and write
|
||
1312000
|
trusted library allocation
|
page execute and read and write
|
||
15CA000
|
trusted library allocation
|
page execute and read and write
|
||
32F4000
|
heap
|
page read and write
|
||
3197000
|
heap
|
page read and write
|
||
32B0000
|
heap
|
page read and write
|
||
1120000
|
heap
|
page read and write
|
||
107E000
|
unkown
|
page read and write
|
||
3234000
|
heap
|
page read and write
|
||
57C8000
|
heap
|
page read and write
|
||
324B000
|
heap
|
page read and write
|
||
31A1000
|
heap
|
page read and write
|
||
55E9000
|
heap
|
page read and write
|
||
54BE000
|
stack
|
page read and write
|
||
55D9000
|
heap
|
page read and write
|
||
32CF000
|
heap
|
page read and write
|
||
3179000
|
heap
|
page read and write
|
||
572D000
|
stack
|
page read and write
|
||
327D000
|
heap
|
page read and write
|
||
2F3F000
|
stack
|
page read and write
|
||
12C0000
|
heap
|
page read and write
|
||
328A000
|
heap
|
page read and write
|
||
106E000
|
unkown
|
page read and write
|
||
142B000
|
heap
|
page read and write
|
||
4284000
|
trusted library allocation
|
page read and write
|
||
32AD000
|
heap
|
page read and write
|
||
3195000
|
heap
|
page read and write
|
||
32AD000
|
heap
|
page read and write
|
||
3287000
|
heap
|
page read and write
|
||
312A000
|
heap
|
page read and write
|
||
3284000
|
heap
|
page read and write
|
||
324C000
|
heap
|
page read and write
|
||
3215000
|
heap
|
page read and write
|
||
31A9000
|
heap
|
page read and write
|
||
8A0000
|
trusted library allocation
|
page read and write
|
||
107E000
|
stack
|
page read and write
|
||
3236000
|
heap
|
page read and write
|
||
140E000
|
stack
|
page read and write
|
||
142A000
|
trusted library allocation
|
page execute and read and write
|
||
34D1000
|
trusted library allocation
|
page read and write
|
||
1690000
|
heap
|
page read and write
|
||
58DA000
|
trusted library allocation
|
page read and write
|
||
32FE000
|
heap
|
page read and write
|
||
3195000
|
heap
|
page read and write
|
||
3236000
|
heap
|
page read and write
|
||
15B0000
|
heap
|
page read and write
|
||
319D000
|
heap
|
page read and write
|
||
DBB000
|
stack
|
page read and write
|
||
DAE000
|
stack
|
page read and write
|
||
4970000
|
trusted library allocation
|
page execute and read and write
|
||
5A8E000
|
stack
|
page read and write
|
||
325B000
|
heap
|
page read and write
|
||
588C000
|
stack
|
page read and write
|
||
55E0000
|
heap
|
page read and write
|
||
55D8000
|
heap
|
page read and write
|
||
F3E000
|
unkown
|
page read and write
|
||
4990000
|
heap
|
page read and write
|
||
57CA000
|
heap
|
page read and write
|
||
1453000
|
heap
|
page read and write
|
||
55E9000
|
heap
|
page read and write
|
||
13F2000
|
trusted library allocation
|
page execute and read and write
|
||
324F000
|
heap
|
page read and write
|
||
32D8000
|
heap
|
page read and write
|
||
920000
|
heap
|
page read and write
|
||
DBB000
|
stack
|
page read and write
|
||
3477000
|
trusted library allocation
|
page read and write
|
||
342E000
|
stack
|
page read and write
|
||
3275000
|
heap
|
page read and write
|
||
3224000
|
heap
|
page read and write
|
||
62AE000
|
stack
|
page read and write
|
||
15E0000
|
heap
|
page read and write
|
||
5852000
|
trusted library allocation
|
page read and write
|
||
35BF000
|
stack
|
page read and write
|
||
32D6000
|
heap
|
page read and write
|
||
