Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
BiiRGnhWx8.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
||
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 62919 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
modified
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\BiiRGnhWx8.dll"
|
||
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\BiiRGnhWx8.dll
|
||
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\BiiRGnhWx8.dll",#1
|
||
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\BiiRGnhWx8.dll,DllRegisterServer
|
||
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\JEHCjtepagfsrQz\jHBB.dll"
|
||
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\HdSKRzl\HIWJamnkzbbhMRYe.dll"
|
||
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\IDqnZePrFBC\qFcZEWbJbr.dll"
|
||
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\FTRWInMVKbBAM\OqXi.dll"
|
||
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe" "C:\Windows\system32\JEHCjtepagfsrQz\jHBB.dll
|
||
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Users\user\AppData\Local\CFQcAaf\alGqQjfnqeipsC.dll"
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\BiiRGnhWx8.dll",#1
|
There are 2 hidden processes, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://112.105.115.71:8080/
|
unknown
|
||
https://172.105.115.71:8080/s.dll
|
unknown
|
||
https://172.105.115.71:8080/fhbapco/qwoqdrltpngtcons/xmltlyltysiyxdbk/rxucyoknpgrotxw/
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
172.105.115.71
|
unknown
|
United States
|
||
188.165.79.151
|
unknown
|
France
|
||
196.44.98.190
|
unknown
|
Ghana
|
||
174.138.33.49
|
unknown
|
United States
|
||
36.67.23.59
|
unknown
|
Indonesia
|
||
103.41.204.169
|
unknown
|
Indonesia
|
||
85.214.67.203
|
unknown
|
Germany
|
||
83.229.80.93
|
unknown
|
United Kingdom
|
||
198.199.70.22
|
unknown
|
United States
|
||
93.104.209.107
|
unknown
|
Germany
|
||
186.250.48.5
|
unknown
|
Brazil
|
||
209.239.112.82
|
unknown
|
United States
|
||
175.126.176.79
|
unknown
|
Korea Republic of
|
||
128.199.242.164
|
unknown
|
United Kingdom
|
||
178.238.225.252
|
unknown
|
Germany
|
||
46.101.98.60
|
unknown
|
Netherlands
|
||
190.145.8.4
|
unknown
|
Colombia
|
||
82.98.180.154
|
unknown
|
Spain
|
||
103.71.99.57
|
unknown
|
India
|
||
87.106.97.83
|
unknown
|
Germany
|
||
103.254.12.236
|
unknown
|
Viet Nam
|
||
103.85.95.4
|
unknown
|
Indonesia
|
||
202.134.4.210
|
unknown
|
Indonesia
|
||
165.22.254.236
|
unknown
|
United States
|
||
78.47.204.80
|
unknown
|
Germany
|
||
118.98.72.86
|
unknown
|
Indonesia
|
||
139.59.80.108
|
unknown
|
Singapore
|
||
104.244.79.94
|
unknown
|
United States
|
||
37.44.244.177
|
unknown
|
Germany
|
||
51.75.33.122
|
unknown
|
France
|
||
160.16.143.191
|
unknown
|
Japan
|
||
103.56.149.105
|
unknown
|
Indonesia
|
||
85.25.120.45
|
unknown
|
Germany
|
||
139.196.72.155
|
unknown
|
China
|
||
115.178.55.22
|
unknown
|
Indonesia
|
||
103.126.216.86
|
unknown
|
Bangladesh
|
||
128.199.217.206
|
unknown
|
United Kingdom
|
||
114.79.130.68
|
unknown
|
India
|
||
103.224.241.74
|
unknown
|
India
|
||
210.57.209.142
|
unknown
|
Indonesia
|
||
202.28.34.99
|
unknown
|
Thailand
|
||
80.211.107.116
|
unknown
|
Italy
|
||
54.37.228.122
|
unknown
|
France
|
||
218.38.121.17
|
unknown
|
Korea Republic of
|
||
185.148.169.10
|
unknown
|
Germany
|
||
195.77.239.39
|
unknown
|
Spain
|
||
178.62.112.199
|
unknown
|
European Union
|
||
62.171.178.147
|
unknown
|
United Kingdom
|
||
64.227.55.231
|
unknown
|
United States
|
There are 39 hidden IPs, click here to show them.
