IOC Report
KFPYr6f43H.exe

FilesProcessesURLsDomainsIPsRegistryMemdumps54321010010Label

Files

File Path
Type
Category
Malicious
Download
KFPYr6f43H.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
initial sample
malicious
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_KFPYr6f43H.exe_b08498c61f97728e98b04797aa41f9a2b7bf373c_d70b1371_e53abfe2-04a0-40c6-94f6-31a2e6c3fe21\Report.wer
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
malicious
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\KFPYr6f43H.exe.log
ASCII text, with CRLF line terminators
dropped
malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KFPYr6f43H.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KFPYr6f43H.exe:Zone.Identifier
ASCII text, with CRLF line terminators
dropped
malicious
C:\ProgramData\Microsoft\Windows\WER\Temp\WER136.tmp.WERInternalMetadata.xml
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1D3.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERFE95.tmp.dmp
Mini DuMP crash report, 15 streams, Sun Jan 26 14:46:59 2025, 0x1205a4 type
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
data
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_43jl4eff.hca.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ek5nptot.35i.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pzrcowbk.bx5.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_upf2x1ni.54b.ps1
ASCII text, with no line terminators
dropped
C:\Windows\appcompat\Programs\Amcache.hve
MS Windows registry file, NT/2000 or above
dropped
There are 4 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\KFPYr6f43H.exe
"C:\Users\user\Desktop\KFPYr6f43H.exe"
malicious
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"Powershell.exe" -exec bypass -c Copy-Item 'C:\Users\user\Desktop\KFPYr6f43H.exe' 'C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KFPYr6f43H.exe' -Force
malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KFPYr6f43H.exe
"C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KFPYr6f43H.exe"
malicious
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"Powershell.exe" -exec bypass -c Copy-Item 'C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KFPYr6f43H.exe' 'C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KFPYr6f43H.exe' -Force
malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 7304 -s 2984

URLs

Name
IP
Malicious
http://45.138.183.226/upload/1531
45.138.183.226
malicious
http://45.138.183.226
unknown
http://nuget.org/NuGet.exe
unknown
http://www.apache.org/licenses/LICENSE-2.0
unknown
http://www.fontbureau.com
unknown
http://www.fontbureau.com/designersG
unknown
http://www.fontbureau.com/designers/?
unknown
http://www.founder.com.cn/cn/bThe
unknown
http://pesterbdd.com/images/Pester.png
unknown
http://www.apache.org/licenses/LICENSE-2.0.html
unknown
http://www.fontbureau.com/designers?
unknown
http://45.138.183.226/upload/1531Ghttp://plunder.dedyn.io/upload/1531
unknown
https://contoso.com/License
unknown
https://contoso.com/Icon
unknown
http://www.tiro.com
unknown
http://upx.sf.net
unknown
http://www.fontbureau.com/designers
unknown
http://www.goodfont.co.kr
unknown
https://github.com/Pester/Pester
unknown
http://www.carterandcone.coml
unknown
http://www.sajatypeworks.com
unknown
http://www.typography.netD
unknown
http://www.fontbureau.com/designers/cabarga.htmlN
unknown
http://www.founder.com.cn/cn/cThe
unknown
http://www.galapagosdesign.com/staff/dennis.htm
unknown
https://pastebin.com/raw/7G6zzQwJ
104.20.4.235
http://www.founder.com.cn/cn
unknown
http://www.fontbureau.com/designers/frere-user.html
unknown
http://plunder.dedyn.io/upload/1531
unknown
https://aka.ms/pscore6lBdq
unknown
http://www.jiyu-kobo.co.jp/
unknown
http://www.sakkal.com8W
unknown
https://contoso.com/
unknown
https://nuget.org/nuget.exe
unknown
http://www.galapagosdesign.com/DPlease
unknown
http://www.fontbureau.com/designers8
unknown
http://www.fonts.com
unknown
http://www.sandoll.co.kr
unknown
http://www.urwpp.deDPlease
unknown
http://www.zhongyicts.com.cn
unknown
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
http://www.sakkal.com
unknown
There are 32 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
pastebin.com
104.20.4.235

IPs

IP
Domain
Country
Malicious
45.138.183.226
unknown
Ukraine
malicious
104.20.4.235
pastebin.com
United States

Registry

Path
Value
Malicious
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KFPYr6f43H_RASAPI32
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KFPYr6f43H_RASAPI32
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KFPYr6f43H_RASAPI32
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KFPYr6f43H_RASAPI32
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KFPYr6f43H_RASAPI32
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KFPYr6f43H_RASAPI32
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KFPYr6f43H_RASAPI32
FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KFPYr6f43H_RASMANCS
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KFPYr6f43H_RASMANCS
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KFPYr6f43H_RASMANCS
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KFPYr6f43H_RASMANCS
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KFPYr6f43H_RASMANCS
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KFPYr6f43H_RASMANCS
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KFPYr6f43H_RASMANCS
FileDirectory
\REGISTRY\A\{d78a4aba-c292-4152-a030-5d249485018f}\Root\InventoryApplicationFile\kfpyr6f43h.exe|ef297e52128d8363
ProgramId
\REGISTRY\A\{d78a4aba-c292-4152-a030-5d249485018f}\Root\InventoryApplicationFile\kfpyr6f43h.exe|ef297e52128d8363
FileId
\REGISTRY\A\{d78a4aba-c292-4152-a030-5d249485018f}\Root\InventoryApplicationFile\kfpyr6f43h.exe|ef297e52128d8363
LowerCaseLongPath
\REGISTRY\A\{d78a4aba-c292-4152-a030-5d249485018f}\Root\InventoryApplicationFile\kfpyr6f43h.exe|ef297e52128d8363
LongPathHash
\REGISTRY\A\{d78a4aba-c292-4152-a030-5d249485018f}\Root\InventoryApplicationFile\kfpyr6f43h.exe|ef297e52128d8363
