Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.Win32.MalwareX-gen.21416.15434.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\SecuriteInfo.com.Win32.MalwareX-gen.21416.15434.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmpB7C4.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\bmkNCLNkqvOpVZ.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\bmkNCLNkqvOpVZ.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\bmkNCLNkqvOpVZ.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_24y5o3ba.fez.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jodiitfk.bmm.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_k4zoiy5c.1nm.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zve2udha.ntf.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpC65B.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 3 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win32.MalwareX-gen.21416.15434.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win32.MalwareX-gen.21416.15434.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\bmkNCLNkqvOpVZ.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\bmkNCLNkqvOpVZ" /XML "C:\Users\user\AppData\Local\Temp\tmpB7C4.tmp"
|
|
|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win32.MalwareX-gen.21416.15434.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win32.MalwareX-gen.21416.15434.exe"
|
|
|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win32.MalwareX-gen.21416.15434.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win32.MalwareX-gen.21416.15434.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\bmkNCLNkqvOpVZ.exe
|
C:\Users\user\AppData\Roaming\bmkNCLNkqvOpVZ.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\bmkNCLNkqvOpVZ" /XML "C:\Users\user\AppData\Local\Temp\tmpC65B.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\bmkNCLNkqvOpVZ.exe
|
"C:\Users\user\AppData\Roaming\bmkNCLNkqvOpVZ.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 2 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
172.93.220.148
|
|
||
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
|
http://geoplugin.net/json.gp:R
|
unknown
|
||
|
http://geoplugin.net/json.gpX
|
unknown
|
||
|
http://geoplugin.net/
|
unknown
|
||
|
http://geoplugin.net/h
|
unknown
|
||
|
http://geoplugin.net/json.gp/C
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://geoplugin.net/json.gpSystem32
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
geoplugin.net
|
178.237.33.50
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.93.220.148
|
unknown
|
United States
|
|
|
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\765-8M14I5
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\765-8M14I5
|
licence
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
3D59000
|
trusted library allocation
|
page read and write
|
|
|
|
CDA000
|
heap
|
page read and write
|
|
|
|
16F7000
|
heap
|
page read and write
|
|
|
|
14A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3159000
|
trusted library allocation
|
page read and write
|
||
|
1160000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
heap
|
page execute and read and write
|
||
|
718D000
|
heap
|
page read and write
|
||
|
F62000
|
trusted library allocation
|
page read and write
|
||
|
F7B000
|
trusted library allocation
|
page execute and read and write
|
||
|
F72000
|
trusted library allocation
|
page read and write
|
||
|
F90000
|
trusted library allocation
|
page read and write
|
||
|
54F0000
|
trusted library allocation
|
page read and write
|
||
|
556D000
|
stack
|
page read and write
|
||
|
F53000
|
trusted library allocation
|
page read and write
|
||
|
D1E000
|
heap
|
page read and write
|
||
|
A9A000
|
stack
|
page read and write
|
||
|
D37000
|
stack
|
page read and write
|
||
|
F44000
|
trusted library allocation
|
page read and write
|
||
|
6D7000
|
heap
|
page read and write
|
||
|
FA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
8C8F000
|
stack
|
page read and write
|
||
|
56F0000
|
trusted library allocation
|
page read and write
|
||
|
6EC0000
|
trusted library section
|
page read and write
|
||
|
4866000
|
