IOC Report
grcKLMutRS.exe

loading gifFilesProcessesURLsDomainsIPsRegistryMemdumps54321010010Label

Files

File Path
Type
Category
Malicious
Download
grcKLMutRS.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
malicious
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_58AA.tmp.exe_5175ecd12ea937e84a7a8d15c7d80c137c49d13_02a4e6a5_541f6b36-9b40-428e-bb29-db8676d77f4c\Report.wer
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\ScreenUpdateSync[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
modified
malicious
C:\Users\user\AppData\Local\Temp\58AA.tmp.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
malicious
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA989.tmp.dmp
Mini DuMP crash report, 15 streams, Sun Jan 26 16:00:47 2025, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERAAB3.tmp.WERInternalMetadata.xml
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERAAE3.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Windows\appcompat\Programs\Amcache.hve
MS Windows registry file, NT/2000 or above
dropped

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\grcKLMutRS.exe
"C:\Users\user\Desktop\grcKLMutRS.exe"
malicious
C:\Users\user\AppData\Local\Temp\58AA.tmp.exe
"C:\Users\user~1\AppData\Local\Temp\58AA.tmp.exe"
malicious
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 6776 -s 1752

URLs

Name
IP
Malicious
https://toppyneedus.biz/Z
unknown
malicious
https://post-to-me.com//
unknown
malicious
https://toppyneedus.biz/apika
unknown
malicious
https://toppyneedus.biz/apiime
unknown
malicious
https://toppyneedus.biz/ve
unknown
malicious
https://post-to-me.com/track_prt.php?sub=&cc=DE
unknown
https://duckduckgo.com/chrome_newtab
unknown
https://duckduckgo.com/ac/?q=
unknown
https://toppyneedus.biz:443/api
unknown
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
unknown
https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdv
unknown
https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696490019400400000.2&ci=1696490019252.
unknown
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
unknown
http://crl.rootca1.amazontrust.com/rootca1.crl0
unknown
http://upx.sf.net
unknown
https://toppyneedus.biz/apiata%H
unknown
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
unknown
https://www.amazon.com/?tag=admarketus-20&r
unknown
http://ocsp.rootca1.amazontrust.com0:
unknown
https://www.ecosia.org/newtab/
unknown
https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
unknown
http://176.113.115.215/ScreenUpdateSync.exe
unknown
http://176.113.115.215/ScreenUpdateSync.exeX
unknown
https://ac.ecosia.org/autocomplete?q=
unknown
https://toppyneedus.biz/api
104.21.29.142
https://post-to-me.com/track_prt.php?sub=
unknown
http://crl.microi
unknown
https://toppyneedus.biz/apiz
unknown
http://crl.micro
unknown
https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
unknown
https://toppyneedus.biz/pi:
unknown
http://x1.c.lencr.org/0
unknown
http://x1.i.lencr.org/0
unknown
https://post-to-me.com/track_prt.php?sub=0&cc=DEU
unknown
https://post-to-me.com/track_prt.php?sub=0&cc=DE
104.21.56.70
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
unknown
http://crt.rootca1.amazontrust.com/rootca1.cer0?
