IOC Report
tZZIAvJ2Tf.exe

FilesProcessesURLsDomainsIPsRegistryMemdumps642010010Label

Files

File Path
Type
Category
Malicious
Download
tZZIAvJ2Tf.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
initial sample
malicious
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_tZZIAvJ2Tf.exe_f98777feb7192158cd3519c5738ec639fe772ee_3091426e_00f47b21-339c-494a-bf0f-42fb2d83cf2a\Report.wer
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
malicious
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\tZZIAvJ2Tf.exe.log
CSV text
dropped
malicious
C:\Users\user\AppData\Roaming\tZZIAvJ2Tf.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
malicious
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB559.tmp.dmp
Mini DuMP crash report, 16 streams, Sun Jan 26 14:27:45 2025, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB990.tmp.WERInternalMetadata.xml
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB9E0.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tZZIAvJ2Tf.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Sun Jan 26 13:24:26 2025, mtime=Sun Jan 26 13:24:28 2025, atime=Sun Jan 26 13:24:28 2025, length=33280, window=hide
dropped
C:\Windows\appcompat\Programs\Amcache.hve
MS Windows registry file, NT/2000 or above
dropped

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\tZZIAvJ2Tf.exe
"C:\Users\user\Desktop\tZZIAvJ2Tf.exe"
malicious
C:\Windows\System32\schtasks.exe
"C:\Windows\System32\schtasks.exe" /create /f /RL HIGHEST /sc minute /mo 1 /tn "tZZIAvJ2Tf" /tr "C:\Users\user\AppData\Roaming\tZZIAvJ2Tf.exe"
malicious
C:\Users\user\AppData\Roaming\tZZIAvJ2Tf.exe
C:\Users\user\AppData\Roaming\tZZIAvJ2Tf.exe
malicious
C:\Users\user\AppData\Roaming\tZZIAvJ2Tf.exe
C:\Users\user\AppData\Roaming\tZZIAvJ2Tf.exe
malicious
C:\Users\user\AppData\Roaming\tZZIAvJ2Tf.exe
C:\Users\user\AppData\Roaming\tZZIAvJ2Tf.exe
malicious
C:\Users\user\AppData\Roaming\tZZIAvJ2Tf.exe
C:\Users\user\AppData\Roaming\tZZIAvJ2Tf.exe
malicious
C:\Users\user\AppData\Roaming\tZZIAvJ2Tf.exe
C:\Users\user\AppData\Roaming\tZZIAvJ2Tf.exe
malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\WerFault.exe
C:\Windows\system32\WerFault.exe -u -p 7788 -s 2912

URLs

Name
IP
Malicious
http://upx.sf.net
unknown
https://pastebin.com/raw/djZsmRNC
104.20.3.235
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
http://crl.v
unknown

Domains

Name
IP
Malicious
pastebin.com
104.20.3.235

IPs

IP
Domain
Country
Malicious
18.230.108.113
unknown
United States
malicious
104.20.3.235
pastebin.com
United States