Name
\REGISTRY\A\{d78a4aba-c292-4152-a030-5d249485018f}\Root\InventoryApplicationFile\kfpyr6f43h.exe|ef297e52128d8363
OriginalFileName
\REGISTRY\A\{d78a4aba-c292-4152-a030-5d249485018f}\Root\InventoryApplicationFile\kfpyr6f43h.exe|ef297e52128d8363
Publisher
\REGISTRY\A\{d78a4aba-c292-4152-a030-5d249485018f}\Root\InventoryApplicationFile\kfpyr6f43h.exe|ef297e52128d8363
Version
\REGISTRY\A\{d78a4aba-c292-4152-a030-5d249485018f}\Root\InventoryApplicationFile\kfpyr6f43h.exe|ef297e52128d8363
BinFileVersion
\REGISTRY\A\{d78a4aba-c292-4152-a030-5d249485018f}\Root\InventoryApplicationFile\kfpyr6f43h.exe|ef297e52128d8363
BinaryType
\REGISTRY\A\{d78a4aba-c292-4152-a030-5d249485018f}\Root\InventoryApplicationFile\kfpyr6f43h.exe|ef297e52128d8363
ProductName
\REGISTRY\A\{d78a4aba-c292-4152-a030-5d249485018f}\Root\InventoryApplicationFile\kfpyr6f43h.exe|ef297e52128d8363
ProductVersion
\REGISTRY\A\{d78a4aba-c292-4152-a030-5d249485018f}\Root\InventoryApplicationFile\kfpyr6f43h.exe|ef297e52128d8363
LinkDate
\REGISTRY\A\{d78a4aba-c292-4152-a030-5d249485018f}\Root\InventoryApplicationFile\kfpyr6f43h.exe|ef297e52128d8363
BinProductVersion
\REGISTRY\A\{d78a4aba-c292-4152-a030-5d249485018f}\Root\InventoryApplicationFile\kfpyr6f43h.exe|ef297e52128d8363
AppxPackageFullName
\REGISTRY\A\{d78a4aba-c292-4152-a030-5d249485018f}\Root\InventoryApplicationFile\kfpyr6f43h.exe|ef297e52128d8363
AppxPackageRelativeId
\REGISTRY\A\{d78a4aba-c292-4152-a030-5d249485018f}\Root\InventoryApplicationFile\kfpyr6f43h.exe|ef297e52128d8363
Size
\REGISTRY\A\{d78a4aba-c292-4152-a030-5d249485018f}\Root\InventoryApplicationFile\kfpyr6f43h.exe|ef297e52128d8363
Language
\REGISTRY\A\{d78a4aba-c292-4152-a030-5d249485018f}\Root\InventoryApplicationFile\kfpyr6f43h.exe|ef297e52128d8363
Usn
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
ClockTimeSeconds
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
TickCount
There are 26 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
Download
31F1000
trusted library allocation
page read and write
malicious
7D20000
trusted library section
page read and write
malicious
2C26000
trusted library allocation
page read and write
malicious
5905000
heap
page read and write
42C6000
trusted library allocation
page read and write
7D62000
trusted library allocation
page read and write
6E0E000
stack
page read and write
4F40000
heap
page read and write
2DA0000
heap
page read and write
2A8D000
trusted library allocation
page read and write
2B81000
trusted library allocation
page read and write
9A60000
trusted library allocation
page read and write
5740000
heap
page read and write
B1B000
heap
page read and write
1460000
heap
page read and write
972D000
stack
page read and write
4C0E000
stack
page read and write
2B7A000
trusted library allocation
page read and write
7620000
trusted library allocation
page read and write
2D30000
heap
page read and write
7D83000
trusted library allocation
page read and write
78A0000
trusted library allocation
page read and write
15F2000
trusted library allocation
page read and write
2FF0000
heap
page read and write
8A20000
trusted library allocation
page read and write
77AE000
heap
page read and write
466E000
stack
page read and write
A07E000
stack
page read and write
35BE000
trusted library allocation
page read and write
6E5E000
stack
page read and write
2D10000
trusted library allocation
page read and write
7A7E000
stack
page read and write
6D55000
trusted library allocation
page read and write
2AB9000
trusted library allocation
page read and write
2F42000
trusted library allocation
page read and write
9336000
trusted library allocation
page read and write
46AF000
stack
page read and write
2BEB000
trusted library allocation
page read and write
9FBD000
stack
page read and write
2AA0000
trusted library allocation
page read and write
A40000
heap
page read and write
2BB5000
trusted library allocation
page read and write
818D000
trusted library allocation
page read and write
538D000
stack
page read and write
57B0000
trusted library allocation
page read and write
D10000
heap
page read and write
5BE0000
heap
page read and write
4F00000
heap
page read and write
5CE0000
trusted library allocation
page read and write
2B8F000
trusted library allocation
page read and write
729B000
heap
page read and write
8D10000
trusted library allocation
page read and write
2C0C000
trusted library allocation
page read and write
4F70000
heap
page read and write
7B80000
trusted library allocation
page read and write
7610000
trusted library allocation
page read and write
A60000
heap
page read and write
544E000
stack
page read and write
18B7000
heap
page read and write
2B15000
trusted library allocation
page read and write
6ECD000
stack
page read and write
52C0000
heap
page read and write
72C4000
heap
page read and write
7214000
heap
page read and write
1A0B000
trusted library allocation
page read and write
750F000
stack
page read and write
C52000
trusted library allocation
page read and write
2B7F000
trusted library allocation
page read and write
2B25000
trusted library allocation
page read and write
816E000
stack
page read and write
2B9C000
trusted library allocation
page read and write
7234000
heap
page read and write
12F7000
stack
page read and write
76C0000
trusted library allocation
page read and write
4F03000
heap
page read and write
8D2C000
trusted library allocation
page read and write
75AF000
stack
page read and write
18A4000
trusted library allocation
page read and write
AA9000
heap
page read and write
6C3E000
stack
page read and write
5A50000
heap
page read and write
5CF0000
trusted library allocation
page read and write
7616000
trusted library allocation
page read and write
56E5000
trusted library allocation
page read and write
B6E000
stack
page read and write
7680000
trusted library allocation
page read and write
2B8B000
trusted library allocation
page read and write
5AB1000
trusted library allocation
page read and write
2DC4000
heap
