Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
marzo.txt.url
|
MS Windows 95 Internet shortcut text (URL=<file://46.8.19.120/Agenzia/server.exe>), ASCII text, with CRLF line terminators
|
initial sample
|
||
C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_13929_20386-20230315T1230440507-6104.etl
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Outlook\NoEmail.xml
|
XML 1.0 document, ASCII text, with very long lines (424), with CRLF line terminators
|
modified
|
||
C:\Users\user\Documents\Outlook Files\Outlook Data File - NoEmail.pst
|
data
|
dropped
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
\Device\Mup\46.8.19.120\Agenzia\server.exe
|
"\\46.8.19.120\Agenzia\server.exe"
|
||
\Device\Mup\46.8.19.120\Agenzia\server.exe
|
"\\46.8.19.120\Agenzia\server.exe"
|
||
C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
|
"C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE" /PIM NoEmail
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://5.44.43.17/
|
unknown
|
||
http://5.44.43.17/drew/ZSasVN0fLMcptc05TEVCa/mWgPW7Eo_2Fhz8Y6/Fz7ovUnPPN6ieZv/4FY_2FkRwgHKarRxmu/cK8
|
unknown
|
||
http://5.44.43.17/~
|
unknown
|
||
http://5.44.43.17/b2c5-fe065076e0a1
|
unknown
|
||
http://checklist.skype.com/drew/XaKJ910OZ6OkzOiEp1j_2/BGdUIBHp_2FM8Z2X/fEGunvRWGFrRGJ9/FM827N5CFAo37
|
unknown
|
||
http://checklist.skype.com/drew/p8a6EJ5vt4U/NrIUl_2BZrXy6_/2BoMtuVkg7FYSQnXs7vFZ/T_2BtMhNb_2F_2Bq/Vr
|
unknown
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
checklist.skype.com
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
5.44.43.17
|
unknown
|
Russian Federation
|
||
192.229.221.95
|
unknown
|
United States
|
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_CURRENT_USER\Software\Microsoft\Office\Outlook\Settings\Data
|
global_Accessibility_ReminderType
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\9207f3e0a3b11019908b08002b2a56c2
|
11023d05
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{AA8FA310-0939-4CE3-B9BB-AE05B2695110}
|
5
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{AA8FA310-0939-4CE3-B9BB-AE05B2695110}
|
Categories
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{691E1C12-2693-4D4A-852C-7478657BBE6E}
|
255
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{691E1C12-2693-4D4A-852C-7478657BBE6E}
|
Categories
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{287BF315-5A11-4B2F-B069-B761ADE25A49}
|
4
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{287BF315-5A11-4B2F-B069-B761ADE25A49}
|
Categories
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{6B6B571B-F4E3-4FBB-A83F-0790D11D19AB}
|
255
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{6B6B571B-F4E3-4FBB-A83F-0790D11D19AB}
|
Categories
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{284B8D30-4AA6-4A0F-9143-CE2E8E1F10F0}
|
255
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{284B8D30-4AA6-4A0F-9143-CE2E8E1F10F0}
|
Categories
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{F762CE39-AC6C-4E1C-B55F-0E11586E6D07}
|
5
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{F762CE39-AC6C-4E1C-B55F-0E11586E6D07}
|
Categories
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{02CAC15F-D4BE-400E-9127-D54982AA4AE9}
|
5
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{02CAC15F-D4BE-400E-9127-D54982AA4AE9}
|
Categories
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{11ADBD74-7DF2-4E8E-802B-B3BCBFD04A78}
|
5
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{11ADBD74-7DF2-4E8E-802B-B3BCBFD04A78}
|
Categories
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{02FD33DF-F746-4A10-93A0-2BC6273BC8E4}
|
4
