Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
PO No. 3200005919.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
||
C:\Users\user\AppData\Local\Temp\382858288932396262502121.tmp
|
SQLite 3.x database, last written using SQLite version 3036000, page size 2048, file counter 3, database pages 22, 1st free
page 7, free pages 2, cookie 0x10, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-console-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-datetime-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-debug-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-errorhandling-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-file-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-file-l1-2-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-file-l2-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-handle-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-heap-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-interlocked-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-libraryloader-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-localization-l1-2-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-memory-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-namedpipe-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-processenvironment-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-processthreads-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-processthreads-l1-1-1.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-profile-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-rtlsupport-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-string-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-synch-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-synch-l1-2-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-sysinfo-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-timezone-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-core-util-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-conio-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-convert-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-environment-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-filesystem-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-heap-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-locale-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-math-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-multibyte-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-private-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-process-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-runtime-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-stdio-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-string-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-time-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\api-ms-win-crt-utility-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\freebl3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\mozglue.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\msvcp140.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\nss3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\nssdbm3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\softokn3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\ucrtbase.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\94EA6FBC\vcruntime140.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\nsh409.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
modified
|
||
C:\Users\user\Overfurnished\Tuberculisation\Woodwose\Afskede\Hitherunto\Sale\Swedish.ini
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\Overfurnished\Tuberculisation\Woodwose\Airward.Sav
|
Java JCE KeyStore
|
dropped
|
||
C:\Users\user\Overfurnished\Tuberculisation\Woodwose\Circularizations126\Iltningernes\Mellivorous\Oncosis.syl
|
data
|
dropped
|
||
C:\Users\user\Overfurnished\Tuberculisation\Woodwose\Circularizations126\Iltningernes\Mellivorous\WMIMethod.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\Overfurnished\Tuberculisation\Woodwose\Circularizations126\Iltningernes\Mellivorous\qipcap.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Windows\leprousness.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, ctime=Sun Dec 31 23:25:52 1600, mtime=Sun
Dec 31 23:25:52 1600, atime=Sun Dec 31 23:25:52 1600, length=0, window=hide
|
dropped
|
There are 47 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\PO No. 3200005919.exe
|
C:\Users\user\Desktop\PO No. 3200005919.exe
|
||
C:\Users\user\Desktop\PO No. 3200005919.exe
|
C:\Users\user\Desktop\PO No. 3200005919.exe
|
||
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe" /c C:\Windows\system32\timeout.exe 3 & del "PO No. 3200005919.exe
|
||
C:\Windows\SysWOW64\timeout.exe
|
C:\Windows\system32\timeout.exe 3
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://dbxo2.shop/dbx2/index.php
|
104.21.2.6
|
||
http://montevivo.es/lPkFJXszrxOMoP0.hhp
|
86.109.170.4
|
||
http://www.mozilla.com/en-US/blocklist/
|
unknown
|
||