Registry

Path
Value
Malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\tZZIAvJ2Tf_RASAPI32
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\tZZIAvJ2Tf_RASAPI32
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\tZZIAvJ2Tf_RASAPI32
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\tZZIAvJ2Tf_RASAPI32
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\tZZIAvJ2Tf_RASAPI32
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\tZZIAvJ2Tf_RASAPI32
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\tZZIAvJ2Tf_RASAPI32
FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\tZZIAvJ2Tf_RASMANCS
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\tZZIAvJ2Tf_RASMANCS
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\tZZIAvJ2Tf_RASMANCS
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\tZZIAvJ2Tf_RASMANCS
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\tZZIAvJ2Tf_RASMANCS
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\tZZIAvJ2Tf_RASMANCS
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\tZZIAvJ2Tf_RASMANCS
FileDirectory
\REGISTRY\A\{6b48dc5b-e91d-ce9d-5f89-6e56d360524e}\Root\InventoryApplicationFile\tzziavj2tf.exe|17000de3242aa6b0
ProgramId
\REGISTRY\A\{6b48dc5b-e91d-ce9d-5f89-6e56d360524e}\Root\InventoryApplicationFile\tzziavj2tf.exe|17000de3242aa6b0
FileId
\REGISTRY\A\{6b48dc5b-e91d-ce9d-5f89-6e56d360524e}\Root\InventoryApplicationFile\tzziavj2tf.exe|17000de3242aa6b0
LowerCaseLongPath
\REGISTRY\A\{6b48dc5b-e91d-ce9d-5f89-6e56d360524e}\Root\InventoryApplicationFile\tzziavj2tf.exe|17000de3242aa6b0
LongPathHash
\REGISTRY\A\{6b48dc5b-e91d-ce9d-5f89-6e56d360524e}\Root\InventoryApplicationFile\tzziavj2tf.exe|17000de3242aa6b0
Name
\REGISTRY\A\{6b48dc5b-e91d-ce9d-5f89-6e56d360524e}\Root\InventoryApplicationFile\tzziavj2tf.exe|17000de3242aa6b0
OriginalFileName
\REGISTRY\A\{6b48dc5b-e91d-ce9d-5f89-6e56d360524e}\Root\InventoryApplicationFile\tzziavj2tf.exe|17000de3242aa6b0
Publisher
\REGISTRY\A\{6b48dc5b-e91d-ce9d-5f89-6e56d360524e}\Root\InventoryApplicationFile\tzziavj2tf.exe|17000de3242aa6b0
Version
\REGISTRY\A\{6b48dc5b-e91d-ce9d-5f89-6e56d360524e}\Root\InventoryApplicationFile\tzziavj2tf.exe|17000de3242aa6b0
BinFileVersion
\REGISTRY\A\{6b48dc5b-e91d-ce9d-5f89-6e56d360524e}\Root\InventoryApplicationFile\tzziavj2tf.exe|17000de3242aa6b0
BinaryType
\REGISTRY\A\{6b48dc5b-e91d-ce9d-5f89-6e56d360524e}\Root\InventoryApplicationFile\tzziavj2tf.exe|17000de3242aa6b0
ProductName
\REGISTRY\A\{6b48dc5b-e91d-ce9d-5f89-6e56d360524e}\Root\InventoryApplicationFile\tzziavj2tf.exe|17000de3242aa6b0
ProductVersion
\REGISTRY\A\{6b48dc5b-e91d-ce9d-5f89-6e56d360524e}\Root\InventoryApplicationFile\tzziavj2tf.exe|17000de3242aa6b0
LinkDate
\REGISTRY\A\{6b48dc5b-e91d-ce9d-5f89-6e56d360524e}\Root\InventoryApplicationFile\tzziavj2tf.exe|17000de3242aa6b0
BinProductVersion
\REGISTRY\A\{6b48dc5b-e91d-ce9d-5f89-6e56d360524e}\Root\InventoryApplicationFile\tzziavj2tf.exe|17000de3242aa6b0
AppxPackageFullName
\REGISTRY\A\{6b48dc5b-e91d-ce9d-5f89-6e56d360524e}\Root\InventoryApplicationFile\tzziavj2tf.exe|17000de3242aa6b0
AppxPackageRelativeId
\REGISTRY\A\{6b48dc5b-e91d-ce9d-5f89-6e56d360524e}\Root\InventoryApplicationFile\tzziavj2tf.exe|17000de3242aa6b0
Size
\REGISTRY\A\{6b48dc5b-e91d-ce9d-5f89-6e56d360524e}\Root\InventoryApplicationFile\tzziavj2tf.exe|17000de3242aa6b0
Language
\REGISTRY\A\{6b48dc5b-e91d-ce9d-5f89-6e56d360524e}\Root\InventoryApplicationFile\tzziavj2tf.exe|17000de3242aa6b0
Usn
There are 23 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
Download
802000
unkown
page readonly
malicious
2A7C000
trusted library allocation
page read and write
malicious
2B60000
trusted library allocation
page read and write
139E000
stack
page read and write
1BA9F000
stack
page read and write
E30000
heap
page read and write
1540000
heap
page read and write
2920000
heap
page read and write
12F48000
trusted library allocation
page read and write
7FFE7DD30000
trusted library allocation
page read and write
1B2CC000
stack
page read and write
C20000
heap
page read and write
2D4F000
trusted library allocation
page read and write
7FFE7DD9C000
