IOC Report
tTGxYWtjG5.exe

loading gif

Files

File Path
Type
Category
Malicious
tTGxYWtjG5.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
malicious
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_tTGxYWtjG5.exe_ba858073f2bca0c67de32724c3478a5b87d6b863_8f0d7673_e155f45d-d829-4853-8ba8-daae28bf8855\Report.wer
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
malicious
C:\ProgramData\Microsoft\Windows\WER\Temp\WER275D.tmp.dmp
Mini DuMP crash report, 15 streams, Tue Dec 24 09:00:39 2024, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER28A6.tmp.WERInternalMetadata.xml
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER28D6.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Windows\appcompat\Programs\Amcache.hve
MS Windows registry file, NT/2000 or above
dropped

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\tTGxYWtjG5.exe
"C:\Users\user\Desktop\tTGxYWtjG5.exe"
malicious
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 424 -s 1840

URLs

Name
IP
Malicious
https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_ef0fa27a12d43fbd45649e195429e8a63ddcad7cf7e128c0
unknown
https://duckduckgo.com/chrome_newtab
unknown
https://bitbucket.org/mynewworkspace123312/scnd/downloads/FormattingCharitable.exe.0
unknown
https://observerfry.lat/apim
unknown
https://bbuseruploads.s3.amazonaws.com/70e84e0b-e14f-45c5-ab65-07760e9609fc/downloads/eaef3307-3cc1-
unknown
https://duckduckgo.com/ac/?q=
unknown
https://remote-app-switcher.stg-east.frontend
unknown
https://observerfry.lat/s
unknown
https://observerfry.lat/pi
unknown
https://observerfry.lat/apij
unknown
https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/
unknown
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
unknown
https://bbc-object-storage--frontbucket.us-east-1.staging.public.atl-paas.net/
unknown
https://bbc-frontbucket-static.stg-east.frontend.public.atl-paas.net
unknown
https://bitbucket.org/mynewworkspace123312/scnd/downloads/FormattingCharitable.exe#CJ
unknown
https://observerfry.lat/apiy
unknown
https://observerfry.lat/J
unknown
https://bbuseruploads.s3.amazonaws.com:443
unknown
https://bbc-object-storage--frontbucket.us-east-1
unknown
https://remote-app-switcher.prod-east.frontend.public.atl-paas.net
unknown
http://x1.c.lencr.org/0
unknown
http://x1.i.lencr.org/0
unknown
https://bitbucket.org/mynewworkspace123312/scnd/downloads/FormattingCharitable.exe
185.166.143.48
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
unknown
https://observerfry.lat/Yec
unknown
https://aui-cdn.atlassian.com/
unknown
https://bbuseruploads.s3.amazonaws.com:443/70e84e0b-e14f-45c5-ab65-07760e9609fc/downloads/eaef3307-3
unknown
https://support.mozilla.org/products/firefoxgro.all
unknown
https://aui-cdn.atlassia
unknown
https://bitbucket.org/
unknown
https://bbc-frontbucket-canary.prod-east.frontend.public.atl-paas.net
unknown
https://bitbucket.org:443/mynewworkspace123312/scnd/downloads/FormattingCharitable.exe
unknown
https://observerfry.lat/(
unknown
https://observerfry.lat:443/apiocal
unknown
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
unknown
https://bbc-object-storage--frontbucket.us-east-1.prod.pu
unknown
https://observerfry.lat/api
172.67.199.72
https://web-security-reports.services.atlassian.com/csp-report/bb-website
unknown
https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696490019400400000.2&ci=1696490019252.
unknown
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
unknown
http://crl.rootca1.amazontrust.com/rootca1.crl0
unknown
http://upx.sf.net
unknown
https://observerfry.lat/
unknown
http://ocsp.rootca1.amazontrust.com0:
unknown
http://nsis.sf.net/NSIS_ErrorError
unknown
https://www.ecosia.org/newtab/
unknown
https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
unknown
https://dz8aopenkvv6s.cloudfront.net
unknown
https://remote-app-switcher.prod-
unknown
http://185.215.113.16/off/def.exeN/-
unknown
https://ac.ecosia.org/autocomplete?q=
unknown
https://bbc-frontbucket-canary.pro
unknown
https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
unknown
https://bbc-frontbucket-static.prod-east.frontend.public.atl-paas.net
unknown
https://cdn.cookielaw.org/
unknown
http://crt.rootca1.amazontrust.com/rootca1.cer0?