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
jHBB.dll
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
180001000
|
direct allocation
|
page execute read
|
||
244E2B30000
|
direct allocation
|
page execute and read and write
|
||
180001000
|
direct allocation
|
page execute read
|
||
190E8B40000
|
direct allocation
|
page execute and read and write
|
||
239F3890000
|
direct allocation
|
page execute and read and write
|
||
180001000
|
direct allocation
|
page execute read
|
||
180001000
|
direct allocation
|
page execute read
|
||
3B0000
|
direct allocation
|
page execute and read and write
|
||
21D0000
|
direct allocation
|
page execute and read and write
|
||
180001000
|
direct allocation
|
page execute read
|
||
880000
|
direct allocation
|
page execute and read and write
|
||
180001000
|
direct allocation
|
page execute read
|
||
3AA60FE000
|
stack
|
page read and write
|
||
8EE000
|
stack
|
page read and write
|
||
2730000
|
heap
|
page read and write
|
||
190E8B7E000
|
heap
|
page read and write
|
||
18002C000
|
direct allocation
|
page read and write
|
||
625000
|
heap
|
page read and write
|
||
7FFA0AEE7000
|
unkown
|
page readonly
|
||
7D7000
|
heap
|
page read and write
|
||
244E28F3000
|
heap
|
page read and write
|
||
8C5000
|
heap
|
page read and write
|
||
7FF000
|
heap
|
page read and write
|
||
DB5000
|
heap
|
page read and write
|
||
18002D000
|
direct allocation
|
page readonly
|
||
5280000
|
trusted library allocation
|
page read and write
|
||
810000
|
heap
|
page read and write
|
||
7FFA0AE98000
|
unkown
|
page readonly
|
||
6C5000
|
heap
|
page read and write
|
||
239F38D0000
|
heap
|
page read and write
|
||
DD0000
|
heap
|
page read and write
|
||
6C5000
|
heap
|
page read and write
|
||
645000
|
heap
|
page read and write
|
||
676000
|
heap
|
page read and write
|
||
190E8E50000
|
heap
|
page readonly
|
||
239F3927000
|
heap
|
page read and write
|
||
244E2780000
|
heap
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
7FFA0AE60000
|
unkown
|
page readonly
|
||
6DA000
|
heap
|
page read and write
|
||
7FFA0AE60000
|
unkown
|
page readonly
|
||
DB5000
|
heap
|
page read and write
|
||
244E2BA0000
|
heap
|
page read and write
|
||
28A6000
|
heap
|
page read and write
|
||
239F5460000
|
heap
|
page read and write
|
||
7D7000
|
heap
|
page read and write
|
||
679000
|
heap
|
page read and write
|
||
C6F000
|
heap
|
page read and write
|
||
7FFA0AEE5000
|
unkown
|
page readonly
|
||
A30000
|
heap
|
page read and write
|
||
6D8000
|
heap
|
page read and write
|
||
6C7000
|
heap
|
page read and write
|
||
560E000
|
stack
|
page read and write
|
||
815000
|
heap
|
page read and write
|
||
2711000
|
heap
|
page read and write
|
||
239F390D000
|
heap
|
page read and write
|
||
B9A3E7E000
|
stack
|
page read and write
|
||
2000000
|
remote allocation
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
6DF000
|
heap
|
page read and write
|
||
B9A3B4E000
|
stack
|
page read and write
|
||
DA5000
|
heap
|
page read and write
|
||
EB5000
|
heap
|
page read and write
|
||
6BC000
|
heap
|
page read and write
|
||
2731000
|
heap
|
page read and write
|
||
699000
|
heap
|
page read and write
|
||
EB5000
|
heap
|
