Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
PO 102675-PI C247SH45.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\PO 102675-PI C247SH45.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmpE520.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\cfEpcI.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\cfEpcI.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\cfEpcI.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4hxoslke.utz.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bj3n0tt0.ott.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_clwnphlv.td5.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ibdbjrpr.fln.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jtaqqemt.q11.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nmfxejuo.ml2.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ns3imu2b.rks.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_z5tvnosi.ib1.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpF7DD.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\PO 102675-PI C247SH45.exe
|
"C:\Users\user\Desktop\PO 102675-PI C247SH45.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\PO 102675-PI
C247SH45.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\cfEpcI.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\cfEpcI" /XML "C:\Users\user\AppData\Local\Temp\tmpE520.tmp"
|
|
|
|
C:\Users\user\Desktop\PO 102675-PI C247SH45.exe
|
"C:\Users\user\Desktop\PO 102675-PI C247SH45.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\cfEpcI.exe
|
C:\Users\user\AppData\Roaming\cfEpcI.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\cfEpcI" /XML "C:\Users\user\AppData\Local\Temp\tmpF7DD.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\cfEpcI.exe
|
"C:\Users\user\AppData\Roaming\cfEpcI.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://mail.iaa-airferight.com
|
unknown
|
|
|
|
https://account.dyn.com/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.symauth.com/cps0(
|
unknown
|
||
|
http://www.symauth.com/rpa00
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mail.iaa-airferight.com
|
46.175.148.58
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
46.175.148.58
|
mail.iaa-airferight.com
|
Ukraine
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2E01000
|
trusted library allocation
|
page read and write
|
|
|
|
42F000
|
remote allocation
|
page execute and read and write
|
|
|
|
2E4F000
|
trusted library allocation
|
page read and write
|
|
|
|
4568000
|
trusted library allocation
|
page read and write
|
|
|
|
3071000
|
trusted library allocation
|
page read and write
|
|
|
|
4FE7000
|
trusted library allocation
|
page read and write
|
|
|
|
30C0000
|
trusted library allocation
|
page read and write
|
|
|
|
13C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
53AC000
|
stack
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
820000
|
trusted library allocation
|
page read and write
|
||
|
6660000
|
trusted library allocation
|
page read and write
|
||
|
290E000
|
unkown
|
page read and write
|
||
|
561D000
|
trusted library allocation
|
page read and write
|
||
|
7421D000
|
unkown
|
page read and write
|
||
|
6DA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1687000
|
heap
|
page read and write
|
||
|
18E0000
|
heap
|
page read and write
|
||
|
578E000
|
stack
|
page read and write
|
||
|
6DB0000
|
heap
|
page read and write
|
||
|
573E000
|
stack
|
page read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
FF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E29000
|
trusted library allocation
|
page read and write
|
||
|
5770000
|
trusted library allocation
|
page read and write
|
||
|
402000
|
remote allocation
|
page execute and read and write
|
||
|
2E65000
|
trusted library allocation
|
page read and write
|
||
|
6D60000
|
trusted library allocation
|
page read and write
|
||
|
14C0000
|
trusted library allocation
|
page read and write
|
||
|
5E9E000
|
stack
|
page read and write
|
||
|
6280000
|