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
||
http://dbxo2.shop/dbx2/index.php?
|
unknown
|
||
https://mozilla.org0
|
unknown
|
||
http://ocsp.thawte.com0
|
unknown
|
||
http://www.mozilla.com0
|
unknown
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
dbxo2.shop
|
104.21.2.6
|
||
montevivo.es
|
86.109.170.4
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
104.21.2.6
|
dbxo2.shop
|
United States
|
||
86.109.170.4
|
montevivo.es
|
Spain
|
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
|
{BD84B380-8CA2-1069-AB1D-08000948F534} {000214E6-0000-0000-C000-000000000046} 0xFFFF
|
||
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\b\52C64B7E
|
@fontext.dll,-8007
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
1D8D0000
|
direct allocation
|
page read and write
|
||
1D92C000
|
direct allocation
|
page read and write
|
||
1D3C0000
|
direct allocation
|
page read and write
|
||
1DE20000
|
direct allocation
|
page read and write
|
||
4120000
|
direct allocation
|
page execute and read and write
|
||
1660000
|
remote allocation
|
page execute and read and write
|
||
1DCC8000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1CFAF000
|
stack
|
page read and write
|
||
8FC000
|
unkown
|
page write copy
|
||
1924000
|
heap
|
page read and write
|
||
1DCC0000
|
direct allocation
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
1A3E000
|
stack
|
page read and write
|
||
1E604000
|
direct allocation
|
page read and write
|
||
181C000
|
heap
|
page read and write
|
||
1D470000
|
direct allocation
|
page read and write
|
||
10020000
|
trusted library allocation
|
page read and write
|
||
1E670000
|
direct allocation
|
page read and write
|
||
1D420000
|
direct allocation
|
page read and write
|
||
3D10000
|
heap
|
page read and write
|
||
1DB7C000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1A40000
|
trusted library allocation
|
page read and write
|
||
1DCBC000
|
direct allocation
|
page read and write
|
||
1D3D0000
|
direct allocation
|
page read and write
|
||
1DCBC000
|
direct allocation
|
page read and write
|
||
1B71000
|
heap
|
page read and write
|
||
20000
|
unclassified section
|
page readonly
|
||
1924000
|
heap
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1E63C000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1E634000
|
direct allocation
|
page read and write
|
||
1E61C000
|
direct allocation
|
page read and write
|
||
1E812000
|
direct allocation
|
page read and write
|
||
3301000
|
trusted library allocation
|
page read and write
|
||
850000
|
unclassified section
|
page readonly
|
||
400000
|
unkown
|
page readonly
|
||
1924000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
1924000
|
heap
|
page read and write
|
||
1CF6E000
|
stack
|
page read and write
|
||
1DCB0000
|
direct allocation
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1803000
|
heap
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1D460000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
3300000
|
trusted library allocation
|
page read and write
|
||
1DCB4000
|
direct allocation
|
page read and write
|
||
1D400000
|
direct allocation
|
page read and write
|
||
2540000
|
heap
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1D9A8000
|
direct allocation
|
page read and write
|
||
299D000
|
stack
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
1D400000
|
direct allocation
|
page read and write
|
||
40A000
|
unkown
|
page write copy
|
||
23BC000
|
heap
|
page read and write
|
||
1D470000
|
direct allocation
|
page read and write
|
||
1E610000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
3301000
|
trusted library allocation
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1DCBC000
|
direct allocation
|
page read and write
|
||
1E800000
|
direct allocation
|
page read and write
|
||
1D440000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1D920000
|
direct allocation
|
page read and write
|
||
2384000
|
heap
|
page read and write
|
||
1D3E0000
|
direct allocation
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1D3E0000
|
direct allocation
|
page read and write
|
||
1D3E0000
|
direct allocation
|
page read and write
|
||
1D0000
|
unclassified section
|
page readonly
|
||
1E6C0000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1DCBC000
|
direct allocation
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1DCB8000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
96000
|
stack
|
page read and write
|
||
1D490000
|
direct allocation
|
page read and write
|
||
40A000
|
unkown
|
page write copy
|
||
1925000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1D1FE000
|
stack
|
page read and write
|
||
408000
|
unkown
|
page readonly
|
||
1E6B0000
|
direct allocation
|
page read and write
|
||
1C76000
|
heap
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
3910000
|
heap
|
page read and write
|
||
1D0AB000
|
stack
|
page read and write
|
||
1E6B4000
|
direct allocation
|
page read and write
|
||
23BC000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1AFF000
|
stack
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1D450000
