IOC Report
oracleSuper.exe

FilesProcessesURLsDomainsIPsRegistryMemdumps642010010Label

Files

File Path
Type
Category
Malicious
Download
oracleSuper.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
malicious
C:\Users\user\AppData\Local\Temp\fru
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
malicious
C:\Users\user\AppData\Local\Temp\localTask_v2\livecall.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
malicious
C:\Users\user\AppData\Local\Temp\localTask_v2\msidcrl40.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
malicious
C:\Users\user\AppData\Roaming\localTask_v2\livecall.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
malicious
C:\Users\user\AppData\Roaming\localTask_v2\msidcrl40.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\76561199735694209[1].htm
HTML document, Unicode text, UTF-8 text, with very long lines (3248)
dropped
C:\Users\user\AppData\Local\Temp\6942704c
PNG image data, 2080 x 2141, 8-bit/color RGB, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\6af40ef6
data
dropped
C:\Users\user\AppData\Local\Temp\localTask_v2\foramen.flv
data
dropped
C:\Users\user\AppData\Local\Temp\localTask_v2\fuel.log
data
dropped
C:\Users\user\AppData\Roaming\localTask_v2\foramen.flv
data
dropped
C:\Users\user\AppData\Roaming\localTask_v2\fuel.log
data
dropped
There are 3 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\oracleSuper.exe
"C:\Users\user\Desktop\oracleSuper.exe"
malicious
C:\Users\user\AppData\Local\Temp\localTask_v2\livecall.exe
C:\Users\user\AppData\Local\Temp\localTask_v2\livecall.exe
malicious
C:\Users\user\AppData\Roaming\localTask_v2\livecall.exe
C:\Users\user\AppData\Roaming\localTask_v2\livecall.exe
malicious
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
malicious
C:\Windows\SysWOW64\explorer.exe
C:\Windows\SysWOW64\explorer.exe
malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe" /c timeout /t 10 & del /f /q "C:\Windows\SysWOW64\explorer.exe" & rd /s /q "C:\ProgramData\EBFHJEGDAFHI" & exit
malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\timeout.exe
timeout /t 10

URLs

Name
IP
Malicious
https://community.cloudflare.steamstatic.com/public/css/globalv2.css?v=i_iuPUaT8LXN&l=english&am
unknown
https://player.vimeo.com
unknown
http://www.vmware.com/0
unknown
https://community.cloudflare.steamstatic.com/public/javascript/profile.js?v=47omfdMZRDiz&l=engli
unknown
http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0
unknown
https://steamcommunity.com/?subsection=broadcasts
unknown
https://t.me/puffclouhellosqlt.dllsqlite3.dll
unknown
https://community.cloudflare.steamstatic.com/public/css/applications/community/main.css?v=j2WgmlRVf
unknown
https://store.steampowered.com/subscriber_agreement/
unknown
https://www.gstatic.cn/recaptcha/
unknown
https://configuration.pcs.v2s.msn-int.com/voiceconfiguration.ashx
unknown
https://telegram.org/img/t_logo_2x.png
unknown
http://www.valvesoftware.com/legal.htm
unknown
https://community.cloudflare.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=gQHVlrK4-jX-&a
unknown
https://www.youtube.com
unknown
http://tea.stry
unknown
https://www.google.com
unknown
https://community.cloudflare.steamstatic.com/public/shared/javascript/auth_refresh.js?v=w6QbwI-5-j2S
unknown
https://community.cloudflare.steamstatic.com/public/shared/css/buttons.css?v=G3UTKgHH4xLD&l=engl
unknown
https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback
unknown
https://s.ytimg.com;
unknown
https://community.cloudflare.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=pbdAKOcD
unknown
https://steam.tv/
unknown
https://community.cloudflare.steamstatic.com/public/css/applications/community/main.css?v=j2WgmlRVfm
unknown
https://steamcommunity.com/profiles/76561199735694209
104.102.49.254
https://steamcommunity.com/profiles/76561199735694209E
unknown
https://community.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=sd6kCnGQW5Ji&
unknown
http://schemas.xmlsoap.org/ws/2004/04/sc
unknown
http://store.steampowered.com/privacy_agreement/
unknown
https://steamcommunity.com/login/home/?goto=profiles%2F76561199735694209
unknown
https://store.steampowered.com/points/shop/
unknown
https://steamcommunity.com/profiles/765611997356942098
unknown
https://web.telegram.org8
unknown
https://sketchfab.com
unknown
http://www.symauth.com/cps0(
unknown
https://lv.queniujq.cn
unknown
https://steamcommunity.com/T
unknown
https://www.youtube.com/
unknown
https://store.steampowered.com/privacy_agreement/
unknown
https://community.cloudflare.steamstatic.com/public/css/skin_1/header.css?v=EZbG2DEumYDH&l=engli
unknown
https://steamcommunity.com/profiles/76561199735694209/inventory/
unknown
https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/
unknown
https://community.cloudflare.steamstatic.com/public/javascript/modalv2.js?v=zBXEuexVQ0FZ&l=engli
unknown
https://community.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png
unknown
http://schemas.xmlsoap.org/ws/2002/12/poli
unknown
http://tea.arpdabl.org/.
