Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
new order urgent.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\Ykrrqa.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Ykrrqa.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\new order urgent.exe
|
"C:\Users\user\Desktop\new order urgent.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe"
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7712 -s 1156
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://github.com/mgravell/protobuf-net
|
unknown
|
||
|
https://github.com/mgravell/protobuf-neti
|
unknown
|
||
|
https://stackoverflow.com/q/14436606/23354
|
unknown
|
||
|
https://github.com/mgravell/protobuf-netJ
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://stackoverflow.com/q/11564914/23354;
|
unknown
|
||
|
https://stackoverflow.com/q/2152978/23354
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Ykrrqa
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
5DF0000
|
trusted library section
|
page read and write
|
|
|
|
2B31000
|
trusted library allocation
|
page read and write
|
|
|
|
2E0A000
|
trusted library allocation
|
page read and write
|
||
|
528D000
|
stack
|
page read and write
|
||
|
2F87000
|
trusted library allocation
|
page read and write
|
||
|
2F8D000
|
trusted library allocation
|
page read and write
|
||
|
5AA8000
|
heap
|
page read and write
|
||
|
2F8B000
|
trusted library allocation
|
page read and write
|
||
|
31D7000
|
trusted library allocation
|
page read and write
|
||
|
13D0000
|
trusted library allocation
|
page read and write
|
||
|
589F000
|
stack
|
page read and write
|
||
|
2E52000
|
trusted library allocation
|
page read and write
|
||
|
5F95000
|
trusted library allocation
|
page read and write
|
||
|
2DED000
|
trusted library allocation
|
page read and write
|
||
|
569E000
|
stack
|
page read and write
|
||
|
11A8000
|
heap
|
page read and write
|
||
|
3120000
|
trusted library allocation
|
page read and write
|
||
|
2FDA000
|
trusted library allocation
|
page read and write
|
||
|
2EAF000
|
trusted library allocation
|
page read and write
|
||
|
2E71000
|
trusted library allocation
|
page read and write
|
||
|
2F02000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
31B5000
|
trusted library allocation
|
page read and write
|
||
|
579F000
|
stack
|
page read and write
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
2FC7000
|
trusted library allocation
|
page read and write
|
||
|
2E6F000
|
trusted library allocation
|
page read and write
|
||
|
2F91000
|
trusted library allocation
|
page read and write
|
||
|
3179000
|
trusted library allocation
|
page read and write
|
||
|
5C50000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E0D000
|
trusted library allocation
|
page read and write
|
||
|
311B000
|
trusted library allocation
|
page read and write
|
||
|
5D40000
|
trusted library allocation
|
page read and write
|
||
|
31F2000
|
trusted library allocation
|
page read and write
|
||
|
100E000
|
stack
|
page read and write
|
||
|
2E8A000
|
trusted library allocation
|
page read and write
|
||
|
2F3C000
|
trusted library allocation
|
page read and write
|
||
|
2E66000
|
heap
|
page read and write
|
||
|
D67000
|
heap
|
page read and write
|
||
|
31B3000
|
trusted library allocation
|
page read and write
|
||
|
2F41000
|
trusted library allocation
|
page read and write
|
||
|
5DC0000
|
trusted library allocation
|
page read and write
|
||
|
2F7B000
|
trusted library allocation
|
page read and write
|
||
|
1010000
|
trusted library allocation
|
page read and write
|
||
|
2DE9000
|
trusted library allocation
|
page read and write
|
||
|
2E5D000
|
trusted library allocation
|
page read and write
|
||
|
2F70000
|
trusted library allocation
|
page read and write
|
||
|
2FBD000
|
trusted library allocation
|
page read and write
|
||
|
5CE0000
|
trusted library section
|
page read and write
|
||
|
2FE2000
|
trusted library allocation
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
11D4000
|
heap
|
page read and write
|
||
|
4B38000
|
trusted library allocation
|
page read and write
|
||
|
31BC000
|
trusted library allocation
|
page read and write
|
||
|
2FF7000
|
trusted library allocation
|
page read and write
|
||
|
31BE000
|
trusted library allocation