unknown
https://www.invisalign.com/?utm_source=admarketplace&utm_medium=paidsearch&utm_campaign=Invisalign&u
unknown
https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/;
unknown
https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pqWfpl%2B4pbW4pbWfpbW7ReNxR3UIG8zInwYIFIVs9e
unknown
https://bbc-object-storage--frontbucket.us-east-1.staging.public.atl-paas.
unknown
https://contile-images.services.mozilla.com/CuERQnIs4CzqjKBh9os6_h9d4CUDCHO3oiqmAQO6VLM.25122.jpg
unknown
https://observerfry.lat/apiER
unknown
https://observerfry.lat/v
unknown
https://remote-app-switcher.stg-east.frontend.public.atl-paas.net
unknown
http://185.215.113.16/off/def.exe
unknown
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
unknown
https://bbuseruploads.s3.amazonaws.com/
unknown
https://bitbucket.org/zK
unknown
https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696490019400400000.1&ci=1696490019252.12791&cta
unknown
There are 59 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
s3-w.us-east-1.amazonaws.com
16.15.177.52
bitbucket.org
185.166.143.48
observerfry.lat
172.67.199.72
bbuseruploads.s3.amazonaws.com
unknown

IPs

IP
Domain
Country
Malicious
172.67.199.72
observerfry.lat
United States
185.166.143.48
bitbucket.org
Germany
16.15.177.52
s3-w.us-east-1.amazonaws.com
United States

Registry

Path
Value
Malicious
\REGISTRY\A\{e4d1278b-99d8-8302-80c4-19dd56e534c4}\Root\InventoryApplicationFile\ttgxywtjg5.exe|9224ca44b119a5d7
ProgramId
\REGISTRY\A\{e4d1278b-99d8-8302-80c4-19dd56e534c4}\Root\InventoryApplicationFile\ttgxywtjg5.exe|9224ca44b119a5d7
FileId
\REGISTRY\A\{e4d1278b-99d8-8302-80c4-19dd56e534c4}\Root\InventoryApplicationFile\ttgxywtjg5.exe|9224ca44b119a5d7
LowerCaseLongPath
\REGISTRY\A\{e4d1278b-99d8-8302-80c4-19dd56e534c4}\Root\InventoryApplicationFile\ttgxywtjg5.exe|9224ca44b119a5d7
LongPathHash
\REGISTRY\A\{e4d1278b-99d8-8302-80c4-19dd56e534c4}\Root\InventoryApplicationFile\ttgxywtjg5.exe|9224ca44b119a5d7
Name
\REGISTRY\A\{e4d1278b-99d8-8302-80c4-19dd56e534c4}\Root\InventoryApplicationFile\ttgxywtjg5.exe|9224ca44b119a5d7
OriginalFileName
\REGISTRY\A\{e4d1278b-99d8-8302-80c4-19dd56e534c4}\Root\InventoryApplicationFile\ttgxywtjg5.exe|9224ca44b119a5d7
Publisher
\REGISTRY\A\{e4d1278b-99d8-8302-80c4-19dd56e534c4}\Root\InventoryApplicationFile\ttgxywtjg5.exe|9224ca44b119a5d7
Version
\REGISTRY\A\{e4d1278b-99d8-8302-80c4-19dd56e534c4}\Root\InventoryApplicationFile\ttgxywtjg5.exe|9224ca44b119a5d7
BinFileVersion
\REGISTRY\A\{e4d1278b-99d8-8302-80c4-19dd56e534c4}\Root\InventoryApplicationFile\ttgxywtjg5.exe|9224ca44b119a5d7
BinaryType
\REGISTRY\A\{e4d1278b-99d8-8302-80c4-19dd56e534c4}\Root\InventoryApplicationFile\ttgxywtjg5.exe|9224ca44b119a5d7
ProductName
\REGISTRY\A\{e4d1278b-99d8-8302-80c4-19dd56e534c4}\Root\InventoryApplicationFile\ttgxywtjg5.exe|9224ca44b119a5d7
ProductVersion
\REGISTRY\A\{e4d1278b-99d8-8302-80c4-19dd56e534c4}\Root\InventoryApplicationFile\ttgxywtjg5.exe|9224ca44b119a5d7
LinkDate
\REGISTRY\A\{e4d1278b-99d8-8302-80c4-19dd56e534c4}\Root\InventoryApplicationFile\ttgxywtjg5.exe|9224ca44b119a5d7
BinProductVersion
\REGISTRY\A\{e4d1278b-99d8-8302-80c4-19dd56e534c4}\Root\InventoryApplicationFile\ttgxywtjg5.exe|9224ca44b119a5d7
AppxPackageFullName
\REGISTRY\A\{e4d1278b-99d8-8302-80c4-19dd56e534c4}\Root\InventoryApplicationFile\ttgxywtjg5.exe|9224ca44b119a5d7
AppxPackageRelativeId
\REGISTRY\A\{e4d1278b-99d8-8302-80c4-19dd56e534c4}\Root\InventoryApplicationFile\ttgxywtjg5.exe|9224ca44b119a5d7
Size
\REGISTRY\A\{e4d1278b-99d8-8302-80c4-19dd56e534c4}\Root\InventoryApplicationFile\ttgxywtjg5.exe|9224ca44b119a5d7
Language
\REGISTRY\A\{e4d1278b-99d8-8302-80c4-19dd56e534c4}\Root\InventoryApplicationFile\ttgxywtjg5.exe|9224ca44b119a5d7
Usn
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
ClockTimeSeconds
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
TickCount
There are 11 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
866000
heap
page read and write
malicious
87D000
heap
page read and write
malicious
49D0000
direct allocation
page read and write
malicious
87D000
heap
page read and write
malicious
54A7000
trusted library allocation
page read and write
389F000
stack
page read and write
C45000
unkown
page execute and write copy
54B9000
trusted library allocation
page read and write
54BD000
trusted library allocation
page read and write
54D0000
trusted library allocation
page read and write
9C0000
unkown
page read and write
54A1000
trusted library allocation
page read and write
54F3000
trusted library allocation
page read and write
81E000
heap
page read and write
5947000
trusted library allocation
page read and write
5A69000
trusted library allocation
page read and write
59EA000
trusted library allocation
page read and write
54C0000
trusted library allocation
page read and write
55DB000
stack
page read and write
54E0000
trusted library allocation
page read and write
54D0000
trusted library allocation