page read and write
|
||
67F000
|
heap
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
269C000
|
stack
|
page read and write
|
||
645000
|
heap
|
page read and write
|
||
7FFA0AEE2000
|
unkown
|
page readonly
|
||
676000
|
heap
|
page read and write
|
||
18002B000
|
direct allocation
|
page readonly
|
||
672000
|
heap
|
page read and write
|
||
676000
|
heap
|
page read and write
|
||
244E4450000
|
heap
|
page read and write
|
||
180000
|
remote allocation
|
page read and write
|
||
634000
|
heap
|
page read and write
|
||
7FFA0AE98000
|
unkown
|
page readonly
|
||
190E8B79000
|
heap
|
page read and write
|
||
38B000
|
stack
|
page read and write
|
||
18002B000
|
direct allocation
|
page readonly
|
||
250000
|
heap
|
page read and write
|
||
B9A3EF9000
|
stack
|
page read and write
|
||
190000
|
heap
|
page read and write
|
||
B10000
|
remote allocation
|
page read and write
|
||
244E4420000
|
trusted library allocation
|
page read and write
|
||
18002C000
|
direct allocation
|
page read and write
|
||
6AB000
|
heap
|
page read and write
|
||
20CE000
|
stack
|
page read and write
|
||
420000
|
heap
|
page read and write
|
||
9E0000
|
heap
|
page read and write
|
||
340000
|
heap
|
page read and write
|
||
3AA61FF000
|
stack
|
page read and write
|
||
239F37F0000
|
heap
|
page read and write
|
||
995000
|
heap
|
page read and write
|
||
597E000
|
stack
|
page read and write
|
||
C79000
|
stack
|
page read and write
|
||
2D0000
|
heap
|
page read and write
|
||
239F3962000
|
heap
|
page read and write
|
||
7FFA0AEE7000
|
unkown
|
page readonly
|
||
C7D000
|
heap
|
page read and write
|
||
2C00000
|
heap
|
page read and write
|
||
C15000
|
heap
|
page read and write
|
||
3AA64FE000
|
stack
|
page read and write
|
||
239F38C0000
|
direct allocation
|
page execute and read and write
|
||
18002D000
|
direct allocation
|
page readonly
|
||
6734B4E000
|
stack
|
page read and write
|
||
239F392E000
|
heap
|
page read and write
|
||
239F5465000
|
heap
|
page read and write
|
||
679000
|
heap
|
page read and write
|
||
18002C000
|
direct allocation
|
page read and write
|
||
7FFA0AEDE000
|
unkown
|
page read and write
|
||
1F19000
|
heap
|
page read and write
|
||
7E8000
|
heap
|
page read and write
|
||
EB5000
|
heap
|
page read and write
|
||
2711000
|
heap
|
page read and write
|
||
3AA5DDC000
|
stack
|
page read and write
|
||
990000
|
heap
|
page read and write
|
||
7FFA0AE61000
|
unkown
|
page execute read
|
||
63F000
|
heap
|
page read and write
|
||
190EA740000
|
trusted library allocation
|
page read and write
|
||
61E000
|
heap
|
page read and write
|
||
239F529C000
|
heap
|
page read and write
|
||
239F3947000
|
heap
|
page read and write
|
||
CA1000
|
heap
|
page read and write
|
||
770000
|
heap
|
page read and write
|
||
8CD000
|
heap
|
page read and write
|
||
244E28F6000
|
heap
|
page read and write
|
||
190E8B8F000
|
heap
|
page read and write
|
||
27BB000
|
stack
|
page read and write
|
||
1F92000
|
heap
|
page read and write
|
||
63E000
|
heap
|
page read and write
|
||
244E28E6000
|
heap
|
page read and write
|
||
667000
|
heap
|
page read and write
|
||
5F0000
|
heap
|
page read and write
|
||
239F5370000
|
trusted library allocation