page read and write
2BE9000
trusted library allocation
page read and write
72D3000
heap
page read and write
712F000
stack
page read and write
53CE000
stack
page read and write
46D0000
heap
page read and write
8D50000
trusted library allocation
page read and write
6B75000
heap
page execute and read and write
7B30000
trusted library allocation
page read and write
7610000
trusted library allocation
page read and write
477E000
stack
page read and write
CAB000
heap
page read and write
73A0000
trusted library allocation
page read and write
2AA6000
trusted library allocation
page read and write
27EC000
stack
page read and write
2A7F000
trusted library allocation
page read and write
7DA0000
trusted library allocation
page read and write
8A02000
trusted library allocation
page read and write
2B1F000
trusted library allocation
page read and write
56D0000
trusted library allocation
page read and write
7B7C000
stack
page read and write
75DD000
stack
page read and write
41F1000
trusted library allocation
page read and write
27F0000
trusted library allocation
page read and write
72EC000
heap
page read and write
7D80000
trusted library allocation
page read and write
2BE1000
trusted library allocation
page read and write
7256000
heap
page read and write
99A0000
trusted library allocation
page read and write
8CC0000
trusted library allocation
page execute and read and write
2BA9000
trusted library allocation
page read and write
87AD000
heap
page read and write
C33000
trusted library allocation
page read and write
4AA0000
heap
page read and write
2ADC000
trusted library allocation
page read and write
AAE000
stack
page read and write
2F46000
trusted library allocation
page read and write
7CF6000
trusted library allocation
page execute and read and write
2B7C000
trusted library allocation
page read and write
911A000
heap
page read and write
7964000
trusted library allocation
page read and write
2FE5000
trusted library allocation
page execute and read and write
7600000
trusted library allocation
page read and write
2D67000
heap
page read and write
2B83000
trusted library allocation
page read and write
7D90000
trusted library allocation
page read and write
75F0000
trusted library allocation
page read and write
2BAF000
trusted library allocation
page read and write
6DCE000
stack
page read and write
2C02000
trusted library allocation
page read and write
7220000
heap
page read and write
74CE000
stack
page read and write
FF0000
heap
page read and write
7600000
trusted library allocation
page read and write
56DF000
trusted library allocation
page read and write
7C30000
heap
page read and write
1A1E000
trusted library allocation
page read and write
2AD4000
trusted library allocation
page read and write
7301000
heap
page read and write
54BE000
trusted library allocation
page read and write
2C21000
trusted library allocation
page read and write
6F90000
heap
page read and write
B0D000
trusted library allocation
page execute and read and write
2AA4000
trusted library allocation
page read and write
9993000
trusted library allocation
page read and write
812D000
stack
page read and write
87A7000
heap
page read and write
3A3A000
trusted library allocation
page read and write
2DC0000
heap
page read and write
2B0A000
trusted library allocation
page read and write
15CD000
trusted library allocation
page execute and read and write
AC5000
heap
page read and write
162E000
heap
page read and write
931B000
trusted library allocation
page read and write
A0FE000
stack
page read and write
2B3E000
trusted library allocation
page read and write
8A66000
trusted library allocation
page read and write
47DE000
stack
page read and write
718E000
stack
page read and write
C80000
heap
page read and write
2B72000
trusted library allocation
page read and write
710E000
stack
page read and write
15B0000
trusted library allocation
page read and write
6CD0000
trusted library allocation
page execute and read and write
79AE000
stack
page read and write
2A92000
trusted library allocation
page read and write
737E000
stack
page read and write
C70000
trusted library allocation
page read and write
2B46000
trusted library allocation
page read and write
1A40000
heap
page read and write
6D1E000
stack
page read and write
6BBE000
stack
page read and write
F7A000
stack
page read and write
2AE5000
trusted library allocation
page read and write
8D40000
trusted library allocation
page execute and read and write
8050000
heap
page read and write
715E000
stack
page read and write
725C000
heap
page read and write
7440000
trusted library allocation
page read and write
2D23000
trusted library allocation
page execute and read and write
8210000
heap
page read and write
4800000
heap
page read and write
6E8A000
stack
page read and write
2A85000
trusted library allocation
page read and write
6F00000
trusted library allocation
page execute and read and write
7B50000
heap
page read and write
7660000
trusted library allocation
page read and write
2B12000
trusted library allocation
page read and write
2C13000
trusted library allocation
page read and write
186E000
stack
page read and write
7E7000
stack
page read and write
29D8000
trusted library allocation
page read and write
47E5000
heap
page execute and read and write
76EE000
stack
page read and write
7F280000
trusted library allocation
page execute and read and write
3A7C000
trusted library allocation
page read and write
2B0C000
trusted library allocation
page read and write
4B13000
trusted library allocation
page read and write
2B51000
trusted library allocation
page read and write
7630000
trusted library allocation
page read and write
423A000
trusted library allocation
page read and write
5753000
heap
page read and write
58DB000
stack
page read and write
D20000
heap
page read and write
5AD9000
trusted library allocation
page read and write
2BD2000
trusted library allocation
page read and write
2810000
trusted library allocation
page read and write
5750000
heap
page read and write
8180000
trusted library allocation