32D1000
|
heap
|
page read and write
|
||
32D3000
|
heap
|
page read and write
|
||
326D000
|
heap
|
page read and write
|
||
3170000
|
heap
|
page read and write
|
||
326D000
|
heap
|
page read and write
|
||
326D000
|
heap
|
page read and write
|
||
16F0000
|
trusted library allocation
|
page read and write
|
||
32AF000
|
heap
|
page read and write
|
||
42F1000
|
trusted library allocation
|
page read and write
|
||
3254000
|
heap
|
page read and write
|
||
BBB000
|
stack
|
page read and write
|
||
57D0000
|
heap
|
page read and write
|
||
527D000
|
stack
|
page read and write
|
||
5AEF000
|
stack
|
page read and write
|
||
4DE0000
|
heap
|
page read and write
|
||
3238000
|
heap
|
page read and write
|
||
321C000
|
heap
|
page read and write
|
||
32A7000
|
heap
|
page read and write
|
||
3254000
|
heap
|
page read and write
|
||
3226000
|
heap
|
page read and write
|
||
322B000
|
heap
|
page read and write
|
||
ABB000
|
stack
|
page read and write
|
||
324D000
|
heap
|
page read and write
|
||
55E6000
|
heap
|
page read and write
|
||
326D000
|
heap
|
page read and write
|
||
32EF000
|
heap
|
page read and write
|
||
2FAE000
|
stack
|
page read and write
|
||
4700000
|
trusted library allocation
|
page read and write
|
||
3286000
|
heap
|
page read and write
|
||
1450000
|
heap
|
page read and write
|
||
1368000
|
heap
|
page read and write
|
||
319E000
|
heap
|
page read and write
|
||
18E0000
|
trusted library allocation
|
page execute and read and write
|
||
18E0000
|
heap
|
page read and write
|
||
2C2F000
|
stack
|
page read and write
|
||
140C000
|
trusted library allocation
|
page execute and read and write
|
||
3253000
|
heap
|
page read and write
|
||
32D4000
|
heap
|
page read and write
|
||
1222000
|
trusted library allocation
|
page execute and read and write
|
||
541F000
|
stack
|
page read and write
|
||
3234000
|
heap
|
page read and write
|
||
3253000
|
heap
|
page read and write
|
||
3198000
|
heap
|
page read and write
|
||
327D000
|
heap
|
page read and write
|
||
D70000
|
heap
|
page read and write
|
||
31F4000
|
heap
|
page read and write
|
||
32D9000
|
heap
|
page read and write
|
||
1400000
|
trusted library allocation
|
page read and write
|
||
554F000
|
stack
|
page read and write
|
||
3284000
|
heap
|
page read and write
|
||
326D000
|
heap
|
page read and write
|
||
55EB000
|
stack
|
page read and write
|
||
31AC000
|
heap
|
page read and write
|
||
F80000
|
heap
|
page read and write
|
||
1240000
|
heap
|
page read and write
|
||
3178000
|
heap
|
page read and write
|
||
5680000
|
trusted library allocation
|
page execute and read and write
|
||
65D000
|
stack
|
page read and write
|
||
324A000
|
heap
|
page read and write
|
||
57B0000
|
heap
|
page read and write
|
||
1070000
|
heap
|
page read and write
|
||
32DB000
|
heap
|
page read and write
|
||
1420000
|
heap
|
page read and write
|
||
326D000
|
heap
|
page read and write
|
||
5BFB000
|
trusted library allocation
|
page read and write
|
||
55E6000
|
heap
|
page read and write
|
||
574F000
|
stack
|
page read and write
|
||
1474000
|
heap
|
page read and write
|
||
32FD000
|
heap
|
page read and write
|
||
31A0000
|
heap
|
page read and write
|
||
31A9000
|
heap
|
page read and write
|
||
57A1000
|
heap
|
page read and write
|
||
15B2000
|
trusted library allocation
|
page execute and read and write
|
||
A47000
|
trusted library allocation
|
