IOC Report
PRE-ALERT.exe

FilesProcessesURLsDomainsIPsRegistryMemdumps642010010Label

Files

File Path
Type
Category
Malicious
Download
PRE-ALERT.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
 malicious
C:\Users\user\AppData\Local\teepees\caprone.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\caprone.vbs
data
dropped
 malicious
C:\Users\user\AppData\Local\Temp\autDCF.tmp
data
dropped
C:\Users\user\AppData\Local\Temp\autDF7B.tmp
data
dropped
C:\Users\user\AppData\Local\Temp\autE3C1.tmp
data
dropped
C:\Users\user\AppData\Local\Temp\turbinate
data
dropped

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\PRE-ALERT.exe
"C:\Users\user\Desktop\PRE-ALERT.exe"
 malicious
C:\Users\user\AppData\Local\teepees\caprone.exe
"C:\Users\user\Desktop\PRE-ALERT.exe"
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
"C:\Users\user\Desktop\PRE-ALERT.exe"
 malicious
C:\Windows\System32\wscript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\caprone.vbs"
malicious
C:\Users\user\AppData\Local\teepees\caprone.exe
"C:\Users\user\AppData\Local\teepees\caprone.exe"
malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
"C:\Users\user\AppData\Local\teepees\caprone.exe"
malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1

URLs

Name
IP
Malicious
https://reallyfreegeoip.org
unknown
https://reallyfreegeoip.org/xml/45.92.229.138
104.21.80.1
http://checkip.dyndns.org
unknown
http://checkip.dyndns.org/
193.122.130.0
https://reallyfreegeoip.org/xml/45.92.229.138$
unknown
http://checkip.dyndns.com
unknown
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
http://checkip.dyndns.org/q
unknown
http://reallyfreegeoip.org
unknown
https://reallyfreegeoip.org/xml/
unknown

Domains

Name
IP
Malicious
reallyfreegeoip.org
104.21.80.1
checkip.dyndns.com
193.122.130.0
checkip.dyndns.org
unknown

IPs

IP
Domain
Country
Malicious
193.122.130.0
checkip.dyndns.com
United States
104.21.80.1
reallyfreegeoip.org
United States