page read and write
4599000
trusted library allocation
page read and write
5D00000
trusted library allocation
page execute and read and write
B40000
heap
page read and write
4F10000
trusted library allocation
page execute and read and write
5C89000
trusted library allocation
page read and write
4DD2000
trusted library allocation
page read and write
2BE7000
trusted library allocation
page read and write
32B6000
trusted library allocation
page read and write
C42000
trusted library allocation
page read and write
6F70000
trusted library allocation
page read and write
6E9B000
stack
page read and write
87A2000
heap
page read and write
99D0000
trusted library allocation
page execute and read and write
2BEF000
trusted library allocation
page read and write
782F000
stack
page read and write
7160000
trusted library allocation
page read and write
8A05000
trusted library allocation
page read and write
2ADE000
trusted library allocation
page read and write
1820000
heap
page read and write
8957000
stack
page read and write
2B9E000
trusted library allocation
page read and write
420C000
trusted library allocation
page read and write
AA5000
heap
page read and write
89D0000
trusted library allocation
page read and write
1154000
heap
page read and write
80C0000
trusted library allocation
page read and write
7B52000
heap
page read and write
5CA9000
trusted library allocation
page read and write
1130000
trusted library allocation
page execute and read and write
6B70000
heap
page execute and read and write
9AF0000
trusted library allocation
page read and write
7640000
trusted library allocation
page read and write
2800000
trusted library allocation
page read and write
71E0000
heap
page read and write
4B8E000
stack
page read and write
8A80000
trusted library allocation
page read and write
6B2E000
stack
page read and write
58F0000
trusted library allocation
page execute and read and write
2F44000
trusted library allocation
page read and write
AE0000
heap
page read and write
2D20000
trusted library allocation
page read and write
6EF0000
direct allocation
page execute and read and write
A37C000
stack
page read and write
2C08000
trusted library allocation
page read and write
80A0000
heap
page read and write
6EE0000
trusted library allocation
page read and write
49A8000
trusted library allocation
page read and write
8060000
trusted library allocation
page execute and read and write
1A2D000
trusted library allocation
page read and write
4780000
trusted library allocation
page read and write
A6C000
heap
page read and write
8A24000
trusted library allocation
page read and write
2B38000
trusted library allocation
page read and write
4C81000
trusted library allocation
page read and write
1A47000
heap
page read and write
8220000
heap
page read and write
8768000
heap
page read and write
73C000
stack
page read and write
19BE000
stack
page read and write
89A0000
trusted library allocation
page read and write
816E000
stack
page read and write
89C0000
trusted library allocation
page execute and read and write
1628000
heap
page read and write
4C4E000
stack
page read and write
4590000
trusted library allocation
page read and write
7400000
trusted library allocation
page execute and read and write
6D20000
trusted library section
page read and write
548D000
stack
page read and write
76B0000
trusted library allocation
page read and write
814E000
stack
page read and write
AF0000
trusted library allocation
page read and write
716E000
stack
page read and write
9350000
trusted library allocation
page read and write
7670000
trusted library allocation
page read and write
18B0000
heap
page read and write
295D000
trusted library allocation
page read and write
7D6E000
stack
page read and write
A23C000
stack
page read and write
5B1C000
trusted library allocation
page read and write
B09000
heap
page read and write
C40000
trusted library allocation
page read and write
72A5000
heap
page read and write
5940000
heap
page execute and read and write
5C30000
heap
page read and write
4F80000
trusted library allocation
page execute and read and write
75A0000
trusted library allocation
page execute and read and write
2B23000
trusted library allocation
page read and write
2BF2000
trusted library allocation
page read and write
6E4E000
stack
page read and write
84DF000
stack
page read and write
144E000
stack
page read and write
8D19000
trusted library allocation
page read and write
2AEB000
trusted library allocation
page read and write
75E0000
trusted library allocation
page read and write
CE2000
heap
page read and write
4A60000
trusted library allocation
page execute and read and write
2A87000
trusted library allocation
page read and write
8A30000
trusted library allocation
page read and write
39A1000
trusted library allocation
page read and write
4620000
trusted library allocation
page read and write
7FB10000
trusted library allocation
page execute and read and write
2A7D000
trusted library allocation
page read and write
49B0000
heap
page readonly
70CE000
stack
page read and write
5492000
trusted library allocation
page read and write
8190000
trusted library allocation
page execute and read and write
2AAB000
trusted library allocation
page read and write
8D20000
trusted library allocation
page read and write
C46000
trusted library allocation
page execute and read and write
2F4F000
trusted library allocation
page read and write
15F5000
trusted library allocation
page execute and read and write
81D5000
trusted library allocation
page read and write
7252000
heap
page read and write
15E2000
trusted library allocation
page read and write
2FD0000
trusted library allocation
page read and write
B55000
heap
page read and write
75F0000
trusted library allocation
page execute and read and write
56E0000
trusted library allocation
page read and write
1140000
trusted library allocation
page read and write
9970000
trusted library allocation
page execute and read and write
8080000
trusted library allocation
page read and write
9310000