page read and write
54D3000
trusted library allocation
page read and write
5A7C000
trusted library allocation
page read and write
7D7000
heap
page read and write
5561000
trusted library allocation
page read and write
88C000
heap
page read and write
551C000
trusted library allocation
page read and write
4B80000
direct allocation
page execute and read and write
2C1F000
stack
page read and write
81E000
heap
page read and write
5943000
trusted library allocation
page read and write
51FD000
stack
page read and write
A05000
unkown
page execute and read and write
54EA000
trusted library allocation
page read and write
54AC000
trusted library allocation
page read and write
877000
heap
page read and write
5941000
trusted library allocation
page read and write
551E000
trusted library allocation
page read and write
5945000
trusted library allocation
page read and write
CAB000
unkown
page execute and write copy
4541000
heap
page read and write
54FB000
trusted library allocation
page read and write
54C0000
trusted library allocation
page read and write
4DDE000
stack
page read and write
5A33000
trusted library allocation
page read and write
4640000
trusted library allocation
page read and write
551C000
trusted library allocation
page read and write
5947000
trusted library allocation
page read and write
84F000
heap
page read and write
551C000
trusted library allocation
page read and write
88C000
heap
page read and write
79A000
heap
page read and write
5513000
trusted library allocation
page read and write
864000
heap
page read and write
54AD000
trusted library allocation
page read and write
5B14000
trusted library allocation
page read and write
4B30000
direct allocation
page execute and read and write
5946000
trusted library allocation
page read and write
54E4000
trusted library allocation
page read and write
4520000
heap
page read and write
54C5000
trusted library allocation
page read and write
87D000
heap
page read and write
4541000
heap
page read and write
856000
heap
page read and write
55AD000
trusted library allocation
page read and write
54EC000
trusted library allocation
page read and write
54EF000
trusted library allocation
page read and write
BBB000
unkown
page execute and write copy
74EF6000
unkown
page readonly
5A18000
trusted library allocation
page read and write
858000
heap
page read and write
7EB000
heap
page read and write
C3D000
unkown
page execute and read and write
4E73000
trusted library allocation
page read and write
5545000
trusted library allocation
page read and write
5B4F000
trusted library allocation
page read and write
5040000
remote allocation
page read and write
5FB8000
trusted library allocation
page read and write
81E000
heap
page read and write
5638000
trusted library allocation
page read and write
54D9000
trusted library allocation
page read and write
5941000
trusted library allocation
page read and write
7FC000
heap
page read and write
54C0000
trusted library allocation
page read and write
CC0000
unkown
page execute and write copy
5A8D000
trusted library allocation
page read and write
54C8000
trusted library allocation
page read and write
5B90000
trusted library allocation
page readonly
54A9000
trusted library allocation
page read and write
59E0000
trusted library allocation
page read and write
54D0000
trusted library allocation
page read and write
5B8F000
trusted library allocation
page read and write
5B59000
trusted library allocation
page read and write
7FC000
heap
page read and write
CA9000
unkown
page execute and write copy
5550000
trusted library allocation
page read and write
54A0000
trusted library allocation
page read and write
54C0000
trusted library allocation
page read and write
55A9000
trusted library allocation
page read and write
568C000
trusted library allocation
page read and write
555F000
trusted library allocation
page read and write
C48000
unkown
page execute and read and write
88C000
heap
page read and write
54DA000
trusted library allocation
page read and write
54BF000
trusted library allocation
page read and write
54B1000
trusted library allocation
page read and write
59FE000
trusted library allocation
page read and write
2FDF000
stack
page read and write
5A31000
trusted library allocation
page read and write
54E1000
trusted library allocation
page read and write
551C000
trusted library allocation
page read and write
C27000
unkown
page execute and read and write
5534000
trusted library allocation
page read and write
54D3000
trusted library allocation
page read and write
5A78000
trusted library allocation
page read and write
9C1000
unkown
page execute and read and write
54D3000
trusted library allocation
page read and write
5A2E000
trusted library allocation
page read and write
5943000
trusted library allocation
page read and write
54DA000
trusted library allocation
page read and write
7FF000
heap
page read and write
4BA2000
trusted library allocation
page read and write