|
page read and write
|
||
|
2E56000
|
trusted library allocation
|
page read and write
|
||
|
2FB5000
|
trusted library allocation
|
page read and write
|
||
|
301A000
|
trusted library allocation
|
page read and write
|
||
|
2EFE000
|
trusted library allocation
|
page read and write
|
||
|
1046000
|
trusted library allocation
|
page execute and read and write
|
||
|
57DE000
|
stack
|
page read and write
|
||
|
13C0000
|
trusted library allocation
|
page read and write
|
||
|
5F20000
|
heap
|
page read and write
|
||
|
2ECC000
|
trusted library allocation
|
page read and write
|
||
|
15AD000
|
stack
|
page read and write
|
||
|
3F63000
|
trusted library allocation
|
page read and write
|
||
|
5090000
|
trusted library allocation
|
page read and write
|
||
|
13CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
15D0000
|
heap
|
page read and write
|
||
|
2FC5000
|
trusted library allocation
|
page read and write
|
||
|
10DE000
|
stack
|
page read and write
|
||
|
2E86000
|
trusted library allocation
|
page read and write
|
||
|
2F9E000
|
trusted library allocation
|
page read and write
|
||
|
2EEF000
|
trusted library allocation
|
page read and write
|
||
|
3011000
|
trusted library allocation
|
page read and write
|
||
|
5DB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E35000
|
trusted library allocation
|
page read and write
|
||
|
13A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FAE000
|
stack
|
page read and write
|
||
|
3162000
|
trusted library allocation
|
page read and write
|
||
|
2E88000
|
trusted library allocation
|
page read and write
|
||
|
302F000
|
trusted library allocation
|
page read and write
|
||
|
2F3E000
|
trusted library allocation
|
page read and write
|
||
|
2F51000
|
trusted library allocation
|
page read and write
|
||
|
10E0000
|
trusted library allocation
|
page read and write
|
||
|
510E000
|
stack
|
page read and write
|
||
|
2E06000
|
trusted library allocation
|
page read and write
|
||
|
3198000
|
trusted library allocation
|
page read and write
|
||
|
105B000
|
trusted library allocation
|
page execute and read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
2F4F000
|
trusted library allocation
|
page read and write
|
||
|
5B61000
|
heap
|
page read and write
|
||
|
E25000
|
heap
|
page read and write
|
||
|
558E000
|
stack
|
page read and write
|
||
|
2FA6000
|
trusted library allocation
|
page read and write
|
||
|
2E22000
|
trusted library allocation
|
page read and write
|
||
|
2F72000
|
trusted library allocation
|
page read and write
|
||
|
319A000
|
trusted library allocation
|
page read and write
|
||
|
2AAF000
|
stack
|
page read and write
|
||
|
2DEB000
|
trusted library allocation
|
page read and write
|
||
|
2E8E000
|
trusted library allocation
|
page read and write
|
||
|
2DDB000
|
trusted library allocation
|
page read and write
|
||
|
1020000
|
trusted library allocation
|
page read and write
|
||
|
2FEE000
|
stack
|
page read and write
|
||
|
1052000
|
trusted library allocation
|
page read and write
|
||
|
1057000
|
trusted library allocation
|
page execute and read and write
|
||
|
318A000
|
trusted library allocation
|
page read and write
|
||
|
2F55000
|
trusted library allocation
|
page read and write
|
||
|
2E6B000
|
trusted library allocation
|
page read and write
|
||
|
11CE000
|
heap
|
page read and write
|
||
|
2E75000
|
trusted library allocation
|
page read and write
|
||
|
5480000
|
heap
|
page read and write
|
||
|
1023000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F00000
|
trusted library allocation
|
page read and write
|
||
|
3186000
|
trusted library allocation
|
page read and write
|
||
|
2E3B000
|
trusted library allocation
|
page read and write
|
||
|
2F6E000
|
trusted library allocation
|
page read and write
|
||
|
433B000
|
trusted library allocation
|
page read and write
|
||
|
62F0000
|
trusted library section
|
page read and write
|
||
|
547E000
|
stack
|
page read and write
|
||
|
3168000
|
trusted library allocation
|
page read and write
|
||
|
5D80000
|
trusted library allocation
|
page execute and read and write
|
||
|
318E000
|
trusted library allocation
|
page read and write
|
||
|
103D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1080000
|
