Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
DHL Page1.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\zonitoides\sueve\ndsage\Flashs134.Bli
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\zonitoides\sueve\ndsage\Prelectured.sma
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\zonitoides\sueve\ndsage\Sber.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\zonitoides\sueve\ndsage\foregahger.luf
|
DIY-Thermocam raw data (Lepton 3.x), scale 0-0, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration:
offset 0.000000, slope 633825300114114700748351602688.000000
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\zonitoides\sueve\ndsage\merskumspibers.gha
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\zonitoides\sueve\ndsage\standardiseringers.ulo
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsm38B1.tmp
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsv4331.tmp\LangDLL.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsv4331.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\Pictures\Milliluxes.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, ctime=Sun Dec 31 23:25:52 1600, mtime=Sun
Dec 31 23:25:52 1600, atime=Sun Dec 31 23:25:52 1600, length=0, window=hide
|
dropped
|
||
|
C:\Users\Public\Pictures\Milliluxes.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, ctime=Sun Dec 31 23:25:52 1600, mtime=Sun
Dec 31 23:25:52 1600, atime=Sun Dec 31 23:25:52 1600, length=0, window=hide
|
dropped
|
||
|
C:\Windows\SysWOW64\Dogmefastes.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, ctime=Sun Dec 31 23:25:52 1600, mtime=Sun
Dec 31 23:25:52 1600, atime=Sun Dec 31 23:25:52 1600, length=0, window=hide
|
dropped
|
There are 3 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\DHL Page1.exe
|
"C:\Users\user\Desktop\DHL Page1.exe"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Users\user\Desktop\DHL Page1.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.ipify.org/
|
104.26.12.205
|
||
|
http://crl.pki.goog/gsr1/gsr1.crl0;
|
unknown
|
||
|
http://o.pki.goog/wr20%
|
unknown
|
||
|
http://c.pki.goog/r/r1.crl0
|
unknown
|
||
|
http://i.pki.goog/r1.crt0
|
unknown
|
||
|
http://www.quovadis.bm0
|
unknown
|
||
|
http://pki.goog/gsr1/gsr1.crt02
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
https://ocsp.quovadisoffshore.com0
|
unknown
|
||
|
http://smtp.gmail.com
|
unknown
|
||
|
http://i.pki.goog/wr2.crt0
|
unknown
|
||
|
http://c.pki.goog/wr2/75r4ZyA3vA0.crl0
|
unknown
|
||
|
http://peraarae.nl/ViaMYxizkt11.bin
|
104.153.208.178
|
There are 3 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
api.ipify.org
|
104.26.12.205
|
||
|
smtp.gmail.com
|
172.253.62.108
|
||
|
peraarae.nl
|
104.153.208.178
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.26.12.205
|
api.ipify.org
|
United States
|
||
|
172.253.62.108
|
smtp.gmail.com
|
United States
|
||
|
104.153.208.178
|
peraarae.nl
|
Reserved
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\jongleringen\parvanimity\Falbeladerne211
|
Lyddmper
|
||
|
HKEY_CURRENT_USER\hndelse\Uninstall\Foresloges\datakontrollen
|
oxyhexaster
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
|
{BD84B380-8CA2-1069-AB1D-08000948F534} {000214E6-0000-0000-C000-000000000046} 0xFFFF
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\e\52C64B7E
|
@fontext.dll,-8007
|
||
|
HKEY_CURRENT_USER\kontorautomatiserings\hoejsaede
|
selvangivelserne
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
FileDirectory
|
There are 10 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7E0B000
|
direct allocation
|
page execute and read and write
|
|
|
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
3A530000
|
trusted library allocation
|
page read and write
|
||
|
39B80000
|
heap
|
page read and write
|
||
|
488000
|
unkown
|
page readonly
|
||
|
600B000
|
direct allocation
|
page execute and read and write
|
||
|
397BE000
|
trusted library allocation
|
page read and write
|
||
|
397B0000
|
trusted library allocation
|
page read and write
|
||
|
595000
|
heap
|
page read and write
|
||
|
3A53E000
|
trusted library allocation
|
page read and write
|
||
|
3A640000
|
trusted library allocation
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
2E90000
|
heap
|
page read and write
|
||
|
63F000
|
heap
|
page read and write
|
||
|
3A530000
|
trusted library allocation
|
page read and write
|
||
|
27CF000
|
heap
|
page read and write
|
||
|
484D000
|
heap
|
page read and write
|
||
|
482B000
|
heap
|
page read and write
|
||
|
433000
|
trusted library allocation
|
page execute and read and write
|
||
|
39BE8000
|
heap
|
page read and write
|
||
|
700000
|
direct allocation
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
49C000
|
unkown
|
page readonly
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
32C0000
|
heap
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
397B4000
|
trusted library allocation
|
page read and write
|
||
|
39BE8000
|
heap
|
page read and write
|