Registry

Path
Value
Malicious
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
FileDirectory
There are 5 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
Download
22D1000
trusted library allocation
page read and write
 malicious
24A1000
trusted library allocation
page read and write
 malicious
23F0000
direct allocation
page read and write
 malicious
402000
system
page execute and read and write
 malicious
18E0000
direct allocation
page read and write
 malicious
2AB1000
trusted library allocation
page read and write
 malicious
2C85000
trusted library allocation
page read and write
 malicious
380000
unkown
page readonly
2900000
heap
page read and write
2536000
trusted library allocation
page read and write
5977000
heap
page read and write
29D6000
trusted library allocation
page read and write
243C000
trusted library allocation
page read and write
4902000
trusted library allocation
page read and write
2C69000
trusted library allocation
page read and write
24C0000
heap
page read and write
5C0000
heap
page read and write
108F000
heap
page execute and read and write
19B0000
heap
page read and write
A50000
heap
page read and write
1950000
heap
page read and write
10C8000
heap
page read and write
E40000
unkown
page readonly
40B3000
direct allocation
page read and write
434000
unkown
page readonly
5A6E000
stack
page read and write
1907000
heap
page read and write
48F6000
trusted library allocation
page read and write
11A6000
heap
page read and write
4D5E000
stack
page read and write
23DE000
trusted library allocation
page read and write
1936000
heap
page read and write
32F9000
trusted library allocation
page read and write
C08000
heap
page read and write
3990000
direct allocation
page read and write
5DF0000
trusted library allocation
page read and write
184A000
heap
page read and write
1770000
heap
page read and write
FC0000
heap
page read and write
F44000
trusted library allocation
page read and write
4259000
direct allocation
page read and write
2D0A000
trusted library allocation
page read and write
380000
unkown
page readonly
4F66000
trusted library allocation
page read and write
1BF4D430000
heap
page read and write
1630000
heap
page read and write
18A7000
heap
page read and write
29E2000
trusted library allocation
page read and write
35D1AFF000
stack
page read and write
2524000
trusted library allocation
page read and write
1BF4BA5E000
heap
page read and write
4130000
direct allocation
page read and write
35D21FB000
stack
page read and write
F43000
trusted library allocation
page execute and read and write
7F0000
trusted library allocation
page read and write
42CE000
direct allocation
page read and write
28F0000
trusted library allocation
page read and write
4259000
direct allocation
page read and write
35D17FE000
stack
page read and write
4130000
direct allocation
page read and write
42CE000
direct allocation
page read and write
2532000
trusted library allocation
page read and write
3B45000
trusted library allocation
page read and write
5DB3000
trusted library allocation
page read and write
15F0000
heap
page read and write
4130000
direct allocation
page read and write
17BE000
stack
page read and write
5F4E000
stack
page read and write
7ED000
trusted library allocation
page execute and read and write
1186000
heap
page read and write
2424000
heap
page read and write
62CE000
stack
page read and write
1857000
heap
page read and write
DFF000
stack
page read and write
4130000
direct allocation
page read and write
208E000
stack
page read and write
48FE000
trusted library allocation
page read and write
16B7000
heap
page read and write
1B7000
stack
page read and write
3AB3000
direct allocation
page read and write
2B97000
trusted library allocation
page read and write
40B3000
direct allocation
page read and write
447000
unkown
page readonly
10D6000
heap
page read and write
1BF4BBBE000
heap
page read and write
42CE000
direct allocation
page read and write
E41000
unkown
page execute read
528E000
trusted library allocation
page read and write
2D40000
trusted library allocation
page read and write
4936000
trusted library allocation
page read and write
5BEE000
stack
page read and write
42CE000
direct allocation
page read and write
3990000
direct allocation
page read and write
1186000
heap
page read and write
3C5D000
direct allocation
page read and write
64A0000
trusted library allocation
page execute and read and write
ECF000
unkown
page readonly
4F60000
trusted library allocation
page read and write
4D0000
heap
page read and write
5CAE000
stack
page read and write
2D18000
trusted library allocation
page read and write
11C6000
heap
page read and write
29F0000
trusted library allocation
page read and write
595B000
heap
page read and write
2B69000
trusted library allocation
page read and write
2D4C000
trusted library allocation
page read and write
5DD0000
trusted library allocation
page execute and read and write
3AB1000
trusted library allocation
page read and write
29CA000
trusted library allocation
page read and write
1671000
heap
page execute and read and write