trusted library allocation
page execute and read and write
1C71E000
stack
page read and write
8E0000
heap
page read and write
7FFE7DD2D000
trusted library allocation
page execute and read and write
12F41000
trusted library allocation
page read and write
8B0000
heap
page read and write
7FFE7DDF0000
trusted library allocation
page read and write
7FFE7DD9C000
trusted library allocation
page execute and read and write
1B370000
heap
page read and write
1B7C0000
heap
page read and write
1655000
heap
page read and write
F30000
heap
page read and write
3101000
trusted library allocation
page read and write
30F1000
trusted library allocation
page read and write
C00000
heap
page read and write
2A8E000
trusted library allocation
page read and write
11C0000
trusted library allocation
page read and write
8CB000
heap
page read and write
2BB0000
heap
page execute and read and write
7FFE7DD52000
trusted library allocation
page read and write
15F0000
trusted library allocation
page read and write
1415000
heap
page read and write
7FFE7DE00000
trusted library allocation
page execute and read and write
990000
heap
page read and write
30FC000
trusted library allocation
page read and write
2A2E000
stack
page read and write
D6E000
heap
page read and write
7FFE7DE50000
trusted library allocation
page execute and read and write
CEF000
heap
page read and write
7FFE7DE00000
trusted library allocation
page read and write
1215000
heap
page read and write
7FFE7DD6B000
trusted library allocation
page execute and read and write
7FFE7DD5D000
trusted library allocation
page execute and read and write
C60000
trusted library allocation
page read and write
2580000
heap
page read and write
1335000
heap
page read and write
2A9C000
trusted library allocation
page read and write
7FFE7DDAC000
trusted library allocation
page execute and read and write
D83000
heap
page read and write
7FFE7DE26000
trusted library allocation
page execute and read and write
EAD000
heap
page read and write
12D48000
trusted library allocation
page read and write
1BBCF000
stack
page read and write
7FFE7DD8C000
trusted library allocation
page execute and read and write
7FFE7DD6D000
trusted library allocation
page execute and read and write
3095000
trusted library allocation
page read and write
1ADB6000
heap
page read and write
1BACE000
stack
page read and write
254E000
stack
page read and write
2DC5000
trusted library allocation
page read and write
7FFE7DD4D000
trusted library allocation
page execute and read and write
F20000
heap
page read and write
7FFE7DD44000
trusted library allocation
page read and write
D21000
heap
page read and write
1B76F000
stack
page read and write
7FFE7DE10000
trusted library allocation
page execute and read and write
F80000
heap
page read and write
7FFE7DEE0000
trusted library allocation
page read and write
F4D000
heap
page read and write
895000
heap
page read and write
810000
heap
page read and write
8D5000
heap
page read and write
1BB3B000
heap
page read and write
2F41000
trusted library allocation
page read and write
FA6000
heap
page read and write
FC0000
heap
page read and write
1B9EE000
stack
page read and write
277F000
trusted library allocation
page read and write
FBF000
stack
page read and write
7FFE7DD40000
trusted library allocation
page read and write
143E000
stack
page read and write
7FFE7DE36000
trusted library allocation
page execute and read and write
F9C000
heap
page read and write
7FFE7DDF0000
trusted library allocation
page execute and read and write
1320000
heap
page read and write
1B990000
heap
page execute and read and write
12CA000
heap
page read and write
7FFE7DD62000
trusted library allocation
page read and write
1BA70000
heap
page read and write
944000
stack
page read and write
1134000
stack
page read and write
13E5000
heap
page read and write
C70000
trusted library allocation
page read and write
915000
heap
page read and write
1B3C3000
heap
page read and write
7F0000
heap
page read and write
7FFE7DDD0000
trusted library allocation
page read and write
1C915000
stack
page read and write
FC5000
heap
page read and write
E60000
heap
page read and write
917000
heap