trusted library allocation
|
page execute and read and write
|
||
|
1406000
|
trusted library allocation
|
page read and write
|
||
|
50C0000
|
trusted library allocation
|
page read and write
|
||
|
836000
|
trusted library allocation
|
page execute and read and write
|
||
|
40D000
|
remote allocation
|
page execute and read and write
|
||
|
1402000
|
trusted library allocation
|
page read and write
|
||
|
29BE000
|
stack
|
page read and write
|
||
|
D710000
|
heap
|
page read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
1630000
|
trusted library allocation
|
page read and write
|
||
|
6890000
|
heap
|
page read and write
|
||
|
3330000
|
trusted library allocation
|
page read and write
|
||
|
813000
|
trusted library allocation
|
page execute and read and write
|
||
|
140E000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
heap
|
page execute and read and write
|
||
|
10CA000
|
heap
|
page read and write
|
||
|
CA6E000
|
stack
|
page read and write
|
||
|
D28E000
|
stack
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
59F0000
|
trusted library allocation
|
page read and write
|
||
|
16E8000
|
heap
|
page read and write
|
||
|
6950000
|
heap
|
page read and write
|
||
|
D735000
|
heap
|
page read and write
|
||
|
D18E000
|
stack
|
page read and write
|
||
|
326F000
|
stack
|
page read and write
|
||
|
18D7000
|
heap
|
page read and write
|
||
|
568C000
|
stack
|
page read and write
|
||
|
2780000
|
heap
|
page read and write
|
||
|
C6EE000
|
stack
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
14BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
3054000
|
trusted library allocation
|
page read and write
|
||
|
2D08000
|
trusted library allocation
|
page read and write
|
||
|
12F7000
|
stack
|
page read and write
|
||
|
14B0000
|
trusted library allocation
|
page read and write
|
||
|
37F9000
|
trusted library allocation
|
page read and write
|
||
|
12F0000
|
trusted library allocation
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
63BF000
|
stack
|
page read and write
|
||
|
D38E000
|
stack
|
page read and write
|
||
|
E81000
|
trusted library allocation
|
page read and write
|
||
|
5310000
|
heap
|
page read and write
|
||
|
183F000
|
stack
|
page read and write
|
||
|
CFD0000
|
heap
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
3FE000
|
stack
|
page read and write
|
||
|
FFA000
|
trusted library allocation
|
page execute and read and write
|
||
|
3040000
|
trusted library allocation
|
page read and write
|
||
|
3E69000
|
trusted library allocation
|
page read and write
|
||
|
4BC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
960000
|
trusted library allocation
|
page read and write
|
||
|
627D000
|
stack
|
page read and write
|
||
|
5750000
|
heap
|
page read and write
|
||
|
4B80000
|
heap
|
page read and write
|
||
|
5E10000
|
trusted library allocation
|
page read and write
|
||
|
1303000
|
trusted library allocation
|
page execute and read and write
|
||
|
14CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
9BFE000
|
stack
|
page read and write
|
||
|
5753000
|
heap
|
page read and write
|
||
|
142E000
|
stack
|
page read and write
|
||
|
4B02000
|
trusted library allocation
|
page read and write
|
||
|
D60D000
|
stack
|
page read and write
|
||
|
14E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
6538000
|
heap
|
page read and write
|
||
|
1008000
|
heap
|
page read and write
|
||
|
6370000
|
trusted library allocation
|
page read and write
|
||
|
5BB0000
|
trusted library section
|
page read and write
|
||
|
954000
|
trusted library allocation
|
page read and write
|
||
|
EC7000
|
heap
|
page read and write
|
||
|
E52000
|
unkown
|
page readonly
|
||
|
980000
|
heap
|
page read and write
|
||
|
FE0000
|
trusted library allocation
|
page read and write
|
||
|
14A0000
|
trusted library allocation
|
page read and write
|
||
|
58A0000
|
heap
|
page read and write
|
||
|
560A000
|
trusted library allocation
|
page read and write
|
||
|
3E01000
|
