Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
PO-0Y9005373R664.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\PO-0Y9005373R664.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmpB962.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\VvtddClQv.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\VvtddClQv.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\VvtddClQv.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gbumgdo1.i4u.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gdg3ytxr.0gz.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ig1aggtv.1x5.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qbb03zfi.soz.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_rweqh102.h0i.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_u2nf3jon.4uy.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ul5tz4st.ukm.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_x50tsrpk.imz.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpD806.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\188E93\31437F.lck
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2246122658-3693405117-2476756634-1003\7ec63eecc011967c28496572961d2a7c_9e146be9-c76a-4720-bcdb-53011b87bd06
|
data
|
dropped
|
There are 8 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\PO-0Y9005373R664.exe
|
"C:\Users\user\Desktop\PO-0Y9005373R664.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\PO-0Y9005373R664.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\VvtddClQv.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\VvtddClQv" /XML "C:\Users\user\AppData\Local\Temp\tmpB962.tmp"
|
|
|
|
C:\Users\user\Desktop\PO-0Y9005373R664.exe
|
"C:\Users\user\Desktop\PO-0Y9005373R664.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\VvtddClQv.exe
|
C:\Users\user\AppData\Roaming\VvtddClQv.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\VvtddClQv" /XML "C:\Users\user\AppData\Local\Temp\tmpD806.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\VvtddClQv.exe
|
"C:\Users\user\AppData\Roaming\VvtddClQv.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://104.248.205.66/index.php/17008709
|
104.248.205.66
|
|
|
|
http://kbfvzoboss.bid/alien/fre.php
|
|
||
|
http://alphastand.win/alien/fre.php
|
|
||
|
http://alphastand.trade/alien/fre.php
|
|
||
|
http://alphastand.top/alien/fre.php
|
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://www.chiark.greenend.org.uk/~sgtatham/putty/0
|
unknown
|
||
|
http://www.ibsensoftware.com/
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.248.205.66
|
unknown
|
United States
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3E30000
|
trusted library allocation
|
page read and write
|
|
|
|
1428000
|
heap
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
5500000
|
trusted library section
|
page read and write
|
|
|
|
2991000
|
trusted library allocation
|
page read and write
|
|
|
|
3E4A000
|
trusted library allocation
|
page read and write
|
|
|
|
3B73000
|
trusted library allocation
|
page read and write
|
|
|
|
6C2000
|
unkown
|
page readonly
|
|
|
|
2A81000
|
trusted library allocation
|
page read and write
|
|
|
|
AE0000
|
heap
|
page read and write
|
||
|
B18000
|
heap
|
page read and write
|
||
|
7262000
|
heap
|
page read and write
|
||
|
5010000
|
trusted library allocation
|
page read and write
|
||
|
E5B000
|
trusted library allocation
|
page execute and read and write
|
||
|
27CC000
|
stack
|
page read and write
|
||
|
5220000
|
trusted library allocation
|
page read and write
|
||
|
2914000
|
trusted library allocation
|
page read and write
|
||
|
6B7C000
|
heap
|
page read and write
|
||
|
63F000
|
stack
|
page read and write
|
||
|
CDE000
|
stack
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
A8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6BD1000
|
heap
|
page read and write
|
||
|
94BE000
|
stack
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
E87000
|
heap
|
page read and write
|
||
|
4F30000
|
trusted library allocation
|
page read and write
|
||
|
4D50000
|
trusted library allocation
|
page read and write