|
page read and write
|
||
2A8F000
|
stack
|
page read and write
|
||
244E2918000
|
heap
|
page read and write
|
||
63F000
|
heap
|
page read and write
|
||
239F529C000
|
heap
|
page read and write
|
||
244E28E5000
|
heap
|
page read and write
|
||
18002D000
|
direct allocation
|
page readonly
|
||
E9F000
|
heap
|
page read and write
|
||
1F61000
|
heap
|
page read and write
|
||
7FFA0AEE5000
|
unkown
|
page readonly
|
||
668000
|
heap
|
page read and write
|
||
673507B000
|
stack
|
page read and write
|
||
7FFA0AE98000
|
unkown
|
page readonly
|
||
658000
|
heap
|
page read and write
|
||
568E000
|
stack
|
page read and write
|
||
6C7000
|
heap
|
page read and write
|
||
7FFA0AEE7000
|
unkown
|
page readonly
|
||
800000
|
heap
|
page read and write
|
||
8A8000
|
heap
|
page read and write
|
||
5800000
|
trusted library allocation
|
page read and write
|
||
7FFA0AEDE000
|
unkown
|
page read and write
|
||
63B000
|
heap
|
page read and write
|
||
190E8E40000
|
direct allocation
|
page execute and read and write
|
||
500000
|
remote allocation
|
page read and write
|
||
7FFA0AE61000
|
unkown
|
page execute read
|
||
7FFA0AEE5000
|
unkown
|
page readonly
|
||
2731000
|
heap
|
page read and write
|
||
6734ACC000
|
stack
|
page read and write
|
||
8C4000
|
heap
|
page read and write
|
||
D50000
|
heap
|
page read and write
|
||
63F000
|
heap
|
page read and write
|
||
62B000
|
heap
|
page read and write
|
||
190E8EA0000
|
heap
|
page read and write
|
||
DD1000
|
heap
|
page read and write
|
||
244E2B70000
|
heap
|
page readonly
|
||
244E2BA5000
|
heap
|
page read and write
|
||
190E8BC9000
|
heap
|
page read and write
|
||
E40000
|
heap
|
page read and write
|
||
239F3927000
|
heap
|
page read and write
|
||
2040000
|
heap
|
page read and write
|
||
273F000
|
stack
|
page read and write
|
||
244E28EF000
|
heap
|
page read and write
|
||
190E8AD0000
|
heap
|
page read and write
|
||
668000
|
heap
|
page read and write
|
||
8D5000
|
heap
|
page read and write
|
||
18002B000
|
direct allocation
|
page readonly
|
||
699000
|
heap
|
page read and write
|
||
267E000
|
stack
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
8D6000
|
heap
|
page read and write
|
||
7FFA0AEE2000
|
unkown
|
page readonly
|
||
CA1000
|
heap
|
page read and write
|
||
190E8D40000
|
heap
|
page read and write
|
||
7FFA0AEDE000
|
unkown
|
page read and write
|
||
DAD000
|
heap
|
page read and write
|
||
EAD000
|
heap
|
page read and write
|
||
E20000
|
heap
|
page read and write
|
||
2310000
|
trusted library allocation
|
page read and write
|
||
DA9000
|
heap
|
page read and write
|
||
2000000
|
remote allocation
|
page read and write
|
||
E00000
|
heap
|
page read and write
|
||
7F5000
|
heap
|
page read and write
|
||
7FFA0AEE2000
|
unkown
|
page readonly
|
||
7FFA0AE60000
|
unkown
|
page readonly
|
||
8A0000
|
heap
|
page read and write
|
||
3F0000
|
heap
|
page read and write
|
||
B60000
|
heap
|
page read and write
|
||
63A000
|
heap
|
page read and write
|
||
65F000
|
heap
|
page read and write
|
||
7FFA0AE61000
|
unkown
|
page execute read
|
||
C74000
|
heap
|
page read and write
|
||
686000
|
heap
|
page read and write
|
||
2C50000
|
heap
|
page read and write