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{02FD33DF-F746-4A10-93A0-2BC6273BC8E4}
|
Categories
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{13967EE5-6B23-4BCD-A496-1D788449A8CF}
|
4
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{13967EE5-6B23-4BCD-A496-1D788449A8CF}
|
Categories
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ULSMonitor
|
ULSTagIds0
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ULSMonitor
|
ULSCategoriesSeverities
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{AA8FA310-0939-4CE3-B9BB-AE05B2695110}
|
5
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{AA8FA310-0939-4CE3-B9BB-AE05B2695110}
|
Categories
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{691E1C12-2693-4D4A-852C-7478657BBE6E}
|
255
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{691E1C12-2693-4D4A-852C-7478657BBE6E}
|
Categories
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{287BF315-5A11-4B2F-B069-B761ADE25A49}
|
4
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{287BF315-5A11-4B2F-B069-B761ADE25A49}
|
Categories
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{6B6B571B-F4E3-4FBB-A83F-0790D11D19AB}
|
255
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{6B6B571B-F4E3-4FBB-A83F-0790D11D19AB}
|
Categories
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{284B8D30-4AA6-4A0F-9143-CE2E8E1F10F0}
|
255
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{284B8D30-4AA6-4A0F-9143-CE2E8E1F10F0}
|
Categories
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{F762CE39-AC6C-4E1C-B55F-0E11586E6D07}
|
5
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{F762CE39-AC6C-4E1C-B55F-0E11586E6D07}
|
Categories
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{02CAC15F-D4BE-400E-9127-D54982AA4AE9}
|
5
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{02CAC15F-D4BE-400E-9127-D54982AA4AE9}
|
Categories
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{11ADBD74-7DF2-4E8E-802B-B3BCBFD04A78}
|
5
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{11ADBD74-7DF2-4E8E-802B-B3BCBFD04A78}
|
Categories
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{02FD33DF-F746-4A10-93A0-2BC6273BC8E4}
|
4
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{02FD33DF-F746-4A10-93A0-2BC6273BC8E4}
|
Categories
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{13967EE5-6B23-4BCD-A496-1D788449A8CF}
|
4
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ETWMonitor\{13967EE5-6B23-4BCD-A496-1D788449A8CF}
|
Categories
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ULSMonitor
|
ULSTagIds0
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe\ULSMonitor
|
ULSCategoriesSeverities
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\0a0d020000000000c000000000000046
|
000b046b
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Office Explorer
|
Frame
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\0a0d020000000000c000000000000046
|
1102039b
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\0a0d020000000000c000000000000046
|
000b0415
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Toolbars\Settings
|
Microsoft Outlook
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\GracefulExit\OUTLOOK\6104
|
0
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook
|
PreviousSessionData
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\Outlook\Settings
|
Accounts
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\Outlook\Settings\Data
|
global_AccountsNeedResyncing
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Search\Catalog
|
C:\Users\user\Documents\Outlook Files\Outlook Data File - NoEmail.pst
|
There are 46 hidden registries, click here to show them.