trusted library allocation
page read and write
2C1D000
trusted library allocation
page read and write
4A1C000
stack
page read and write
15C3000
trusted library allocation
page execute and read and write
9DB0000
trusted library allocation
page read and write
5710000
trusted library allocation
page read and write
8AA0000
trusted library allocation
page execute and read and write
982A000
stack
page read and write
75EE000
stack
page read and write
49C0000
trusted library allocation
page read and write
C3D000
trusted library allocation
page execute and read and write
6DCE000
stack
page read and write
2A89000
trusted library allocation
page read and write
75D0000
trusted library allocation
page read and write
7247000
heap
page read and write
2B61000
trusted library allocation
page read and write
2BB7000
trusted library allocation
page read and write
8D2F000
trusted library allocation
page read and write
2815000
trusted library allocation
page read and write
7D7E000
trusted library allocation
page read and write
292F000
stack
page read and write
5CEB000
trusted library allocation
page read and write
57E0000
heap
page read and write
2A66000
trusted library allocation
page read and write
6EEE000
stack
page read and write
8A18000
trusted library allocation
page read and write
420F000
trusted library allocation
page read and write
27F4000
trusted library allocation
page read and write
7650000
trusted library allocation
page read and write
796F000
trusted library allocation
page read and write
7D94000
trusted library allocation
page read and write
4ED0000
trusted library allocation
page read and write
15C4000
trusted library allocation
page read and write
2BFE000
trusted library allocation
page read and write
2BB3000
trusted library allocation
page read and write
2C0A000
trusted library allocation
page read and write
4EC0000
trusted library allocation
page execute and read and write
7FB28000
trusted library allocation
page execute and read and write
8170000
heap
page read and write
4EE2000
trusted library allocation
page read and write
7410000
trusted library allocation
page read and write
7D40000
trusted library allocation
page read and write
19FC000
stack
page read and write
42BF000
trusted library allocation
page read and write
2D2E000
stack
page read and write
8A40000
trusted library allocation
page read and write
6C90000
trusted library allocation
page read and write
4E80000
trusted library allocation
page read and write
2ADA000
trusted library allocation
page read and write
2B9A000
trusted library allocation
page read and write
A6FE000
stack
page read and write
7960000
trusted library allocation
page read and write
1A04000
trusted library allocation
page read and write
2D80000
heap
page read and write
49C8000
trusted library allocation
page read and write
46C0000
trusted library allocation
page execute and read and write
458D000
trusted library allocation
page execute and read and write
1610000
trusted library allocation
page read and write
7420000
trusted library allocation
page read and write
89F0000
trusted library allocation
page read and write
6B7E000
heap
page read and write
AE0000
heap
page read and write
8770000
heap
page read and write
7AAE000
stack
page read and write
8A70000
trusted library allocation
page read and write
77A0000
heap
page read and write
75C0000
trusted library allocation
page read and write
758D000
stack
page read and write
78C0000
trusted library allocation
page read and write
8774000
heap
page read and write
2FF8000
heap
page read and write
8B50000
trusted library allocation
page execute and read and write
4A70000
trusted library allocation
page read and write
2BAB000
trusted library allocation
page read and write
4FA0000
heap
page execute and read and write
80B0000
trusted library allocation
page execute and read and write
723E000
heap
page read and write
45B0000
heap
page read and write
71AE000
stack
page read and write
2B59000
trusted library allocation
page read and write
2B21000
trusted library allocation
page read and write
4584000
trusted library allocation
page read and write
2BD8000
trusted library allocation
page read and write
39F7000
trusted library allocation
page read and write
7484000
trusted library allocation
page read and write
A40000
heap
page read and write
73AF000
stack
page read and write
4C70000
heap
page execute and read and write
C5B000
trusted library allocation
page execute and read and write
2E07000
heap
page read and write
2BA7000
trusted library allocation
page read and write
6CA0000
trusted library allocation
page read and write
2D24000
trusted library allocation
page read and write
2D2D000
trusted library allocation
page execute and read and write
C4A000
trusted library allocation
page execute and read and write
2C17000
trusted library allocation
page read and write
1703000
heap
page read and write
15E6000
trusted library allocation
page execute and read and write
2AE0000
trusted library allocation
page read and write
7287000
heap
page read and write
7D8C000
trusted library allocation
page execute and read and write
2AC4000
trusted library allocation
page read and write
9A50000
trusted library allocation
page read and write
4CD4000
trusted library allocation
page read and write
6CB0000
trusted library allocation
page read and write
56F0000
trusted library allocation
page read and write
27AE000
stack
page read and write
7D92000
trusted library allocation
page read and write
CAE000
heap
page read and write
427D000
trusted library allocation
page read and write
4BCE000
stack
page read and write
2951000
trusted library allocation
page read and write
2BA2000
trusted library allocation
page read and write
7D85000
trusted library allocation
page read and write
4580000
trusted library allocation
page read and write
2D38000
heap
page read and write
930A000
stack
page read and write
7D89000
trusted library allocation
page execute and read and write
9FFD000
stack
page read and write
7660000
trusted library allocation