2A33000
heap
page read and write
7E0000
trusted library allocation
page read and write
10B3000
heap
page read and write
2D00000
trusted library allocation
page read and write
5F58000
heap
page read and write
3AB3000
direct allocation
page read and write
1834000
heap
page read and write
53AF000
stack
page read and write
17A6000
heap
page read and write
22CF000
stack
page read and write
5298000
trusted library allocation
page read and write
4A6A000
trusted library allocation
page read and write
2426000
trusted library allocation
page read and write
3B30000
direct allocation
page read and write
4259000
direct allocation
page read and write
381000
unkown
page execute read
1662000
heap
page read and write
13DB000
stack
page read and write
B9000
stack
page read and write
3355000
trusted library allocation
page read and write
2CFA000
trusted library allocation
page read and write
807000
trusted library allocation
page execute and read and write
5EA0000
trusted library allocation
page execute and read and write
1040000
heap
page read and write
1058000
heap
page read and write
2B61000
trusted library allocation
page read and write
3C59000
direct allocation
page read and write
1842000
heap
page execute and read and write
49C3000
heap
page read and write
3CCE000
direct allocation
page read and write
2388000
trusted library allocation
page read and write
241A000
trusted library allocation
page read and write
15CE000
stack
page read and write
176D000
stack
page read and write
27AE000
stack
page read and write
3AD9000
trusted library allocation
page read and write
4934000
trusted library allocation
page read and write
EB0000
heap
page read and write
3990000
direct allocation
page read and write
2BB9000
trusted library allocation
page read and write
20C0000
heap
page read and write
624E000
stack
page read and write
69D0000
heap
page read and write
1887000
heap
page read and write
2561000
trusted library allocation
page read and write
F77000
trusted library allocation
page execute and read and write
2BBD000
trusted library allocation
page read and write
15CE000
stack
page read and write
2A9D000
stack
page read and write
E20000
trusted library allocation
page read and write
10D7000
heap
page read and write
1786000
heap
page read and write
1672000
heap
page read and write
1BF4B9C0000
heap
page read and write
2500000
heap
page read and write
102E000
stack
page read and write
3C59000
direct allocation
page read and write
1833000
heap
page read and write
2457000
trusted library allocation
page read and write
35D16FA000
stack
page read and write
35D1BFF000
stack
page read and write
4259000
direct allocation
page read and write
496F000
trusted library allocation
page read and write
10F6000
heap
page read and write
5030000
heap
page read and write
1186000
heap
page read and write
1887000
heap
page read and write
608D000
stack
page read and write
2B7C000
trusted library allocation
page read and write
5C8000
heap
page read and write
548A000
trusted library allocation
page read and write
3F90000
direct allocation
page read and write
DBF000
stack
page read and write
2BC1000
trusted library allocation
page read and write
29DD000
trusted library allocation
page read and write
60CE000
stack
page read and write
59B3000
heap
page read and write
5C6E000
stack
page read and write
FA0000
trusted library allocation
page execute and read and write
5DAE000
stack
page read and write
F6A000
trusted library allocation
page execute and read and write
42CE000
direct allocation
page read and write
2C12000
trusted library allocation
page read and write
80B000
trusted library allocation
page execute and read and write
6480000
heap
page read and write
5E80000
heap
page read and write
43E000
unkown
page write copy
16B7000
heap
page read and write
2398000
trusted library allocation
page read and write
5DE0000
trusted library allocation
page read and write
E40000
unkown
page readonly
4259000
direct allocation
page read and write
1888000
heap
page read and write
2380000
trusted library allocation
page read and write
28AE000
stack
page read and write
10D6000
heap
page read and write
2D52000
trusted library allocation
page read and write
49C0000
heap
page read and write
29B0000
trusted library allocation
page read and write
3B42000
trusted library allocation
page read and write
59A6000
heap
page read and write
1580000
heap
page read and write
2B64000
trusted library allocation
page read and write
5280000
trusted library allocation
page read and write
1BF4BBB5000
heap
page read and write
2465000
trusted library allocation
page read and write
43E000
unkown
page read and write
63CE000
stack
page read and write
3F90000
direct allocation
page read and write
35D1FFE000
stack
page read and write
2BFE000
trusted library allocation
page read and write
21CE000
stack
page read and write
40B3000
direct allocation
page read and write
5DBA000
trusted library allocation
page read and write
490A000
trusted library allocation
page read and write
F02000
unkown
page write copy
242E000
trusted library allocation