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
5588000
|
heap
|
page read and write
|
||
5458000
|
heap
|
page read and write
|
||
5588000
|
heap
|
page read and write
|
||
6E9B4FE000
|
stack
|
page read and write
|
||
48E0000
|
heap
|
page read and write
|
||
4A80000
|
heap
|
page read and write
|
||
2344B24B000
|
heap
|
page read and write
|
||
2344B262000
|
heap
|
page read and write
|
||
2344B26F000
|
heap
|
page read and write
|
||
2AE9000
|
unkown
|
page readonly
|
||
2344B259000
|
heap
|
page read and write
|
||
2344B283000
|
heap
|
page read and write
|
||
2344B23A000
|
heap
|
page read and write
|
||
2344B299000
|
heap
|
page read and write
|
||
2344BD82000
|
heap
|
page read and write
|
||
5060000
|
heap
|
page read and write
|
||
2344B259000
|
heap
|
page read and write
|
||
2344B2B8000
|
heap
|
page read and write
|
||
2344BED9000
|
heap
|
page read and write
|
||
2AFBE700000
|
heap
|
page read and write
|
||
2344B24F000
|
heap
|
page read and write
|
||
2344B26F000
|
heap
|
page read and write
|
||
2344B1F2000
|
heap
|
page read and write
|
||
2344B274000
|
heap
|
page read and write
|
||
2344B2A7000
|
heap
|
page read and write
|
||
2344BD87000
|
heap
|
page read and write
|
||
2344B2AD000
|
heap
|
page read and write
|
||
2344B2B7000
|
heap
|
page read and write
|
||
2D30000
|
heap
|
page read and write
|
||
2344B2B3000
|
heap
|
page read and write
|
||
2344B263000
|
heap
|
page read and write
|
||
2AFBE702000
|
heap
|
page read and write
|
||
2B63000
|
direct allocation
|
page execute and read and write
|
||
2344B241000
|
heap
|
page read and write
|
||
2344B2BD000
|
heap
|
page read and write
|
||
2344B2A5000
|
heap
|
page read and write
|
||
4FCE000
|
stack
|
page read and write
|
||
2344B2A5000
|
heap
|
page read and write
|
||
2344B2AA000
|
heap
|
page read and write
|
||
2344B24B000
|
heap
|
page read and write
|
||
2B70000
|
direct allocation
|
page read and write
|
||
2344B1C0000
|
heap
|
page read and write
|
||
2344B2AC000
|
heap
|
page read and write
|
||
2344B257000
|
heap
|
page read and write
|
||
2344B2BC000
|
heap
|
page read and write
|
||
2344BD00000
|
heap
|
page read and write
|
||
2344B23B000
|
heap
|
page read and write
|
||
2B85000
|
heap
|
page read and write
|
||
2344BBEA000
|
heap
|
page read and write
|
||
20000
|
heap
|
page read and write
|
||
2B90000
|
heap
|
page read and write
|
||
2AFBEE02000
|
heap
|
page read and write
|
||
2344B1E1000
|
heap
|
page read and write
|
||
4F80000
|
heap
|
page read and write
|
||
2344B27B000
|
heap
|
page read and write
|
||
2344B23D000
|
heap
|
page read and write
|
||
2344B298000
|
heap
|
page read and write
|
||
2344B29D000
|
heap
|
page read and write
|
||
427000
|
unkown
|
page read and write
|
||
49B0000
|
heap
|
page read and write
|
||
2344B2BA000
|
heap
|
page read and write
|
||
D18537B000
|
stack
|
page read and write
|
||
2344B2A3000
|
heap
|
page read and write
|
||
4EA0000
|
heap
|
page read and write
|
||
2344B205000
|
heap
|
page read and write
|
||
2344B259000
|
heap
|
page read and write
|
||
2344BBE0000
|
heap
|
page read and write
|
||
2344B298000
|
heap
|
page read and write
|
||
2344B28D000
|
heap
|
page read and write
|
||
2344B245000
|
heap
|
page read and write
|
||
2344B1E8000
|
heap
|
page read and write
|
||
2344B27A000
|
heap
|
page read and write
|
||
2344B242000
|
heap
|
page read and write
|
||
2B67000
|
direct allocation