||
|
233E000
|
stack
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
3A560000
|
trusted library allocation
|
page read and write
|
||
|
3A640000
|
trusted library allocation
|
page read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
397BB000
|
trusted library allocation
|
page read and write
|
||
|
39B00000
|
heap
|
page read and write
|
||
|
3A530000
|
trusted library allocation
|
page read and write
|
||
|
30B0000
|
heap
|
page read and write
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
38789000
|
trusted library allocation
|
page read and write
|
||
|
5450000
|
direct allocation
|
page execute and read and write
|
||
|
484D000
|
heap
|
page read and write
|
||
|
397DD000
|
trusted library allocation
|
page read and write
|
||
|
3A530000
|
trusted library allocation
|
page read and write
|
||
|
4837000
|
heap
|
page read and write
|
||
|
27E7000
|
heap
|
page read and write
|
||
|
5C0000
|
direct allocation
|
page read and write
|
||
|
397AE000
|
stack
|
page read and write
|
||
|
270A000
|
heap
|
page read and write
|
||
|
397F0000
|
trusted library allocation
|
page read and write
|
||
|
375F0000
|
trusted library allocation
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
3A4F3000
|
trusted library allocation
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
39DE0000
|
remote allocation
|
page read and write
|
||
|
7A40000
|
direct allocation
|
page read and write
|
||
|
37610000
|
trusted library allocation
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
37760000
|
heap
|
page read and write
|
||
|
3A710000
|
trusted library allocation
|
page read and write
|
||
|
62A000
|
heap
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
2365000
|
heap
|
page read and write
|
||
|
37B8F000
|
trusted library allocation
|
page read and write
|
||
|
39DBD000
|
stack
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
39940000
|
trusted library allocation
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
661B000
|
remote allocation
|
page execute and read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
3A530000
|
trusted library allocation
|
page read and write
|
||
|
37BA9000
|
trusted library allocation
|
page read and write
|
||
|
378E6000
|
trusted library allocation
|
page read and write
|
||
|
26E0000
|
direct allocation
|
page read and write
|
||
|
4720000
|
heap
|
page read and write
|
||
|
3756A000
|
stack
|
page read and write
|
||
|
5A0000
|
direct allocation
|
page read and write
|
||
|
2290000
|
heap
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
397C2000
|
trusted library allocation
|
page read and write
|
||
|
730000
|
direct allocation
|
page read and write
|
||
|
44D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
3A530000
|
trusted library allocation
|
page read and write
|
||
|
3A640000
|
trusted library allocation
|
page read and write
|
||
|
430000
|
trusted library allocation
|
page read and write
|
||
|
3A510000
|
trusted library allocation
|
page read and write
|
||
|
3A530000
|
trusted library allocation
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
3A650000
|
trusted library allocation
|
page read and write
|
||
|
39940000
|
trusted library allocation
|
page read and write
|
||
|
3A640000
|
trusted library allocation
|
page read and write
|
||
|
440000
|
trusted library allocation
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
276E000
|
heap
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
488000
|
unkown
|
page readonly
|
||
|
10005000
|
unkown
|
page readonly
|
||
|
3993C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
720000
|
direct allocation
|
page read and write
|
||
|
37510000
|
direct allocation
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
37620000
|
heap
|
page execute and read and write
|
||
|
521B000
|
remote allocation
|
page execute and read and write
|
||
|
3A640000
|
trusted library allocation
|
page read and write
|
||
|
2B1E000
|
heap
|
page read and write
|
||
|
373B0000
|
trusted library allocation
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
3A590000
|
trusted library allocation
|
page read and write
|
||
|
4730000
|
heap
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
271C000
|
heap
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
3A580000
|
trusted library allocation
|
page read and write
|
||
|
484D000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
4836000
|
heap
|
page read and write
|
||
|
3A640000
|
trusted library allocation
|
page read and write
|
||
|
431000
|
unkown
|
page read and write
|
||
|
440000
|
unkown
|
page read and write
|
||
|
3A4E0000
|
trusted library allocation
|
page read and write
|
||
|
3A550000
|
trusted library allocation
|
page read and write
|
||
|
3A4E0000
|
trusted library allocation
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
37BBF000
|
trusted library allocation
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
4832000
|
heap
|
page read and write
|
||
|
3A4E0000
|