page execute and read and write
|
||
32CF000
|
heap
|
page read and write
|
||
32D6000
|
heap
|
page read and write
|
||
57DB000
|
heap
|
page read and write
|
||
3253000
|
heap
|
page read and write
|
||
34B0000
|
heap
|
page read and write
|
||
16C0000
|
heap
|
page read and write
|
||
BF0000
|
heap
|
page execute and read and write
|
||
57C1000
|
heap
|
page read and write
|
||
318F000
|
stack
|
page read and write
|
||
503D000
|
stack
|
page read and write
|
||
3168000
|
heap
|
page read and write
|
||
57CA000
|
heap
|
page read and write
|
||
10F6000
|
stack
|
page read and write
|
||
55D2000
|
heap
|
page read and write
|
||
3287000
|
heap
|
page read and write
|
||
34B6000
|
heap
|
page read and write
|
||
571B000
|
stack
|
page read and write
|
||
56A1000
|
trusted library allocation
|
page read and write
|
||
4EEE000
|
stack
|
page read and write
|
||
31AB000
|
heap
|
page read and write
|
||
328D000
|
heap
|
page read and write
|
||
327E000
|
heap
|
page read and write
|
||
E20000
|
heap
|
page read and write
|
||
55FF000
|
stack
|
page read and write
|
||
14D1000
|
heap
|
page read and write
|
||
141A000
|
trusted library allocation
|
page execute and read and write
|
||
3224000
|
heap
|
page read and write
|
||
319F000
|
unkown
|
page read and write
|
||
13FA000
|
trusted library allocation
|
page execute and read and write
|
||
555B000
|
stack
|
page read and write
|
||
324D000
|
heap
|
page read and write
|
||
131A000
|
trusted library allocation
|
page execute and read and write
|
||
42F4000
|
trusted library allocation
|
page read and write
|
||
34FD000
|
trusted library allocation
|
page read and write
|
||
3180000
|
heap
|
page read and write
|
||
32B3000
|
heap
|
page read and write
|
||
322B000
|
heap
|
page read and write
|
||
3211000
|
heap
|
page read and write
|
||
31AD000
|
heap
|
page read and write
|
||
13CE000
|
stack
|
page read and write
|
||
48B0000
|
trusted library allocation
|
page read and write
|
||
326C000
|
heap
|
page read and write
|
||
90A000
|
trusted library allocation
|
page execute and read and write
|
||
3284000
|
heap
|
page read and write
|
||
55DA000
|
heap
|
page read and write
|
||
326B000
|
heap
|
page read and write
|
||
32AF000
|
heap
|
page read and write
|
||
318F000
|
heap
|
page read and write
|
||
130E000
|
stack
|
page read and write
|
||
FE0000
|
heap
|
page read and write
|
||
5A9E000
|
stack
|
page read and write
|
||
3231000
|
heap
|
page read and write
|
||
12B0000
|
trusted library allocation
|
page read and write
|
||
513E000
|
stack
|
page read and write
|
||
319D000
|
heap
|
page read and write
|
||
581D000
|
stack
|
page read and write
|
||
2E30000
|
heap
|
page execute and read and write
|
||
DD0000
|
heap
|
page read and write
|
||
3275000
|
heap
|
page read and write
|
||
318F000
|
heap
|
page read and write
|
||
32D9000
|
heap
|
page read and write
|
||
5ADE000
|
stack
|
page read and write
|
||
321A000
|
heap
|
page read and write
|
||
D20000
|
unkown
|
page readonly
|
||
328E000
|
heap
|
page read and write
|
||
1225000
|
heap
|
page read and write
|
||
317C000
|
heap
|
page read and write
|
||
55DA000
|
heap
|
page read and write
|
||
3168000
|
heap
|
page read and write
|
||
326D000
|
heap
|
page read and write
|
||
4710000
|
unclassified section
|
page read and write
|
||
319E000
|
heap
|
page read and write
|
||
324A000
|
heap
|
page read and write
|
||
3217000