|
||
1F97000
|
heap
|
page read and write
|
||
1F92000
|
heap
|
page read and write
|
||
7F7000
|
heap
|
page read and write
|
||
676000
|
heap
|
page read and write
|
||
6734F7E000
|
stack
|
page read and write
|
||
4DA000
|
stack
|
page read and write
|
||
244E292A000
|
heap
|
page read and write
|
||
D88000
|
heap
|
page read and write
|
||
18002D000
|
direct allocation
|
page readonly
|
||
EAD000
|
heap
|
page read and write
|
||
1F40000
|
heap
|
page read and write
|
||
7FFA0AE98000
|
unkown
|
page readonly
|
||
65F000
|
heap
|
page read and write
|
||
244E28C0000
|
heap
|
page read and write
|
||
DA5000
|
heap
|
page read and write
|
||
A0000
|
heap
|
page read and write
|
||
3AA62FE000
|
stack
|
page read and write
|
||
EAD000
|
heap
|
page read and write
|
||
6DA000
|
heap
|
page read and write
|
||
1F88000
|
heap
|
page read and write
|
||
E88000
|
heap
|
page read and write
|
||
30B000
|
stack
|
page read and write
|
||
8CD000
|
heap
|
page read and write
|
||
3E0000
|
heap
|
page read and write
|
||
239F393E000
|
heap
|
page read and write
|
||
671000
|
heap
|
page read and write
|
||
190E8A60000
|
heap
|
page read and write
|
||
251C000
|
stack
|
page read and write
|
||
1B0000
|
heap
|
page read and write
|
||
C7D000
|
heap
|
page read and write
|
||
18002B000
|
direct allocation
|
page readonly
|
||
360000
|
heap
|
page read and write
|
||
6DE000
|
heap
|
page read and write
|
||
190E8AF0000
|
heap
|
page read and write
|
||
1FE0000
|
trusted library allocation
|
page read and write
|
||
7A1000
|
heap
|
page read and write
|
||
1020000
|
heap
|
page read and write
|
||
C7D000
|
heap
|
page read and write
|
||
244E29E0000
|
heap
|
page read and write
|
||
2840000
|
heap
|
page read and write
|
||
190E8BC9000
|
heap
|
page read and write
|
||
668000
|
heap
|
page read and write
|
||
5D0000
|
direct allocation
|
page execute and read and write
|
||
1FE0000
|
trusted library allocation
|
page read and write
|
||
D80000
|
heap
|
page read and write
|
||
21E0000
|
heap
|
page read and write
|
||
5FA000
|
heap
|
page read and write
|
||
C85000
|
heap
|
page read and write
|
||
8BF000
|
heap
|
page read and write
|
||
7FFA0AE61000
|
unkown
|
page execute read
|
||
1F88000
|
heap
|
page read and write
|
||
6C5000
|
heap
|
page read and write
|
||
18002B000
|
direct allocation
|
page readonly
|
||
1F0C000
|
heap
|
page read and write
|
||
1025000
|
heap
|
page read and write
|
||
259D000
|
stack
|
page read and write
|
||
500000
|
remote allocation
|
page read and write
|
||
C50000
|
heap
|
page read and write
|
||
190E8B8F000
|
heap
|
page read and write
|
||
668000
|
heap
|
page read and write
|
||
2200000
|
heap
|
page readonly
|
||
808000
|
heap
|
page read and write
|
||
7EE000
|
heap
|
page read and write
|
||
25D3000
|
heap
|
page read and write
|
||
2A0E000
|
stack
|
page read and write
|
||
7FFA0AEDE000
|
unkown
|
page read and write
|
||
15B000
|
stack
|
page read and write
|
||
8CD000
|
heap
|
page read and write
|
||
244E29C0000
|
heap
|
page read and write
|
||
E80000
|
heap
|
page read and write
|
||
640000
|
heap
|
page read and write
|
||
190E8E90000
|
trusted library allocation
|
page read and write
|
||