trusted library allocation
|
page read and write
|
||
|
4831000
|
heap
|
page read and write
|
||
|
450000
|
trusted library allocation
|
page read and write
|
||
|
6B2000
|
heap
|
page read and write
|
||
|
483C000
|
heap
|
page read and write
|
||
|
39960000
|
heap
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
397D1000
|
trusted library allocation
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
37520000
|
direct allocation
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
26F8000
|
heap
|
page read and write
|
||
|
7960000
|
trusted library allocation
|
page read and write
|
||
|
4836000
|
heap
|
page read and write
|
||
|
39B24000
|
heap
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
377BD000
|
trusted library allocation
|
page read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
46B000
|
trusted library allocation
|
page execute and read and write
|
||
|
39BE2000
|
heap
|
page read and write
|
||
|
3A5FD000
|
stack
|
page read and write
|
||
|
399AC000
|
stack
|
page read and write
|
||
|
2D30000
|
heap
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
39A30000
|
heap
|
page read and write
|
||
|
39800000
|
trusted library allocation
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
560B000
|
direct allocation
|
page execute and read and write
|
||
|
43D000
|
trusted library allocation
|
page execute and read and write
|
||
|
479000
|
unkown
|
page read and write
|
||
|
1E5000
|
heap
|
page read and write
|
||
|
387D0000
|
trusted library allocation
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
397D6000
|
trusted library allocation
|
page read and write
|
||
|
39B28000
|
heap
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
3A720000
|
trusted library allocation
|
page read and write
|
||
|
3A640000
|
trusted library allocation
|
page read and write
|
||
|
3A501000
|
trusted library allocation
|
page read and write
|
||
|
7920000
|
heap
|
page read and write
|
||
|
5F8000
|
heap
|
page read and write
|
||
|
3A510000
|
trusted library allocation
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
3A640000
|
trusted library allocation
|
page read and write
|
||
|
10003000
|
unkown
|
page readonly
|
||
|
3A502000
|
trusted library allocation
|
page read and write
|
||
|
880B000
|
direct allocation
|
page execute and read and write
|
||
|
3A540000
|
trusted library allocation
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
484D000
|
heap
|
page read and write
|
||
|
39F1F000
|
stack
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
3A650000
|
trusted library allocation
|
page read and write
|
||
|
39D7E000
|
stack
|
page read and write
|
||
|
26F0000
|
heap
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
39950000
|
trusted library allocation
|
page read and write
|
||
|
3A4E0000
|
trusted library allocation
|
page read and write
|
||
|
37BD0000
|
trusted library allocation
|
page read and write
|
||
|
79E0000
|
direct allocation
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
3A550000
|
trusted library allocation
|
page read and write
|
||
|
2EA0000
|
heap
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
750000
|
direct allocation
|
page read and write
|
||
|
39B10000
|
heap
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
4920000
|
heap
|
page read and write
|
||
|
3A510000
|
trusted library allocation
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
710000
|
direct allocation
|
page read and write
|
||
|
37BE0000
|
trusted library allocation
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
39BE3000
|
heap
|
page read and write
|
||
|
7A30000
|
direct allocation
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
780000
|
direct allocation
|
page read and write
|
||
|
39BEB000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3A530000
|
trusted library allocation
|
page read and write
|
||
|
26C0000
|
heap
|
page readonly
|
||
|
462000
|
trusted library allocation
|
page read and write
|
||
|
3A532000
|
trusted library allocation
|
page read and write
|
||
|
6E7000
|
heap
|
page read and write
|
||
|
740B000
|
direct allocation
|
page execute and read and write
|
||
|
39E1E000
|
stack
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
438000
|
unkown
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
3A4ED000
|
trusted library allocation
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
484D000
|
heap
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
37BD9000
|
trusted library allocation
|
page read and write
|
||
|
3A640000
|
trusted library allocation
|
page read and write
|
||
|
7AB0000
|
heap
|
page read and write
|
||
|
377A7000
|
trusted library allocation
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
3A570000
|
trusted library allocation
|
page read and write
|
||
|
3A4E0000
|
trusted library allocation
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
2B26000
|
heap
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
3A510000
|
trusted library allocation