|
page execute and read and write
|
||
48AC000
|
stack
|
page read and write
|
||
2344BEE1000
|
heap
|
page read and write
|
||
4F98000
|
heap
|
page read and write
|
||
2344B26F000
|
heap
|
page read and write
|
||
2AFBE640000
|
heap
|
page read and write
|
||
2B70000
|
heap
|
page read and write
|
||
19C000
|
stack
|
page read and write
|
||
6E9B47E000
|
stack
|
page read and write
|
||
2344B251000
|
heap
|
page read and write
|
||
40A000
|
unkown
|
page execute and read and write
|
||
2344BEDC000
|
heap
|
page read and write
|
||
4F0E000
|
stack
|
page read and write
|
||
2AFBE62A000
|
heap
|
page read and write
|
||
2344B237000
|
heap
|
page read and write
|
||
40D000
|
unkown
|
page execute and read and write
|
||
2F0F000
|
stack
|
page read and write
|
||
4DF9000
|
heap
|
page read and write
|
||
2344B24F000
|
heap
|
page read and write
|
||
2344B247000
|
heap
|
page read and write
|
||
2AFBE64B000
|
heap
|
page read and write
|
||
2B64000
|
direct allocation
|
page execute and read and write
|
||
2344B26C000
|
heap
|
page read and write
|
||
2344B251000
|
heap
|
page read and write
|
||
4A20000
|
heap
|
page read and write
|
||
2344B265000
|
heap
|
page read and write
|
||
2344B274000
|
heap
|
page read and write
|
||
2344B25D000
|
heap
|
page read and write
|
||
D185476000
|
stack
|
page read and write
|
||
2344B292000
|
heap
|
page read and write
|
||
2C47000
|
heap
|
page read and write
|
||
2344B251000
|
heap
|
page read and write
|
||
2344BD8A000
|
heap
|
page read and write
|
||
5BAB000
|
stack
|
page read and write
|
||
2344B28E000
|
heap
|
page read and write
|
||
2AFBE688000
|
heap
|
page read and write
|
||
2AFBE659000
|
heap
|
page read and write
|
||
2344B251000
|
heap
|
page read and write
|
||
2344BD8A000
|
heap
|
page read and write
|
||
2C8D000
|
heap
|
page read and write
|
||
2344B280000
|
heap
|
page read and write
|
||
9D000
|
stack
|
page read and write
|
||
427000
|
unkown
|
page read and write
|
||
2344B2A3000
|
heap
|
page read and write
|
||
2344BD83000
|
heap
|
page read and write
|
||
2B8C000
|
unclassified section
|
page readonly
|
||
2344B254000
|
heap
|
page read and write
|
||
2344B238000
|
heap
|
page read and write
|
||
2BE1000
|
unclassified section
|
page execute read
|
||
D18527F000
|
stack
|
page read and write
|
||
2344BD8B000
|
heap
|
page read and write
|
||
2344BD8E000
|
heap
|
page read and write
|
||
4E78000
|
heap
|
page read and write
|
||
2344B289000
|
heap
|
page read and write
|
||
2344B292000
|
heap
|
page read and write
|
||
2344B24B000
|
heap
|
page read and write
|
||
2344B2A7000
|
heap
|
page read and write
|
||
2CB4000
|
heap
|
page read and write
|
||
2344BBF0000
|
heap
|
page read and write
|
||
2344B27E000
|
heap
|
page read and write
|
||
2344B298000
|
heap
|
page read and write
|
||
50EE000
|
stack
|
page read and write
|
||
2344B2B5000
|
heap
|
page read and write
|
||
2344BD85000
|
heap
|
page read and write
|
||
2344B265000
|
heap
|
page read and write
|
||
D18507E000
|
stack
|
page read and write
|
||
2344B222000
|
heap
|
page read and write
|
||
2344B24C000
|
heap
|
page read and write
|
||
2344B20E000
|
heap
|
page read and write
|
||
2344B28B000
|
heap
|
page read and write
|
||
2B80000
|
unclassified section
|
page read and write
|
||
40B000
|
unkown
|
page execute and read and write
|
||
2344B2B2000
|
heap
|
page read and write
|
||
2AFBE600000
|
heap
|