|
direct allocation
|
page read and write
|
||
1D490000
|
direct allocation
|
page read and write
|
||
30000
|
heap
|
page read and write
|
||
1DCC0000
|
direct allocation
|
page read and write
|
||
1DCBC000
|
direct allocation
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1E644000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1DCB4000
|
direct allocation
|
page read and write
|
||
432000
|
unkown
|
page read and write
|
||
1DCB4000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1E638000
|
direct allocation
|
page read and write
|
||
3301000
|
trusted library allocation
|
page read and write
|
||
4E4000
|
heap
|
page read and write
|
||
1DCB4000
|
direct allocation
|
page read and write
|
||
1D3C4000
|
direct allocation
|
page read and write
|
||
198000
|
stack
|
page read and write
|
||
1DCB0000
|
direct allocation
|
page read and write
|
||
1796000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1C0000
|
remote allocation
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
408000
|
unkown
|
page readonly
|
||
1E620000
|
direct allocation
|
page read and write
|
||
1D420000
|
direct allocation
|
page read and write
|
||
5FE000
|
stack
|
page read and write
|
||
1803000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1E664000
|
direct allocation
|
page read and write
|
||
4E4000
|
heap
|
page read and write
|
||
3830000
|
heap
|
page read and write
|
||
3540000
|
trusted library allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1DCB4000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1DD5C000
|
direct allocation
|
page read and write
|
||
1D924000
|
direct allocation
|
page read and write
|
||
1E5F8000
|
direct allocation
|
page read and write
|
||
1D3F0000
|
direct allocation
|
page read and write
|
||
1E6C0000
|
direct allocation
|
page read and write
|
||
3B10000
|
heap
|
page read and write
|
||
3200000
|
trusted library allocation
|
page read and write
|
||
1D918000
|
direct allocation
|
page read and write
|
||
1DCBC000
|
direct allocation
|
page read and write
|
||
1DCB8000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1E6FC000
|
stack
|
page read and write
|
||
1DCBC000
|
direct allocation
|
page read and write
|
||
1E270000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1D400000
|
direct allocation
|
page read and write
|
||
1DCC0000
|
direct allocation
|
page read and write
|
||
1768000
|
heap
|
page read and write
|
||
408000
|
unkown
|
page readonly
|
||
1D3E0000
|
direct allocation
|
page read and write
|
||
1D3C4000
|
direct allocation
|
page read and write
|
||
4590000
|
heap
|
page read and write
|
||
1C0000
|
remote allocation
|
page read and write
|
||
4E4000
|
heap
|
page read and write
|
||
1DCB4000
|
direct allocation
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1DC98000
|
direct allocation
|
page read and write
|
||
1844000
|
heap
|
page read and write
|
||
620000
|
heap
|
page read and write
|
||
1D460000
|
direct allocation
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1DCB8000
|
direct allocation
|
page read and write
|
||
29DF000
|
stack
|
page read and write
|
||
1DCB8000
|
direct allocation
|
page read and write
|
||
1DCB8000
|
direct allocation
|
page read and write
|
||
4E0000
|
heap
|
page read and write
|
||
1DCC4000
|
direct allocation
|
page read and write
|
||
1C0000
|
remote allocation
|
page read and write
|
||
1D440000
|
direct allocation
|
page read and write
|
||
1D3D0000
|
direct allocation
|
page read and write
|
||
23B9000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
83C000
|
stack
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
1E658000
|
direct allocation
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1D6D0000
|
direct allocation
|
page read and write
|
||
1DCB8000
|
direct allocation
|
page read and write
|
||
1D430000
|
direct allocation
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1C0000
|
remote allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1DE20000
|
direct allocation
|
page read and write
|
||
17CA000
|
heap
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
17BE000
|
heap
|
page read and write
|
||
1D410000
|
direct allocation
|
page read and write
|
||
1DCC0000
|
direct allocation
|
page read and write
|
||
1D430000
|
direct allocation
|
page read and write
|
||
1D3D0000
|
direct allocation
|
page read and write
|
||
1DCB8000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
23B9000
|
heap
|
page read and write
|
||
1DCC0000
|
direct allocation
|
page read and write
|
||
1E614000
|
direct allocation
|
page read and write
|
||
1DCC0000
|
direct allocation
|
page read and write
|
||
1E600000
|
direct allocation
|
page read and write
|
||
1CB70000
|
trusted library allocation
|
page read and write
|
||
4E4000
|
heap
|
page read and write
|
||
1D7D0000
|
direct allocation
|
page read and write
|
||
408000
|
unkown
|
page readonly
|
||
1D28C000
|
stack
|
page read and write
|
||
1D460000
|
direct allocation
|
page read and write
|
||
5DC000
|
stack
|
page read and write
|
||
18DF000
|
stack