|
||
|
547D000
|
stack
|
page read and write
|
||
|
3C01000
|
trusted library allocation
|
page read and write
|
||
|
E9C000
|
stack
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
7000000
|
trusted library allocation
|
page execute and read and write
|
||
|
4ED0000
|
trusted library allocation
|
page read and write
|
||
|
B29000
|
heap
|
page read and write
|
||
|
4FC3000
|
heap
|
page read and write
|
||
|
54DE000
|
stack
|
page read and write
|
||
|
286A000
|
heap
|
page read and write
|
||
|
54E000
|
unkown
|
page read and write
|
||
|
276F000
|
stack
|
page read and write
|
||
|
4D24000
|
trusted library allocation
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
5B30000
|
heap
|
page read and write
|
||
|
983E000
|
stack
|
page read and write
|
||
|
4F40000
|
trusted library allocation
|
page read and write
|
||
|
5040000
|
trusted library section
|
page readonly
|
||
|
BDBE000
|
stack
|
page read and write
|
||
|
527B000
|
stack
|
page read and write
|
||
|
4D10000
|
heap
|
page read and write
|
||
|
A73000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F70000
|
trusted library section
|
page readonly
|
||
|
3BA5000
|
trusted library allocation
|
page read and write
|
||
|
3D74000
|
trusted library allocation
|
page read and write
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
58F000
|
unkown
|
page read and write
|
||
|
6D4A000
|
trusted library allocation
|
page read and write
|
||
|
4B7C000
|
stack
|
page read and write
|
||
|
B71000
|
heap
|
page read and write
|
||
|
6B9E000
|
heap
|
page read and write
|
||
|
C43E000
|
stack
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
5366000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
A01E000
|
stack
|
page read and write
|
||
|
2960000
|
trusted library allocation
|
page read and write
|
||
|
52F0000
|
heap
|
page read and write
|
||
|
CFE000
|
stack
|
page read and write
|
||
|
4F60000
|
trusted library allocation
|
page read and write
|
||
|
A4E000
|
stack
|
page read and write
|
||
|
3D9B000
|
trusted library allocation
|
page read and write
|
||
|
A7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F20000
|
trusted library allocation
|
page read and write
|
||
|
13BF000
|
stack
|
page read and write
|
||
|
4FB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
43D000
|
stack
|
page read and write
|
||
|
E52000
|
trusted library allocation
|
page read and write
|
||
|
E6E000
|
heap
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
49F000
|
remote allocation
|
page execute and read and write
|
||
|
5B47000
|
heap
|
page read and write
|
||
|
BA7000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
C03C000
|
stack
|
page read and write
|
||
|
2902000
|
trusted library allocation
|
page read and write
|
||
|
E24000
|
trusted library allocation
|
page read and write
|
||
|
12BF000
|
stack
|
page read and write
|
||
|
2A6B000
|
stack
|
page read and write
|
||
|
C13C000
|
stack
|
page read and write
|
||
|
2980000
|
heap
|
page execute and read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
2A19000
|
trusted library allocation
|
page read and write
|
||
|
B81C000
|
stack
|
page read and write
|
||
|
2930000
|
trusted library allocation
|
page read and write
|
||
|
A80000
|
trusted library allocation
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
5060000
|
heap
|
page read and write
|
||
|
2998000
|
trusted library allocation
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
987E000
|
stack
|
page read and write
|
||
|
4D37000
|
trusted library allocation
|
page read and write
|
||
|
4EEE000
|
trusted library allocation
|
page read and write
|
||
|
5545000
|
heap
|
page read and write
|
||
|
95BF000
|
stack
|
page read and write
|
||
|
D28000
|
trusted library allocation
|
page read and write
|
||
|
5170000
|
heap
|
page read and write
|
||
|
7220000
|
heap
|
page read and write
|
||
|
2780000
|
heap
|
page read and write
|
||
|
7550000
|
trusted library section
|
page read and write
|
||
|
787E000
|
stack
|
page read and write
|
||
|
9CD0000
|
trusted library allocation
|