page read and write
6D60000
trusted library allocation
page execute and read and write
7AC0000
heap
page read and write
7C7000
stack
page read and write
9D90000
trusted library allocation
page execute and read and write
7670000
trusted library allocation
page read and write
58E0000
heap
page read and write
755E000
stack
page read and write
EE2000
unkown
page readonly
90D0000
heap
page read and write
72CA000
heap
page read and write
54A0000
trusted library allocation
page read and write
9A2C000
stack
page read and write
7020000
heap
page read and write
933D000
trusted library allocation
page read and write
72F2000
heap
page read and write
AAE000
heap
page read and write
2E03000
heap
page read and write
80B0000
heap
page read and write
B50000
heap
page read and write
1620000
heap
page read and write
826E000
stack
page read and write
2AD8000
trusted library allocation
page read and write
A48000
heap
page read and write
8A07000
trusted library allocation
page read and write
18A0000
trusted library allocation
page read and write
2BBF000
trusted library allocation
page read and write
2BCE000
trusted library allocation
page read and write
7CFC000
trusted library allocation
page execute and read and write
7D90000
trusted library allocation
page read and write
4B3C000
stack
page read and write
7430000
trusted library allocation
page read and write
4905000
trusted library allocation
page execute and read and write
6CCD000
stack
page read and write
7D6E000
trusted library allocation
page read and write
1647000
heap
page read and write
75B0000
trusted library allocation
page read and write
6B6E000
stack
page read and write
7210000
heap
page read and write
8237000
heap
page read and write
5A40000
trusted library allocation
page execute and read and write
4570000
trusted library allocation
page read and write
EE0000
unkown
page readonly
51FB000
stack
page read and write
807A000
trusted library allocation
page read and write
810E000
stack
page read and write
1495000
heap
page read and write
6F10000
direct allocation
page read and write
7440000
trusted library allocation
page read and write
2B70000
trusted library allocation
page read and write
C2E000
stack
page read and write
5A70000
heap
page read and write
CC7000
heap
page read and write
57D0000
trusted library section
page readonly
5CE2000
trusted library allocation
page read and write
2956000
trusted library allocation
page read and write
6AEE000
stack
page read and write
72E5000
heap
page read and write
2AB7000
trusted library allocation
page read and write
2A8B000
trusted library allocation
page read and write
8A90000
trusted library allocation
page execute and read and write
7AB0000
heap
page read and write
C30000
trusted library allocation
page read and write
473C000
stack
page read and write
8A15000
trusted library allocation
page read and write
4F5A000
trusted library allocation
page read and write
759E000
stack
page read and write
ACE000
stack
page read and write
6D8E000
stack
page read and write
6E0A000
stack
page read and write
A3E000
unkown
page read and write
49AF000
stack
page read and write
7430000
heap
page execute and read and write
B15000
heap
page read and write
8D30000
trusted library allocation
page read and write
52B0000
trusted library allocation
page execute and read and write
57D4000
trusted library section
page readonly
8188000
trusted library allocation
page read and write
772E000
stack
page read and write
792E000
stack
page read and write
51F8000
trusted library allocation
page read and write
5770000
trusted library allocation
page read and write
57F0000
trusted library allocation
page read and write
AD1000
heap
page read and write
2ABB000
trusted library allocation
page read and write
2BBD000
trusted library allocation
page read and write
786E000
stack
page read and write
2ABD000
trusted library allocation
page read and write
6E6F000
stack
page read and write
6B70000
heap
page read and write
4EF0000
trusted library allocation
page read and write
802E000
stack
page read and write
728B000
heap
page read and write
2B17000
trusted library allocation
page read and write
2BD4000
trusted library allocation
page read and write
2AB1000
trusted library allocation
page read and write
52C5000
heap
page read and write
6F6C000
stack
page read and write
99E0000
heap
page execute and read and write
2B08000
trusted library allocation
page read and write
5C81000
trusted library allocation
page read and write
2F4C000
trusted library allocation
page read and write
75E0000
trusted library allocation
page read and write
5220000
heap
page read and write
2B0E000
trusted library allocation
page read and write
9A70000
trusted library allocation
page read and write
B00000
trusted library allocation
page read and write
2AC1000
trusted library allocation
page read and write
A33D000
stack
page read and write
A0BE000
stack
page read and write
CD5000
heap
page read and write
2BA0000
trusted library allocation
page read and write
5490000
trusted library allocation
page read and write
15C0000
trusted library allocation
page read and write
8CD0000
trusted library allocation
page read and write
2BF8000
trusted library allocation
page read and write
2FE2000
trusted library allocation
page read and write
AD0000
heap
page read and write
2BB9000
trusted library allocation
page read and write
2C04000
trusted library allocation
page read and write
2DC8000
heap
page read and write
4F20000
trusted library allocation
page read and write
AA2000
heap
page read and write
2B42000
trusted library allocation
page read and write
5074000
trusted library allocation
page read and write
9DF0000
trusted library allocation
page execute and read and write
2B91000
trusted library allocation
page read and write
5BDD000
stack
page read and write
2B2F000
trusted library allocation
page read and write
5947000
heap
page execute and read and write
2FC9000
trusted library allocation
page read and write
87C3000
heap
page read and write
2AB3000
trusted library allocation