unknown
https://community.cloudflare.steamstatic.com/public/javascript/applications/community/main.js?v=gi31
unknown
https://voicelogging.pcs.v2s.msn.com/voicelogging.ashx
unknown
https://t.me/puffclou
149.154.167.99
http://www.symauth.com/rpa00
unknown
https://community.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016
unknown
http://tea.arpdabl
unknown
https://www.google.com/recaptcha/
unknown
https://checkout.steampowered.com/
unknown
http://www.info-zip.org/
unknown
http://schemas.xmlsoap.org/ws/2004/04/trust
unknown
https://community.cloudflare.steamstatic.com/public/javascript/applications/community/libraries~b28b
unknown
https://community.cloudflare.steamstatic.com/public/javascript/reportedcontent.js?v=-lZqrarogJr8&amp
unknown
https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.png
unknown
http://tea.arpdabl.orgxe
unknown
https://web.telegram.orgX
unknown
http://tea.arpdabl.org/:
unknown
http://www.passport.net/0
unknown
https://store.steampowered.com/;
unknown
http://tea.arpdablss.exe
unknown
https://store.steampowered.com/about/
unknown
https://community.cloudflare.steamstatic.com/
unknown
https://steamcommunity.com/my/wishlist/
unknown
https://t.me/
unknown
https://community.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=nc69vwog8R9p&l=
unknown
http://tea.arpdabl.org/Yo
unknown
http://tea.arp
unknown
http://ocsp.sectigo.com0
unknown
https://web.telegram.org
unknown
https://steamloopback.host
unknown
https://community.cloudflare.steamstatic.com/public/css/promo/summer2017/stickers.css?v=INiZALwvDIbb
unknown
https://help.steampowered.com/en/
unknown
https://steamcommunity.com/market/
unknown
https://store.steampowered.com/news/
unknown
http://schemas.xmlsoap.org/soap/envelope/
unknown
https://configuration.pcs.v2s.msn-tst.com/voiceconfiguration.ashx
unknown
http://crl3.digicert.co(m/D
unknown
https://community.cloudflare.steamstatic.com/public/javascript/global.js?v=3W_ge11SZngF&l=englis
unknown
http://messenger.live.com
unknown
https://t.me/puffclouW
unknown
http://store.steampowered.com/subscriber_agreement/
unknown
http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#
unknown
https://avatars.cloudflare.steamstatic.com/fef49e7fa7e1997310d70
unknown
https://community.cloudflare.steamstatic.com/public/javascript/applications/community/manifest.js?v=
unknown
https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org
unknown
https://recaptcha.net/recaptcha/;
unknown
http://tea.arpy
unknown
http://docs.oasis-open.org/wss/2004/XX/oasis-2004XX-wss-saml-token-profile-1.0#SAMLAssertionID
unknown
https://steamcommunity.com/discussions/
unknown
https://community.cloudflare.steamstatic.com/public/shared/javascr
unknown
https://store.steampowered.com/stats/
unknown
https://medal.tv
unknown
https://broadcast.st.dl.eccdnx.com
unknown
https://store.steampowered.com/steam_refunds/
unknown
https://community.cloudflare.steamstatic.com/public/images/skin_1/arrowDn9x5.gif
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
steamcommunity.com
104.102.49.254
t.me
149.154.167.99
tea.arpdabl.org
unknown

IPs

IP
Domain
Country
Malicious
65.21.246.249
unknown
United States
malicious
104.102.49.254
steamcommunity.com
United States
149.154.167.99
t.me
United Kingdom

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
{40DD6E20-7C17-11CE-A804-00AA003CA9F6} {000214EF-0000-0000-C000-000000000046} 0xFFFF

Memdumps

Base Address
Regiontype
Protect
Malicious
Download
445000
unkown
page readonly
malicious
5510000
direct allocation
page read and write
malicious
465000
unkown
page read and write
malicious
BCB1000
unkown
page read and write
E90000
heap
page read and write
1976C000
stack
page read and write
BCB1000
unkown
page read and write
51FE000
direct allocation
page read and write
6D4000
heap
page read and write
5189000
direct allocation
page read and write
275BA000
unkown
page read and write
27D0000
unkown
page read and write
2CD9000
trusted library allocation
page read and write
35B1000
heap
page read and write
9C4000
heap
page read and write
BA9E000
direct allocation
page read and write
2F06000
unkown
page read and write
A4E000
stack
page read and write
4FBD000
trusted library allocation
page read and write
BCB1000
unkown
page read and write
3476000
trusted library allocation