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
237F000
|
stack
|
page read and write
|
||
1E69C000
|
direct allocation
|
page read and write
|
||
460000
|
unkown
|
page readonly
|
||
2A6E000
|
stack
|
page read and write
|
||
1E67C000
|
direct allocation
|
page read and write
|
||
1DCB8000
|
direct allocation
|
page read and write
|
||
1D3C8000
|
direct allocation
|
page read and write
|
||
4E4000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1D440000
|
direct allocation
|
page read and write
|
||
1D3E0000
|
direct allocation
|
page read and write
|
||
1D918000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
40A000
|
unkown
|
page read and write
|
||
1E80E000
|
direct allocation
|
page read and write
|
||
1C70000
|
heap
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1DCB4000
|
direct allocation
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1D3C4000
|
direct allocation
|
page read and write
|
||
3860000
|
heap
|
page read and write
|
||
1E64C000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
91F000
|
stack
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1794000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1D12E000
|
stack
|
page read and write
|
||
191E000
|
stack
|
page read and write
|
||
1DCB4000
|
direct allocation
|
page read and write
|
||
1E5FC000
|
direct allocation
|
page read and write
|
||
1D928000
|
direct allocation
|
page read and write
|
||
23BC000
|
heap
|
page read and write
|
||
1D930000
|
direct allocation
|
page read and write
|
||
1DCB8000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
99E000
|
stack
|
page read and write
|
||
17A9000
|
heap
|
page read and write
|
||
1E630000
|
direct allocation
|
page read and write
|
||
627000
|
heap
|
page read and write
|
||
4E4000
|
heap
|
page read and write
|
||
1B71000
|
heap
|
page read and write
|
||
17FE000
|
heap
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1D980000
|
direct allocation
|
page read and write
|
||
1DCC0000
|
direct allocation
|
page read and write
|
||
1D410000
|
direct allocation
|
page read and write
|
||
1DCB4000
|
direct allocation
|
page read and write
|
||
1D430000
|
direct allocation
|
page read and write
|
||
1DCB0000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
2C17000
|
heap
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
3301000
|
trusted library allocation
|
page read and write
|
||
1B70000
|
heap
|
page read and write
|
||
17E1000
|
heap
|
page read and write
|
||
1DCB0000
|
direct allocation
|
page read and write
|
||
1E6BC000
|
direct allocation
|
page read and write
|
||
1E6BC000
|
direct allocation
|
page read and write
|
||
1E640000
|
direct allocation
|
page read and write
|
||
34F0000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
2A70000
|
trusted library allocation
|
page read and write
|
||
1DCBC000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
23B5000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1CFEE000
|
stack
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
664000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1DCC8000
|
direct allocation
|
page read and write
|
||
17D8000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1D4A0000
|
direct allocation
|
page read and write
|
||
1E688000
|
direct allocation
|
page read and write
|
||
1D460000
|
direct allocation
|
page read and write
|
||
1D3F0000
|
direct allocation
|
page read and write
|
||
1DCB4000
|
direct allocation
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
4230000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1D410000
|
direct allocation
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1D450000
|
direct allocation
|
page read and write
|
||
1DCB8000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1D3D0000
|
direct allocation
|
page read and write
|
||
3470000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
10000000
|
unkown
|
page readonly
|
||
1D3C4000
|
direct allocation
|
page read and write
|
||
1D4A0000
|
direct allocation
|
page read and write
|
||
460000
|
unkown
|
page readonly
|
||
408000
|
unkown
|
page readonly
|
||
1DCB4000
|
direct allocation
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
560000
|
unclassified section
|
page readonly
|
||
1D440000
|
direct allocation
|
page read and write
|
||
1DCB8000
|
direct allocation
|
page read and write
|
||
1DCBC000
|
direct allocation
|
page read and write
|
||
130000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1DCB4000
|
direct allocation
|
page read and write
|
||
30000
|
heap
|
page read and write
|
||
1E648000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
227E000
|
stack
|
page read and write
|
||
1C0000
|
remote allocation
|
page read and write
|
||
1760000
|
heap
|
page read and write
|
||
3D20000
|
trusted library allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1D450000
|
direct allocation
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1D3D0000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1DCB0000
|
direct allocation
|
page read and write
|
||
1D470000
|
direct allocation
|
page read and write