page read and write
AC5000
heap
page read and write
3AB3000
direct allocation
page read and write
4130000
direct allocation
page read and write
241E000
trusted library allocation
page read and write
4F70000
trusted library allocation
page execute and read and write
1073000
heap
page read and write
10A6000
heap
page read and write
381000
unkown
page execute read
A9E000
stack
page read and write
425D000
direct allocation
page read and write
BDE000
stack
page read and write
41D1000
direct allocation
page read and write
1654000
heap
page read and write
1843000
heap
page read and write
1687000
heap
page read and write
2BFA000
trusted library allocation
page read and write
336B000
trusted library allocation
page read and write
EAE000
stack
page read and write
DCF000
stack
page read and write
23D2000
trusted library allocation
page read and write
1887000
heap
page read and write
2BF6000
trusted library allocation
page read and write
3CCE000
direct allocation
page read and write
F07000
unkown
page readonly
1887000
heap
page read and write
44AD000
stack
page read and write
40F000
unkown
page readonly
592F000
stack
page read and write
2C06000
trusted library allocation
page read and write
4F6B000
trusted library allocation
page read and write
1672000
heap
page read and write
16B7000
heap
page read and write
1887000
heap
page read and write
1650000
heap
page read and write
1638000
heap
page read and write
2B7E000
trusted library allocation
page read and write
2514000
trusted library allocation
page read and write
4110000
direct allocation
page read and write
183D000
heap
page read and write
6360000
heap
page read and write
EFE000
unkown
page read and write
6EA000
stack
page read and write
2C0A000
trusted library allocation
page read and write
4960000
trusted library allocation
page read and write
4A60000
trusted library allocation
page read and write
4A64000
trusted library allocation
page read and write
42CE000
direct allocation
page read and write
3C5D000
direct allocation
page read and write
35D1EFF000
stack
page read and write
256C000
trusted library allocation
page read and write
425D000
direct allocation
page read and write
3CCE000
direct allocation
page read and write
239B000
trusted library allocation
page read and write
40F000
unkown
page readonly
40B3000
direct allocation
page read and write
3C59000
direct allocation
page read and write
2C64000
trusted library allocation
page read and write
1BF4B9A0000
heap
page read and write
63F0000
trusted library allocation
page read and write
2BB5000
trusted library allocation
page read and write
23B3000
trusted library allocation
page read and write
23DA000
trusted library allocation
page read and write
7BE000
stack
page read and write
1FFE000
stack
page read and write
5290000
trusted library allocation
page read and write
3C59000
direct allocation
page read and write
442000
unkown
page write copy
3B38000
trusted library allocation
page read and write
C38000
heap
page read and write
2AA0000
heap
page execute and read and write
1186000
heap
page read and write
9E0000
trusted library allocation
page execute and read and write
F4D000
trusted library allocation
page execute and read and write
5483000
trusted library allocation
page read and write
C1F000
heap
page read and write
434000
unkown
page readonly
1096000
heap
page execute and read and write
1728000
heap
page read and write
1186000
heap
page read and write
AA0000
heap
page read and write
2C49000
trusted library allocation
page read and write
1910000
direct allocation
page read and write
3AB3000
direct allocation
page read and write
3AB3000
direct allocation
page read and write
4922000
trusted library allocation
page read and write
20B0000
trusted library allocation
page read and write
1833000
heap
page read and write
F3E000
stack
page read and write
434000
unkown
page readonly
2420000
heap
page read and write
7D3000
trusted library allocation
page execute and read and write
F62000
trusted library allocation
page read and write
5F75000
heap
page read and write
400000
system
page execute and read and write
13BE000
stack
page read and write
4C50000
heap
page execute and read and write
10D6000
heap
page read and write
5C2E000
stack
page read and write
7DD000
trusted library allocation
page execute and read and write
49E000
stack
page read and write
548F000
trusted library allocation
page read and write
4259000
direct allocation
page read and write
204E000
stack
page read and write
610E000
stack
page read and write
16B7000
heap
page read and write
335F000
trusted library allocation
page read and write
4BAE000
stack
page read and write
5AEE000
stack
page read and write
2420000
heap
page read and write
1083000
heap
page read and write
3C5D000
direct allocation
page read and write
381000
unkown
page execute read
5490000
trusted library allocation
page execute and read and write
2416000
trusted library allocation
page read and write
32D1000
trusted library allocation
page read and write
255A000
trusted library allocation
page read and write
4F68000