285D000
heap
page read and write
7E2000
heap
page read and write
852000
heap
page read and write
54AE000
trusted library allocation
page read and write
530E000
stack
page read and write
54C5000
trusted library allocation
page read and write
55B3000
trusted library allocation
page read and write
4541000
heap
page read and write
59E3000
trusted library allocation
page read and write
7EB000
heap
page read and write
54DF000
trusted library allocation
page read and write
2ADF000
stack
page read and write
441E000
stack
page read and write
501F000
stack
page read and write
59F3000
trusted library allocation
page read and write
5500000
trusted library allocation
page read and write
5544000
trusted library allocation
page read and write
4550000
heap
page read and write
5A17000
trusted library allocation
page read and write
7E2000
heap
page read and write
C54000
unkown
page execute and write copy
88C000
heap
page read and write
7FC000
heap
page read and write
CA9000
unkown
page execute and write copy
4541000
heap
page read and write
54EC000
trusted library allocation
page read and write
2E9F000
stack
page read and write
7EB000
heap
page read and write
54AD000
trusted library allocation
page read and write
BA9000
unkown
page execute and read and write
5513000
trusted library allocation
page read and write
C1D000
unkown
page execute and read and write
886000
heap
page read and write
54F3000
trusted library allocation
page read and write
54BB000
trusted library allocation
page read and write
315E000
stack
page read and write
54EF000
trusted library allocation
page read and write
5AB7000
trusted library allocation
page read and write
3B5E000
stack
page read and write
5A55000
trusted library allocation
page read and write
5A48000
trusted library allocation
page read and write
54D2000
trusted library allocation
page read and write
594B000
trusted library allocation
page read and write
54E1000
trusted library allocation
page read and write
5949000
trusted library allocation
page read and write
2C5E000
stack
page read and write
A21000
unkown
page execute and write copy
550B000
trusted library allocation
page read and write
54EE000
trusted library allocation
page read and write
7C7000
heap
page read and write
289C000
stack
page read and write
4B60000
direct allocation
page execute and read and write
2840000
direct allocation
page read and write
54FD000
trusted library allocation
page read and write
7DC000
heap
page read and write
54BC000
trusted library allocation
page read and write
54D3000
trusted library allocation
page read and write
4541000
heap
page read and write
2D5F000
stack
page read and write
54AE000
trusted library allocation
page read and write
54D5000
trusted library allocation
page read and write
4541000
heap
page read and write
54FC000
trusted library allocation
page read and write
2EDE000
stack
page read and write
5B91000
trusted library allocation
page execute read
54AE000
trusted library allocation
page read and write
5B9C000
trusted library allocation
page read and write
5550000
trusted library allocation
page read and write
5946000
trusted library allocation
page read and write
5A4F000
trusted library allocation
page read and write
C0D000
unkown
page execute and read and write
54FA000
trusted library allocation
page read and write
7E2000
heap
page read and write
54E4000
trusted library allocation
page read and write
4541000
heap
page read and write
55CC000
trusted library allocation
page read and write
54C5000
trusted library allocation
page read and write
54E1000
trusted library allocation
page read and write
88E000
heap
page read and write
54FB000
trusted library allocation
page read and write
5A7F000
trusted library allocation
page read and write
54FB000
trusted library allocation
page read and write
5949000
trusted library allocation
page read and write
A15000
unkown
page execute and write copy
81E000
heap
page read and write
5B99000
trusted library allocation
page readonly
5A5D000
trusted library allocation
page read and write
74EE1000
unkown
page execute read
2840000
direct allocation
page read and write
59E5000
trusted library allocation
page read and write
54A9000
trusted library allocation
page read and write
4541000
heap
page read and write
85A000
heap
page read and write
54D0000
trusted library allocation
page read and write
5946000
trusted library allocation
page read and write
CA0000
unkown
page execute and write copy
866000
heap
page read and write
54EB000
trusted library allocation
page read and write
339F000
stack
page read and write
54C0000
trusted library allocation
page read and write
7D9000
heap
page read and write
54C5000
trusted library allocation
page read and write
4541000
heap
page read and write
2850000
heap
page read and write
54F9000
trusted library allocation
page read and write
4541000
heap
page read and write
551C000
trusted library allocation
page read and write
54C0000
trusted library allocation