unknown
https://www.invisalign.com/?utm_source=admarketplace&utm_medium=paidsearch&utm_campaign=Invisalign&u
unknown
https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pqWfpl%2B4pbW4pbWfpbW7ReNxR3UIG8zInwYIFIVs9e
unknown
https://post-to-me.com/
unknown
https://toppyneedus.biz/
unknown
https://post-to-me.com/track_prt.php?sub=0&cc=DEG
unknown
https://support.mozilla.org/products/firefoxgro.all
unknown
https://toppyneedus.biz/pij
unknown
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
unknown
http://176.113.115.215/ScreenUpdateSync.exe5yjr84e1entnnSOFTWARE
unknown
http://176.113.115.215/ScreenUpdateSync.exeAy
unknown
https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696490019400400000.1&ci=1696490019252.12791&cta
unknown
There are 38 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
financialfreez.click
unknown
malicious
post-to-me.com
104.21.56.70
toppyneedus.biz
104.21.29.142
impolitewearr.biz
unknown

IPs

IP
Domain
Country
Malicious
176.113.115.215
unknown
Russian Federation
104.21.29.142
toppyneedus.biz
United States
104.21.56.70
post-to-me.com
United States

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\prtscreen
Enabled
\REGISTRY\A\{74c864b6-5bec-5a23-7354-9715711c72fc}\Root\InventoryApplicationFile\58aa.tmp.exe|b8288487f7e5e284
ProgramId
\REGISTRY\A\{74c864b6-5bec-5a23-7354-9715711c72fc}\Root\InventoryApplicationFile\58aa.tmp.exe|b8288487f7e5e284
FileId
\REGISTRY\A\{74c864b6-5bec-5a23-7354-9715711c72fc}\Root\InventoryApplicationFile\58aa.tmp.exe|b8288487f7e5e284
LowerCaseLongPath
\REGISTRY\A\{74c864b6-5bec-5a23-7354-9715711c72fc}\Root\InventoryApplicationFile\58aa.tmp.exe|b8288487f7e5e284
LongPathHash
\REGISTRY\A\{74c864b6-5bec-5a23-7354-9715711c72fc}\Root\InventoryApplicationFile\58aa.tmp.exe|b8288487f7e5e284
Name
\REGISTRY\A\{74c864b6-5bec-5a23-7354-9715711c72fc}\Root\InventoryApplicationFile\58aa.tmp.exe|b8288487f7e5e284
OriginalFileName
\REGISTRY\A\{74c864b6-5bec-5a23-7354-9715711c72fc}\Root\InventoryApplicationFile\58aa.tmp.exe|b8288487f7e5e284
Publisher
\REGISTRY\A\{74c864b6-5bec-5a23-7354-9715711c72fc}\Root\InventoryApplicationFile\58aa.tmp.exe|b8288487f7e5e284
Version
\REGISTRY\A\{74c864b6-5bec-5a23-7354-9715711c72fc}\Root\InventoryApplicationFile\58aa.tmp.exe|b8288487f7e5e284
BinFileVersion
\REGISTRY\A\{74c864b6-5bec-5a23-7354-9715711c72fc}\Root\InventoryApplicationFile\58aa.tmp.exe|b8288487f7e5e284
BinaryType
\REGISTRY\A\{74c864b6-5bec-5a23-7354-9715711c72fc}\Root\InventoryApplicationFile\58aa.tmp.exe|b8288487f7e5e284
ProductName
\REGISTRY\A\{74c864b6-5bec-5a23-7354-9715711c72fc}\Root\InventoryApplicationFile\58aa.tmp.exe|b8288487f7e5e284
ProductVersion
\REGISTRY\A\{74c864b6-5bec-5a23-7354-9715711c72fc}\Root\InventoryApplicationFile\58aa.tmp.exe|b8288487f7e5e284
LinkDate
\REGISTRY\A\{74c864b6-5bec-5a23-7354-9715711c72fc}\Root\InventoryApplicationFile\58aa.tmp.exe|b8288487f7e5e284
BinProductVersion
\REGISTRY\A\{74c864b6-5bec-5a23-7354-9715711c72fc}\Root\InventoryApplicationFile\58aa.tmp.exe|b8288487f7e5e284
AppxPackageFullName
\REGISTRY\A\{74c864b6-5bec-5a23-7354-9715711c72fc}\Root\InventoryApplicationFile\58aa.tmp.exe|b8288487f7e5e284
AppxPackageRelativeId
\REGISTRY\A\{74c864b6-5bec-5a23-7354-9715711c72fc}\Root\InventoryApplicationFile\58aa.tmp.exe|b8288487f7e5e284
Size
\REGISTRY\A\{74c864b6-5bec-5a23-7354-9715711c72fc}\Root\InventoryApplicationFile\58aa.tmp.exe|b8288487f7e5e284
Language
\REGISTRY\A\{74c864b6-5bec-5a23-7354-9715711c72fc}\Root\InventoryApplicationFile\58aa.tmp.exe|b8288487f7e5e284
Usn
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
ClockTimeSeconds
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
TickCount
There are 12 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
Download
2D61000
trusted library allocation
page read and write
2D39000
trusted library allocation
page read and write
31D1000
heap
page read and write
550000
heap
page read and write
2D72000
trusted library allocation
page read and write
2FE8000
trusted library allocation
page read and write
2DA5000
trusted library allocation
page read and write
3302000
heap
page read and write
446000
unkown
page write copy
2D69000
trusted library allocation
page read and write
2D7A000
trusted library allocation
page read and write
2FEB000
trusted library allocation
page read and write
700000
remote allocation
page read and write
7F8000
heap
page read and write
27EE000
stack
page read and write
1F0000
heap
page read and write
2FFA000
trusted library allocation
page read and write
2D33000
trusted library allocation
page read and write
2D25000
trusted library allocation
page read and write
2FE8000
trusted library allocation
page read and write
818000
heap
page read and write
2D83000
trusted library allocation
page read and write