trusted library allocation
page read and write
2D1C000
trusted library allocation
page read and write
381000
unkown
page execute read
7D0000
trusted library allocation
page read and write
AC0000
heap
page read and write
7C0000
trusted library allocation
page read and write
5930000
heap
page read and write
1082000
heap
page read and write
237B000
trusted library allocation
page read and write
16D7000
heap
page read and write
5E50000
trusted library allocation
page read and write
2422000
trusted library allocation
page read and write
F07000
unkown
page readonly
F40000
trusted library allocation
page read and write
1843000
heap
page read and write
1976000
heap
page read and write
7E7000
stack
page read and write
2090000
heap
page read and write
F7B000
trusted library allocation
page execute and read and write
3AB3000
direct allocation
page read and write
63E0000
trusted library allocation
page read and write
2A30000
heap
page read and write
184F000
stack
page read and write
2C0E000
trusted library allocation
page read and write
2B6C000
trusted library allocation
page read and write
1090000
heap
page read and write
3CCE000
direct allocation
page read and write
16B7000
heap
page read and write
49B0000
trusted library allocation
page read and write
48F0000
trusted library allocation
page read and write
5AAF000
stack
page read and write
C2B000
heap
page read and write
1664000
heap
page read and write
1678000
heap
page execute and read and write
2BAC000
trusted library allocation
page read and write
529B000
trusted library allocation
page read and write
2481000
trusted library allocation
page read and write
35D1DFD000
stack
page read and write
2566000
trusted library allocation
page read and write
491D000
trusted library allocation
page read and write
E41000
unkown
page execute read
5296000
trusted library allocation
page read and write
17C0000
heap
page read and write
3F90000
direct allocation
page read and write
3B30000
direct allocation
page read and write
2383000
trusted library allocation
page read and write
2C02000
trusted library allocation
page read and write
4A50000
trusted library allocation
page execute and read and write
10D6000
heap
page read and write
2412000
trusted library allocation
page read and write
10D6000
heap
page read and write
1808000
heap
page read and write
3C59000
direct allocation
page read and write
29CE000
trusted library allocation
page read and write
434000
unkown
page readonly
1BF4B9F5000
heap
page read and write
3B4E000
trusted library allocation
page read and write
3C59000
direct allocation
page read and write
7FA000
trusted library allocation
page execute and read and write
1BF4BA68000
heap
page read and write
620E000
stack
page read and write
43E000
unkown
page read and write
43E000
unkown
page write copy
251A000
trusted library allocation
page read and write
2C77000
trusted library allocation
page read and write
40F000
unkown
page readonly
10D6000
heap
page read and write
40B3000
direct allocation
page read and write
6AD000
heap
page read and write
1679000
heap
page read and write
47F0000
heap
page read and write
3F90000
direct allocation
page read and write
546E000
stack
page read and write
184A000
heap
page read and write
DFA000
stack
page read and write
1887000
heap
page read and write
BE0000
heap
page read and write
48FB000
trusted library allocation
page read and write
29D1000
trusted library allocation
page read and write
4130000
direct allocation
page read and write
43AD000
stack
page read and write
F75000
trusted library allocation
page execute and read and write
3990000
direct allocation
page read and write
1082000
heap
page read and write
10CA000
heap
page read and write
9F0000
heap
page read and write
3CCE000
direct allocation
page read and write
4940000
trusted library allocation
page read and write
16B7000
heap
page read and write
447000
unkown
page readonly
1663000
heap
page read and write
3B30000
direct allocation
page read and write
4F80000
trusted library allocation
page read and write
3C5D000
direct allocation
page read and write
3B30000
direct allocation
page read and write
250F000
trusted library allocation
page read and write
EFE000
unkown
page write copy
1050000
heap
page read and write
EF4000
unkown
page readonly
4930000
trusted library allocation
page read and write
2A10000
trusted library allocation
page read and write
1937000
heap
page read and write
1800000
heap
page read and write
FB0000
trusted library allocation
page read and write
425D000
direct allocation
page read and write
4911000
trusted library allocation
page read and write
1460000
heap
page read and write
F72000
trusted library allocation
page read and write
2D13000
trusted library allocation
page read and write
7FA000
stack
page read and write
4A0E000
stack
page read and write
1887000
heap
page read and write
F50000
trusted library allocation
page read and write
16B8000
heap
page read and write
1BF4B970000
heap
page read and write
ECF000
unkown
page readonly
10D6000
heap
page read and write
4D5000
heap
page read and write
805000