trusted library allocation
|
page execute and read and write
|
||
|
31D9000
|
trusted library allocation
|
page read and write
|
||
|
11FE000
|
stack
|
page read and write
|
||
|
2DD6000
|
trusted library allocation
|
page read and write
|
||
|
2E1B000
|
trusted library allocation
|
page read and write
|
||
|
2E73000
|
trusted library allocation
|
page read and write
|
||
|
2E42000
|
trusted library allocation
|
page read and write
|
||
|
2EC8000
|
trusted library allocation
|
page read and write
|
||
|
5DE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
13F0000
|
trusted library allocation
|
page read and write
|
||
|
2FDC000
|
trusted library allocation
|
page read and write
|
||
|
30AB000
|
trusted library allocation
|
page read and write
|
||
|
102D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4CCD000
|
stack
|
page read and write
|
||
|
92B000
|
stack
|
page read and write
|
||
|
1398000
|
heap
|
page read and write
|
||
|
D87000
|
heap
|
page read and write
|
||
|
2FF5000
|
trusted library allocation
|
page read and write
|
||
|
3D86000
|
trusted library allocation
|
page read and write
|
||
|
2FA2000
|
trusted library allocation
|
page read and write
|
||
|
2AF7000
|
trusted library allocation
|
page read and write
|
||
|
2F32000
|
trusted library allocation
|
page read and write
|
||
|
2EAD000
|
trusted library allocation
|
page read and write
|
||
|
2F85000
|
trusted library allocation
|
page read and write
|
||
|
2DD2000
|
trusted library allocation
|
page read and write
|
||
|
1090000
|
trusted library allocation
|
page read and write
|
||
|
2F5C000
|
trusted library allocation
|
page read and write
|
||
|
3031000
|
trusted library allocation
|
page read and write
|
||
|
2EE7000
|
trusted library allocation
|
page read and write
|
||
|
3183000
|
trusted library allocation
|
page read and write
|
||
|
13B4000
|
trusted library allocation
|
page read and write
|
||
|
302B000
|
trusted library allocation
|
page read and write
|
||
|
2E9A000
|
trusted library allocation
|
page read and write
|
||
|
5450000
|
heap
|
page read and write
|
||
|
2F6C000
|
trusted library allocation
|
page read and write
|
||
|
319C000
|
trusted library allocation
|
page read and write
|
||
|
2F57000
|
trusted library allocation
|
page read and write
|
||
|
5B20000
|
heap
|
page read and write
|
||
|
52C0000
|
heap
|
page execute and read and write
|
||
|
3012000
|
trusted library allocation
|
page read and write
|
||
|
2FE7000
|
trusted library allocation
|
page read and write
|
||
|
2ECE000
|
trusted library allocation
|
page read and write
|
||
|
3033000
|
trusted library allocation
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
6341000
|
trusted library allocation
|
page read and write
|
||
|
31EE000
|
trusted library allocation
|
page read and write
|
||
|
5DD0000
|
heap
|
page read and write
|
||
|
402000
|
remote allocation
|
page execute and read and write
|
||
|
2EEB000
|
trusted library allocation
|
page read and write
|
||
|
5B1E000
|
stack
|
page read and write
|
||
|
D99000
|
stack
|
page read and write
|
||
|
13C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
302F000
|
trusted library allocation
|
page read and write
|
||
|
317B000
|
trusted library allocation
|
page read and write
|
||
|
5DAE000
|
stack
|
page read and write
|
||
|
31F4000
|
trusted library allocation
|
page read and write
|
||
|
D4A000
|
heap
|
page read and write
|
||
|
2E20000
|
heap
|
page read and write
|
||
|
300E000
|
trusted library allocation
|
page read and write
|
||
|
6010000
|
heap
|
page read and write
|
||
|
5DAB000
|
trusted library allocation
|
page read and write
|
||
|
15BC000
|
trusted library allocation
|
page read and write
|
||
|
5F40000
|
trusted library allocation
|
page read and write
|
||
|
11E7000
|
heap
|
page read and write
|
||
|
5F50000
|
trusted library allocation
|
page execute and read and write
|
||
|
3036000
|
trusted library allocation
|
page read and write
|
||
|
2E69000
|
trusted library allocation
|
page read and write
|
||
|
2C41000
|
trusted library allocation
|
page read and write
|
||
|
31C8000
|
trusted library allocation
|
page read and write
|
||
|
579E000
|
stack
|
page read and write
|
||
|
4011000
|
trusted library allocation
|
page read and write