3283000
trusted library allocation
page read and write
32E9000
heap
page read and write
2187000
heap
page read and write
80E000
heap
page read and write
2D3C000
trusted library allocation
page read and write
2FEB000
trusted library allocation
page read and write
670000
direct allocation
page execute and read and write
2D33000
trusted library allocation
page read and write
2FE8000
trusted library allocation
page read and write
66E000
stack
page read and write
2230000
heap
page read and write
2FEB000
trusted library allocation
page read and write
2D4B000
trusted library allocation
page read and write
2FE8000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
32A1000
heap
page read and write
32B0000
heap
page read and write
2D32000
trusted library allocation
page read and write
32DB000
trusted library allocation
page read and write
2D7B000
trusted library allocation
page read and write
2FE8000
trusted library allocation
page read and write
2D79000
trusted library allocation
page read and write
2FD1000
trusted library allocation
page read and write
2D3B000
trusted library allocation
page read and write
2D26000
trusted library allocation
page read and write
2D25000
trusted library allocation
page read and write
292E000
stack
page read and write
2FEB000
trusted library allocation
page read and write
2D7A000
trusted library allocation
page read and write
2D7A000
trusted library allocation
page read and write
557000
heap
page read and write
2FD4000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
2D64000
trusted library allocation
page read and write
2D6E000
trusted library allocation
page read and write
2D40000
trusted library allocation
page read and write
807000
heap
page read and write
2D14000
trusted library allocation
page read and write
2D32000
trusted library allocation
page read and write
2FD0000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
2FE8000
trusted library allocation
page read and write
2D36000
trusted library allocation
page read and write
7BD000
heap
page read and write
2D2E000
trusted library allocation
page read and write
2D8A000
trusted library allocation
page read and write
839000
heap
page read and write
2BCE000
stack
page read and write
2FEB000
trusted library allocation
page read and write
2D3E000
trusted library allocation
page read and write
2FF0000
trusted library allocation
page read and write
294F000
stack
page read and write
2D7C000
trusted library allocation
page read and write
2D39000
trusted library allocation
page read and write
2D94000
trusted library allocation
page read and write
2D33000
trusted library allocation
page read and write
2CED000
stack
page read and write
2D11000
trusted library allocation
page read and write
2D37000
trusted library allocation
page read and write
2D8F000
trusted library allocation
page read and write
2D6B000
trusted library allocation
page read and write
27AF000
stack
page read and write
73CF1000
unkown
page execute read
2FFA000
trusted library allocation
page read and write
2FEC000
trusted library allocation
page read and write
2FE0000
trusted library allocation
page read and write
2FE8000
trusted library allocation
page read and write
3233000
trusted library allocation
page read and write
3009000
trusted library allocation
page read and write
2D33000
trusted library allocation
page read and write
2FE4000
trusted library allocation
page read and write
841000
heap
page read and write
2220000
heap
page read and write
2DA7000
trusted library allocation
page read and write
2D51000
trusted library allocation
page read and write
2DA7000
trusted library allocation
page read and write
2D3C000
trusted library allocation
page read and write
32BB000
trusted library allocation
page read and write
2D25000
trusted library allocation
page read and write
2D12000
trusted library allocation
page read and write
7CA000
heap
page read and write
72A000
heap
page read and write
2FEB000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
452000
unkown
page write copy
2FD7000
trusted library allocation
page read and write
2D36000
trusted library allocation
page read and write
4D0000
heap
page read and write
2D37000
trusted library allocation
page read and write
2E60000
remote allocation
page read and write
2D94000
trusted library allocation
page read and write
2D3F000
trusted library allocation
page read and write
2D30000
trusted library allocation
page read and write
2D3E000
trusted library allocation
page read and write
2FF2000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
2D43000
trusted library allocation
page read and write
280D000
stack
page read and write
2FEB000
trusted library allocation
page read and write
2D76000
trusted library allocation
page read and write
21EE000
stack
page read and write