239F3913000
|
heap
|
page read and write
|
||
21E3000
|
heap
|
page read and write
|
||
8B0000
|
trusted library allocation
|
page read and write
|
||
230D000
|
stack
|
page read and write
|
||
96E000
|
stack
|
page read and write
|
||
190E8BC4000
|
heap
|
page read and write
|
||
1F92000
|
heap
|
page read and write
|
||
2780000
|
heap
|
page read and write
|
||
B9A3ACC000
|
stack
|
page read and write
|
||
B40000
|
heap
|
page read and write
|
||
1F97000
|
heap
|
page read and write
|
||
190E8EA5000
|
heap
|
page read and write
|
||
7FFA0AE98000
|
unkown
|
page readonly
|
||
239F3927000
|
heap
|
page read and write
|
||
A80000
|
remote allocation
|
page read and write
|
||
244E2A30000
|
heap
|
page read and write
|
||
5B70000
|
trusted library allocation
|
page read and write
|
||
6734FFF000
|
stack
|
page read and write
|
||
5E0000
|
heap
|
page readonly
|
||
2050000
|
heap
|
page read and write
|
||
2310000
|
trusted library allocation
|
page read and write
|
||
203E000
|
stack
|
page read and write
|
||
244E28EB000
|
heap
|
page read and write
|
||
A80000
|
remote allocation
|
page read and write
|
||
244E2918000
|
heap
|
page read and write
|
||
7FFA0AEE5000
|
unkown
|
page readonly
|
||
2843000
|
heap
|
page read and write
|
||
687000
|
heap
|
page read and write
|
||
239F3933000
|
heap
|
page read and write
|
||
190E8BDB000
|
heap
|
page read and write
|
||
1EE0000
|
heap
|
page read and write
|
||
5E0000
|
heap
|
page read and write
|
||
65F000
|
heap
|
page read and write
|
||
67C000
|
heap
|
page read and write
|
||
800000
|
direct allocation
|
page execute and read and write
|
||
190EA730000
|
heap
|
page read and write
|
||
DB5000
|
heap
|
page read and write
|
||
6C5000
|
heap
|
page read and write
|
||
2783000
|
heap
|
page read and write
|
||
750000
|
heap
|
page readonly
|
||
180000000
|
direct allocation
|
page read and write
|
||
DAD000
|
heap
|
page read and write
|
||
6734BCF000
|
stack
|
page read and write
|
||
662000
|
heap
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
239F392B000
|
heap
|
page read and write
|
||
66A000
|
heap
|
page read and write
|
||
18002B000
|
direct allocation
|
page readonly
|
||
DB5000
|
heap
|
page read and write
|
||
C85000
|
heap
|
page read and write
|
||
3C0000
|
heap
|
page read and write
|
||
B10000
|
remote allocation
|
page read and write
|
||
B9A3BCE000
|
stack
|
page read and write
|
||
E45000
|
heap
|
page read and write
|
||
6DF000
|
heap
|
page read and write
|
||
244E2B60000
|
direct allocation
|
page execute and read and write
|
||
7A0000
|
heap
|
page read and write
|
||
630000
|
heap
|
page read and write
|
||
668000
|
heap
|
page read and write
|
||
7FFA0AE60000
|
unkown
|
page readonly
|
||
7FFA0AE98000
|
unkown
|
page readonly
|
||
DB5000
|
heap
|
page read and write
|
||
B9A3F7E000
|
stack
|
page read and write
|
||
CA1000
|
heap
|
page read and write
|
||
8D5000
|
heap
|
page read and write
|
||
82B000
|
heap
|
page read and write
|
||
622000
|
heap
|
page read and write
|
||
239F3935000
|
heap
|
page read and write
|
||
C85000
|
heap
|
page read and write
|
||
22C0000
|
trusted library allocation
|
page read and write
|
||
6C5000
|
heap
|
page read and write
|
||