trusted library allocation
|
page read and write
|
||
|
16C6000
|
heap
|
page read and write
|
||
|
5A10000
|
heap
|
page execute and read and write
|
||
|
4FC0000
|
heap
|
page read and write
|
||
|
10BF000
|
heap
|
page read and write
|
||
|
4316000
|
trusted library allocation
|
page read and write
|
||
|
770E000
|
stack
|
page read and write
|
||
|
1304000
|
trusted library allocation
|
page read and write
|
||
|
411E000
|
trusted library allocation
|
page read and write
|
||
|
14F0000
|
heap
|
page read and write
|
||
|
970000
|
trusted library allocation
|
page read and write
|
||
|
15FE000
|
stack
|
page read and write
|
||
|
32EC000
|
trusted library allocation
|
page read and write
|
||
|
CF1F000
|
stack
|
page read and write
|
||
|
1205000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B60000
|
trusted library section
|
page readonly
|
||
|
1676000
|
heap
|
page read and write
|
||
|
5E25000
|
trusted library allocation
|
page read and write
|
||
|
6367000
|
trusted library allocation
|
page read and write
|
||
|
620C000
|
trusted library allocation
|
page read and write
|
||
|
6960000
|
heap
|
page read and write
|
||
|
56FB000
|
trusted library allocation
|
page read and write
|
||
|
1400000
|
trusted library allocation
|
page read and write
|
||
|
74200000
|
unkown
|
page readonly
|
||
|
5C9E000
|
stack
|
page read and write
|
||
|
4B9E000
|
trusted library allocation
|
page read and write
|
||
|
5DFE000
|
stack
|
page read and write
|
||
|
6200000
|
trusted library allocation
|
page read and write
|
||
|
5716000
|
trusted library allocation
|
page read and write
|
||
|
2A90000
|
heap
|
page read and write
|
||
|
842000
|
trusted library allocation
|
page read and write
|
||
|
5890000
|
heap
|
page read and write
|
||
|
27D0000
|
heap
|
page read and write
|
||
|
847000
|
trusted library allocation
|
page execute and read and write
|
||
|
4071000
|
trusted library allocation
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
6226000
|
trusted library allocation
|
page read and write
|
||
|
2A96000
|
trusted library allocation
|
page read and write
|
||
|
6A5E000
|
stack
|
page read and write
|
||
|
D98D000
|
stack
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
E7E000
|
trusted library allocation
|
page read and write
|
||
|
6D90000
|
heap
|
page read and write
|
||
|
2A9A000
|
heap
|
page read and write
|
||
|
FD0000
|
trusted library allocation
|
page read and write
|
||
|
10FD000
|
heap
|
page read and write
|
||
|
5F9E000
|
stack
|
page read and write
|
||
|
1640000
|
trusted library allocation
|
page execute and read and write
|
||
|
68B6000
|
heap
|
page read and write
|
||
|
2F98000
|
trusted library allocation
|
page read and write
|
||
|
4209000
|
trusted library allocation
|
page read and write
|
||
|
A9A000
|
stack
|
page read and write
|
||
|
141B000
|
trusted library allocation
|
page execute and read and write
|
||
|
164E000
|
heap
|
page read and write
|
||
|
27C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6C70000
|
trusted library allocation
|
page execute and read and write
|
||
|
2980000
|
heap
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
3516000
|
trusted library allocation
|
page read and write
|
||
|
13F0000
|
trusted library allocation
|
page read and write
|
||
|
5CE9000
|
trusted library allocation
|
page read and write
|
||
|
27F1000
|
trusted library allocation
|
page read and write
|
||
|
68A6000
|
heap
|
page read and write
|
||
|
6C60000
|
trusted library allocation
|
page read and write
|
||
|
3E09000
|
trusted library allocation
|
page read and write
|
||
|
27A0000
|
trusted library allocation
|
page read and write
|
||
|
93B000
|
stack
|
page read and write
|
||
|
1668000
|
heap
|
page read and write
|
||
|
2790000
|
trusted library allocation
|
page read and write
|
||
|
1444000
|
trusted library allocation
|
page read and write
|
||
|
1450000
|
heap
|
page read and write
|
||
|
D84D000
|
stack
|
page read and write
|
||
|
651E000
|
stack
|