|
heap
|
page read and write
|
||
325B000
|
heap
|
page read and write
|
||
66E000
|
heap
|
page read and write
|
||
15D2000
|
trusted library allocation
|
page execute and read and write
|
||
57C3000
|
heap
|
page read and write
|
||
168E000
|
stack
|
page read and write
|
||
55D3000
|
heap
|
page read and write
|
||
562C000
|
stack
|
page read and write
|
||
531E000
|
stack
|
page read and write
|
||
57CA000
|
heap
|
page read and write
|
||
16BF000
|
stack
|
page read and write
|
||
57C2000
|
heap
|
page read and write
|
||
3249000
|
heap
|
page read and write
|
||
14DD000
|
heap
|
page read and write
|
||
10F6000
|
stack
|
page read and write
|
||
8EE000
|
stack
|
page read and write
|
||
13F2000
|
trusted library allocation
|
page execute and read and write
|
||
324C000
|
heap
|
page read and write
|
||
584B000
|
stack
|
page read and write
|
||
5C0E000
|
stack
|
page read and write
|
||
145E000
|
stack
|
page read and write
|
||
3260000
|
heap
|
page read and write
|
||
1610000
|
heap
|
page read and write
|
||
322B000
|
heap
|
page read and write
|
||
500000
|
heap
|
page read and write
|
||
324E000
|
heap
|
page read and write
|
||
3270000
|
heap
|
page read and write
|
||
3253000
|
heap
|
page read and write
|
||
2DD0000
|
heap
|
page read and write
|
||
30A0000
|
heap
|
page read and write
|
||
324D000
|
heap
|
page read and write
|
||
31DE000
|
stack
|
page read and write
|
||
137E000
|
heap
|
page read and write
|
||
33FF000
|
unkown
|
page read and write
|
||
15F7000
|
trusted library allocation
|
page execute and read and write
|
||
31A4000
|
heap
|
page read and write
|
||
3228000
|
heap
|
page read and write
|
||
324E000
|
heap
|
page read and write
|
||
123A000
|
trusted library allocation
|
page execute and read and write
|
||
566C000
|
stack
|
page read and write
|
||
317C000
|
heap
|
page read and write
|
||
555F000
|
stack
|
page read and write
|
||
31F1000
|
heap
|
page read and write
|
||
1AF0000
|
heap
|
page execute and read and write
|
||
316B000
|
heap
|
page read and write
|
||
31CE000
|
heap
|
page read and write
|
||
5D4F000
|
stack
|
page read and write
|
||
134A000
|
heap
|
page read and write
|
||
574C000
|
stack
|
page read and write
|
||
155B000
|
trusted library allocation
|
page execute and read and write
|
||
57CA000
|
heap
|
page read and write
|
||
57A0000
|
heap
|
page read and write
|
||
1320000
|
trusted library allocation
|
page read and write
|
||
2DC0000
|
trusted library allocation
|
page execute and read and write
|
||
BAE000
|
stack
|
page read and write
|
||
32D6000
|
heap
|
page read and write
|
||
33DF000
|
stack
|
page read and write
|
||
59B1000
|
trusted library allocation
|
page read and write
|
||
319E000
|
heap
|
page read and write
|
||
325C000
|
heap
|
page read and write
|
||
1F0000
|
heap
|
page read and write
|
||
3270000
|
heap
|
page read and write
|
||
3193000
|
heap
|
page read and write
|
||
34C6000
|
heap
|
page read and write
|
||
14DC000
|
heap
|
page read and write
|
||
55D9000
|
heap
|
page read and write
|
||
54EE000
|
stack
|
page read and write
|
||
58AE000
|
stack
|
page read and write
|
||
128E000
|
stack
|
page read and write
|
||
57D2000
|
heap
|
page read and write
|
||
321A000
|
heap
|
page read and write
|
||
18D0000
|
trusted library allocation
|
page read and write
|
||
1455000
|
heap
|
page read and write
|
||
31E0000
|
heap
|
page read and write
|