page read and write
219162EE000
heap
page read and write
CA5000
heap
page read and write
1210000
heap
page read and write
F52000
heap
page read and write
12D41000
trusted library allocation
page read and write
2C10000
heap
page read and write
BE4000
stack
page read and write
7FFE7DD7C000
trusted library allocation
page execute and read and write
CDA000
heap
page read and write
BAF000
stack
page read and write
2DC3000
trusted library allocation
page read and write
8B8000
heap
page read and write
7FFE7DDE0000
trusted library allocation
page read and write
7FFE7DD43000
trusted library allocation
page execute and read and write
1BFAE000
stack
page read and write
F10000
heap
page read and write
E86000
heap
page read and write
7FFE7DDE0000
trusted library allocation
page execute and read and write
1C1A4000
stack
page read and write
7FFE7DD40000
trusted library allocation
page read and write
7FFE7DE26000
trusted library allocation
page execute and read and write
E80000
heap
page read and write
12F43000
trusted library allocation
page read and write
2F40000
heap
page read and write
130F000
heap
page read and write
1B96D000
stack
page read and write
1BB68000
heap
page read and write
2B80000
trusted library allocation
page read and write
1BB9E000
stack
page read and write
219162D0000
heap
page read and write
E8C000
heap
page read and write
1B9CF000
stack
page read and write
830000
heap
page read and write
1B6CE000
stack
page read and write
EBF000
heap
page read and write
D1D000
heap
page read and write
130C000
heap
page read and write
800000
unkown
page readonly
1380000
heap
page read and write
966000
heap
page read and write
1268000
heap
page read and write
1BACE000
heap
page read and write
FEB000
heap
page read and write
7FFE7DE00000
trusted library allocation
page execute and read and write
CA0000
heap
page read and write
130F8000
trusted library allocation
page read and write
2F51000
trusted library allocation
page read and write
100A000
heap
page read and write
1037000
heap
page read and write
7FFE7DE06000
trusted library allocation
page execute and read and write
890000
heap
page read and write
15EE000
stack
page read and write
F80000
heap
page read and write
30FF000
trusted library allocation
page read and write
2C90000
heap
page execute and read and write
1B1EE000
stack
page read and write
11A0000
trusted library allocation
page read and write
7FFE7DD3D000
trusted library allocation
page execute and read and write
1B3C0000
heap
page read and write
7FFE7DEE0000
trusted library allocation
page read and write
C40000
trusted library allocation
page read and write
1035000
heap
page read and write
1B56D000
stack
page read and write
EB5000
heap
page read and write
1B66E000
stack
page read and write
1ABED000
stack
page read and write
7FFE7DD50000
trusted library allocation
page read and write
2A90000
trusted library allocation
page read and write
7FF452200000
trusted library allocation
page execute and read and write
F40000
heap
page read and write
7FFE7DD34000
trusted library allocation
page read and write
2D01000
trusted library allocation
page read and write
7FFE7DEF0000
trusted library allocation
page read and write
7FFE7DD70000
trusted library allocation
page read and write
2D51000
trusted library allocation
page read and write
FD0000
heap
page read and write
28A0000
heap
page execute and read and write
9D0000
heap
page read and write
7FFE7DD8C000
trusted library allocation
page execute and read and write
219162E9000
heap
page read and write
880000
trusted library allocation
page read and write
1B990000
heap
page read and write
7FFE7DE60000
trusted library allocation
page execute and read and write
1043000
heap
page read and write
7FFE7DD4D000
trusted library allocation
page execute and read and write
130F1000
trusted library allocation
page read and write
7FFE7DD60000
trusted library allocation
page read and write
1BA6C000
stack
page read and write
EC2000
heap
page read and write
7FFE7DED0000
trusted library allocation
page read and write
2F4C000
trusted library allocation
page read and write
7FFE7DD3D000
trusted library allocation