page read and write
|
||
|
5460000
|
trusted library allocation
|
page read and write
|
||
|
4EDB000
|
trusted library allocation
|
page read and write
|
||
|
5B40000
|
heap
|
page read and write
|
||
|
BE5000
|
heap
|
page read and write
|
||
|
6B46000
|
heap
|
page read and write
|
||
|
3D5A000
|
trusted library allocation
|
page read and write
|
||
|
B71B000
|
stack
|
page read and write
|
||
|
4FC0000
|
heap
|
page execute and read and write
|
||
|
1CA000
|
stack
|
page read and write
|
||
|
4D2A000
|
trusted library allocation
|
page read and write
|
||
|
75B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
B08000
|
heap
|
page read and write
|
||
|
4A0000
|
remote allocation
|
page execute and read and write
|
||
|
4F90000
|
trusted library allocation
|
page execute and read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
6D60000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FE0000
|
trusted library allocation
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
28DC000
|
trusted library allocation
|
page read and write
|
||
|
2939000
|
trusted library allocation
|
page read and write
|
||
|
A60000
|
trusted library allocation
|
page read and write
|
||
|
BC7E000
|
stack
|
page read and write
|
||
|
4ED4000
|
trusted library allocation
|
page read and write
|
||
|
28FD000
|
trusted library allocation
|
page read and write
|
||
|
5B60000
|
heap
|
page read and write
|
||
|
AAB000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F60000
|
heap
|
page read and write
|
||
|
4EF6000
|
trusted library allocation
|
page read and write
|
||
|
333E000
|
stack
|
page read and write
|
||
|
6D50000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
343F000
|
stack
|
page read and write
|
||
|
6BA2000
|
heap
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
B95F000
|
stack
|
page read and write
|
||
|
4FC0000
|
heap
|
page read and write
|
||
|
4F5B000
|
stack
|
page read and write
|
||
|
E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
770E000
|
stack
|
page read and write
|
||
|
701A000
|
trusted library allocation
|
page read and write
|
||
|
7010000
|
trusted library allocation
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
4F35000
|
trusted library allocation
|
page read and write
|
||
|
2770000
|
trusted library allocation
|
page read and write
|
||
|
F17000
|
heap
|
page read and write
|
||
|
705E000
|
stack
|
page read and write
|
||
|
56F000
|
unkown
|
page read and write
|
||
|
4EC0000
|
trusted library allocation
|
page read and write
|
||
|
A9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
75C0000
|
trusted library allocation
|
page read and write
|
||
|
4F80000
|
heap
|
page read and write
|
||
|
3A83000
|
trusted library allocation
|
page read and write
|
||
|
BFFE000
|
stack
|
page read and write
|
||
|
3AE6000
|
trusted library allocation
|
page read and write
|
||
|
4EFD000
|
trusted library allocation
|
page read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
EA1000
|
heap
|
page read and write
|
||
|
BD7F000
|
stack
|
page read and write
|
||
|
4FF0000
|
trusted library allocation
|
page read and write
|
||
|
28D0000
|
trusted library allocation
|
page read and write
|
||
|
E4A000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D40000
|
trusted library allocation
|
page read and write
|
||
|
298F000
|
stack
|
page read and write
|
||
|
4CD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
519000
|
stack
|
page read and write
|
||
|
E57000
|
trusted library allocation
|
page execute and read and write
|
||
|
B960000
|
trusted library allocation
|
page read and write
|
||
|
13EE000
|
stack
|
page read and write
|
||
|
B440000
|
trusted library allocation
|
page read and write
|
||
|
6D42000
|
trusted library allocation
|
page read and write
|
||
|
18D000
|
stack
|
page read and write
|
||
|
105E000
|
stack
|
page read and write
|
||
|
3DF7000
|
trusted library allocation
|
page read and write
|
||
|
2920000
|
heap
|
page read and write
|
||
|
EFD000
|
stack
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
7E9000
|
stack
|
page read and write