page read and write
3010000
unkown
page read and write
4DEF000
trusted library allocation
page read and write
9C4000
heap
page read and write
6F5000
heap
page read and write
5411000
unkown
page read and write
433000
unkown
page read and write
21FB000
heap
page read and write
1E53B000
stack
page read and write
1CE000
stack
page read and write
BCC0000
unkown
page read and write
544000
heap
page read and write
BCB1000
unkown
page read and write
BCD0000
unkown
page read and write
3597000
heap
page read and write
3186000
unkown
page read and write
9C4000
heap
page read and write
544000
heap
page read and write
25D4000
heap
page read and write
6D4000
heap
page read and write
3C43000
heap
page read and write
9C4000
heap
page read and write
3537000
heap
page read and write
BCB1000
unkown
page read and write
BCB1000
unkown
page read and write
6D4000
heap
page read and write
9C4000
heap
page read and write
BCB1000
unkown
page read and write
9C4000
heap
page read and write
6D4000
heap
page read and write
27501000
unkown
page execute read
298E000
heap
page read and write
2D0000
unkown
page readonly
6D4000
heap
page read and write
EF4000
heap
page read and write
BCB1000
unkown
page read and write
9C4000
heap
page read and write
1722E000
stack
page read and write
2FB6000
heap
page read and write
318000
unkown
page read and write
BCB1000
unkown
page read and write
9C4000
heap
page read and write
F46000
heap
page read and write
BCC7000
unkown
page read and write
2C44000
unkown
page read and write
27B0000
unkown
page readonly
9C4000
heap
page read and write
2C44000
unkown
page read and write
27501000
unkown
page execute read
9C4000
heap
page read and write
BCB1000
unkown
page read and write
4DC0000
unkown
page read and write
2FBC000
heap
page read and write
9C4000
heap
page read and write
9C4000
heap
page read and write
6D4000
heap
page read and write
1262F000
stack
page read and write
6D4000
heap
page read and write
F3A000
heap
page read and write
3AE0000
trusted library allocation
page read and write
BCB1000
unkown
page read and write
6D4000
heap
page read and write
5E9000
unkown
page read and write
364C000
heap
page read and write
323000
unkown
page readonly
5411000
unkown
page read and write
9C4000
heap
page read and write
BDD5000
unkown
page read and write
401000
unkown
page execute read
BCB1000
unkown
page read and write
6D4000
heap
page read and write
6D4000
heap
page read and write
BDC5000
unkown
page read and write
4E42000
trusted library allocation
page read and write
9E0000
heap
page read and write
4D3A000
heap
page read and write
318000
unkown
page write copy
9C4000
heap
page read and write
1BD40000
remote allocation
page read and write
3364000
unkown
page read and write
EED000
heap
page execute and read and write
BA29000
direct allocation
page read and write
B10000
heap
page read and write
9C4000
heap
page read and write
9C4000
heap
page read and write
BDE6000
unkown
page read and write
431000
unkown
page write copy
99E000
stack
page read and write
BEB0000
unclassified section
page read and write
287E000
heap
page read and write
6EF000
stack
page read and write
3E92000
unkown
page read and write
9C4000
heap
page read and write
9C4000
heap
page read and write
9C4000
heap
page read and write
59C000
heap
page read and write
9C4000
heap
page read and write
3088000
unkown
page read and write
5BE000
heap
page read and write
6D4000
heap
page read and write
9C4000
heap
page read and write
5410000
unkown
page read and write
EE9000
heap
page execute and read and write
29DE000
heap
page read and write
9C4000
heap
page read and write
371B000
heap
page read and write
35B1000
heap
page read and write
850000
heap
page read and write
3755000
heap
page read and write
275BA000
unkown
page read and write
6D4000
heap
page read and write
53A000
heap
page read and write
27C7000
heap
page read and write
EDB000
stack
page read and write
BCB1000
unkown
page read and write
150000
heap
page read and write
5DE000
unkown
page read and write
9C4000
heap
page read and write
140000
heap
page read and write
2F65000
unkown
page read and write
6D4000
heap
page read and write
35AA000
heap
page read and write
BCB1000
unkown
page read and write
BCB1000
unkown
page read and write
11DE000
stack
page read and write
DB000
stack