page read and write
|
||
2344B27F000
|
heap
|
page read and write
|
||
4F19000
|
heap
|
page read and write
|
||
2B81000
|
unclassified section
|
page execute read
|
||
2344B265000
|
heap
|
page read and write
|
||
2344B26F000
|
heap
|
page read and write
|
||
6E9B5FE000
|
stack
|
page read and write
|
||
2344B2BC000
|
heap
|
page read and write
|
||
2344B222000
|
heap
|
page read and write
|
||
2344B2AC000
|
heap
|
page read and write
|
||
2344B23A000
|
heap
|
page read and write
|
||
2344B22F000
|
heap
|
page read and write
|
||
2C51000
|
heap
|
page execute and read and write
|
||
410000
|
unkown
|
page read and write
|
||
2344B200000
|
heap
|
page read and write
|
||
2344B2AC000
|
heap
|
page read and write
|
||
47AE000
|
stack
|
page read and write
|
||
500E000
|
stack
|
page read and write
|
||
2344B24C000
|
heap
|
page read and write
|
||
2DA6000
|
heap
|
page read and write
|
||
2344B204000
|
heap
|
page read and write
|
||
2344B28E000
|
heap
|
page read and write
|
||
2B95000
|
heap
|
page read and write
|
||
2344B27A000
|
heap
|
page read and write
|
||
4A7E000
|
stack
|
page read and write
|
||
558B000
|
heap
|
page read and write
|
||
2CCB000
|
heap
|
page read and write
|
||
2344B288000
|
heap
|
page read and write
|
||
2344B2AA000
|
heap
|
page read and write
|
||
2CAE000
|
heap
|
page read and write
|
||
2344B29C000
|
heap
|
page read and write
|
||
2AFBE4C0000
|
heap
|
page read and write
|
||
4E78000
|
heap
|
page read and write
|
||
2D87000
|
heap
|
page read and write
|
||
2AFBE664000
|
heap
|
page read and write
|
||
2344B262000
|
heap
|
page read and write
|
||
4A0E000
|
stack
|
page read and write
|
||
20000
|
heap
|
page read and write
|
||
59DF000
|
stack
|
page read and write
|
||
D18557E000
|
stack
|
page read and write
|
||
2344BD87000
|
heap
|
page read and write
|
||
50AF000
|
stack
|
page read and write
|
||
2344B4A0000
|
heap
|
page read and write
|
||
2344B265000
|
heap
|
page read and write
|
||
2BCC000
|
stack
|
page read and write
|
||
2344B290000
|
heap
|
page read and write
|
||
2344B26B000
|
heap
|
page read and write
|
||
2BE9000
|
unclassified section
|
page readonly
|
||
2344B1DA000
|
heap
|
page read and write
|
||
2344B25D000
|
heap
|
page read and write
|
||
2344B29D000
|
heap
|
page read and write
|
||
1FE000
|
stack
|
page read and write
|
||
2D4C000
|
heap
|
page execute and read and write
|
||
2344B243000
|
heap
|
page read and write
|
||
2344B259000
|
heap
|
page read and write
|
||
2344B27B000
|
heap
|
page read and write
|
||
2344BD8A000
|
heap
|
page read and write
|
||
2344BEDE000
|
heap
|
page read and write
|
||
2CAC000
|
stack
|
page read and write
|
||
2344B262000
|
heap
|
page read and write
|
||
2344B262000
|
heap
|
page read and write
|
||
5190000
|
heap
|
page read and write
|
||
6E9B57C000
|
stack
|
page read and write
|
||
2344B288000
|
heap
|
page read and write
|
||
2AFBE681000
|
heap
|
page read and write
|
||
2344B24E000
|
heap
|
page read and write
|
||
2344B267000
|
heap
|
page read and write
|
||
2344B259000
|
heap
|
page read and write
|
||
2344B238000
|
heap
|
page read and write
|
||
2CC4000
|
heap
|
page read and write
|
||
2B8A000
|
unclassified section
|
page read and write
|
||
2344B26F000
|
heap
|
page read and write
|
||
4F24000
|
heap
|
page read and write
|
||
2B5E000
|
stack
|
page read and write
|
||
2344BED0000
|
heap
|
page read and write
|
||
2344B29B000
|
heap
|