page read and write
7F0000
heap
page read and write
1662000
heap
page read and write
6BFE000
stack
page read and write
4F90000
trusted library allocation
page read and write
2DC0000
heap
page read and write
8230000
heap
page read and write
89E0000
trusted library allocation
page read and write
54BA000
trusted library allocation
page read and write
AE6000
heap
page read and write
2C1F000
trusted library allocation
page read and write
83DE000
stack
page read and write
7D30000
trusted library allocation
page execute and read and write
7480000
trusted library allocation
page read and write
81E0000
trusted library allocation
page read and write
1880000
trusted library allocation
page read and write
2A8F000
trusted library allocation
page read and write
2A83000
trusted library allocation
page read and write
9EBC000
stack
page read and write
5790000
trusted library allocation
page read and write
5A81000
heap
page read and write
2D6F000
stack
page read and write
8A63000
trusted library allocation
page read and write
2B2B000
trusted library allocation
page read and write
16A4000
heap
page read and write
F9F000
stack
page read and write
15F0000
trusted library allocation
page read and write
A1FD000
stack
page read and write
2B4D000
trusted library allocation
page read and write
2B76000
trusted library allocation
page read and write
2BE3000
trusted library allocation
page read and write
15EA000
trusted library allocation
page execute and read and write
8A56000
trusted library allocation
page read and write
181E000
stack
page read and write
2B44000
trusted library allocation
page read and write
2B78000
trusted library allocation
page read and write
7460000
trusted library allocation
page read and write
6F4E000
stack
page read and write
A8E000
stack
page read and write
2B8D000
trusted library allocation
page read and write
2B1B000
trusted library allocation
page read and write
5BF0000
heap
page read and write
9969000
stack
page read and write
2AA8000
trusted library allocation
page read and write
796F000
stack
page read and write
8B60000
trusted library allocation
page read and write
6CBE000
stack
page read and write
1A21000
trusted library allocation
page read and write
B03000
trusted library allocation
page execute and read and write
2AAD000
trusted library allocation
page read and write
15FB000
trusted library allocation
page execute and read and write
15E0000
trusted library allocation
page read and write
ACD000
heap
page read and write
2B06000
trusted library allocation
page read and write
80C0000
heap
page read and write
2B10000
trusted library allocation
page read and write
1A00000
trusted library allocation
page read and write
6D4D000
stack
page read and write
7970000
trusted library allocation
page execute and read and write
4C06000
trusted library allocation
page read and write
8070000
trusted library allocation
page read and write
4920000
trusted library allocation
page read and write
9980000
trusted library allocation
page read and write
6F0A000
stack
page read and write
1890000
heap
page execute and read and write
7590000
trusted library allocation
page read and write
8A50000
trusted library allocation
page read and write
7690000
trusted library allocation
page read and write
78C000
stack
page read and write
2AD6000
trusted library allocation
page read and write
6D8B000
stack
page read and write
7B10000
trusted library allocation
page execute and read and write
2B5D000
trusted library allocation
page read and write
2990000
heap
page execute and read and write
2B29000
trusted library allocation
page read and write
78B0000
trusted library allocation
page read and write
726F000
heap
page read and write
540D000
stack
page read and write
7AF2000
heap
page read and write
2930000
trusted library allocation
page read and write
7289000
heap
page read and write
A5FC000
stack
page read and write
4A5E000
stack
page read and write
4583000
trusted library allocation
page execute and read and write
46EA000
trusted library allocation
page read and write
778000
stack
page read and write
4902000
trusted library allocation
page read and write
7D88000
trusted library allocation
page read and write
7D70000
trusted library allocation
page read and write
1150000
heap
page read and write
46E8000
trusted library allocation
page read and write
B2E000
stack
page read and write
6F2B000
stack
page read and write
5900000
heap
page read and write
7620000
trusted library allocation
page read and write
8CE0000
trusted library allocation
page read and write
9116000
heap
page read and write
29A1000
trusted library allocation
page read and write
7B8D000
trusted library allocation
page execute and read and write
2F48000
trusted library allocation
page read and write
7630000
trusted library allocation
page read and write
8CB0000
trusted library allocation
page read and write
5C0D000
heap
page read and write
2D5A000
heap
page read and write
8A0E000
trusted library allocation
page read and write
7CF0000
trusted library allocation
page read and write
2C00000
trusted library allocation
page read and write
76A0000
trusted library allocation
page read and write
2BED000
trusted library allocation
page read and write
7285000
heap
page read and write
1490000
heap
page read and write
2FC0000
trusted library allocation
page read and write
2BE5000
trusted library allocation
page read and write
1A26000
trusted library allocation
page read and write
7262000
heap
page read and write
73E0000
trusted library allocation
page read and write
74AE000
stack
page read and write
7470000
trusted library allocation
page read and write
6F74000
trusted library allocation
page read and write
2AB5000
trusted library allocation
page read and write
2B53000
trusted library allocation
page read and write
B04000
trusted library allocation
page read and write
7F298000
trusted library allocation
page execute and read and write
46E0000
trusted library allocation
page read and write
8B20000
trusted library allocation
page read and write