||
3255000
|
heap
|
page read and write
|
||
3239000
|
heap
|
page read and write
|
||
31A5000
|
heap
|
page read and write
|
||
1460000
|
heap
|
page read and write
|
||
12C0000
|
heap
|
page read and write
|
||
31CE000
|
heap
|
page read and write
|
||
3234000
|
heap
|
page read and write
|
||
32D0000
|
heap
|
page read and write
|
||
15FB000
|
trusted library allocation
|
page execute and read and write
|
||
690E000
|
stack
|
page read and write
|
||
1407000
|
trusted library allocation
|
page execute and read and write
|
||
32D1000
|
heap
|
page read and write
|
||
12C5000
|
heap
|
page read and write
|
||
3277000
|
heap
|
page read and write
|
||
328C000
|
heap
|
page read and write
|
||
16EC000
|
stack
|
page read and write
|
||
32AF000
|
heap
|
page read and write
|
||
326E000
|
heap
|
page read and write
|
||
5570000
|
heap
|
page read and write
|
||
31AD000
|
heap
|
page read and write
|
||
32AD000
|
trusted library allocation
|
page read and write
|
||
149F000
|
heap
|
page read and write
|
||
326D000
|
heap
|
page read and write
|
||
A32000
|
trusted library allocation
|
page execute and read and write
|
||
32D6000
|
heap
|
page read and write
|
||
6E2000
|
heap
|
page read and write
|
||
736000
|
heap
|
page read and write
|
||
73A000
|
heap
|
page read and write
|
||
31A6000
|
heap
|
page read and write
|
||
32DE000
|
heap
|
page read and write
|
||
5BF7000
|
trusted library allocation
|
page read and write
|
||
14CE000
|
heap
|
page read and write
|
||
133A000
|
trusted library allocation
|
page execute and read and write
|
||
BB3000
|
stack
|
page read and write
|
||
325F000
|
heap
|
page read and write
|
||
917000
|
trusted library allocation
|
page execute and read and write
|
||
36E1000
|
trusted library allocation
|
page read and write
|
||
1AEC000
|
stack
|
page read and write
|
||
326F000
|
heap
|
page read and write
|
||
3221000
|
heap
|
page read and write
|
||
4F6000
|
stack
|
page read and write
|
||
3252000
|
heap
|
page read and write
|
||
5740000
|
heap
|
page read and write
|
||
34F4000
|
trusted library allocation
|
page read and write
|
||
54FE000
|
stack
|
page read and write
|
||
57CC000
|
heap
|
page read and write
|
||
32AD000
|
heap
|
page read and write
|
||
31CE000
|
heap
|
page read and write
|
||
327D000
|
heap
|
page read and write
|
||
545E000
|
stack
|
page read and write
|
||
1422000
|
trusted library allocation
|
page execute and read and write
|
||
328A000
|
heap
|
page read and write
|
||
3287000
|
heap
|
page read and write
|
||
680D000
|
stack
|
page read and write
|
||
3174000
|
heap
|
page read and write
|
||
F7B000
|
stack
|
page read and write
|
||
181F000
|
stack
|
page read and write
|
||
32EF000
|
heap
|
page read and write
|
||
122A000
|
trusted library allocation
|
page execute and read and write
|
||
3252000
|
heap
|
page read and write
|
||
34A0000
|
heap
|
page read and write
|
||
32DC000
|
heap
|
page read and write
|
||
54CF000
|
stack
|
page read and write
|
||
32F0000
|
heap
|
page read and write
|
||
3708000
|
trusted library allocation
|
page read and write
|
||
3277000
|
heap
|
page read and write
|
||
4D4B000
|
trusted library allocation
|
page read and write
|
||
34C0000
|
heap
|
page read and write
|
||
13EA000
|
trusted library allocation
|
page execute and read and write
|
||
6F7000
|
heap
|
page read and write
|
||
1210000
|
trusted library allocation
|