page read and write
|
||
2344B235000
|
heap
|
page read and write
|
||
403000
|
unkown
|
page execute and read and write
|
||
4F4E000
|
stack
|
page read and write
|
||
2344BBEC000
|
heap
|
page read and write
|
||
496E000
|
stack
|
page read and write
|
||
2344B288000
|
heap
|
page read and write
|
||
2344B1A0000
|
heap
|
page read and write
|
||
2344B257000
|
heap
|
page read and write
|
||
2AFBE63A000
|
heap
|
page read and write
|
||
5AAD000
|
stack
|
page read and write
|
||
2344B274000
|
heap
|
page read and write
|
||
2AFBE713000
|
heap
|
page read and write
|
||
2344B283000
|
heap
|
page read and write
|
||
2344B25C000
|
heap
|
page read and write
|
||
D1851FB000
|
stack
|
page read and write
|
||
2344B213000
|
heap
|
page read and write
|
||
2344B20B000
|
heap
|
page read and write
|
||
2344B257000
|
heap
|
page read and write
|
||
2344B267000
|
heap
|
page read and write
|
||
2B89000
|
unclassified section
|
page readonly
|
||
2344B2A5000
|
heap
|
page read and write
|
||
2AFBE613000
|
heap
|
page read and write
|
||
2344B27B000
|
heap
|
page read and write
|
||
2DBB000
|
heap
|
page read and write
|
||
2344B1F6000
|
heap
|
page read and write
|
||
2344B245000
|
heap
|
page read and write
|
||
D184DDB000
|
stack
|
page read and write
|
||
2D62000
|
heap
|
page read and write
|
||
2344B2AA000
|
heap
|
page read and write
|
||
2344BD84000
|
heap
|
page read and write
|
||
2AFBEE15000
|
heap
|
page read and write
|
||
2344B212000
|
heap
|
page read and write
|
||
492E000
|
stack
|
page read and write
|
||
10000
|
heap
|
page read and write
|
||
2344B23B000
|
heap
|
page read and write
|
||
2344BEE4000
|
heap
|
page read and write
|
||
9D000
|
stack
|
page read and write
|
||
2344B24E000
|
heap
|
page read and write
|
||
5CAF000
|
stack
|
page read and write
|
||
2344BD80000
|
heap
|
page read and write
|
||
2BEA000
|
unclassified section
|
page read and write
|
||
2344B241000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
4930000
|
heap
|
page read and write
|
||
2344B28B000
|
heap
|
page read and write
|
||
2344B27B000
|
heap
|
page read and write
|
||
2344B24E000
|
heap
|
page read and write
|
||
2344B26C000
|
heap
|
page read and write
|
||
2344B274000
|
heap
|
page read and write
|
||
5BDB000
|
stack
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
2D3D000
|
heap
|
page read and write
|
||
58AF000
|
stack
|
page read and write
|
||
410000
|
unkown
|
page read and write
|
||
2344B259000
|
heap
|
page read and write
|
||
2344B280000
|
heap
|
page read and write
|
||
2344B4A5000
|
heap
|
page read and write
|
||
2344BBEA000
|
heap
|
page read and write
|
||
D1850FF000
|
stack
|
page read and write
|
||
2344B238000
|
heap
|
page read and write
|
||
D18577E000
|
stack
|
page read and write
|
||
48CC000
|
stack
|
page read and write
|
||
4B2F000
|
stack
|
page read and write
|
||
2344B2AC000
|
heap
|
page read and write
|
||
2344B28E000
|
heap
|
page read and write
|
||
2CF0000
|
heap
|
page read and write
|
||
2344B22F000
|
heap
|
page read and write
|
||
6E9B6FE000
|
stack
|
page read and write
|
||
2344BBFC000
|
heap
|
page read and write
|
||
2C66000
|
heap
|
page read and write
|
||
2344B2A7000
|
heap
|
page read and write
|
||
2344B257000
|
heap
|
page read and write
|
||
49AE000
|
stack
|
page read and write
|
||
2344B282000
|
heap
|
page read and write
|
||
2344B29E000
|
heap
|
page read and write
|
||
2C40000
|