page read and write
54DD000
trusted library allocation
page read and write
54FD000
trusted library allocation
page read and write
3DDE000
stack
page read and write
554C000
trusted library allocation
page read and write
888000
heap
page read and write
5AAB000
trusted library allocation
page read and write
5A7C000
trusted library allocation
page read and write
C64000
unkown
page execute and write copy
4541000
heap
page read and write
54C3000
trusted library allocation
page read and write
405E000
stack
page read and write
5A97000
trusted library allocation
page read and write
CBF000
unkown
page execute and write copy
9C0000
unkown
page readonly
3B1F000
stack
page read and write
5A8E000
trusted library allocation
page read and write
54A5000
trusted library allocation
page read and write
4B50000
direct allocation
page execute and read and write
54B6000
trusted library allocation
page read and write
882000
heap
page read and write
B97000
unkown
page execute and read and write
4541000
heap
page read and write
54E7000
trusted library allocation
page read and write
5B6C000
trusted library allocation
page read and write
87D000
heap
page read and write
5517000
trusted library allocation
page read and write
CB1000
unkown
page execute and write copy
94E000
stack
page read and write
54C0000
trusted library allocation
page read and write
5550000
trusted library allocation
page read and write
29DE000
stack
page read and write
5944000
trusted library allocation
page read and write
2840000
direct allocation
page read and write
4B50000
direct allocation
page execute and read and write
5554000
trusted library allocation
page read and write
B94000
unkown
page execute and read and write
54C0000
trusted library allocation
page read and write
54E1000
trusted library allocation
page read and write
4541000
heap
page read and write
5A1A000
trusted library allocation
page read and write
4B0F000
stack
page read and write
4B90000
direct allocation
page execute and read and write
5A79000
trusted library allocation
page read and write
550B000
trusted library allocation
page read and write
54BA000
trusted library allocation
page read and write
BCF000
unkown
page execute and write copy
54BA000
trusted library allocation
page read and write
88C000
heap
page read and write
4541000
heap
page read and write
34DF000
stack
page read and write
54D4000
trusted library allocation
page read and write
846000
heap
page read and write
5513000
trusted library allocation
page read and write
877000
heap
page read and write
54C0000
trusted library allocation
page read and write
74EFF000
unkown
page readonly
2840000
direct allocation
page read and write
BD0000
unkown
page execute and read and write
571C000
trusted library allocation
page read and write
594C000
trusted library allocation
page read and write
4541000
heap
page read and write
BD5000
unkown
page execute and write copy
B7B000
unkown
page execute and write copy
88D000
heap
page read and write
550E000
trusted library allocation
page read and write
88A000
heap
page read and write
4F1E000
stack
page read and write
5A2B000
trusted library allocation
page read and write
54CF000
trusted library allocation
page read and write
882000
heap
page read and write
859000
heap
page read and write
4540000
heap
page read and write
54C2000
trusted library allocation
page read and write
4E5D000
trusted library allocation
page read and write
5945000
trusted library allocation
page read and write
311F000
stack
page read and write
550D000
trusted library allocation
page read and write
4B20000
direct allocation
page execute and read and write
5200000
heap
page read and write
54F4000
trusted library allocation
page read and write
550B000
trusted library allocation
page read and write
5516000
trusted library allocation
page read and write
5554000
trusted library allocation
page read and write
3C9E000
stack
page read and write
59FD000
trusted library allocation
page read and write
54A1000
trusted library allocation
page read and write
4B50000
direct allocation
page execute and read and write
55E4000
trusted library allocation
page read and write
4541000
heap
page read and write
551C000
trusted library allocation
page read and write
C04000
unkown
page execute and write copy
BA5000
unkown
page execute and write copy
5514000
trusted library allocation
page read and write
3EDF000
stack
page read and write
552F000
trusted library allocation
page read and write
5B79000
trusted library allocation
page read and write
54D8000
trusted library allocation
page read and write
859000
heap
page read and write
550B000
trusted library allocation
page read and write
54BD000
trusted library allocation
page read and write
847000
heap
page read and write
88A000
heap
page read and write
54C0000
trusted library allocation
page read and write
E9F000
stack
page read and write
54E1000
trusted library allocation
page read and write
9B0000
heap