2D64000
trusted library allocation
page read and write
2D2F000
trusted library allocation
page read and write
2E60000
remote allocation
page read and write
2D44000
trusted library allocation
page read and write
2D83000
trusted library allocation
page read and write
2D66000
trusted library allocation
page read and write
2D19000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
31FB000
trusted library allocation
page read and write
2D62000
trusted library allocation
page read and write
2D63000
trusted library allocation
page read and write
2DBC000
trusted library allocation
page read and write
22C0000
heap
page read and write
2E60000
remote allocation
page read and write
2A6E000
stack
page read and write
2D47000
trusted library allocation
page read and write
7C0000
heap
page read and write
284E000
stack
page read and write
28EF000
stack
page read and write
2D94000
trusted library allocation
page read and write
2FD5000
trusted library allocation
page read and write
720000
heap
page read and write
32DF000
trusted library allocation
page read and write
2D5C000
trusted library allocation
page read and write
804000
heap
page read and write
2D8C000
trusted library allocation
page read and write
32B3000
trusted library allocation
page read and write
9B000
stack
page read and write
2FF0000
trusted library allocation
page read and write
2D7C000
trusted library allocation
page read and write
411000
unkown
page execute read
2FF0000
trusted library allocation
page read and write
2FE8000
trusted library allocation
page read and write
2FE8000
trusted library allocation
page read and write
2FE0000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
2FFB000
trusted library allocation
page read and write
2D51000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
819000
heap
page read and write
700000
remote allocation
page read and write
2D78000
trusted library allocation
page read and write
2E4E000
stack
page read and write
2D5C000
trusted library allocation
page read and write
2180000
heap
page read and write
2FD1000
trusted library allocation
page read and write
3CE5000
trusted library allocation
page read and write
31D0000
heap
page read and write
2D4C000
trusted library allocation
page read and write
6D0000
heap
page read and write
816000
heap
page read and write
3010000
trusted library allocation
page read and write
2FD1000
trusted library allocation
page read and write
2D7C000
trusted library allocation
page read and write
2D4C000
trusted library allocation
page read and write
443000
unkown
page readonly
2190000
heap
page read and write
21C0000
direct allocation
page read and write
2FF2000
trusted library allocation
page read and write
2FD1000
trusted library allocation
page read and write
2FF2000
trusted library allocation
page read and write
2D33000
trusted library allocation
page read and write
2D6D000
trusted library allocation
page read and write
2FE9000
trusted library allocation
page read and write
2FEC000
trusted library allocation
page read and write
2D51000
trusted library allocation
page read and write
2D73000
trusted library allocation
page read and write
2D51000
trusted library allocation
page read and write
2D97000
trusted library allocation
page read and write
2D6D000
trusted library allocation
page read and write
73D06000
unkown
page readonly
2FFA000
trusted library allocation
page read and write
2FEB000
trusted library allocation
page read and write
77A000
heap
page read and write
2D83000
trusted library allocation
page read and write
2DB6000
trusted library allocation
page read and write
2D51000
trusted library allocation
page read and write
2FE8000
trusted library allocation
page read and write
2D7E000
trusted library allocation
page read and write
2D25000
trusted library allocation
page read and write
2D0F000
stack
page read and write
2A2F000
stack
page read and write
2D64000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
32A0000
heap
page read and write
635000
heap
page read and write
2D66000
trusted library allocation
page read and write
2D32000
trusted library allocation
page read and write
31DC000
trusted library allocation
page read and write
2D85000
trusted library allocation
page read and write
2D6E000
trusted library allocation
page read and write
2D7B000
trusted library allocation
page read and write
2D11000
trusted library allocation
page read and write
51E000
stack
page read and write
2D7C000
trusted library allocation
page read and write
2FE8000
trusted library allocation
page read and write
2D7C000
trusted library allocation
page read and write
2D36000
trusted library allocation
page read and write
2D4D000
trusted library allocation
page read and write
7A6000
heap
page read and write
2D32000
trusted library allocation