|
||
1DCBC000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1DCB4000
|
direct allocation
|
page read and write
|
||
1DCE8000
|
direct allocation
|
page read and write
|
||
40A000
|
unkown
|
page write copy
|
||
1924000
|
heap
|
page read and write
|
||
1B80000
|
heap
|
page read and write
|
||
3469000
|
trusted library allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
3740000
|
heap
|
page read and write
|
||
40A000
|
unkown
|
page write copy
|
||
408000
|
unkown
|
page readonly
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
570000
|
heap
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1D3C8000
|
direct allocation
|
page read and write
|
||
1DCB8000
|
direct allocation
|
page read and write
|
||
1DD58000
|
direct allocation
|
page read and write
|
||
1D450000
|
direct allocation
|
page read and write
|
||
3556000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
10001000
|
unkown
|
page execute read
|
||
1DCB0000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1E5F0000
|
direct allocation
|
page read and write
|
||
1D480000
|
direct allocation
|
page read and write
|
||
4231000
|
heap
|
page read and write
|
||
1D3D0000
|
direct allocation
|
page read and write
|
||
A9E000
|
stack
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
31C0000
|
trusted library allocation
|
page read and write
|
||
435000
|
unkown
|
page read and write
|
||
10005000
|
unkown
|
page readonly
|
||
1DA10000
|
direct allocation
|
page read and write
|
||
1D420000
|
direct allocation
|
page read and write
|
||
1DCB4000
|
direct allocation
|
page read and write
|
||
1E698000
|
direct allocation
|
page read and write
|
||
3670000
|
heap
|
page read and write
|
||
23B0000
|
heap
|
page read and write
|
||
17D4000
|
heap
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
3550000
|
heap
|
page read and write
|
||
920000
|
trusted library allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1D9D0000
|
direct allocation
|
page read and write
|
||
1E674000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
460000
|
unkown
|
page readonly
|
||
427000
|
unkown
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1D16F000
|
stack
|
page read and write
|
||
6BB000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
1D0000
|
unclassified section
|
page readonly
|
||
1D470000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1DCC0000
|
direct allocation
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1B71000
|
heap
|
page read and write
|
||
23BC000
|
heap
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1D480000
|
direct allocation
|
page read and write
|
||
1B71000
|
heap
|
page read and write
|
||
40A000
|
unkown
|
page write copy
|
||
1D3E8000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
23B8000
|
heap
|
page read and write
|
||
1D4D0000
|
direct allocation
|
page read and write
|
||
1DCB0000
|
direct allocation
|
page read and write
|
||
23FE000
|
stack
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1DCB0000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
4BE000
|
stack
|
page read and write
|
||
1D3C4000
|
direct allocation
|
page read and write
|
||
1D06E000
|
stack
|
page read and write
|
||
17E5000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1E5F4000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1D3E0000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
1D430000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1D410000
|
direct allocation
|
page read and write
|
||
E0000
|
trusted library allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1D37C000
|
stack
|
page read and write
|
||
1D480000
|
direct allocation
|
page read and write
|
||
1DCC0000
|
direct allocation
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1DCB8000
|
direct allocation
|
page read and write
|
||
1E65C000
|
direct allocation
|
page read and write
|
||
1D4A0000
|
direct allocation
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
23B9000
|
heap
|
page read and write
|
||
1D9D0000
|
direct allocation
|
page read and write
|
||
1DCB8000
|
direct allocation
|
page read and write
|
||
1D490000
|
direct allocation
|
page read and write
|
||
1B71000
|
heap
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
4231000
|
heap
|
page read and write
|
||
3680000
|
heap
|
page read and write
|
||
1DCB4000
|
direct allocation
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
2A20000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1D1BE000
|
stack
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
2A1E000
|
stack
|
page read and write
|
||
1E1A4000
|
direct allocation
|
page read and write
|
||
1DCB8000
|
direct allocation
|
page read and write
|
||
1DCB0000
|
direct allocation
|
page read and write
|
||
460000
|
unkown
|
page readonly
|
||
1D5D0000
|
direct allocation
|
page read and write
|
||
17FA000
|
heap
|
page read and write
|
||
3B20000
|
trusted library allocation
|
page read and write
|
||
1D3F0000
|
direct allocation
|
page read and write
|
||
1D3C4000
|
direct allocation
|
page read and write
|
||
1D918000
|