page read and write
|
||
328A000
|
heap
|
page read and write
|
||
31A2000
|
heap
|
page read and write
|
||
326D000
|
heap
|
page read and write
|
||
3218000
|
heap
|
page read and write
|
||
559C000
|
stack
|
page read and write
|
||
32F1000
|
heap
|
page read and write
|
||
319D000
|
heap
|
page read and write
|
||
D1B000
|
stack
|
page read and write
|
||
614F000
|
stack
|
page read and write
|
||
A60000
|
heap
|
page read and write
|
||
3167000
|
heap
|
page read and write
|
||
328A000
|
heap
|
page read and write
|
||
123C000
|
trusted library allocation
|
page execute and read and write
|
||
3120000
|
heap
|
page read and write
|
||
189C000
|
stack
|
page read and write
|
||
32CF000
|
heap
|
page read and write
|
||
327F000
|
heap
|
page read and write
|
||
7FAF0000
|
trusted library allocation
|
page execute and read and write
|
||
32AD000
|
heap
|
page read and write
|
||
31A7000
|
heap
|
page read and write
|
||
55D3000
|
heap
|
page read and write
|
||
3221000
|
heap
|
page read and write
|
||
3281000
|
trusted library allocation
|
page read and write
|
||
3241000
|
heap
|
page read and write
|
||
32D3000
|
heap
|
page read and write
|
||
4C50000
|
heap
|
page read and write
|
||
4E50000
|
heap
|
page read and write
|
||
3176000
|
heap
|
page read and write
|
||
327F000
|
heap
|
page read and write
|
||
556F000
|
stack
|
page read and write
|
||
5F0B000
|
stack
|
page read and write
|
||
5ACE000
|
stack
|
page read and write
|
||
32EF000
|
heap
|
page read and write
|
||
3796000
|
trusted library allocation
|
page read and write
|
||
A4B000
|
trusted library allocation
|
page execute and read and write
|
||
57DA000
|
heap
|
page read and write
|
||
576F000
|
stack
|
page read and write
|
||
1200000
|
heap
|
page read and write
|
||
324C000
|
heap
|
page read and write
|
||
4451000
|
trusted library allocation
|
page read and write
|
||
2DB0000
|
trusted library allocation
|
page read and write
|
||
FD0000
|
heap
|
page read and write
|
||
3460000
|
heap
|
page read and write
|
||
55DC000
|
heap
|
page read and write
|
||
3272000
|
heap
|
page read and write
|
||
1476000
|
heap
|
page read and write
|
||
32D6000
|
heap
|
page read and write
|
||
328A000
|
heap
|
page read and write
|
||
18C0000
|
trusted library allocation
|
page read and write
|
||
12F6000
|
stack
|
page read and write
|
||
55B0000
|
heap
|
page read and write
|
||
5BDE000
|
stack
|
page read and write
|
||
3420000
|
heap
|
page read and write
|
||
57DD000
|
heap
|
page read and write
|
||
15AA000
|
trusted library allocation
|
page execute and read and write
|
||
3284000
|
heap
|
page read and write
|
||
326D000
|
heap
|
page read and write
|
||
5916000
|
trusted library allocation
|
page read and write
|
||
154A000
|
trusted library allocation
|
page execute and read and write
|
||
3134000
|
heap
|
page read and write
|
||
5D1E000
|
stack
|
page read and write
|
||
32B0000
|
heap
|
page read and write
|
||
145A000
|
heap
|
page read and write
|
||
3231000
|
heap
|
page read and write
|
||
3199000
|
heap
|
page read and write
|
||
326C000
|
heap
|
page read and write
|
||
DF5000
|
heap
|
page read and write
|
||
324E000
|
heap
|
page read and write
|
||
325E000
|
heap
|
page read and write
|
||
318E000
|
heap
|
page read and write
|
||
13B8000
|
heap
|
page read and write
|
||
4D6F000
|
stack
|
page read and write
|
||
860000
|
heap
|
page read and write
|
||
13FA000