page read and write
66F000
stack
page read and write
544000
heap
page read and write
BCB1000
unkown
page read and write
1F5E000
heap
page read and write
4E71000
trusted library allocation
page read and write
2C44000
unkown
page read and write
F50000
unkown
page read and write
6D4000
heap
page read and write
6B0000
heap
page readonly
9C4000
heap
page read and write
3120000
heap
page read and write
BCB1000
unkown
page read and write
6D4000
heap
page read and write
35F7000
heap
page read and write
27E0000
direct allocation
page read and write
150000
heap
page read and write
BDB4000
unkown
page read and write
400000
unkown
page readonly
246BC000
stack
page read and write
616000
heap
page read and write
342E000
trusted library allocation
page read and write
420000
unkown
page readonly
3787000
heap
page read and write
544000
heap
page read and write
2FF0000
unkown
page read and write
544000
heap
page read and write
540000
heap
page read and write
61D000
heap
page read and write
24D1000
heap
page read and write
B900000
direct allocation
page read and write
31FA000
heap
page read and write
9C4000
heap
page read and write
E0E000
stack
page read and write
35B6000
heap
page read and write
BCB1000
unkown
page read and write
4F75000
trusted library allocation
page read and write
9C4000
heap
page read and write
2A81000
heap
page read and write
A0E000
stack
page read and write
4E0F000
trusted library allocation
page read and write
8FB000
unkown
page readonly
1BD7E000
stack
page read and write
2C44000
unkown
page read and write
2DF0000
heap
page read and write
3A0000
unkown
page readonly
401000
unkown
page execute read
3566000
heap
page read and write
BCB1000
unkown
page read and write
1F6C000
heap
page read and write
9C4000
heap
page read and write
79D000
heap
page read and write
B00000
heap
page read and write
9C4000
heap
page read and write
38AA000
heap
page read and write
3C09000
trusted library allocation
page read and write
A4EE000
stack
page read and write
2751000
heap
page read and write
1E32B000
stack
page read and write
27A7000
heap
page read and write
35F3000
heap
page read and write
2AAA000
heap
page read and write
3F0000
unkown
page readonly
1E540000
heap
page read and write
95B000
stack
page read and write
3624000
heap
page read and write
6D4000
heap
page read and write
3601000
heap
page read and write
D6000
stack
page read and write
BFA000
heap
page read and write
2981000
heap
page read and write
6D4000
heap
page read and write
BCB1000
unkown
page read and write
BCB0000
unkown
page read and write
BE07000
unkown
page read and write
82E000
stack
page read and write
530000
heap
page read and write
29A1000
heap
page read and write
544000
heap
page read and write
6D4000
heap
page read and write
8B4000
unkown
page readonly
850000
heap
page read and write
6D4000
heap
page read and write
180000
heap
page read and write
9A0000
heap
page read and write
2CAD000
stack
page read and write
6D4000
heap
page read and write
BCB1000
unkown
page read and write
2D8E000
unkown
page read and write
6D4000
heap
page read and write
2C44000
unkown
page read and write
302000
unkown
page readonly
6D0000
heap
page read and write
27C0000
heap
page read and write
BCB1000
unkown
page read and write
184000
heap
page read and write
4E4B000
trusted library allocation
page read and write
45F000
unkown
page read and write
6D4000
heap
page read and write
9C4000
heap
page read and write
9C0000
heap
page read and write
9C4000
heap
page read and write
5B0000
heap
page read and write
375B000
heap
page read and write
1712D000
stack
page read and write
8C1000
unkown
page readonly
9C4000
heap
page read and write
3C0D000
trusted library allocation
page read and write
6D4000
heap
page read and write
3C7E000
trusted library allocation
page read and write
3110000
unkown
page read and write
434000
unkown
page readonly
9C4000
heap
page read and write
459000
unkown
page read and write
9C4000
heap
page read and write
2BA0000
heap
page read and write
14BAE000
stack
page read and write
BCB1000
unkown
page read and write
58E000
stack
page read and write
BCB1000
unkown
page read and write
35AB000
heap
page read and write
2771000
heap
page read and write
401000
unkown
page execute read
171AF000
stack
page read and write
3530000
heap
page read and write
83C000