7FFA0AEE5000
|
unkown
|
page readonly
|
||
6734EF7000
|
stack
|
page read and write
|
||
6C5000
|
heap
|
page read and write
|
||
6C7000
|
heap
|
page read and write
|
||
7FFA0AE60000
|
unkown
|
page readonly
|
||
5AF0000
|
trusted library allocation
|
page read and write
|
||
7D7000
|
heap
|
page read and write
|
||
B45000
|
heap
|
page read and write
|
||
667000
|
heap
|
page read and write
|
||
6000000
|
heap
|
page read and write
|
||
190E8BA0000
|
heap
|
page read and write
|
||
7FFA0AEE2000
|
unkown
|
page readonly
|
||
970000
|
heap
|
page read and write
|
||
7FFA0AE60000
|
unkown
|
page readonly
|
||
600000
|
heap
|
page read and write
|
||
273E000
|
stack
|
page read and write
|
||
DAD000
|
heap
|
page read and write
|
||
6DA000
|
heap
|
page read and write
|
||
687000
|
heap
|
page read and write
|
||
261E000
|
stack
|
page read and write
|
||
778000
|
heap
|
page read and write
|
||
62F000
|
heap
|
page read and write
|
||
244E4420000
|
trusted library allocation
|
page read and write
|
||
239F3973000
|
heap
|
page read and write
|
||
7FFA0AEE7000
|
unkown
|
page readonly
|
||
3AA63F9000
|
stack
|
page read and write
|
||
81A000
|
heap
|
page read and write
|
||
180000
|
remote allocation
|
page read and write
|
||
63F000
|
heap
|
page read and write
|
||
20D0000
|
heap
|
page read and write
|
||
61E000
|
heap
|
page read and write
|
||
18002D000
|
direct allocation
|
page readonly
|
||
7E5000
|
heap
|
page read and write
|
||
808000
|
heap
|
page read and write
|
||
1F92000
|
heap
|
page read and write
|
||
239F38F0000
|
trusted library allocation
|
page read and write
|
||
74E000
|
stack
|
page read and write
|
||
239F3860000
|
heap
|
page read and write
|
||
65F000
|
heap
|
page read and write
|
||
DA0000
|
heap
|
page read and write
|
||
6DA000
|
heap
|
page read and write
|
||
7FFA0AEE7000
|
unkown
|
page readonly
|
||
21DE000
|
stack
|
page read and write
|
||
7D7000
|
heap
|
page read and write
|
||
EB6000
|
heap
|
page read and write
|
||
2289000
|
stack
|
page read and write
|
||
61E000
|
heap
|
page read and write
|
||
690000
|
heap
|
page read and write
|
||
62C000
|
heap
|
page read and write
|
||
27CE000
|
stack
|
page read and write
|
||
DBF000
|
heap
|
page read and write
|
||
256D000
|
stack
|
page read and write
|
||
C1C000
|
heap
|
page read and write
|
||
9D0000
|
remote allocation
|
page read and write
|
||
3E0000
|
direct allocation
|
page execute and read and write
|
||
667000
|
heap
|
page read and write
|
||
760000
|
trusted library allocation
|
page read and write
|
||
6C7000
|
heap
|
page read and write
|
||
EA4000
|
heap
|
page read and write
|
||
676000
|
heap
|
page read and write
|
||
7D7000
|
heap
|
page read and write
|
||
CA1000
|
heap
|
page read and write
|
||
239F5270000
|
heap
|
page read and write
|
||
658000
|
heap
|
page read and write
|
||
190E8B70000
|
heap
|
page read and write
|
||
18002C000
|
direct allocation
|
page read and write
|
||
279E000
|
stack
|
page read and write
|
||
B80000
|
heap
|
page read and write
|
||
6C7000
|
heap
|
page read and write
|
||
8D5000
|
heap
|
page read and write
|
||
22B7000
|
stack
|
page read and write
|
||
6C7000
|
heap
|
page read and write
|
||