direct allocation
|
page read and write
|
||
1E624000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1D400000
|
direct allocation
|
page read and write
|
||
17FF000
|
heap
|
page read and write
|
||
1DCB8000
|
direct allocation
|
page read and write
|
||
1B71000
|
heap
|
page read and write
|
||
81F000
|
stack
|
page read and write
|
||
1D420000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
3730000
|
heap
|
page read and write
|
||
3430000
|
heap
|
page read and write
|
||
1DCB0000
|
direct allocation
|
page read and write
|
||
1D3F0000
|
direct allocation
|
page read and write
|
||
60000
|
direct allocation
|
page read and write
|
||
1DCB0000
|
direct allocation
|
page read and write
|
||
1DCE4000
|
direct allocation
|
page read and write
|
||
1B71000
|
heap
|
page read and write
|
||
1E9A0000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1DCB0000
|
direct allocation
|
page read and write
|
||
24FF000
|
stack
|
page read and write
|
||
4E4000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1E68C000
|
direct allocation
|
page read and write
|
||
17FC000
|
heap
|
page read and write
|
||
1D38B000
|
stack
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1E700000
|
direct allocation
|
page read and write
|
||
3240000
|
trusted library allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1E654000
|
direct allocation
|
page read and write
|
||
80000
|
trusted library allocation
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
45E000
|
unkown
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1DCB4000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1DCB0000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1DCB8000
|
direct allocation
|
page read and write
|
||
1C0000
|
remote allocation
|
page read and write
|
||
1DCC8000
|
direct allocation
|
page read and write
|
||
1DCC4000
|
direct allocation
|
page read and write
|
||
23BC000
|
heap
|
page read and write
|
||
1E618000
|
direct allocation
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
1D3C4000
|
direct allocation
|
page read and write
|
||
35E0000
|
heap
|
page read and write
|
||
1D480000
|
direct allocation
|
page read and write
|
||
1CBB0000
|
trusted library allocation
|
page read and write
|
||
3440000
|
heap
|
page read and write
|
||
3590000
|
trusted library allocation
|
page read and write
|
||
460000
|
unkown
|
page readonly
|
||
1660000
|
remote allocation
|
page execute and read and write
|
||
1925000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1EB0D000
|
stack
|
page read and write
|
||
1DCBC000
|
direct allocation
|
page read and write
|
||
189E000
|
stack
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1DCB4000
|
direct allocation
|
page read and write
|
||
10059000
|
trusted library allocation
|
page read and write
|
||
3301000
|
trusted library allocation
|
page read and write
|
||
1D91C000
|
direct allocation
|
page read and write
|
||
2380000
|
heap
|
page read and write
|
||
1D3C4000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
460000
|
unkown
|
page readonly
|
||
10003000
|
unkown
|
page readonly
|
||
1D3F0000
|
direct allocation
|
page read and write
|
||
2AEE000
|
stack
|
page read and write
|
||
1801000
|
heap
|
page read and write
|
||
1DCB0000
|
direct allocation
|
page read and write
|
||
23B9000
|
heap
|
page read and write
|
||
34A0000
|
heap
|
page read and write
|
||
60000
|
direct allocation
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1D3C4000
|
direct allocation
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1D02F000
|
stack
|
page read and write
|
||
1D92C000
|
direct allocation
|
page read and write
|
||
1D3F0000
|
direct allocation
|
page read and write
|
||
1DCB8000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
20000
|
unclassified section
|
page readonly
|
||
4E4000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1ABE000
|
stack
|
page read and write
|
||
1E5E8000
|
direct allocation
|
page read and write
|
||
65B000
|
heap
|
page read and write
|
||
1DCB4000
|
direct allocation
|
page read and write
|
||
2C10000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1E678000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1920000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
1924000
|
heap
|
page read and write
|
||
1D410000
|
direct allocation
|
page read and write
|
||
1D3C4000
|
direct allocation
|
page read and write
|
||
1E660000
|
direct allocation
|
page read and write
|
||
1D3C4000
|
direct allocation
|
page read and write
|
||
1DB58000
|
direct allocation
|
page read and write
|
||
289B000
|
trusted library allocation
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
6DF000
|
heap
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1DB40000
|
direct allocation
|
page read and write
|
||
1D3D0000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
||
1DCB4000
|
direct allocation
|
page read and write
|
||
1924000
|
heap
|
page read and write
|
||
2B2F000
|
stack
|
page read and write
|
||
1925000
|
heap
|
page read and write
|
There are 627 hidden memdumps, click here to show them.