page read and write
73D0D000
unkown
page read and write
2D19000
trusted library allocation
page read and write
845000
heap
page read and write
2D30000
trusted library allocation
page read and write
2D39000
trusted library allocation
page read and write
812000
heap
page read and write
2D95000
trusted library allocation
page read and write
2D3B000
trusted library allocation
page read and write
32AB000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
2D33000
trusted library allocation
page read and write
2D69000
trusted library allocation
page read and write
32BD000
heap
page read and write
2FFA000
trusted library allocation
page read and write
2D5C000
trusted library allocation
page read and write
630000
heap
page read and write
2D60000
trusted library allocation
page read and write
2D69000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
814000
heap
page read and write
2FF7000
trusted library allocation
page read and write
2D5B000
trusted library allocation
page read and write
2D5C000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
2D33000
trusted library allocation
page read and write
2FE8000
trusted library allocation
page read and write
2D94000
trusted library allocation
page read and write
2D25000
trusted library allocation
page read and write
2D44000
trusted library allocation
page read and write
2D95000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
2D4C000
trusted library allocation
page read and write
3213000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
270D000
stack
page read and write
739000
heap
page execute and read and write
2FE0000
trusted library allocation
page read and write
2FEB000
trusted library allocation
page read and write
2D49000
trusted library allocation
page read and write
222E000
stack
page read and write
2FFA000
trusted library allocation
page read and write
2D10000
trusted library allocation
page read and write
2D69000
trusted library allocation
page read and write
2FE8000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
2D2E000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
80E000
heap
page read and write
2FEB000
trusted library allocation
page read and write
2D4C000
trusted library allocation
page read and write
700000
remote allocation
page read and write
2BAE000
stack
page read and write
2FFA000
trusted library allocation
page read and write
7C0000
heap
page read and write
199000
stack
page read and write
2FFA000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
4B3000
unkown
page readonly
400000
unkown
page readonly
2D36000
trusted library allocation
page read and write
2FE4000
trusted library allocation
page read and write
2ACD000
stack
page read and write
2A8F000
stack
page read and write
2D66000
trusted library allocation
page read and write
76A000
heap
page read and write
2FD1000
trusted library allocation
page read and write
2FE4000
trusted library allocation
page read and write
2FE9000
trusted library allocation
page read and write
2DED000
stack
page read and write
540000
heap
page read and write
2FEB000
trusted library allocation
page read and write
81C000
heap
page read and write
82D000
heap
page read and write
2B6E000
stack
page read and write
2FFA000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
9B000
stack
page read and write
401000
unkown
page execute read
2D94000
trusted library allocation
page read and write
2FE8000
trusted library allocation
page read and write
2D51000
trusted library allocation
page read and write
2D51000
trusted library allocation
page read and write
2D61000
trusted library allocation
page read and write
226E000
stack
page read and write
2FEB000
trusted library allocation
page read and write
2FE4000
trusted library allocation
page read and write
2D44000
trusted library allocation
page read and write
459000
unkown
page execute and read and write
2FD3000
trusted library allocation
page read and write
298E000
stack
page read and write
2D5C000
trusted library allocation
page read and write
2FE8000
trusted library allocation
page read and write
2FE8000
trusted library allocation
page read and write
2D44000
trusted library allocation
page read and write
740000
direct allocation
page execute and read and write
2D32000
trusted library allocation
page read and write
2D4C000
trusted library allocation
page read and write
2D4B000
trusted library allocation
page read and write
2FEB000
trusted library allocation
page read and write
2D48000
trusted library allocation
page read and write
2D73000
trusted library allocation
page read and write
2D60000
trusted library allocation
page read and write
2C0E000
stack
page read and write
2290000
heap
page read and write
7FB000
heap
page read and write
37D8000
trusted library allocation
page read and write