AE9000
|
stack
|
page read and write
|
||
1FE0000
|
trusted library allocation
|
page read and write
|
||
20DD000
|
stack
|
page read and write
|
||
E4C000
|
heap
|
page read and write
|
||
2711000
|
heap
|
page read and write
|
||
667000
|
heap
|
page read and write
|
||
7D7000
|
heap
|
page read and write
|
||
18002D000
|
direct allocation
|
page readonly
|
||
65F000
|
heap
|
page read and write
|
||
2720000
|
heap
|
page read and write
|
||
7FFA0AEE2000
|
unkown
|
page readonly
|
||
7FFA0AEE7000
|
unkown
|
page readonly
|
||
7FFA0AE61000
|
unkown
|
page execute read
|
||
2140000
|
heap
|
page read and write
|
||
6E5000
|
heap
|
page read and write
|
||
A7A000
|
stack
|
page read and write
|
||
239F5970000
|
heap
|
page read and write
|
||
6DF000
|
heap
|
page read and write
|
||
62F000
|
heap
|
page read and write
|
||
C86000
|
heap
|
page read and write
|
||
6D5000
|
heap
|
page read and write
|
||
7FFA0AEDE000
|
unkown
|
page read and write
|
||
65F000
|
heap
|
page read and write
|
||
6734E7C000
|
stack
|
page read and write
|
||
6C7000
|
heap
|
page read and write
|
||
2000000
|
remote allocation
|
page read and write
|
||
9D0000
|
remote allocation
|
page read and write
|
||
67D000
|
heap
|
page read and write
|
||
7F7000
|
heap
|
page read and write
|
||
7FFA0AEE5000
|
unkown
|
page readonly
|
||
18002C000
|
direct allocation
|
page read and write
|
||
DBB000
|
heap
|
page read and write
|
||
239F3900000
|
heap
|
page read and write
|
||
18002C000
|
direct allocation
|
page read and write
|
||
C20000
|
heap
|
page read and write
|
||
244E2A5C000
|
heap
|
page read and write
|
||
190E8D6C000
|
heap
|
page read and write
|
||
25D0000
|
heap
|
page read and write
|
||
27D0000
|
heap
|
page read and write
|
||
63B000
|
heap
|
page read and write
|
||
B4C000
|
heap
|
page read and write
|
||
60B000
|
heap
|
page read and write
|
||
6C5000
|
heap
|
page read and write
|
||
DB5000
|
heap
|
page read and write
|
||
7FFA0AEDE000
|
unkown
|
page read and write
|
||
244E28C7000
|
heap
|
page read and write
|
||
215B000
|
stack
|
page read and write
|
||
281E000
|
stack
|
page read and write
|
||
190E8B8F000
|
heap
|
page read and write
|
||
6DA000
|
heap
|
page read and write
|
||
667000
|
heap
|
page read and write
|
||
C58000
|
heap
|
page read and write
|
||
7FFA0AEE2000
|
unkown
|
page readonly
|
||
239F3962000
|
heap
|
page read and write
|
||
680000
|
heap
|
page read and write
|
||
C10000
|
heap
|
page read and write
|
||
8C0000
|
heap
|
page read and write
|
||
645000
|
heap
|
page read and write
|
||
DAD000
|
heap
|
page read and write
|
||
244E28DE000
|
heap
|
page read and write
|
||
26A0000
|
heap
|
page read and write
|
||
62F000
|
heap
|
page read and write
|
||
67C000
|
heap
|
page read and write
|
||
5A80000
|
heap
|
page read and write
|
||
102C000
|
heap
|
page read and write
|
||
7B9000
|
heap
|
page read and write
|
||
7FFA0AE61000
|
unkown
|
page execute read
|
||
667000
|
heap
|
page read and write
|
||
63A000
|
heap
|
page read and write
|
||
668000
|
heap
|
page read and write
|
||
244E28DE000
|
heap
|
page read and write
|
||
7C7000
|
heap
|
page read and write
|
There are 487 hidden memdumps, click here to show them.