|
||
|
2EB3000
|
trusted library allocation
|
page read and write
|
||
|
13DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
31EA000
|
trusted library allocation
|
page read and write
|
||
|
3194000
|
trusted library allocation
|
page read and write
|
||
|
2FC1000
|
trusted library allocation
|
page read and write
|
||
|
3035000
|
trusted library allocation
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
D74000
|
heap
|
page read and write
|
||
|
518C000
|
stack
|
page read and write
|
||
|
316B000
|
trusted library allocation
|
page read and write
|
||
|
127C000
|
heap
|
page read and write
|
||
|
2DDF000
|
trusted library allocation
|
page read and write
|
||
|
13D7000
|
trusted library allocation
|
page execute and read and write
|
||
|
31B1000
|
trusted library allocation
|
page read and write
|
||
|
2DB0000
|
trusted library allocation
|
page read and write
|
||
|
30C3000
|
trusted library allocation
|
page read and write
|
||
|
2F3A000
|
trusted library allocation
|
page read and write
|
||
|
3000000
|
heap
|
page execute and read and write
|
||
|
543F000
|
stack
|
page read and write
|
||
|
122A000
|
heap
|
page read and write
|
||
|
2DD0000
|
trusted library allocation
|
page read and write
|
||
|
5750000
|
trusted library allocation
|
page read and write
|
||
|
2E19000
|
trusted library allocation
|
page read and write
|
||
|
59DE000
|
stack
|
page read and write
|
||
|
DC6000
|
heap
|
page read and write
|
||
|
52D0000
|
trusted library section
|
page read and write
|
||
|
141F000
|
trusted library allocation
|
page read and write
|
||
|
11D9000
|
heap
|
page read and write
|
||
|
6350000
|
trusted library allocation
|
page execute and read and write
|
||
|
5290000
|
trusted library allocation
|
page read and write
|
||
|
2FD8000
|
trusted library allocation
|
page read and write
|
||
|
2E26000
|
trusted library allocation
|
page read and write
|
||
|
3018000
|
trusted library allocation
|
page read and write
|
||
|
5D30000
|
trusted library allocation
|
page read and write
|
||
|
5F70000
|
trusted library allocation
|
page read and write
|
||
|
3014000
|
trusted library allocation
|
page read and write
|
||
|
2E0F000
|
trusted library allocation
|
page read and write
|
||
|
13B0000
|
trusted library allocation
|
page read and write
|
||
|
2E67000
|
trusted library allocation
|
page read and write
|
||
|
2E40000
|
trusted library section
|
page read and write
|
||
|
2EE1000
|
trusted library allocation
|
page read and write
|
||
|
2EB9000
|
trusted library allocation
|
page read and write
|
||
|
2FA4000
|
trusted library allocation
|
page read and write
|
||
|
2EE3000
|
trusted library allocation
|
page read and write
|
||
|
2DD8000
|
trusted library allocation
|
page read and write
|
||
|
3B31000
|
trusted library allocation
|
page read and write
|
||
|
52B0000
|
heap
|
page read and write
|
||
|
5F30000
|
trusted library allocation
|
page read and write
|
||
|
620000
|
unkown
|
page readonly
|
||
|
9CE000
|
stack
|
page read and write
|
||
|
D3E000
|
stack
|
page read and write
|
||
|
315E000
|
trusted library allocation
|
page read and write
|
||
|
1280000
|
heap
|
page read and write
|
||
|
3010000
|
trusted library allocation
|
page read and write
|
||
|
52A0000
|
trusted library allocation
|
page read and write
|
||
|
2FC9000
|
trusted library allocation
|
page read and write
|
||
|
2F06000
|
trusted library allocation
|
page read and write
|
||
|
5D70000
|
trusted library allocation
|
page read and write
|
||
|
2DD4000
|
trusted library allocation
|
page read and write
|
||
|
2D88000
|
trusted library allocation
|
page read and write
|
||
|
2F38000
|
trusted library allocation
|
page read and write
|
||
|
C9C000
|
stack
|
page read and write
|
||
|
10A5000
|
heap
|
page read and write
|
||
|
2FFB000
|
trusted library allocation
|
page read and write
|
||
|
2F79000
|
trusted library allocation
|
page read and write
|
||
|
1420000
|
heap
|
page read and write
|
||
|
2F34000
|
trusted library allocation
|
page read and write
|
||
|
2AEC000
|
stack
|
page read and write
|
||
|
6120000
|
trusted library allocation
|
page execute and read and write
|
||
|
2ECA000
|
trusted library allocation
|
page read and write
|
||
|
104A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1090000