page read and write
54E1000
trusted library allocation
page read and write
54E0000
trusted library allocation
page read and write
54B9000
trusted library allocation
page read and write
780000
heap
page read and write
88A000
heap
page read and write
5A49000
trusted library allocation
page read and write
54CE000
trusted library allocation
page read and write
877000
heap
page read and write
5945000
trusted library allocation
page read and write
594B000
trusted library allocation
page read and write
C60000
unkown
page execute and write copy
54FD000
trusted library allocation
page read and write
54BA000
trusted library allocation
page read and write
50AE000
stack
page read and write
2840000
direct allocation
page read and write
54E9000
trusted library allocation
page read and write
5941000
trusted library allocation
page read and write
5741000
trusted library allocation
page read and write
88A000
heap
page read and write
2857000
heap
page read and write
844000
heap
page read and write
3D9F000
stack
page read and write
882000
heap
page read and write
54B6000
trusted library allocation
page read and write
4E54000
trusted library allocation
page read and write
419E000
stack
page read and write
5942000
trusted library allocation
page read and write
54EA000
trusted library allocation
page read and write
54D9000
trusted library allocation
page read and write
54C8000
trusted library allocation
page read and write
5941000
trusted library allocation
page read and write
5A11000
trusted library allocation
page read and write
54BD000
trusted library allocation
page read and write
54BD000
trusted library allocation
page read and write
5B31000
trusted library allocation
page read and write
857000
heap
page read and write
4E50000
trusted library allocation
page read and write
5948000
trusted library allocation
page read and write
5946000
trusted library allocation
page read and write
555E000
trusted library allocation
page read and write
351E000
stack
page read and write
5BB7000
trusted library allocation
page read and write
5942000
trusted library allocation
page read and write
54FC000
trusted library allocation
page read and write
54C5000
trusted library allocation
page read and write
5AD6000
trusted library allocation
page read and write
49D0000
direct allocation
page read and write
49CD000
stack
page read and write
54C0000
trusted library allocation
page read and write
2840000
direct allocation
page read and write
4B50000
direct allocation
page execute and read and write
594E000
trusted library allocation
page read and write
54CD000
trusted library allocation
page read and write
BA0000
unkown
page execute and read and write
C25000
unkown
page execute and write copy
54E1000
trusted library allocation
page read and write
4B70000
direct allocation
page execute and read and write
54ED000
trusted library allocation
page read and write
551A000
trusted library allocation
page read and write
5AAD000
trusted library allocation
page read and write
574C000
trusted library allocation
page read and write
550D000
trusted library allocation
page read and write
54F3000
trusted library allocation
page read and write
54D7000
trusted library allocation
page read and write
54FE000
trusted library allocation
page read and write
900000
heap
page read and write
536E000
stack
page read and write
54C8000
trusted library allocation
page read and write
4D9D000
stack
page read and write
54C0000
trusted library allocation
page read and write
54EC000
trusted library allocation
page read and write
C65000
unkown
page execute and read and write
5654000
trusted library allocation
page read and write
85E000
heap
page read and write
594A000
trusted library allocation
page read and write
C63000
unkown
page execute and read and write
889000
heap
page read and write
C34000
unkown
page execute and read and write
5554000
trusted library allocation
page read and write
4EDF000
stack
page read and write
42DE000
stack
page read and write
54A1000
trusted library allocation
page read and write
9AE000
stack
page read and write
54E6000
trusted library allocation
page read and write
5503000
trusted library allocation
page read and write
54BD000
trusted library allocation
page read and write
5A2C000
trusted library allocation
page read and write
5942000
trusted library allocation
page read and write
54C1000
trusted library allocation
page read and write
886000
heap
page read and write
54C0000
trusted library allocation
page read and write
7FE000
heap
page read and write
5A77000
trusted library allocation
page read and write
C09000
unkown
page execute and write copy
5A10000
trusted library allocation
page read and write
864000
heap
page read and write
C9C000
unkown
page execute and write copy
54D0000
trusted library allocation
page read and write
59F1000
trusted library allocation
page read and write
5940000
trusted library allocation
page read and write
5941000
trusted library allocation