stack
page read and write
BE20000
unkown
page read and write
BE29000
unkown
page read and write
3A0000
unkown
page readonly
24D1000
heap
page read and write
10DE000
stack
page read and write
184000
heap
page read and write
35D8000
heap
page read and write
2CFD000
trusted library allocation
page read and write
2F7C000
heap
page read and write
19E000
stack
page read and write
323000
unkown
page readonly
3210000
unkown
page read and write
312D000
heap
page read and write
2D80000
heap
page read and write
2F6F000
heap
page read and write
431000
unkown
page write copy
BCB1000
unkown
page read and write
5060000
direct allocation
page read and write
357C000
heap
page read and write
35B6000
heap
page read and write
2A80000
heap
page read and write
D6000
stack
page read and write
BCB1000
unkown
page read and write
544000
heap
page read and write
400000
unkown
page readonly
BCB1000
unkown
page read and write
1AC000
stack
page read and write
7FAE000
stack
page read and write
DB000
stack
page read and write
6D4000
heap
page read and write
BA2D000
direct allocation
page read and write
400000
unkown
page readonly
35AA000
heap
page read and write
27A0000
unkown
page readonly
1716E000
stack
page read and write
D1D000
heap
page read and write
170000
heap
page read and write
2467C000
stack
page read and write
CFB000
stack
page read and write
E4E000
stack
page read and write
6D4000
heap
page read and write
275B9000
unkown
page write copy
BCB1000
unkown
page read and write
401000
unkown
page execute read
2AFA000
stack
page read and write
2D0000
unkown
page readonly
184000
heap
page read and write
7ED000
stack
page read and write
9C0000
heap
page read and write
9C4000
heap
page read and write
2CF9000
trusted library allocation
page read and write
544000
heap
page read and write
317D000
heap
page read and write
9C4000
heap
page read and write
302000
unkown
page readonly
421000
unkown
page execute read
8FB000
unkown
page readonly
2BD0000
trusted library allocation
page read and write
1BCFD000
stack
page read and write
9C000
stack
page read and write
9C4000
heap
page read and write
2D1000
unkown
page execute read
9C4000
heap
page read and write
661000
unkown
page read and write
1266E000
stack
page read and write
544000
heap
page read and write
2D6E000
trusted library allocation
page read and write
275BE000
unkown
page readonly
9C4000
heap
page read and write
1BD40000
remote allocation
page read and write
4E0A000
trusted library allocation
page read and write
9C4000
heap
page read and write
9C4000
heap
page read and write
F7D000
heap
page read and write
35D8000
heap
page read and write
370E000
heap
page read and write
171C0000
unkown
page read and write
197BB000
stack
page read and write
434000
unkown
page readonly
184000
heap
page read and write
184000
heap
page read and write
21E0000
heap
page read and write
6D4000
heap
page read and write
9C4000
heap
page read and write
3FB5000
unkown
page read and write
2C40000
heap
page read and write
BCB1000
unkown
page read and write
5543000
direct allocation
page read and write
BCB1000
unkown
page read and write
360C000
heap
page read and write
9C4000
heap
page read and write
518D000
direct allocation
page read and write
14BEE000
stack
page read and write
9C000
stack
page read and write
2A5B000
heap
page read and write
BE26000
unkown
page read and write
431000
unkown
page write copy
2C44000
unkown
page read and write
4E13000
trusted library allocation
page read and write
901000
unkown
page readonly
3249000
heap
page read and write
2000000
heap
page read and write
A8F000
stack
page read and write
433000
unkown
page read and write
BCB1000
unkown
page read and write
9C4000
heap
page read and write
9C4000
heap
page read and write
650000
unkown
page read and write
2001000
heap
page read and write
9C4000
heap
page read and write
27500000
unkown
page readonly
BDB0000
unkown
page read and write
285E000
heap
page read and write
2A81000
heap
page read and write
2CDD000
trusted library allocation
page read and write
3648000
heap
page read and write
9C4000
heap
page read and write
323000
unkown
page readonly
1E2000
stack
page read and write
417D000
heap
page read and write
448B000
heap
page read and write
6D4000
heap
page read and write
53E000
heap
page read and write
184000
heap