|
heap
|
page execute and read and write
|
||
|
5800000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F60000
|
trusted library allocation
|
page read and write
|
||
|
2FCB000
|
trusted library allocation
|
page read and write
|
||
|
5EAF000
|
stack
|
page read and write
|
||
|
13A4000
|
trusted library allocation
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
2E90000
|
trusted library allocation
|
page read and write
|
||
|
1033000
|
trusted library allocation
|
page read and write
|
||
|
57E0000
|
remote allocation
|
page read and write
|
||
|
31A7000
|
trusted library allocation
|
page read and write
|
||
|
2E3D000
|
trusted library allocation
|
page read and write
|
||
|
5BA0000
|
trusted library allocation
|
page read and write
|
||
|
31BA000
|
trusted library allocation
|
page read and write
|
||
|
2E54000
|
trusted library allocation
|
page read and write
|
||
|
E37000
|
heap
|
page read and write
|
||
|
3160000
|
trusted library allocation
|
page read and write
|
||
|
129A000
|
heap
|
page read and write
|
||
|
2EB5000
|
trusted library allocation
|
page read and write
|
||
|
2E60000
|
heap
|
page read and write
|
||
|
315C000
|
trusted library allocation
|
page read and write
|
||
|
2FFD000
|
trusted library allocation
|
page read and write
|
||
|
5F6E000
|
trusted library allocation
|
page read and write
|
||
|
3029000
|
trusted library allocation
|
page read and write
|
||
|
3241000
|
trusted library allocation
|
page read and write
|
||
|
533E000
|
stack
|
page read and write
|
||
|
13AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
5590000
|
trusted library section
|
page read and write
|
||
|
2DCC000
|
trusted library allocation
|
page read and write
|
||
|
2E6D000
|
trusted library allocation
|
page read and write
|
||
|
15B0000
|
trusted library allocation
|
page read and write
|
||
|
5D60000
|
trusted library allocation
|
page execute and read and write
|
||
|
1410000
|
trusted library allocation
|
page read and write
|
||
|
2ED4000
|
trusted library allocation
|
page read and write
|
||
|
5A1E000
|
stack
|
page read and write
|
||
|
2EE5000
|
trusted library allocation
|
page read and write
|
||
|
156E000
|
stack
|
page read and write
|
||
|
3000000
|
trusted library allocation
|
page read and write
|
||
|
2E08000
|
trusted library allocation
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
2FF3000
|
trusted library allocation
|
page read and write
|
||
|
3166000
|
trusted library allocation
|
page read and write
|
||
|
5F74000
|
trusted library allocation
|
page read and write
|
||
|
2EB7000
|
trusted library allocation
|
page read and write
|
||
|
1042000
|
trusted library allocation
|
page read and write
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
2E37000
|
trusted library allocation
|
page read and write
|
||
|
302D000
|
trusted library allocation
|
page read and write
|
||
|
301C000
|
trusted library allocation
|
page read and write
|
||
|
31D5000
|
trusted library allocation
|
page read and write
|
||
|
5C70000
|
trusted library allocation
|
page read and write
|
||
|
1024000
|
trusted library allocation
|
page read and write
|
||
|
5C73000
|
trusted library allocation
|
page read and write
|
||
|
2F8F000
|
trusted library allocation
|
page read and write
|
||
|
3B55000
|
trusted library allocation
|
page read and write
|
||
|
2FA8000
|
trusted library allocation
|
page read and write
|
||
|
58DE000
|
stack
|
page read and write
|
||
|
2E8C000
|
trusted library allocation
|
page read and write
|
||
|
31E8000
|
trusted library allocation
|
page read and write
|
||
|
3016000
|
trusted library allocation
|
page read and write
|
||
|
1040000
|
trusted library allocation
|
page read and write
|
||
|
2FDE000
|
trusted library allocation
|
page read and write
|
||
|
2FAD000
|
trusted library allocation
|
page read and write
|
||
|
2ED2000
|
trusted library allocation
|
page read and write
|
||
|
2FE4000
|
trusted library allocation
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
5CB6000
|
trusted library allocation
|
page read and write
|
||
|
2F6A000
|
trusted library allocation
|
page read and write
|
||
|
3021000
|
trusted library allocation
|
page read and write
|
||
|
2F83000
|
trusted library allocation