trusted library allocation
page execute and read and write
1BF4BA23000
heap
page read and write
7F6000
trusted library allocation
page execute and read and write
4916000
trusted library allocation
page read and write
23D6000
trusted library allocation
page read and write
35D20FE000
stack
page read and write
1068000
heap
page read and write
5DB0000
trusted library allocation
page read and write
5EA000
heap
page read and write
425D000
direct allocation
page read and write
425D000
direct allocation
page read and write
380000
unkown
page readonly
35D18FE000
stack
page read and write
3B30000
direct allocation
page read and write
442000
unkown
page write copy
1BF4BA5C000
heap
page read and write
333B000
trusted library allocation
page read and write
29BB000
trusted library allocation
page read and write
29B6000
trusted library allocation
page read and write
40F000
unkown
page readonly
3990000
direct allocation
page read and write
23C9000
trusted library allocation
page read and write
3B50000
heap
page read and write
447000
unkown
page readonly
3C5D000
direct allocation
page read and write
4A0000
heap
page read and write
13CE000
stack
page read and write
1090000
heap
page read and write
628E000
stack
page read and write
6400000
trusted library allocation
page read and write
F5D000
trusted library allocation
page execute and read and write
FEA000
stack
page read and write
F60000
trusted library allocation
page read and write
DDB000
stack
page read and write
2485000
trusted library allocation
page read and write
2C2D000
trusted library allocation
page read and write
7F2000
trusted library allocation
page read and write
1187000
heap
page read and write
5480000
trusted library allocation
page read and write
E60000
heap
page read and write
1097000
heap
page read and write
840000
heap
page read and write
830000
heap
page execute and read and write
4800000
heap
page read and write
4A6E000
trusted library allocation
page read and write
108A000
heap
page read and write
355F000
stack
page read and write
1BF4BA66000
heap
page read and write
40B3000
direct allocation
page read and write
1766000
heap
page read and write
4F5E000
stack
page read and write
7D4000
trusted library allocation
page read and write
2C1F000
trusted library allocation
page read and write
490E000
trusted library allocation
page read and write
41C3000
direct allocation
page read and write
1767000
heap
page read and write
16B7000
heap
page read and write
3362000
trusted library allocation
page read and write
2C3B000
trusted library allocation
page read and write
10D6000
heap
page read and write
1954000
heap
page read and write
2CF5000
trusted library allocation
page read and write
40E0000
direct allocation
page read and write
13EF000
stack
page read and write
1E2F000
stack
page read and write
63D0000
trusted library allocation
page execute and read and write
15BE000
stack
page read and write
5F8000
heap
page read and write
3CCE000
direct allocation
page read and write
F66000
trusted library allocation
page execute and read and write
5DBF000
trusted library allocation
page read and write
1956000
heap
page read and write
5F81000
heap
page read and write
3C5D000
direct allocation
page read and write
2D47000
trusted library allocation
page read and write
5F50000
heap
page read and write
10D6000
heap
page read and write
380000
unkown
page readonly
802000
trusted library allocation
page read and write
3F90000
direct allocation
page read and write
1824000
heap
page read and write
15DB000
stack
page read and write
222E000
stack
page read and write
252D000
trusted library allocation
page read and write
595D000
heap
page read and write
1BF4BBB0000
heap
page read and write
E30000
heap
page read and write
28ED000
stack
page read and write
29BE000
trusted library allocation
page read and write
DFC000
stack
page read and write
15FC000
stack
page read and write
F10000
heap
page read and write
450000
heap
page read and write
166C000
heap
page read and write
447000
unkown
page readonly
23FE000
stack
page read and write
1BF4B980000
heap
page read and write
1186000
heap
page read and write
157E000
stack
page read and write
3B30000
direct allocation
page read and write
1186000
heap
page read and write
238C000
trusted library allocation
page read and write
5DC0000
trusted library allocation
page execute and read and write
3F90000
direct allocation
page read and write
3B54000
heap
page read and write
13FC000
stack
page read and write
52A0000
heap
page execute and read and write
5F70000
heap
page read and write
23D0000
heap
page read and write
3990000
direct allocation
page read and write
242A000
trusted library allocation
page read and write
5470000
trusted library allocation
page execute and read and write
EF4000
unkown
page readonly
425D000
direct allocation
page read and write
5270000
trusted library allocation
page execute and read and write
C00000
heap
page read and write
1BF4B9C8000
heap
page read and write
3B1E000
trusted library allocation
page read and write
There are 569 hidden memdumps, click here to show them.