|
||
|
AEA000
|
heap
|
page read and write
|
||
|
4FD0000
|
heap
|
page read and write
|
||
|
AA2000
|
trusted library allocation
|
page read and write
|
||
|
75CA000
|
trusted library allocation
|
page read and write
|
||
|
E30000
|
trusted library allocation
|
page read and write
|
||
|
5230000
|
heap
|
page read and write
|
||
|
4D00000
|
heap
|
page read and write
|
||
|
E3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
28E1000
|
trusted library allocation
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
3C35000
|
trusted library allocation
|
page read and write
|
||
|
6C0000
|
unkown
|
page readonly
|
||
|
4D30000
|
trusted library allocation
|
page read and write
|
||
|
AA7000
|
trusted library allocation
|
page execute and read and write
|
||
|
9D00000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FEA000
|
trusted library allocation
|
page read and write
|
||
|
292B000
|
heap
|
page read and write
|
||
|
CBE000
|
stack
|
page read and write
|
||
|
E9F000
|
heap
|
page read and write
|
||
|
715F000
|
stack
|
page read and write
|
||
|
4F65000
|
heap
|
page read and write
|
||
|
28EE000
|
trusted library allocation
|
page read and write
|
||
|
8F7000
|
stack
|
page read and write
|
||
|
3A89000
|
trusted library allocation
|
page read and write
|
||
|
516D000
|
stack
|
page read and write
|
||
|
3E64000
|
trusted library allocation
|
page read and write
|
||
|
5520000
|
trusted library section
|
page read and write
|
||
|
4FE4000
|
trusted library allocation
|
page read and write
|
||
|
E94000
|
heap
|
page read and write
|
||
|
4D3D000
|
trusted library allocation
|
page read and write
|
||
|
6E32000
|
trusted library allocation
|
page read and write
|
||
|
B7C000
|
stack
|
page read and write
|
||
|
729C000
|
heap
|
page read and write
|
||
|
4F90000
|
heap
|
page read and write
|
||
|
148C000
|
heap
|
page read and write
|
||
|
2860000
|
heap
|
page read and write
|
||
|
5050000
|
heap
|
page read and write
|
||
|
4E23000
|
heap
|
page read and write
|
||
|
5570000
|
trusted library allocation
|
page execute and read and write
|
||
|
AD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
997E000
|
stack
|
page read and write
|
||
|
1420000
|
heap
|
page read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
2A70000
|
heap
|
page execute and read and write
|
||
|
B49E000
|
stack
|
page read and write
|
||
|
2B0B000
|
trusted library allocation
|
page read and write
|
||
|
5020000
|
trusted library allocation
|
page execute and read and write
|
||
|
6BDB000
|
heap
|
page read and write
|
||
|
2760000
|
heap
|
page read and write
|
||
|
B15000
|
heap
|
page read and write
|
||
|
2920000
|
trusted library allocation
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
6EF000
|
stack
|
page read and write
|
||
|
9F1E000
|
stack
|
page read and write
|
||
|
3B49000
|
trusted library allocation
|
page read and write
|
||
|
5550000
|
trusted library allocation
|
page read and write
|
||
|
B27000
|
heap
|
page read and write
|
||
|
A90000
|
trusted library allocation
|
page read and write
|
||
|
3A81000
|
trusted library allocation
|
page read and write
|
||
|
28CC000
|
stack
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
DC7000
|
heap
|
page read and write
|
||
|
28F1000
|
trusted library allocation
|
page read and write
|
||
|
5FE000
|
stack
|
page read and write
|
||
|
7880000
|
trusted library section
|
page read and write
|
||
|
973E000
|
stack
|
page read and write
|
||
|
E23000
|
trusted library allocation
|
page execute and read and write
|
||
|
96FE000
|
stack
|
page read and write
|
||
|
5560000
|
trusted library allocation
|
page read and write
|
||
|
2C60000
|
trusted library allocation
|
page read and write
|
||
|
5530000
|
trusted library section
|
page read and write
|
||
|
2B0D000
|
trusted library allocation
|
page read and write
|
||
|
AEE000
|
heap
|
page read and write
|
||
|
7230000
|
heap
|
page read and write
|
||
|
BEFE000
|
stack
|
page read and write
|
||
|
BEBF000
|
stack
|
page read and write
|
||
|
4EF1000
|
trusted library allocation