page read and write
5940000
trusted library allocation
page read and write
283F000
stack
page read and write
88E000
heap
page read and write
4B50000
direct allocation
page execute and read and write
890000
heap
page read and write
5941000
trusted library allocation
page read and write
C08000
unkown
page execute and read and write
4A14000
direct allocation
page read and write
5A2C000
trusted library allocation
page read and write
54D5000
trusted library allocation
page read and write
5E90000
heap
page read and write
5948000
trusted library allocation
page read and write
5AFA000
trusted library allocation
page read and write
859000
heap
page read and write
5A38000
trusted library allocation
page read and write
325F000
stack
page read and write
54B9000
trusted library allocation
page read and write
54DC000
trusted library allocation
page read and write
54DA000
trusted library allocation
page read and write
74EE0000
unkown
page readonly
CAA000
unkown
page execute and read and write
552C000
trusted library allocation
page read and write
54EB000
trusted library allocation
page read and write
4541000
heap
page read and write
54DF000
trusted library allocation
page read and write
5946000
trusted library allocation
page read and write
2840000
direct allocation
page read and write
877000
heap
page read and write
C83000
unkown
page execute and read and write
4541000
heap
page read and write
88C000
heap
page read and write
905000
heap
page read and write
54B0000
trusted library allocation
page read and write
5A5A000
trusted library allocation
page read and write
3F1E000
stack
page read and write
2840000
direct allocation
page read and write
5943000
trusted library allocation
page read and write
54A2000
trusted library allocation
page read and write
C30000
unkown
page execute and write copy
73A000
stack
page read and write
B9F000
unkown
page execute and write copy
301E000
stack
page read and write
5C90000
trusted library allocation
page readonly
550D000
trusted library allocation
page read and write
BE9000
unkown
page execute and read and write
5203000
heap
page read and write
5504000
trusted library allocation
page read and write
5554000
trusted library allocation
page read and write
790000
heap
page read and write
885000
heap
page read and write
C3B000
unkown
page execute and write copy
550B000
trusted library allocation
page read and write
2840000
direct allocation
page read and write
51AF000
stack
page read and write
54A2000
trusted library allocation
page read and write
38DE000
stack
page read and write
54D3000
trusted library allocation
page read and write
4C9D000
stack
page read and write
54CB000
trusted library allocation
page read and write
54D0000
trusted library allocation
page read and write
551C000
trusted library allocation
page read and write
54D0000
trusted library allocation
page read and write
7E2000
heap
page read and write
8FE000
stack
page read and write
567C000
trusted library allocation
page read and write
B79000
unkown
page execute and read and write
5B8D000
stack
page read and write
5A34000
trusted library allocation
page read and write
5040000
remote allocation
page read and write
F9E000
stack
page read and write
49D0000
direct allocation
page read and write
54AE000
trusted library allocation
page read and write
2D9E000
stack
page read and write
7DC000
heap
page read and write
866000
heap
page read and write
5942000
trusted library allocation
page read and write
55E0000
trusted library allocation
page read and write
39DF000
stack
page read and write
88E000
heap
page read and write
5940000
trusted library allocation
page read and write
415F000
stack
page read and write
74EFD000
unkown
page read and write
54D2000
trusted library allocation
page read and write
43DF000
stack
page read and write
54AA000
trusted library allocation
page read and write
7FC000
heap
page read and write
54DA000
trusted library allocation
page read and write
54DB000
trusted library allocation
page read and write
54AD000
trusted library allocation
page read and write
5BAF000
trusted library allocation
page read and write
546F000
stack
page read and write
88E000
heap
page read and write
5942000
trusted library allocation
page read and write
7DC000
heap
page read and write
54B0000
trusted library allocation
page read and write
4541000
heap
page read and write
2B1E000
stack
page read and write
5943000
trusted library allocation
page read and write
594B000
trusted library allocation
page read and write
54BA000
trusted library allocation
page read and write
54C0000
trusted library allocation
page read and write
55AD000
trusted library allocation
page read and write
877000
heap
page read and write
5503000
trusted library allocation
page read and write
5684000
trusted library allocation
page read and write
54EC000
trusted library allocation
page read and write
A15000
unkown
page execute and read and write
361F000
stack
page read and write