trusted library allocation
|
page read and write
|
||
|
8DEE000
|
stack
|
page read and write
|
||
|
FBE000
|
heap
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
114D000
|
trusted library allocation
|
page execute and read and write
|
||
|
426B000
|
trusted library allocation
|
page read and write
|
||
|
1086000
|
heap
|
page read and write
|
||
|
914E000
|
stack
|
page read and write
|
||
|
1170000
|
trusted library allocation
|
page read and write
|
||
|
339000
|
stack
|
page read and write
|
||
|
10EE000
|
stack
|
page read and write
|
||
|
1290000
|
trusted library allocation
|
page read and write
|
||
|
5450000
|
trusted library allocation
|
page read and write
|
||
|
734E000
|
stack
|
page read and write
|
||
|
1261000
|
trusted library allocation
|
page read and write
|
||
|
14B0000
|
trusted library allocation
|
page read and write
|
||
|
14C6000
|
trusted library allocation
|
page read and write
|
||
|
5A20000
|
trusted library allocation
|
page read and write
|
||
|
40F2000
|
trusted library allocation
|
page read and write
|
||
|
2C4E000
|
stack
|
page read and write
|
||
|
54F9000
|
trusted library allocation
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
5500000
|
trusted library allocation
|
page execute and read and write
|
||
|
74B2000
|
trusted library allocation
|
page read and write
|
||
|
5710000
|
heap
|
page read and write
|
||
|
58FD000
|
stack
|
page read and write
|
||
|
BCBC000
|
stack
|
page read and write
|
||
|
1048000
|
heap
|
page read and write
|
||
|
DE5000
|
heap
|
page read and write
|
||
|
1130000
|
trusted library allocation
|
page read and write
|
||
|
3EE000
|
unkown
|
page read and write
|
||
|
336E000
|
stack
|
page read and write
|
||
|
8870000
|
trusted library allocation
|
page execute and read and write
|
||
|
34E7000
|
trusted library allocation
|
page read and write
|
||
|
1190000
|
trusted library allocation
|
page read and write
|
||
|
2DC1000
|
trusted library allocation
|
page read and write
|
||
|
703E000
|
stack
|
page read and write
|
||
|
1240000
|
trusted library allocation
|
page read and write
|
||
|
287E000
|
stack
|
page read and write
|
||
|
78D2000
|
heap
|
page read and write
|
||
|
125C000
|
stack
|
page read and write
|
||
|
BC1C000
|
stack
|
page read and write
|
||
|
11D8000
|
heap
|
page read and write
|
||
|
EFD000
|
stack
|
page read and write
|
||
|
53E0000
|
trusted library allocation
|
page read and write
|
||
|
82F000
|
unkown
|
page read and write
|
||
|
EFF000
|
stack
|
page read and write
|
||
|
12A3000
|
heap
|
page read and write
|
||
|
8A6E000
|
stack
|
page read and write
|
||
|
5700000
|
heap
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
1105000
|
heap
|
page read and write
|
||
|
1211000
|
heap
|
page read and write
|
||
|
5720000
|
trusted library allocation
|
page read and write
|
||
|
5590000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
A240000
|
trusted library allocation
|
page execute and read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
422A000
|
trusted library allocation
|
page read and write
|
||
|
8B6E000
|
stack
|
page read and write
|
||
|
2ED8000
|
trusted library allocation
|
page read and write
|
||
|
4E4C000
|
stack
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
5770000
|
trusted library allocation
|
page execute and read and write
|
||
|
1143000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A10000
|
trusted library allocation
|
page read and write
|
||
|
F60000
|
trusted library allocation
|
page read and write
|
||
|
924E000
|
stack
|
page read and write
|
||
|
2CF0000
|
trusted library allocation
|
page read and write
|
||
|
30B0000
|
trusted library allocation
|
page read and write
|
||
|
55B1000
|
heap
|
page read and write
|
||
|
26FE000
|
stack
|
page read and write
|
||
|
748E000
|
stack
|
page read and write
|
||
|
4BE6000
|
trusted library allocation
|
page read and write
|
||
|
54E0000
|
heap
|
page execute and read and write
|
||
|
5750000
|
trusted library section
|
page readonly
|
||
|
890000
|
unkown
|
page readonly
|
||
|
2D1E000
|
stack
|
page read and write
|
||
|
4397000
|
trusted library allocation