|
trusted library allocation
|
page execute and read and write
|
||
3270000
|
heap
|
page read and write
|
||
5C4E000
|
stack
|
page read and write
|
||
48C0000
|
trusted library allocation
|
page execute and read and write
|
||
1485000
|
heap
|
page read and write
|
||
3261000
|
heap
|
page read and write
|
||
5B2D000
|
stack
|
page read and write
|
||
57D4000
|
trusted library allocation
|
page read and write
|
||
1430000
|
trusted library allocation
|
page read and write
|
||
4EAE000
|
stack
|
page read and write
|
||
55EF000
|
heap
|
page read and write
|
||
54F0000
|
trusted library allocation
|
page execute and read and write
|
||
AAE000
|
stack
|
page read and write
|
||
32F1000
|
heap
|
page read and write
|
||
32DE000
|
heap
|
page read and write
|
||
32A4000
|
trusted library allocation
|
page read and write
|
||
3258000
|
heap
|
page read and write
|
||
3256000
|
heap
|
page read and write
|
||
32AD000
|
heap
|
page read and write
|
||
55B1000
|
heap
|
page read and write
|
||
3218000
|
heap
|
page read and write
|
||
584D000
|
stack
|
page read and write
|
||
375F000
|
trusted library allocation
|
page read and write
|
||
32A6000
|
trusted library allocation
|
page read and write
|
||
10F6000
|
stack
|
page read and write
|
||
3466000
|
heap
|
page read and write
|
||
3258000
|
heap
|
page read and write
|
||
3224000
|
heap
|
page read and write
|
||
325B000
|
heap
|
page read and write
|
||
1075000
|
heap
|
page read and write
|
||
5ECE000
|
stack
|
page read and write
|
||
31F0000
|
heap
|
page read and write
|
||
571E000
|
stack
|
page read and write
|
||
A2E000
|
stack
|
page read and write
|
||
59CE000
|
stack
|
page read and write
|
||
2E1E000
|
stack
|
page read and write
|
||
15A2000
|
trusted library allocation
|
page execute and read and write
|
||
32A3000
|
heap
|
page read and write
|
||
15DA000
|
trusted library allocation
|
page execute and read and write
|
||
3281000
|
heap
|
page read and write
|
||
FF0000
|
heap
|
page read and write
|
||
5C2E000
|
stack
|
page read and write
|
||
5850000
|
trusted library allocation
|
page read and write
|
||
2DAE000
|
stack
|
page read and write
|
||
325B000
|
heap
|
page read and write
|
||
132C000
|
trusted library allocation
|
page execute and read and write
|
||
3200000
|
heap
|
page read and write
|
||
321E000
|
heap
|
page read and write
|
||
140A000
|
trusted library allocation
|
page execute and read and write
|
||
316A000
|
heap
|
page read and write
|
||
1407000
|
trusted library allocation
|
page execute and read and write
|
||
5C1E000
|
stack
|
page read and write
|
||
1542000
|
trusted library allocation
|
page execute and read and write
|
||
D80000
|
heap
|
page read and write
|
||
326E000
|
heap
|
page read and write
|
||
57D9000
|
heap
|
page read and write
|
||
324E000
|
heap
|
page read and write
|
||
3284000
|
heap
|
page read and write
|
||
55D5000
|
heap
|
page read and write
|
||
55D0000
|
heap
|
page read and write
|
||
8F2000
|
trusted library allocation
|
page execute and read and write
|
||
3500000
|
trusted library allocation
|
page read and write
|
||
1492000
|
heap
|
page read and write
|
||
31A1000
|
heap
|
page read and write
|
||
327D000
|
heap
|
page read and write
|
||
598E000
|
stack
|
page read and write
|
||
57B1000
|
heap
|
page read and write
|
||
31A6000
|
heap
|
page read and write
|
||
55E6000
|
heap
|
page read and write
|
||