|
page read and write
|
||
|
4D60000
|
trusted library allocation
|
page execute and read and write
|
||
|
B91000
|
heap
|
page read and write
|
||
|
7273000
|
heap
|
page read and write
|
||
|
AC60000
|
trusted library allocation
|
page read and write
|
||
|
3C1B000
|
trusted library allocation
|
page read and write
|
||
|
2B70000
|
trusted library allocation
|
page read and write
|
||
|
6D2E000
|
stack
|
page read and write
|
||
|
9DDE000
|
stack
|
page read and write
|
||
|
132E000
|
stack
|
page read and write
|
||
|
28D4000
|
trusted library allocation
|
page read and write
|
||
|
47A000
|
stack
|
page read and write
|
||
|
10E7000
|
heap
|
page read and write
|
||
|
C140000
|
heap
|
page read and write
|
||
|
3D40000
|
trusted library allocation
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
52BE000
|
stack
|
page read and write
|
||
|
52E000
|
unkown
|
page read and write
|
||
|
ECE000
|
stack
|
page read and write
|
||
|
A74000
|
trusted library allocation
|
page read and write
|
||
|
72A4000
|
heap
|
page read and write
|
||
|
4E20000
|
heap
|
page read and write
|
||
|
9CBE000
|
stack
|
page read and write
|
||
|
28E7000
|
trusted library allocation
|
page read and write
|
||
|
5540000
|
heap
|
page read and write
|
||
|
A96000
|
trusted library allocation
|
page execute and read and write
|
||
|
B59E000
|
stack
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
A70000
|
trusted library allocation
|
page read and write
|
||
|
2935000
|
trusted library allocation
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
4F80000
|
heap
|
page execute and read and write
|
||
|
104E000
|
stack
|
page read and write
|
||
|
95FE000
|
stack
|
page read and write
|
||
|
28E4000
|
trusted library allocation
|
page read and write
|
||
|
6AE000
|
stack
|
page read and write
|
||
|
3999000
|
trusted library allocation
|
page read and write
|
||
|
AF7000
|
stack
|
page read and write
|
||
|
4D20000
|
trusted library allocation
|
page read and write
|
||
|
10CE000
|
stack
|
page read and write
|
||
|
2910000
|
trusted library allocation
|
page read and write
|
||
|
2940000
|
trusted library allocation
|
page read and write
|
||
|
A05000
|
heap
|
page read and write
|
||
|
32FF000
|
stack
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
6C30000
|
heap
|
page read and write
|
||
|
7267000
|
heap
|
page read and write
|
||
|
E40000
|
trusted library allocation
|
page read and write
|
||
|
E1E000
|
stack
|
page read and write
|
||
|
2A1B000
|
trusted library allocation
|
page read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
760E000
|
stack
|
page read and write
|
||
|
6B30000
|
heap
|
page read and write
|
||
|
BD1000
|
heap
|
page read and write
|
||
|
D1E000
|
stack
|
page read and write
|
||
|
4F10000
|
trusted library allocation
|
page read and write
|
||
|
100E000
|
stack
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
E46000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
10C8000
|
heap
|
page read and write
|
||
|
5180000
|
heap
|
page read and write
|
||
|
EA5000
|
heap
|
page read and write
|
||
|
28F7000
|
trusted library allocation
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
28D7000
|
trusted library allocation
|
page read and write
|
||
|
161F000
|
stack
|
page read and write
|
||
|
AC0000
|
trusted library allocation
|
page read and write
|
||
|
5210000
|
trusted library allocation
|
page execute and read and write
|
||
|
7214000
|
heap
|
page read and write
|
||
|
3991000
|
trusted library allocation
|
page read and write
|
||
|
D00000
|
trusted library allocation
|
page read and write
|
||
|
4F02000
|
trusted library allocation
|
page read and write
|
||
|
B85E000
|
stack
|
page read and write
|
||
|
5FE000
|
stack
|
page read and write
|
||
|
E20000
|
trusted library allocation
|
page read and write
|
||
|
9EDE000
|
stack
|
page read and write
|
||
|
F9C000
|
stack
|
page read and write
|
||
|
518D000
|
heap
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page execute and read and write
|
There are 335 hidden memdumps, click here to show them.