|
page read and write
|
||
|
909D000
|
stack
|
page read and write
|
||
|
B9C0000
|
heap
|
page read and write
|
||
|
11A0000
|
heap
|
page execute and read and write
|
||
|
7915000
|
heap
|
page read and write
|
||
|
724E000
|
stack
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
57F0000
|
heap
|
page read and write
|
||
|
124B000
|
trusted library allocation
|
page read and write
|
||
|
BBBE000
|
stack
|
page read and write
|
||
|
7390000
|
trusted library allocation
|
page execute and read and write
|
||
|
F4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
F30000
|
trusted library allocation
|
page read and write
|
||
|
5190000
|
trusted library allocation
|
page read and write
|
||
|
3141000
|
trusted library allocation
|
page read and write
|
||
|
56C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
57E0000
|
heap
|
page read and write
|
||
|
A230000
|
trusted library allocation
|
page read and write
|
||
|
6DB0000
|
heap
|
page read and write
|
||
|
F5D000
|
trusted library allocation
|
page execute and read and write
|
||
|
F6A000
|
trusted library allocation
|
page execute and read and write
|
||
|
543D000
|
trusted library allocation
|
page read and write
|
||
|
126F000
|
heap
|
page read and write
|
||
|
8E2E000
|
stack
|
page read and write
|
||
|
14CE000
|
stack
|
page read and write
|
||
|
B6DE000
|
stack
|
page read and write
|
||
|
14C0000
|
trusted library allocation
|
page read and write
|
||
|
135C000
|
stack
|
page read and write
|
||
|
A6C000
|
stack
|
page read and write
|
||
|
DE7000
|
stack
|
page read and write
|
||
|
46E000
|
remote allocation
|
page execute and read and write
|
||
|
5220000
|
heap
|
page execute and read and write
|
||
|
10AE000
|
stack
|
page read and write
|
||
|
11F8000
|
heap
|
page read and write
|
||
|
713E000
|
stack
|
page read and write
|
||
|
161E000
|
stack
|
page read and write
|
||
|
125E000
|
trusted library allocation
|
page read and write
|
||
|
8F2E000
|
stack
|
page read and write
|
||
|
5483000
|
heap
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
5436000
|
trusted library allocation
|
page read and write
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
5575000
|
heap
|
page read and write
|
||
|
7F410000
|
trusted library allocation
|
page execute and read and write
|
||
|
738E000
|
stack
|
page read and write
|
||
|
90DB000
|
stack
|
page read and write
|
||
|
8A2E000
|
stack
|
page read and write
|
||
|
6FE0000
|
trusted library allocation
|
page read and write
|
||
|
1265000
|
heap
|
page read and write
|
||
|
D0F000
|
heap
|
page read and write
|
||
|
5243000
|
heap
|
page read and write
|
||
|
5200000
|
trusted library allocation
|
page read and write
|
||
|
2D10000
|
trusted library allocation
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
B69D000
|
stack
|
page read and write
|
||
|
6F7E000
|
stack
|
page read and write
|
||
|
13AF000
|
stack
|
page read and write
|
||
|
BFBE000
|
stack
|
page read and write
|
||
|
B6C000
|
stack
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
86E000
|
stack
|
page read and write
|
||
|
7EEC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1144000
|
trusted library allocation
|
page read and write
|
||
|
3240000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
1150000
|
trusted library allocation
|
page read and write
|
||
|
5230000
|
trusted library allocation
|
page execute and read and write
|
||
|
30AC000
|
stack
|
page read and write
|
||
|
2A8F000
|
stack
|
page read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
902E000
|
stack
|
page read and write
|
||
|
5455000
|
trusted library allocation
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
2880000
|
heap
|
page read and write
|
||
|
DDE000
|
stack
|
page read and write
|
||
|
41B5000
|
trusted library allocation
|
page read and write
|
||
|
72B0000
|
trusted library allocation
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
51D0000
|
heap
|
page read and write
|
||
|
B8BE000
|
stack
|
page read and write
|
||
|
F77000
|
trusted library allocation
|
page execute and read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