page read and write
|
||
|
DA8F000
|
stack
|
page read and write
|
||
|
14F5000
|
heap
|
page read and write
|
||
|
4EB5000
|
heap
|
page read and write
|
||
|
C7EE000
|
stack
|
page read and write
|
||
|
F15000
|
heap
|
page read and write
|
||
|
28A0000
|
heap
|
page read and write
|
||
|
814000
|
trusted library allocation
|
page read and write
|
||
|
29EE000
|
unkown
|
page read and write
|
||
|
2DA0000
|
heap
|
page execute and read and write
|
||
|
5E30000
|
trusted library allocation
|
page execute and read and write
|
||
|
56A0000
|
heap
|
page execute and read and write
|
||
|
41F000
|
remote allocation
|
page execute and read and write
|
||
|
571D000
|
trusted library allocation
|
page read and write
|
||
|
403000
|
remote allocation
|
page execute and read and write
|
||
|
FDD000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BA0000
|
trusted library allocation
|
page read and write
|
||
|
2B2B000
|
heap
|
page read and write
|
||
|
2559000
|
stack
|
page read and write
|
||
|
4410000
|
trusted library allocation
|
page read and write
|
||
|
4B70000
|
heap
|
page read and write
|
||
|
1412000
|
trusted library allocation
|
page read and write
|
||
|
FF0000
|
trusted library allocation
|
page read and write
|
||
|
40C000
|
remote allocation
|
page execute and read and write
|
||
|
3140000
|
trusted library allocation
|
page read and write
|
||
|
5CDE000
|
stack
|
page read and write
|
||
|
1865000
|
trusted library allocation
|
page read and write
|
||
|
29FF000
|
stack
|
page read and write
|
||
|
30A000
|
stack
|
page read and write
|
||
|
6F7000
|
stack
|
page read and write
|
||
|
4BB0000
|
trusted library allocation
|
page read and write
|
||
|
6920000
|
trusted library allocation
|
page read and write
|
||
|
52BE000
|
stack
|
page read and write
|
||
|
6650000
|
trusted library allocation
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
1840000
|
trusted library allocation
|
page read and write
|
||
|
975000
|
trusted library allocation
|
page read and write
|
||
|
5A00000
|
trusted library allocation
|
page execute and read and write
|
||
|
DD3E000
|
stack
|
page read and write
|
||
|
25D0000
|
heap
|
page read and write
|
||
|
448C000
|
trusted library allocation
|
page read and write
|
||
|
3030000
|
trusted library allocation
|
page read and write
|
||
|
4EB0000
|
heap
|
page read and write
|
||
|
6860000
|
heap
|
page read and write
|
||
|
52FE000
|
stack
|
page read and write
|
||
|
1412000
|
trusted library allocation
|
page read and write
|
||
|
E86000
|
trusted library allocation
|
page read and write
|
||
|
1034000
|
heap
|
page read and write
|
||
|
52AC000
|
stack
|
page read and write
|
||
|
30C8000
|
trusted library allocation
|
page read and write
|
||
|
3098000
|
trusted library allocation
|
page read and write
|
||
|
5790000
|
trusted library allocation
|
page execute and read and write
|
||
|
5C00000
|
heap
|
page read and write
|
||
|
C930000
|
heap
|
page read and write
|
||
|
5CE0000
|
trusted library allocation
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
C5F000
|
stack
|
page read and write
|
||
|
6640000
|
trusted library allocation
|
page read and write
|
||
|
1315000
|
heap
|
page read and write
|
||
|
CE1E000
|
stack
|
page read and write
|
||
|
52AE000
|
stack
|
page read and write
|
||
|
40DA000
|
trusted library allocation
|
page read and write
|
||
|
67A7000
|
trusted library allocation
|
page read and write
|
||
|
143E000
|
heap
|
page read and write
|
||
|
FAA000
|
stack
|
page read and write
|
||
|
14FF000
|
heap
|
page read and write
|
||
|
5630000
|
trusted library allocation
|
page read and write
|
||
|
675E000
|
stack
|
page read and write
|
||
|
74216000
|
unkown
|
page readonly
|
||
|
870000
|
heap
|
page read and write
|
||
|
428F000
|
trusted library allocation
|
page read and write
|
||
|
140B000
|
trusted library allocation
|
page read and write
|
||
|
EFA000
|
stack
|
page read and write
|
||
|
4B90000
|
heap
|
page execute and read and write