page execute and read and write
12F0000
heap
page read and write
8EA000
heap
page read and write
14D0000
heap
page read and write
1610000
trusted library allocation
page read and write
277C000
trusted library allocation
page read and write
8EC000
heap
page read and write
FD8000
heap
page read and write
12A38000
trusted library allocation
page read and write
12D01000
trusted library allocation
page read and write
1B4CD000
stack
page read and write
1B6D0000
heap
page execute and read and write
7FFE7DE16000
trusted library allocation
page execute and read and write
10B0000
heap
page read and write
9C5000
heap
page read and write
FC5000
heap
page read and write
1B02E000
stack
page read and write
1B91E000
stack
page read and write
2781000
trusted library allocation
page read and write
1BAC0000
heap
page execute and read and write
AA0000
unkown
page readonly
7FFE7DD54000
trusted library allocation
page read and write
129E000
stack
page read and write
1B2EE000
stack
page read and write
F40000
heap
page read and write
7FFE7DD40000
trusted library allocation
page read and write
CB6000
heap
page read and write
1170000
heap
page read and write
FC0000
heap
page read and write
12A3F000
trusted library allocation
page read and write
9DE097F000
stack
page read and write
129C000
heap
page read and write
12A0000
trusted library allocation
page read and write
7FFE7DD4D000
trusted library allocation
page execute and read and write
12A31000
trusted library allocation
page read and write
124E000
stack
page read and write
12778000
trusted library allocation
page read and write
7FFE7DD44000
trusted library allocation
page read and write
28F0000
heap
page execute and read and write
1330000
heap
page read and write
129E000
heap
page read and write
12773000
trusted library allocation
page read and write
1288000
heap
page read and write
12D08000
trusted library allocation
page read and write
7FFE7DDFC000
trusted library allocation
page execute and read and write
108B000
heap
page read and write
1150000
heap
page read and write
1B390000
heap
page read and write
CF2000
heap
page read and write
E40000
heap
page read and write
7FFE7DED0000
trusted library allocation
page read and write
219166C5000
heap
page read and write
2C2E000
stack
page read and write
7FFE7DD40000
trusted library allocation
page read and write
1BCCE000
stack
page read and write
7FFE7DD50000
trusted library allocation
page read and write
9A0000
heap
page read and write
F40000
heap
page read and write
2F4F000
trusted library allocation
page read and write
EF4000
stack
page read and write
2760000
heap
page execute and read and write
8D8000
heap
page read and write
1BB02000
heap
page read and write
FBB000
heap
page read and write
13E0000
heap
page read and write
12D03000
trusted library allocation
page read and write
100C000
heap
page read and write
1260000
heap
page read and write
2A78000
trusted library allocation
page read and write
2A9A000
trusted library allocation
page read and write
7FFE7DD42000
trusted library allocation
page read and write
14EE000
stack
page read and write
1B4DD000
stack
page read and write
7FFE7DEF0000
trusted library allocation
page execute and read and write
1AA30000
trusted library allocation
page read and write
7FFE7DD5D000
trusted library allocation
page execute and read and write
1280000
trusted library allocation
page read and write
1B6E0000
heap
page execute and read and write
1B28D000
stack
page read and write
710000
heap
page read and write
1CA25000
heap
page read and write
2CF0000
heap
page read and write
7FFE7DE70000
trusted library allocation
page execute and read and write
7FFE7DD24000
trusted library allocation
page read and write
7FFE7DD60000
trusted library allocation
page read and write
1B7EE000
stack
page read and write
F60000
heap
page read and write
1B0E0000
heap
page execute and read and write
7FFE7DEC0000
trusted library allocation
page read and write
1B3EE000
stack
page read and write
1290000
heap
page read and write
219164B0000
heap
page read and write
7FFE7DE16000
trusted library allocation
page execute and read and write
1C81A000
stack
page read and write
7FFE7DDF6000