78AC000
|
heap
|
page read and write
|
||
|
1166000
|
trusted library allocation
|
page execute and read and write
|
||
|
714B000
|
heap
|
page read and write
|
||
|
71B2000
|
heap
|
page read and write
|
||
|
51E2000
|
trusted library allocation
|
page read and write
|
||
|
FBB000
|
heap
|
page read and write
|
||
|
2C58000
|
trusted library allocation
|
page read and write
|
||
|
892000
|
unkown
|
page readonly
|
||
|
40D1000
|
trusted library allocation
|
page read and write
|
||
|
1230000
|
trusted library allocation
|
page read and write
|
||
|
149F000
|
stack
|
page read and write
|
||
|
27FF000
|
stack
|
page read and write
|
||
|
F50000
|
trusted library allocation
|
page read and write
|
||
|
5450000
|
trusted library section
|
page readonly
|
||
|
2D20000
|
trusted library allocation
|
page read and write
|
||
|
8AF000
|
stack
|
page read and write
|
||
|
718A000
|
heap
|
page read and write
|
||
|
1266000
|
trusted library allocation
|
page read and write
|
||
|
11AE000
|
stack
|
page read and write
|
||
|
57BE000
|
stack
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
5760000
|
trusted library allocation
|
page execute and read and write
|
||
|
346F000
|
stack
|
page read and write
|
||
|
78A8000
|
heap
|
page read and write
|
||
|
2DDD000
|
trusted library allocation
|
page read and write
|
||
|
471000
|
remote allocation
|
page execute and read and write
|
||
|
5750000
|
trusted library allocation
|
page execute and read and write
|
||
|
1140000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
trusted library allocation
|
page read and write
|
||
|
2FAB000
|
stack
|
page read and write
|
||
|
78A0000
|
heap
|
page read and write
|
||
|
475000
|
remote allocation
|
page execute and read and write
|
||
|
5510000
|
trusted library allocation
|
page read and write
|
||
|
723E000
|
stack
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
5730000
|
trusted library allocation
|
page read and write
|
||
|
116A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1727000
|
heap
|
page read and write
|
||
|
895E000
|
stack
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
2E4A000
|
heap
|
page read and write
|
||
|
5740000
|
trusted library allocation
|
page read and write
|
||
|
43E6000
|
trusted library allocation
|
page read and write
|
||
|
980000
|
unkown
|
page readonly
|
||
|
1033000
|
heap
|
page read and write
|
||
|
471000
|
remote allocation
|
page execute and read and write
|
||
|
2CDF000
|
unkown
|
page read and write
|
||
|
1560000
|
heap
|
page read and write
|
||
|
7100000
|
trusted library allocation
|
page execute and read and write
|
||
|
5580000
|
heap
|
page read and write
|
||
|
575F000
|
trusted library section
|
page readonly
|
||
|
51EB000
|
trusted library allocation
|
page read and write
|
||
|
15DF000
|
stack
|
page read and write
|
||
|
51E9000
|
trusted library allocation
|
page read and write
|
||
|
541B000
|
trusted library allocation
|
page read and write
|
||
|
8CEE000
|
stack
|
page read and write
|
||
|
6EE0000
|
trusted library allocation
|
page read and write
|
||
|
B87E000
|
stack
|
page read and write
|
||
|
5240000
|
heap
|
page read and write
|
||
|
D29000
|
heap
|
page read and write
|
||
|
12A6000
|
heap
|
page read and write
|
||
|
115D000
|
trusted library allocation
|
page execute and read and write
|
||
|
150E000
|
stack
|
page read and write
|
||
|
54F2000
|
trusted library allocation
|
page read and write
|
||
|
11DE000
|
heap
|
page read and write
|
||
|
1177000
|
trusted library allocation
|
page execute and read and write
|
||
|
712A000
|
heap
|
page read and write
|
||
|
1279000
|
heap
|
page read and write
|
||
|
2D15000
|
trusted library allocation
|
page read and write
|
||
|
11EE000
|
stack
|
page read and write
|
||
|
4322000
|
trusted library allocation
|
page read and write
|
||
|
18EF000
|
stack
|
page read and write
|
||
|
166F000
|
stack
|
page read and write
|
||
|
53F0000
|
trusted library allocation
|
page read and write
|
||
|
2D51000
|
trusted library allocation
|
page read and write
|
||
|
5570000
|
heap
|
page read and write
|
||
|
14D0000
|
heap