|
||
|
1850000
|
trusted library allocation
|
page read and write
|
||
|
800000
|
trusted library allocation
|
page read and write
|
||
|
14DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
6670000
|
trusted library allocation
|
page execute and read and write
|
||
|
6230000
|
trusted library allocation
|
page execute and read and write
|
||
|
3BE000
|
stack
|
page read and write
|
||
|
FC0000
|
trusted library allocation
|
page read and write
|
||
|
D94E000
|
stack
|
page read and write
|
||
|
25C0000
|
heap
|
page read and write
|
||
|
A88000
|
trusted library allocation
|
page read and write
|
||
|
564C000
|
stack
|
page read and write
|
||
|
D723000
|
heap
|
page read and write
|
||
|
6666000
|
trusted library allocation
|
page read and write
|
||
|
940000
|
trusted library allocation
|
page read and write
|
||
|
16D9000
|
heap
|
page read and write
|
||
|
C5EE000
|
stack
|
page read and write
|
||
|
1630000
|
trusted library allocation
|
page read and write
|
||
|
570E000
|
trusted library allocation
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
635E000
|
stack
|
page read and write
|
||
|
4B30000
|
trusted library allocation
|
page read and write
|
||
|
81D000
|
trusted library allocation
|
page execute and read and write
|
||
|
84B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5E20000
|
trusted library allocation
|
page read and write
|
||
|
5622000
|
trusted library allocation
|
page read and write
|
||
|
2A2F000
|
unkown
|
page read and write
|
||
|
DCFC000
|
stack
|
page read and write
|
||
|
950000
|
trusted library allocation
|
page read and write
|
||
|
14E2000
|
trusted library allocation
|
page read and write
|
||
|
2E4D000
|
trusted library allocation
|
page read and write
|
||
|
41D000
|
remote allocation
|
page execute and read and write
|
||
|
2E57000
|
trusted library allocation
|
page read and write
|
||
|
83A000
|
trusted library allocation
|
page execute and read and write
|
||
|
8A5000
|
heap
|
page read and write
|
||
|
4271000
|
trusted library allocation
|
page read and write
|
||
|
6568000
|
heap
|
page read and write
|
||
|
2E3E000
|
stack
|
page read and write
|
||
|
30BE000
|
trusted library allocation
|
page read and write
|
||
|
1432000
|
trusted library allocation
|
page read and write
|
||
|
14EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
67A0000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
trusted library allocation
|
page read and write
|
||
|
4FD0000
|
heap
|
page read and write
|
||
|
E60000
|
trusted library allocation
|
page read and write
|
||
|
7421D000
|
unkown
|
page read and write
|
||
|
1870000
|
heap
|
page execute and read and write
|
||
|
16C1000
|
heap
|
page read and write
|
||
|
6690000
|
heap
|
page read and write
|
||
|
130D000
|
trusted library allocation
|
page execute and read and write
|
||
|
57A0000
|
trusted library allocation
|
page read and write
|
||
|
5711000
|
trusted library allocation
|
page read and write
|
||
|
251D000
|
stack
|
page read and write
|
||
|
A2B000
|
heap
|
page read and write
|
||
|
1428000
|
heap
|
page read and write
|
||
|
141A000
|
trusted library allocation
|
page read and write
|
||
|
51AC000
|
stack
|
page read and write
|
||
|
823000
|
trusted library allocation
|
page read and write
|
||
|
5DB0000
|
heap
|
page read and write
|
||
|
144A000
|
heap
|
page read and write
|
||
|
55FB000
|
trusted library allocation
|
page read and write
|
||
|
6C65000
|
trusted library allocation
|
page read and write
|
||
|
D4CD000
|
stack
|
page read and write
|
||
|
98A000
|
heap
|
page read and write
|
||
|
59DB000
|
stack
|
page read and write
|
||
|
1446000
|
trusted library allocation
|
page read and write
|
||
|
1415000
|
trusted library allocation
|
page execute and read and write
|
||
|
30D6000
|
trusted library allocation
|
page read and write
|
||
|
E6B000
|
trusted library allocation
|
page read and write
|
||
|
3814000
|
trusted library allocation
|
page read and write
|
||
|
890000
|