heap
|
page read and write
|
||
2344B217000
|
heap
|
page read and write
|
||
2344B2AA000
|
heap
|
page read and write
|
||
5ADD000
|
stack
|
page read and write
|
||
2AFBE450000
|
heap
|
page read and write
|
||
2344B21C000
|
heap
|
page read and write
|
||
2344B274000
|
heap
|
page read and write
|
||
2344BC04000
|
heap
|
page read and write
|
||
D18567E000
|
stack
|
page read and write
|
||
2B80000
|
heap
|
page read and write
|
||
6E9B67B000
|
stack
|
page read and write
|
||
2344B24C000
|
heap
|
page read and write
|
||
2344B21A000
|
heap
|
page read and write
|
||
2344B25D000
|
heap
|
page read and write
|
||
5CDF000
|
stack
|
page read and write
|
||
2344B2BE000
|
heap
|
page read and write
|
||
2344BBFD000
|
heap
|
page read and write
|
||
2344BED7000
|
heap
|
page read and write
|
||
2344B1C8000
|
heap
|
page read and write
|
||
2344B262000
|
heap
|
page read and write
|
||
4B6E000
|
stack
|
page read and write
|
||
410000
|
unkown
|
page write copy
|
||
2344BEDB000
|
heap
|
page read and write
|
||
2344B274000
|
heap
|
page read and write
|
||
2344B2A7000
|
heap
|
page read and write
|
||
2344B1DF000
|
heap
|
page read and write
|
||
2344BEE6000
|
heap
|
page read and write
|
||
19C000
|
stack
|
page read and write
|
||
2344B130000
|
heap
|
page read and write
|
||
490E000
|
stack
|
page read and write
|
||
407000
|
unkown
|
page execute and read and write
|
||
2344B296000
|
heap
|
page read and write
|
||
2344B20C000
|
heap
|
page read and write
|
||
59AF000
|
stack
|
page read and write
|
||
2344B21B000
|
heap
|
page read and write
|
||
2AFBE5C0000
|
trusted library allocation
|
page read and write
|
||
2344B298000
|
heap
|
page read and write
|
||
5DAE000
|
stack
|
page read and write
|
||
2344B288000
|
heap
|
page read and write
|
||
2344B22A000
|
heap
|
page read and write
|
||
2D3A000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page execute and read and write
|
||
2344B295000
|
heap
|
page read and write
|
||
2344B27B000
|
heap
|
page read and write
|
||
2344B229000
|
heap
|
page read and write
|
||
6E9B1D7000
|
stack
|
page read and write
|
||
2344B2B3000
|
heap
|
page read and write
|
||
6E9B77F000
|
stack
|
page read and write
|
||
2AFBE460000
|
heap
|
page read and write
|
||
2344B259000
|
heap
|
page read and write
|
||
2344B251000
|
heap
|
page read and write
|
||
4BA0000
|
heap
|
page read and write
|
||
2B60000
|
direct allocation
|
page execute and read and write
|
||
2B66000
|
direct allocation
|
page execute and read and write
|
||
2344B25D000
|
heap
|
page read and write
|
||
2344BBF0000
|
heap
|
page read and write
|
||
2344B2BA000
|
heap
|
page read and write
|
||
2344BBF5000
|
heap
|
page read and write
|
||
2344B287000
|
heap
|
page read and write
|
||
2344B24C000
|
heap
|
page read and write
|
||
4A3F000
|
stack
|
page read and write
|
||
2C2E000
|
stack
|
page read and write
|
||
2344B27F000
|
heap
|
page read and write
|
||
2344B27D000
|
heap
|
page read and write
|
||
405000
|
unkown
|
page execute and read and write
|
||
2AFBEE00000
|
heap
|
page read and write
|
||
40E000
|
unkown
|
page execute and read and write
|
||
558B000
|
heap
|
page read and write
|
||
10000
|
heap
|
page read and write
|
||
408000
|
unkown
|
page execute and read and write
|
||
2344B180000
|
heap
|
page read and write
|
||
2344B240000
|
heap
|
page read and write
|
There are 359 hidden memdumps, click here to show them.