7480000
heap
page execute and read and write
496E000
stack
page read and write
99A6000
trusted library allocation
page read and write
4900000
trusted library allocation
page read and write
96E8000
stack
page read and write
4EB0000
heap
page read and write
8D00000
trusted library allocation
page execute and read and write
B90000
heap
page read and write
15D3000
trusted library allocation
page read and write
2BDA000
trusted library allocation
page read and write
812E000
stack
page read and write
78E0000
trusted library allocation
page execute and read and write
9314000
trusted library allocation
page read and write
7640000
trusted library allocation
page read and write
2BD6000
trusted library allocation
page read and write
9D8C000
stack
page read and write
A50000
heap
page read and write
899F000
stack
page read and write
15D0000
trusted library allocation
page read and write
46B0000
heap
page readonly
7B14000
heap
page read and write
47E0000
heap
page execute and read and write
C55000
trusted library allocation
page execute and read and write
2B3C000
trusted library allocation
page read and write
5C1E000
heap
page read and write
2B74000
trusted library allocation
page read and write
2B40000
trusted library allocation
page read and write
2B5B000
trusted library allocation
page read and write
57A0000
trusted library allocation
page execute and read and write
4AB1000
trusted library allocation
page read and write
9A40000
trusted library allocation
page execute and read and write
2BCC000
trusted library allocation
page read and write
2C06000
trusted library allocation
page read and write
7650000
trusted library allocation
page read and write
7D86000
trusted library allocation
page execute and read and write
2970000
trusted library allocation
page read and write
FE0000
heap
page read and write
8A5D000
trusted library allocation
page read and write
4F60000
trusted library allocation
page read and write
2AD2000
trusted library allocation
page read and write
99C0000
trusted library allocation
page read and write
5930000
trusted library allocation
page read and write
2B2D000
trusted library allocation
page read and write
7447000
trusted library allocation
page read and write
6F20000
trusted library allocation
page read and write
2BA4000
trusted library allocation
page read and write
294E000
trusted library allocation
page read and write
2C0E000
trusted library allocation
page read and write
7CEE000
stack
page read and write
16E5000
heap
page read and write
70EE000
stack
page read and write
2B98000
trusted library allocation
page read and write
807E000
trusted library allocation
page read and write
73C2000
trusted library allocation
page read and write
6D50000
trusted library allocation
page read and write
2B64000
trusted library allocation
page read and write
7273000
heap
page read and write
6D0B000
stack
page read and write
9342000
trusted library allocation
page read and write
4EA2000
trusted library allocation
page read and write
32CD000
trusted library allocation
page read and write
15F7000
trusted library allocation
page execute and read and write
C57000
trusted library allocation
page execute and read and write
8185000
trusted library allocation
page read and write
2C23000
trusted library allocation
page read and write
9E00000
trusted library allocation
page read and write
2B5F000
trusted library allocation
page read and write
7FDE000
stack
page read and write
932E000
trusted library allocation
page read and write
2B57000
trusted library allocation
page read and write
7D10000
trusted library allocation
page read and write
7CA7000
stack
page read and write
7D00000
trusted library allocation
page read and write
280F000
trusted library allocation
page read and write
B10000
heap
page read and write
A78000
heap
page read and write
7D45000
trusted library allocation
page read and write
714E000
stack
page read and write
2B55000
trusted library allocation
page read and write
4A90000
heap
page execute and read and write
7AF0000
trusted library allocation
page read and write
2934000
trusted library allocation
page read and write
7332000
heap
page read and write
72F0000
heap
page read and write
2AAF000
trusted library allocation
page read and write
B9E000
unkown
page read and write
986C000
stack
page read and write
1A0E000
trusted library allocation
page read and write
7296000
heap
page read and write
99B0000
heap
page read and write
E9E000
stack
page read and write
16CF000
heap
page read and write
6FA0000
heap
page read and write
35B8000
trusted library allocation
page read and write
2F4A000
trusted library allocation
page read and write
6D4E000
stack
page read and write
4F50000
trusted library section
page readonly
2BF4000
trusted library allocation
page read and write
2820000
heap
page read and write
2B6E000
trusted library allocation
page read and write
54B0000
trusted library allocation
page execute and read and write
751E000
stack
page read and write
720E000
heap
page read and write
2FDA000
trusted library allocation
page execute and read and write
72E8000
heap
page read and write
15DD000
trusted library allocation
page execute and read and write
72B3000
heap
page read and write
5760000
trusted library allocation
page execute and read and write
2FE0000
trusted library allocation
page read and write
6F8D000
stack
page read and write
A47C000
stack
page read and write
9331000
trusted library allocation
page read and write
6E9000
stack
page read and write
1870000
trusted library allocation
page execute and read and write
2ABF000
trusted library allocation
page read and write
293B000
trusted library allocation
page read and write
CA0000
heap
page read and write
754E000
stack
page read and write
A03E000
stack
page read and write
2AE9000
trusted library allocation
page read and write
74C0000
trusted library allocation
page read and write
2C15000
trusted library allocation
page read and write
D1C000
heap
page read and write
There are 827 hidden memdumps, click here to show them.