|
page read and write
|
||
|
37B93000
|
trusted library allocation
|
page read and write
|
||
|
483B000
|
heap
|
page read and write
|
||
|
7A60000
|
unclassified section
|
page readonly
|
||
|
39AEE000
|
stack
|
page read and write
|
||
|
4820000
|
heap
|
page read and write
|
||
|
3767E000
|
stack
|
page read and write
|
||
|
375EE000
|
stack
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
37600000
|
trusted library allocation
|
page read and write
|
||
|
2550000
|
heap
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
482E000
|
heap
|
page read and write
|
||
|
3743F000
|
stack
|
page read and write
|
||
|
277F000
|
heap
|
page read and write
|
||
|
246F000
|
stack
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
39BCE000
|
heap
|
page read and write
|
||
|
3A540000
|
trusted library allocation
|
page read and write
|
||
|
24C0000
|
heap
|
page read and write
|
||
|
377B0000
|
trusted library allocation
|
page read and write
|
||
|
3A640000
|
trusted library allocation
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
2785000
|
heap
|
page read and write
|
||
|
482E000
|
heap
|
page read and write
|
||
|
481B000
|
remote allocation
|
page execute and read and write
|
||
|
27F0000
|
direct allocation
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
3A540000
|
trusted library allocation
|
page read and write
|
||
|
2A90000
|
heap
|
page read and write
|
||
|
27BA000
|
heap
|
page read and write
|
||
|
39B17000
|
heap
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
482000
|
unkown
|
page read and write
|
||
|
2360000
|
heap
|
page read and write
|
||
|
39BE3000
|
heap
|
page read and write
|
||
|
3240000
|
heap
|
page read and write
|
||
|
3A530000
|
trusted library allocation
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
39B17000
|
heap
|
page read and write
|
||
|
39AAD000
|
stack
|
page read and write
|
||
|
3E1B000
|
remote allocation
|
page execute and read and write
|
||
|
760000
|
direct allocation
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
397CE000
|
trusted library allocation
|
page read and write
|
||
|
3A640000
|
trusted library allocation
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page execute and read and write
|
||
|
420000
|
trusted library allocation
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
3A730000
|
trusted library allocation
|
page read and write
|
||
|
39950000
|
trusted library allocation
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
3A530000
|
trusted library allocation
|
page read and write
|
||
|
3A530000
|
trusted library allocation
|
page read and write
|
||
|
3A4E0000
|
trusted library allocation
|
page read and write
|
||
|
3C60000
|
remote allocation
|
page execute and read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
484D000
|
heap
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
39B13000
|
heap
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
26D0000
|
direct allocation
|
page read and write
|
||
|
3A4E0000
|
trusted library allocation
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
34BA000
|
stack
|
page read and write
|
||
|
465000
|
trusted library allocation
|
page execute and read and write
|
||
|
5050000
|
trusted library allocation
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
5D0000
|
direct allocation
|
page read and write
|
||
|
7FD00000
|
trusted library allocation
|
page execute and read and write
|
||
|
49C000
|
unkown
|
page readonly
|
||
|
33BC000
|
stack
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
24C4000
|
heap
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
4837000
|
heap
|
page read and write
|
||
|
39BDA000
|
heap
|
page read and write
|
||
|
27C2000
|
heap
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
483B000
|
heap
|
page read and write
|
||
|
4831000
|
heap
|
page read and write
|
||
|
3A4E0000
|
trusted library allocation
|
page read and write
|
||
|
6D4000
|
heap
|
page read and write
|
||
|
3A530000
|
trusted library allocation
|
page read and write
|
||
|
7A00000
|
direct allocation
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
7A10000
|
direct allocation
|
page read and write
|
||
|
27D8000
|
heap
|
page read and write
|
||
|
7B20000
|
heap
|
page read and write
|
||
|
37771000
|
trusted library allocation
|
page read and write
|
||
|
3A640000
|
trusted library allocation
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
770000
|
direct allocation
|
page read and write
|
||
|
3775C000
|
stack
|
page read and write
|
||
|
7B27000
|
heap
|
page read and write
|
||
|
483A000
|
heap
|
page read and write
|
||
|
3A540000
|
trusted library allocation
|
page read and write
|
||
|
397B6000
|
trusted library allocation
|
page read and write
|
||
|
482E000
|
heap
|
page read and write
|
||
|
4837000
|
heap
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
3A640000
|
trusted library allocation
|
page read and write
|
||
|
3A530000
|
trusted library allocation
|
page read and write
|