trusted library allocation
|
page execute and read and write
|
||
|
5D9E000
|
stack
|
page read and write
|
||
|
832000
|
trusted library allocation
|
page read and write
|
||
|
6ACF000
|
stack
|
page read and write
|
||
|
4B40000
|
trusted library allocation
|
page execute and read and write
|
||
|
1400000
|
trusted library allocation
|
page read and write
|
||
|
B40000
|
trusted library allocation
|
page read and write
|
||
|
18D0000
|
heap
|
page read and write
|
||
|
2970000
|
heap
|
page read and write
|
||
|
1426000
|
trusted library allocation
|
page read and write
|
||
|
14B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
6C50000
|
trusted library allocation
|
page read and write
|
||
|
294F000
|
unkown
|
page read and write
|
||
|
1454000
|
heap
|
page read and write
|
||
|
631F000
|
stack
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
E92000
|
trusted library allocation
|
page read and write
|
||
|
B20000
|
trusted library allocation
|
page read and write
|
||
|
4C89000
|
trusted library allocation
|
page read and write
|
||
|
286C000
|
trusted library allocation
|
page read and write
|
||
|
A65000
|
heap
|
page read and write
|
||
|
CFCE000
|
stack
|
page read and write
|
||
|
6210000
|
trusted library allocation
|
page read and write
|
||
|
5DA0000
|
trusted library allocation
|
page read and write
|
||
|
E50000
|
unkown
|
page readonly
|
||
|
14B4000
|
trusted library allocation
|
page read and write
|
||
|
FD3000
|
trusted library allocation
|
page execute and read and write
|
||
|
4DCB000
|
stack
|
page read and write
|
||
|
4D80000
|
heap
|
page read and write
|
||
|
4E8E000
|
stack
|
page read and write
|
||
|
1417000
|
trusted library allocation
|
page execute and read and write
|
||
|
55F6000
|
trusted library allocation
|
page read and write
|
||
|
C92D000
|
stack
|
page read and write
|
||
|
906E000
|
stack
|
page read and write
|
||
|
1660000
|
heap
|
page read and write
|
||
|
59E0000
|
trusted library allocation
|
page read and write
|
||
|
D2DF000
|
stack
|
page read and write
|
||
|
5760000
|
heap
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
7421D000
|
unkown
|
page read and write
|
||
|
2F8E000
|
stack
|
page read and write
|
||
|
D4D0000
|
heap
|
page read and write
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
69CE000
|
stack
|
page read and write
|
||
|
D70E000
|
stack
|
page read and write
|
||
|
14D1000
|
heap
|
page read and write
|
||
|
6562000
|
heap
|
page read and write
|
||
|
E5F000
|
stack
|
page read and write
|
||
|
1300000
|
trusted library allocation
|
page read and write
|
||
|
57E0000
|
trusted library allocation
|
page read and write
|
||
|
6970000
|
trusted library allocation
|
page execute and read and write
|
||
|
CBAE000
|
stack
|
page read and write
|
||
|
5A9C000
|
stack
|
page read and write
|
||
|
830000
|
trusted library allocation
|
page read and write
|
||
|
57B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7421D000
|
unkown
|
page read and write
|
||
|
56F4000
|
trusted library allocation
|
page read and write
|
||
|
A02000
|
heap
|
page read and write
|
||
|
1640000
|
heap
|
page read and write
|
||
|
956000
|
trusted library allocation
|
page read and write
|
||
|
68AC000
|
heap
|
page read and write
|
||
|
2DB0000
|
trusted library allocation
|
page read and write
|
||
|
6206000
|
trusted library allocation
|
page read and write
|
||
|
9C30000
|
trusted library allocation
|
page read and write
|
||
|
689D000
|
heap
|
page read and write
|
||
|
14D6000
|
trusted library allocation
|
page execute and read and write
|
||
|
18C0000
|
trusted library allocation
|
page read and write
|
||
|
28B0000
|
trusted library allocation
|
page read and write
|
||
|
2AAF000
|
stack
|
page read and write
|
||
|
574E000
|
stack
|
page read and write
|
||
|
1406000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F030000
|
trusted library allocation
|
page execute and read and write
|
||
|
5880000
|
heap
|
page read and write
|
||
|