C19000
unkown
page execute and write copy
54A1000
trusted library allocation
page read and write
63B000
stack
page read and write
550B000
trusted library allocation
page read and write
C02000
unkown
page execute and write copy
877000
heap
page read and write
5550000
trusted library allocation
page read and write
54E1000
trusted library allocation
page read and write
594C000
trusted library allocation
page read and write
7EB000
heap
page read and write
59FF000
trusted library allocation
page read and write
5943000
trusted library allocation
page read and write
5040000
remote allocation
page read and write
54E7000
trusted library allocation
page read and write
365E000
stack
page read and write
375F000
stack
page read and write
85E000
heap
page read and write
54B7000
trusted library allocation
page read and write
54EF000
trusted library allocation
page read and write
401F000
stack
page read and write
54C0000
trusted library allocation
page read and write
54F1000
trusted library allocation
page read and write
54BB000
trusted library allocation
page read and write
CBF000
unkown
page execute and read and write
54D6000
trusted library allocation
page read and write
54D0000
trusted library allocation
page read and write
54A6000
trusted library allocation
page read and write
54E7000
trusted library allocation
page read and write
4541000
heap
page read and write
5A63000
trusted library allocation
page read and write
54A5000
trusted library allocation
page read and write
859000
heap
page read and write
5503000
trusted library allocation
page read and write
54D9000
trusted library allocation
page read and write
2840000
direct allocation
page read and write
54AD000
trusted library allocation
page read and write
54D5000
trusted library allocation
page read and write
54C0000
trusted library allocation
page read and write
4E66000
trusted library allocation
page read and write
54AA000
trusted library allocation
page read and write
5946000
trusted library allocation
page read and write
5A0C000
trusted library allocation
page read and write
888000
heap
page read and write
864000
heap
page read and write
5740000
trusted library allocation
page read and write
54C0000
trusted library allocation
page read and write
9C1000
unkown
page execute and write copy
4D54000
trusted library allocation
page read and write
55A0000
trusted library allocation
page read and write
C03000
unkown
page execute and read and write
B96000
unkown
page execute and write copy
451F000
stack
page read and write
54D0000
trusted library allocation
page read and write
4541000
heap
page read and write
4B50000
direct allocation
page execute and read and write
554F000
trusted library allocation
page read and write
54B7000
trusted library allocation
page read and write
54C0000
trusted library allocation
page read and write
87D000
heap
page read and write
550D000
trusted library allocation
page read and write
CB1000
unkown
page execute and write copy
54D0000
trusted library allocation
page read and write
429F000
stack
page read and write
54FB000
trusted library allocation
page read and write
888000
heap
page read and write
54B9000
trusted library allocation
page read and write
299F000
stack
page read and write
4B40000
direct allocation
page execute and read and write
54D3000
trusted library allocation
page read and write
55A9000
trusted library allocation
page read and write
C55000
unkown
page execute and read and write
54ED000
trusted library allocation
page read and write
2840000
direct allocation
page read and write
379E000
stack
page read and write
54B2000
trusted library allocation
page read and write
54BB000
trusted library allocation
page read and write
54BA000
trusted library allocation
page read and write
886000
heap
page read and write
59ED000
trusted library allocation
page read and write
2840000
direct allocation
page read and write
4B5D000
stack
page read and write
2840000
direct allocation
page read and write
4541000
heap
page read and write
4A0C000
stack
page read and write
866000
heap
page read and write
54B7000
trusted library allocation
page read and write
BBD000
unkown
page execute and read and write
33DE000
stack
page read and write
79E000
heap
page read and write
54FE000
trusted library allocation
page read and write
4541000
heap
page read and write
54DC000
trusted library allocation
page read and write
329E000
stack
page read and write
3C5F000
stack
page read and write
54F9000
trusted library allocation
page read and write
54F6000
trusted library allocation
page read and write
5604000
trusted library allocation
page read and write
2840000
direct allocation
page read and write
866000
heap
page read and write
5947000
trusted library allocation
page read and write
5941000
trusted library allocation
page read and write
5507000
trusted library allocation
page read and write
3A1E000
stack
page read and write
There are 638 hidden memdumps, click here to show them.