2D91000
trusted library allocation
page read and write
91F000
stack
page read and write
2D69000
trusted library allocation
page read and write
2D51000
trusted library allocation
page read and write
2D4B000
trusted library allocation
page read and write
A1E000
stack
page read and write
2FFA000
trusted library allocation
page read and write
842000
heap
page read and write
2D28000
trusted library allocation
page read and write
2DA4000
trusted library allocation
page read and write
2FD8000
trusted library allocation
page read and write
555000
heap
page read and write
2D7A000
trusted library allocation
page read and write
19B000
stack
page read and write
400000
unkown
page execute and read and write
2FFA000
trusted library allocation
page read and write
45B000
unkown
page readonly
2FFA000
trusted library allocation
page read and write
2D73000
trusted library allocation
page read and write
2D97000
trusted library allocation
page read and write
2160000
direct allocation
page read and write
2D66000
trusted library allocation
page read and write
2D51000
trusted library allocation
page read and write
21FE000
stack
page read and write
2CAF000
stack
page read and write
816000
heap
page read and write
2FFA000
trusted library allocation
page read and write
2D6C000
trusted library allocation
page read and write
4B3000
unkown
page readonly
2D48000
trusted library allocation
page read and write
2D64000
trusted library allocation
page read and write
401000
unkown
page execute read
2D2E000
trusted library allocation
page read and write
2D63000
trusted library allocation
page read and write
2FE8000
trusted library allocation
page read and write
2D51000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
2FE1000
trusted library allocation
page read and write
2FE8000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
2F9F000
stack
page read and write
2D4A000
trusted library allocation
page read and write
816000
heap
page read and write
2D7C000
trusted library allocation
page read and write
2FE9000
trusted library allocation
page read and write
2FE8000
trusted library allocation
page read and write
337D000
trusted library allocation
page read and write
2360000
heap
page read and write
2D33000
trusted library allocation
page read and write
37A0000
heap
page read and write
2D57000
trusted library allocation
page read and write
2D8B000
trusted library allocation
page read and write
2E9E000
stack
page read and write
400000
unkown
page readonly
72E000
heap
page read and write
2FD4000
trusted library allocation
page read and write
7BA000
heap
page read and write
2FCF000
stack
page read and write
845000
heap
page read and write
7C3000
heap
page read and write
2FEB000
trusted library allocation
page read and write
2D44000
trusted library allocation
page read and write
2D64000
trusted library allocation
page read and write
2FD8000
trusted library allocation
page read and write
2D3C000
trusted library allocation
page read and write
2DC4000
trusted library allocation
page read and write
2FE9000
trusted library allocation
page read and write
1F0000
heap
page read and write
2D33000
trusted library allocation
page read and write
5E0000
direct allocation
page execute and read and write
2D4A000
trusted library allocation
page read and write
3290000
heap
page read and write
2FEB000
trusted library allocation
page read and write
2D33000
trusted library allocation
page read and write
80E000
heap
page read and write
2FEB000
trusted library allocation
page read and write
31E2000
trusted library allocation
page read and write
400000
unkown
page execute and read and write
2D7B000
trusted library allocation
page read and write
73D0F000
unkown
page readonly
2FFA000
trusted library allocation
page read and write
2D5B000
trusted library allocation
page read and write
233F000
stack
page read and write
2FE8000
trusted library allocation
page read and write
885000
heap
page read and write
2EC0000
heap
page read and write
2FEB000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
2D78000
trusted library allocation
page read and write
2D57000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
73CF0000
unkown
page readonly
2D6B000
trusted library allocation
page read and write
7CE000
heap
page read and write
300C000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
2FEB000
trusted library allocation
page read and write
334B000
trusted library allocation
page read and write
2FEB000
trusted library allocation
page read and write
3007000
trusted library allocation
page read and write
2D98000
trusted library allocation
page read and write
2FDE000
trusted library allocation
page read and write
2FFA000
trusted library allocation
page read and write
There are 427 hidden memdumps, click here to show them.