142D000
|
trusted library allocation
|
page read and write
|
||
|
B99000
|
stack
|
page read and write
|
||
|
664C000
|
trusted library allocation
|
page read and write
|
||
|
37F1000
|
trusted library allocation
|
page read and write
|
||
|
140A000
|
trusted library allocation
|
page execute and read and write
|
||
|
D05C000
|
stack
|
page read and write
|
||
|
1440000
|
trusted library allocation
|
page read and write
|
||
|
41E000
|
remote allocation
|
page execute and read and write
|
||
|
3050000
|
trusted library allocation
|
page read and write
|
||
|
D3CD000
|
stack
|
page read and write
|
||
|
5B9E000
|
stack
|
page read and write
|
||
|
2CFE000
|
stack
|
page read and write
|
||
|
7410000
|
heap
|
page read and write
|
||
|
58A3000
|
heap
|
page read and write
|
||
|
5BF0000
|
heap
|
page read and write
|
||
|
5602000
|
trusted library allocation
|
page read and write
|
||
|
5616000
|
trusted library allocation
|
page read and write
|
||
|
29A0000
|
heap
|
page read and write
|
||
|
7421F000
|
unkown
|
page readonly
|
||
|
283A000
|
stack
|
page read and write
|
||
|
55F0000
|
trusted library allocation
|
page read and write
|
||
|
1720000
|
heap
|
page read and write
|
||
|
13E3000
|
heap
|
page read and write
|
||
|
68D3000
|
heap
|
page read and write
|
||
|
7EE40000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FA8000
|
trusted library allocation
|
page read and write
|
||
|
4393000
|
trusted library allocation
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
6880000
|
heap
|
page read and write
|
||
|
9C40000
|
trusted library allocation
|
page execute and read and write
|
||
|
4508000
|
trusted library allocation
|
page read and write
|
||
|
13D0000
|
trusted library allocation
|
page read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
2AF6000
|
trusted library allocation
|
page read and write
|
||
|
276C000
|
stack
|
page read and write
|
||
|
50D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
860000
|
trusted library allocation
|
page read and write
|
||
|
6360000
|
trusted library allocation
|
page read and write
|
||
|
C82D000
|
stack
|
page read and write
|
||
|
370000
|
heap
|
page read and write
|
||
|
FD4000
|
trusted library allocation
|
page read and write
|
||
|
5611000
|
trusted library allocation
|
page read and write
|
||
|
4279000
|
trusted library allocation
|
page read and write
|
||
|
146E000
|
stack
|
page read and write
|
||
|
1202000
|
trusted library allocation
|
page read and write
|
||
|
5BE0000
|
heap
|
page read and write
|
||
|
102A000
|
heap
|
page read and write
|
||
|
14C3000
|
trusted library allocation
|
page read and write
|
||
|
1410000
|
trusted library allocation
|
page read and write
|
||
|
8F0000
|
heap
|
page execute and read and write
|
||
|
D5E000
|
stack
|
page read and write
|
||
|
1457000
|
heap
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
5870000
|
trusted library section
|
page readonly
|
||
|
B50000
|
heap
|
page read and write
|
||
|
6220000
|
trusted library allocation
|
page read and write
|
||
|
74201000
|
unkown
|
page execute read
|
||
|
2AEA000
|
trusted library allocation
|
page read and write
|
||
|
14C7000
|
heap
|
page read and write
|
||
|
4099000
|
trusted library allocation
|
page read and write
|
||
|
D4E0000
|
heap
|
page read and write
|
||
|
1099000
|
heap
|
page read and write
|
||
|
760E000
|
stack
|
page read and write
|
||
|
1037000
|
heap
|
page read and write
|
||
|
6202000
|
trusted library allocation
|
page read and write
|
||
|
5DB5000
|
heap
|
page read and write
|
||
|
6520000
|
heap
|
page read and write
|
||
|
98E000
|
heap
|
page read and write
|
||
|
66C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
14D2000
|
trusted library allocation
|
page read and write
|
||
|
126E000
|
stack
|
page read and write
|
||
|
13FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
35C2000
|
trusted library allocation
|
page read and write
|
||
|
4079000
|
trusted library allocation
|
page read and write