page read and write
3585000
heap
page read and write
9C4000
heap
page read and write
EE0000
heap
page read and write
B18000
heap
page read and write
3A0000
unkown
page readonly
31B000
unkown
page readonly
1E0000
heap
page read and write
6D4000
heap
page read and write
6C0000
heap
page read and write
9D0000
heap
page read and write
2C44000
unkown
page read and write
5BA000
heap
page read and write
F9E000
stack
page read and write
BDBA000
unkown
page read and write
6D4000
heap
page read and write
6A0000
heap
page read and write
275B9000
unkown
page write copy
2D1000
unkown
page execute read
2C44000
unkown
page read and write
2DFC000
heap
page read and write
415F000
heap
page read and write
9C4000
heap
page read and write
596000
heap
page read and write
1E3A0000
unkown
page read and write
210C000
heap
page read and write
434000
unkown
page readonly
2790000
unkown
page readonly
1E3A0000
unkown
page read and write
2D4E000
trusted library allocation
page read and write
2FEE000
unkown
page read and write
35FD000
heap
page read and write
5DC000
stack
page read and write
1DE000
stack
page read and write
9C4000
heap
page read and write
9C4000
heap
page read and write
160000
heap
page read and write
6EE000
stack
page read and write
331C000
unkown
page read and write
3F0000
unkown
page readonly
668000
unkown
page write copy
1E36A000
stack
page read and write
9C4000
heap
page read and write
6D4000
heap
page read and write
1BD40000
remote allocation
page read and write
8B4000
unkown
page readonly
BCB1000
unkown
page read and write
9C4000
heap
page read and write
9C4000
heap
page read and write
275C000
stack
page read and write
26A3000
heap
page read and write
2C0E000
unkown
page read and write
27500000
unkown
page readonly
24D0000
heap
page read and write
1ED000
stack
page read and write
184000
heap
page read and write
9C4000
heap
page read and write
35B3000
heap
page read and write
6D4000
heap
page read and write
8C1000
unkown
page readonly
35D8000
heap
page read and write
1E2D0000
unkown
page read and write
BCB1000
unkown
page read and write
44E000
unkown
page read and write
880000
heap
page read and write
BCB1000
unkown
page read and write
1E2BF000
stack
page read and write
663000
unkown
page readonly
9C4000
heap
page read and write
2209000
heap
page read and write
35B6000
heap
page read and write
6D4000
heap
page read and write
544000
heap
page read and write
6D4000
heap
page read and write
31B000
unkown
page readonly
3615000
heap
page read and write
359F000
heap
page read and write
4C17000
heap
page read and write
9C4000
heap
page read and write
400000
unkown
page readonly
9C4000
heap
page read and write
901000
unkown
page readonly
434000
unkown
page readonly
6AE000
stack
page read and write
3014000
unkown
page read and write
184000
heap
page read and write
2463C000
stack
page read and write
BCB1000
unkown
page read and write
2BB0000
trusted library allocation
page read and write
44D6000
heap
page read and write
6D4000
heap
page read and write
9C4000
heap
page read and write
9C4000
heap
page read and write
275BE000
unkown
page readonly
1F40000
heap
page read and write
BCB1000
unkown
page read and write
2E90000
unkown
page read and write
4E68000
trusted library allocation
page read and write
431000
unkown
page write copy
39E1000
heap
page read and write
4122000
heap
page read and write
31B000
unkown
page readonly
140000
heap
page read and write
BCB1000
unkown
page read and write
9C4000
heap
page read and write
6D4000
heap
page read and write
BCB1000
unkown
page read and write
DD000
stack
page read and write
BCB1000
unkown
page read and write
4DC1000
unkown
page read and write
6D4000
heap
page read and write
6D4000
heap
page read and write
3014000
unkown
page read and write
298B000
heap
page read and write
2D4E000
unkown
page read and write
3670000
heap
page read and write
3F0000
unkown
page readonly
9C4000
heap
page read and write
45B000
unkown
page read and write
9C4000
heap
page read and write
6D4000
heap
page read and write
2C44000
unkown
page read and write
9C4000
heap
page read and write
9C4000
heap
page read and write
5D1000
heap
page read and write
BCB1000
unkown
page read and write
9C4000
heap
page read and write
6D4000
heap
page read and write
There are 512 hidden memdumps, click here to show them.