|
page read and write
|
||
|
5DA0000
|
trusted library allocation
|
page read and write
|
||
|
5B27000
|
heap
|
page read and write
|
||
|
2F36000
|
trusted library allocation
|
page read and write
|
||
|
2FC3000
|
trusted library allocation
|
page read and write
|
||
|
5AA3000
|
heap
|
page read and write
|
||
|
2F2E000
|
trusted library allocation
|
page read and write
|
||
|
5DAD000
|
trusted library allocation
|
page read and write
|
||
|
2EFC000
|
trusted library allocation
|
page read and write
|
||
|
3164000
|
trusted library allocation
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
2FBF000
|
trusted library allocation
|
page read and write
|
||
|
5C60000
|
trusted library allocation
|
page read and write
|
||
|
2B00000
|
trusted library allocation
|
page read and write
|
||
|
5B77000
|
heap
|
page read and write
|
||
|
317F000
|
trusted library allocation
|
page read and write
|
||
|
2E04000
|
trusted library allocation
|
page read and write
|
||
|
31F0000
|
trusted library allocation
|
page read and write
|
||
|
3002000
|
trusted library allocation
|
page read and write
|
||
|
1225000
|
heap
|
page read and write
|
||
|
4550000
|
trusted library allocation
|
page read and write
|
||
|
E1F000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
2E02000
|
trusted library allocation
|
page read and write
|
||
|
2ED6000
|
trusted library allocation
|
page read and write
|
||
|
2E58000
|
trusted library allocation
|
page read and write
|
||
|
2AF0000
|
trusted library allocation
|
page read and write
|
||
|
3196000
|
trusted library allocation
|
page read and write
|
||
|
2DF1000
|
trusted library allocation
|
page read and write
|
||
|
2FAA000
|
trusted library allocation
|
page read and write
|
||
|
30FF000
|
trusted library allocation
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
2DE7000
|
trusted library allocation
|
page read and write
|
||
|
7F660000
|
trusted library allocation
|
page execute and read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
3181000
|
trusted library allocation
|
page read and write
|
||
|
1400000
|
trusted library allocation
|
page execute and read and write
|
||
|
31C2000
|
trusted library allocation
|
page read and write
|
||
|
622000
|
unkown
|
page readonly
|
||
|
1030000
|
trusted library allocation
|
page read and write
|
||
|
2E39000
|
trusted library allocation
|
page read and write
|
||
|
2EE9000
|
trusted library allocation
|
page read and write
|
||
|
2DFA000
|
trusted library allocation
|
page read and write
|
||
|
5C80000
|
trusted library allocation
|
page read and write
|
||
|
31A9000
|
trusted library allocation
|
page read and write
|
||
|
5810000
|
trusted library section
|
page read and write
|
||
|
1050000
|
trusted library allocation
|
page read and write
|
||
|
965000
|
heap
|
page read and write
|
||
|
2F89000
|
trusted library allocation
|
page read and write
|
||
|
2E84000
|
trusted library allocation
|
page read and write
|
||
|
5590000
|
heap
|
page execute and read and write
|
||
|
2F75000
|
trusted library allocation
|
page read and write
|
||
|
2E13000
|
trusted library allocation
|
page read and write
|
||
|
2F53000
|
trusted library allocation
|
page read and write
|
||
|
31B7000
|
trusted library allocation
|
page read and write
|
||
|
2E9F000
|
trusted library allocation
|
page read and write
|
||
|
CF7000
|
stack
|
page read and write
|
||
|
5AA0000
|
heap
|
page read and write
|
||
|
2F6E000
|
stack
|
page read and write
|
||
|
2DF8000
|
trusted library allocation
|
page read and write
|
||
|
319E000
|
trusted library allocation
|
page read and write
|
||
|
5CD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
31CA000
|
trusted library allocation
|
page read and write
|
||
|
2E9C000
|
trusted library allocation
|
page read and write
|
||
|
2FF9000
|
trusted library allocation
|
page read and write
|
||
|
31AD000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
D4E000
|
heap
|
page read and write
|
||
|
2DEF000
|
trusted library allocation
|
page read and write
|
||
|
5A9E000
|
stack
|
page read and write
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
2E3F000
|
trusted library allocation
|
page read and write
|
There are 398 hidden memdumps, click here to show them.