trusted library allocation
page read and write
7FFE7DD6D000
trusted library allocation
page execute and read and write
7FFE7DE40000
trusted library allocation
page execute and read and write
EF4000
stack
page read and write
7FFE7DD60000
trusted library allocation
page read and write
EBE000
unkown
page read and write
1CA29000
heap
page read and write
2D4C000
trusted library allocation
page read and write
12771000
trusted library allocation
page read and write
BB0000
trusted library allocation
page read and write
7FFE7DD4D000
trusted library allocation
page execute and read and write
EF0000
heap
page read and write
9DE0879000
stack
page read and write
1094000
heap
page read and write
CB0000
heap
page read and write
7FFE7DD5D000
trusted library allocation
page execute and read and write
1CA20000
heap
page read and write
1B8EE000
stack
page read and write
7FFE7DD50000
trusted library allocation
page read and write
7FFE7DF11000
trusted library allocation
page read and write
1C2AC000
stack
page read and write
1360000
heap
page read and write
1B8CE000
stack
page read and write
2A98000
trusted library allocation
page read and write
EED000
heap
page read and write
114F000
stack
page read and write
2D41000
trusted library allocation
page read and write
1650000
heap
page read and write
7FFE7DD64000
trusted library allocation
page read and write
7FFE7DF00000
trusted library allocation
page execute and read and write
7FFE7DD54000
trusted library allocation
page read and write
7FFE7DD34000
trusted library allocation
page read and write
2B2F000
stack
page read and write
7FFE7DD64000
trusted library allocation
page read and write
219166C0000
heap
page read and write
C73000
trusted library allocation
page read and write
F89000
heap
page read and write
13A0000
heap
page read and write
FB0000
heap
page read and write
F50000
heap
page read and write
CBC000
heap
page read and write
7FFE7DD44000
trusted library allocation
page read and write
FEC000
heap
page read and write
1C0A9000
stack
page read and write
FBE000
heap
page read and write
1285000
heap
page read and write
7FFE7DD52000
trusted library allocation
page read and write
1052000
heap
page read and write
FF5000
heap
page read and write
2EFE000
stack
page read and write
219164D0000
heap
page read and write
15B0000
heap
page read and write
10B5000
heap
page read and write
1410000
heap
page read and write
1BDAE000
stack
page read and write
7FFE7DD42000
trusted library allocation
page read and write
2C30000
heap
page read and write
2A96000
trusted library allocation
page read and write
1BA9E000
stack
page read and write
15B5000
heap
page read and write
1545000
heap
page read and write
30E0000
heap
page execute and read and write
7FFE7DD44000
trusted library allocation
page read and write
219162E0000
heap
page read and write
9DE08FE000
unkown
page read and write
1AFBC000
stack
page read and write
12A3000
heap
page read and write
7FFE7DE60000
trusted library allocation
page execute and read and write
1300000
heap
page read and write
F60000
heap
page read and write
2771000
trusted library allocation
page read and write
D1B000
heap
page read and write
7FFE7DD3D000
trusted library allocation
page execute and read and write
1B86E000
stack
page read and write
9C0000
heap
page read and write
D71000
heap
page read and write
2F3E000
stack
page read and write
FFF000
heap
page read and write
EEB000
heap
page read and write
1BB05000
heap
page read and write
2A31000
trusted library allocation
page read and write
2D0C000
trusted library allocation
page read and write
2D3E000
stack
page read and write
1AA60000
trusted library allocation
page read and write
130F3000
trusted library allocation
page read and write
6F4000
stack
page read and write
AAE000
stack
page read and write
7FFE7DDF0000
trusted library allocation
page read and write
7FFE7DD32000
trusted library allocation
page read and write
7FFE7DE50000
trusted library allocation
page execute and read and write
2E30000
heap
page execute and read and write
12D43000
trusted library allocation
page read and write
There are 371 hidden memdumps, click here to show them.