321A000
|
heap
|
page read and write
|
||
3248000
|
heap
|
page read and write
|
||
325E000
|
heap
|
page read and write
|
||
3140000
|
heap
|
page read and write
|
||
153F000
|
stack
|
page read and write
|
||
30B0000
|
heap
|
page read and write
|
||
54E0000
|
trusted library allocation
|
page read and write
|
||
2C40000
|
trusted library allocation
|
page read and write
|
||
15B0000
|
trusted library allocation
|
page read and write
|
||
32B0000
|
heap
|
page read and write
|
||
3284000
|
heap
|
page read and write
|
||
32CF000
|
heap
|
page read and write
|
||
3251000
|
heap
|
page read and write
|
||
F85000
|
heap
|
page read and write
|
||
3215000
|
heap
|
page read and write
|
||
145E000
|
heap
|
page read and write
|
||
59AF000
|
stack
|
page read and write
|
||
55D2000
|
heap
|
page read and write
|
||
BAF000
|
stack
|
page read and write
|
||
1437000
|
trusted library allocation
|
page execute and read and write
|
||
3225000
|
heap
|
page read and write
|
||
328E000
|
heap
|
page read and write
|
||
598C000
|
stack
|
page read and write
|
||
3262000
|
heap
|
page read and write
|
||
3196000
|
heap
|
page read and write
|
||
4740000
|
trusted library allocation
|
page execute and read and write
|
||
3256000
|
heap
|
page read and write
|
||
318D000
|
heap
|
page read and write
|
||
3171000
|
heap
|
page read and write
|
||
1468000
|
heap
|
page read and write
|
||
31A7000
|
heap
|
page read and write
|
||
57CA000
|
heap
|
page read and write
|
||
31A9000
|
heap
|
page read and write
|
||
328B000
|
heap
|
page read and write
|
||
5610000
|
heap
|
page read and write
|
||
3282000
|
heap
|
page read and write
|
||
31AD000
|
heap
|
page read and write
|
||
1557000
|
trusted library allocation
|
page execute and read and write
|
||
3259000
|
heap
|
page read and write
|
||
1220000
|
heap
|
page read and write
|
||
5E8E000
|
stack
|
page read and write
|
||
588E000
|
trusted library allocation
|
page read and write
|
||
171F000
|
stack
|
page read and write
|
||
3290000
|
heap
|
page read and write
|
||
3242000
|
heap
|
page read and write
|
||
668000
|
heap
|
page read and write
|
||
32AF000
|
heap
|
page read and write
|
||
15BA000
|
trusted library allocation
|
page execute and read and write
|
||
902000
|
trusted library allocation
|
page execute and read and write
|
||
3256000
|
heap
|
page read and write
|
||
5D8D000
|
stack
|
page read and write
|
||
3248000
|
heap
|
page read and write
|
||
551C000
|
stack
|
page read and write
|
||
1710000
|
heap
|
page read and write
|
||
54CC000
|
stack
|
page read and write
|
||
554D000
|
stack
|
page read and write
|
||
32D6000
|
heap
|
page read and write
|
||
3141000
|
heap
|
page read and write
|
||
1030000
|
heap
|
page read and write
|
||
31A1000
|
heap
|
page read and write
|
||
31A6000
|
heap
|
page read and write
|
||
32B0000
|
heap
|
page read and write
|
||
318E000
|
heap
|
page read and write
|
||
32AD000
|
heap
|
page read and write
|
||
319D000
|
heap
|
page read and write
|
||
3252000
|
heap
|
page read and write
|
||
3248000
|
heap
|
page read and write
|
||
3256000
|
heap
|
page read and write
|
||
3157000
|
heap
|
page read and write
|
||
3231000
|
heap
|
page read and write
|
||
5B0F000
|
trusted library allocation
|
page read and write
|
||
143B000
|
trusted library allocation
|
page execute and read and write
|
There are 797 hidden memdumps, click here to show them.