|
page read and write
|
||
|
6FF0000
|
heap
|
page read and write
|
||
|
89E0000
|
trusted library allocation
|
page read and write
|
||
|
BCC0000
|
heap
|
page read and write
|
||
|
70F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
72D0000
|
trusted library section
|
page read and write
|
||
|
122C000
|
stack
|
page read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
F66000
|
trusted library allocation
|
page execute and read and write
|
||
|
74CE000
|
stack
|
page read and write
|
||
|
57F5000
|
heap
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
5910000
|
heap
|
page read and write
|
||
|
1510000
|
heap
|
page read and write
|
||
|
1720000
|
heap
|
page read and write
|
||
|
5A30000
|
trusted library allocation
|
page read and write
|
||
|
40D9000
|
trusted library allocation
|
page read and write
|
||
|
DFE000
|
stack
|
page read and write
|
||
|
544B000
|
stack
|
page read and write
|
||
|
5460000
|
heap
|
page read and write
|
||
|
7110000
|
heap
|
page read and write
|
||
|
574C000
|
stack
|
page read and write
|
||
|
BB1C000
|
stack
|
page read and write
|
||
|
57FE000
|
stack
|
page read and write
|
||
|
16F0000
|
heap
|
page read and write
|
||
|
1162000
|
trusted library allocation
|
page read and write
|
||
|
5480000
|
heap
|
page read and write
|
||
|
B97E000
|
stack
|
page read and write
|
||
|
6FF0000
|
trusted library allocation
|
page read and write
|
||
|
D36000
|
heap
|
page read and write
|
||
|
107E000
|
heap
|
page read and write
|
||
|
542E000
|
trusted library allocation
|
page read and write
|
||
|
1287000
|
heap
|
page read and write
|
||
|
7600000
|
trusted library allocation
|
page read and write
|
||
|
F40000
|
trusted library allocation
|
page read and write
|
||
|
FF3000
|
heap
|
page read and write
|
||
|
CE9000
|
stack
|
page read and write
|
||
|
C3A000
|
stack
|
page read and write
|
||
|
2FD000
|
stack
|
page read and write
|
||
|
51E0000
|
trusted library allocation
|
page read and write
|
||
|
A5D000
|
stack
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
5442000
|
trusted library allocation
|
page read and write
|
||
|
51F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1206000
|
heap
|
page read and write
|
||
|
5460000
|
trusted library allocation
|
page read and write
|
||
|
126D000
|
trusted library allocation
|
page read and write
|
||
|
75D0000
|
trusted library allocation
|
page read and write
|
||
|
F43000
|
trusted library allocation
|
page execute and read and write
|
||
|
789C000
|
heap
|
page read and write
|
||
|
3D51000
|
trusted library allocation
|
page read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
5900000
|
heap
|
page read and write
|
||
|
2D5F000
|
stack
|
page read and write
|
||
|
7890000
|
heap
|
page read and write
|
||
|
5A00000
|
heap
|
page read and write
|
||
|
54FB000
|
trusted library allocation
|
page read and write
|
||
|
5431000
|
trusted library allocation
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
FE5000
|
heap
|
page read and write
|
||
|
5410000
|
trusted library allocation
|
page read and write
|
||
|
54FF000
|
trusted library allocation
|
page read and write
|
||
|
2E40000
|
heap
|
page read and write
|
||
|
117B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1153000
|
trusted library allocation
|
page read and write
|
||
|
CF9000
|
heap
|
page read and write
|
||
|
2C9E000
|
unkown
|
page read and write
|
||
|
1079000
|
heap
|
page read and write
|
||
|
5490000
|
trusted library allocation
|
page read and write
|
||
|
1214000
|
heap
|
page read and write
|
||
|
43AF000
|
trusted library allocation
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
14C4000
|
trusted library allocation
|
page read and write
|
||
|
56E0000
|
heap
|
page read and write
|
||
|
1280000
|
heap
|
page read and write
|
||
|
54D0000
|
heap
|
page read and write
|
||
|
1172000
|
trusted library allocation
|
page read and write
|
||
|
75CE000
|
stack
|
page read and write
|
||
|
56D0000
|
trusted library allocation
|
page read and write
|
||
|
171E000
|
stack
|
page read and write
|
There are 336 hidden memdumps, click here to show them.