|
||
|
FF9000
|
stack
|
page read and write
|
||
|
D1DE000
|
stack
|
page read and write
|
||
|
C3EE000
|
stack
|
page read and write
|
||
|
A31000
|
heap
|
page read and write
|
||
|
9C5000
|
heap
|
page read and write
|
||
|
5E00000
|
trusted library allocation
|
page execute and read and write
|
||
|
560E000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
10F1000
|
heap
|
page read and write
|
||
|
CB6E000
|
stack
|
page read and write
|
||
|
9ED0000
|
trusted library section
|
page read and write
|
||
|
C42E000
|
stack
|
page read and write
|
||
|
CF5B000
|
stack
|
page read and write
|
||
|
18BE000
|
stack
|
page read and write
|
||
|
1086000
|
heap
|
page read and write
|
||
|
8EE000
|
stack
|
page read and write
|
||
|
1860000
|
trusted library allocation
|
page read and write
|
||
|
3160000
|
heap
|
page read and write
|
||
|
7FB30000
|
trusted library allocation
|
page execute and read and write
|
||
|
13F0000
|
trusted library allocation
|
page read and write
|
||
|
1610000
|
trusted library allocation
|
page read and write
|
||
|
9B5000
|
heap
|
page read and write
|
||
|
5300000
|
heap
|
page execute and read and write
|
||
|
5BD0000
|
trusted library section
|
page read and write
|
||
|
56FE000
|
stack
|
page read and write
|
||
|
55FE000
|
trusted library allocation
|
page read and write
|
||
|
1650000
|
heap
|
page read and write
|
||
|
5750000
|
heap
|
page read and write
|
||
|
FED000
|
trusted library allocation
|
page execute and read and write
|
||
|
360000
|
heap
|
page read and write
|
||
|
120B000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FBE000
|
stack
|
page read and write
|
||
|
527C000
|
stack
|
page read and write
|
||
|
688E000
|
stack
|
page read and write
|
||
|
3271000
|
trusted library allocation
|
page read and write
|
||
|
7F490000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B50000
|
trusted library allocation
|
page read and write
|
||
|
D19E000
|
stack
|
page read and write
|
||
|
14D0000
|
trusted library allocation
|
page read and write
|
||
|
27E0000
|
heap
|
page read and write
|
||
|
14E0000
|
trusted library allocation
|
page read and write
|
||
|
4528000
|
trusted library allocation
|
page read and write
|
||
|
D09E000
|
stack
|
page read and write
|
||
|
4EFD000
|
stack
|
page read and write
|
||
|
A04000
|
heap
|
page read and write
|
||
|
1421000
|
trusted library allocation
|
page read and write
|
||
|
D71C000
|
heap
|
page read and write
|
||
|
E8D000
|
trusted library allocation
|
page read and write
|
||
|
1648000
|
heap
|
page read and write
|
||
|
1207000
|
trusted library allocation
|
page execute and read and write
|
||
|
57E9000
|
trusted library allocation
|
page read and write
|
||
|
FF2000
|
trusted library allocation
|
page read and write
|
||
|
5B1E000
|
stack
|
page read and write
|
||
|
CCAF000
|
stack
|
page read and write
|
||
|
27D3000
|
heap
|
page read and write
|
||
|
141E000
|
trusted library allocation
|
page read and write
|
||
|
2A6E000
|
stack
|
page read and write
|
||
|
E64000
|
trusted library allocation
|
page read and write
|
||
|
1420000
|
heap
|
page read and write
|
||
|
12AC000
|
stack
|
page read and write
|
||
|
679E000
|
stack
|
page read and write
|
||
|
DBFB000
|
stack
|
page read and write
|
||
|
67B0000
|
trusted library allocation
|
page read and write
|
||
|
56F0000
|
trusted library allocation
|
page read and write
|
||
|
1620000
|
trusted library allocation
|
page execute and read and write
|
||
|
66BD000
|
stack
|
page read and write
|
||
|
DE3E000
|
stack
|
page read and write
|
||
|
CF8E000
|
stack
|
page read and write
|
||
|
82D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B40000
|
trusted library allocation
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
5760000
|
trusted library allocation
|
page read and write
|
||
|
25FD000
|
stack
|
page read and write
|
||
|
810000
|
trusted library allocation
|
page read and write
|
There are 533 hidden memdumps, click here to show them.