||
|
3A4F3000
|
trusted library allocation
|
page read and write
|
||
|
37630000
|
heap
|
page read and write
|
||
|
39BC0000
|
heap
|
page read and write
|
||
|
37B37000
|
trusted library allocation
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
3995B000
|
trusted library allocation
|
page read and write
|
||
|
375A9000
|
stack
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
484D000
|
heap
|
page read and write
|
||
|
2AE0000
|
heap
|
page read and write
|
||
|
6A0B000
|
direct allocation
|
page execute and read and write
|
||
|
470000
|
trusted library allocation
|
page execute and read and write
|
||
|
483B000
|
heap
|
page read and write
|
||
|
4828000
|
heap
|
page read and write
|
||
|
27E6000
|
heap
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
467000
|
trusted library allocation
|
page execute and read and write
|
||
|
2755000
|
heap
|
page read and write
|
||
|
277D000
|
heap
|
page read and write
|
||
|
38771000
|
trusted library allocation
|
page read and write
|
||
|
3A539000
|
trusted library allocation
|
page read and write
|
||
|
701B000
|
remote allocation
|
page execute and read and write
|
||
|
3A720000
|
trusted library allocation
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
791E000
|
stack
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
3A640000
|
trusted library allocation
|
page read and write
|
||
|
3A4E0000
|
trusted library allocation
|
page read and write
|
||
|
39DE0000
|
remote allocation
|
page read and write
|
||
|
39B24000
|
heap
|
page read and write
|
||
|
39800000
|
heap
|
page read and write
|
||
|
3A700000
|
trusted library allocation
|
page execute and read and write
|
||
|
377C1000
|
trusted library allocation
|
page read and write
|
||
|
78DB000
|
stack
|
page read and write
|
||
|
5C1B000
|
remote allocation
|
page execute and read and write
|
||
|
38799000
|
trusted library allocation
|
page read and write
|
||
|
3A640000
|
trusted library allocation
|
page read and write
|
||
|
3A530000
|
trusted library allocation
|
page read and write
|
||
|
6F0000
|
direct allocation
|
page read and write
|
||
|
3A540000
|
trusted library allocation
|
page read and write
|
||
|
484D000
|
heap
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
626000
|
heap
|
page read and write
|
||
|
2734000
|
heap
|
page read and write
|
||
|
38833000
|
trusted library allocation
|
page read and write
|
||
|
39BE6000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3A530000
|
trusted library allocation
|
page read and write
|
||
|
39940000
|
trusted library allocation
|
page read and write
|
||
|
3A540000
|
trusted library allocation
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
3A640000
|
trusted library allocation
|
page read and write
|
||
|
2CE0000
|
heap
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
434000
|
trusted library allocation
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
7A70000
|
unclassified section
|
page readonly
|
||
|
3A560000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
3A4E3000
|
trusted library allocation
|
page read and write
|
||
|
3D0000
|
heap
|
page read and write
|
||
|
3A63F000
|
stack
|
page read and write
|
||
|
3A550000
|
trusted library allocation
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
3A650000
|
trusted library allocation
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
39DE0000
|
remote allocation
|
page read and write
|
||
|
3A4FA000
|
trusted library allocation
|
page read and write
|
||
|
7A50000
|
unclassified section
|
page readonly
|
||
|
452000
|
trusted library allocation
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
373FE000
|
stack
|
page read and write
|
||
|
37688000
|
trusted library allocation
|
page read and write
|
||
|
2CB0000
|
heap
|
page read and write
|
||
|
3A640000
|
trusted library allocation
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
267E000
|
stack
|
page read and write
|
||
|
740000
|
direct allocation
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
456000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A640000
|
trusted library allocation
|
page read and write
|
||
|
3A527000
|
trusted library allocation
|
page read and write
|
||
|
3A4E0000
|
trusted library allocation
|
page read and write
|
||
|
3A640000
|
trusted library allocation
|
page read and write
|
||
|
45A000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
6E8000
|
heap
|
page read and write
|
||
|
3A510000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A530000
|
trusted library allocation
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
3A540000
|
trusted library allocation
|
page read and write
|
||
|
2D36000
|
heap
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
79F0000
|
direct allocation
|
page read and write
|
||
|
7960000
|
trusted library allocation
|
page read and write
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
3A530000
|
trusted library allocation
|
page read and write
|
||
|
397E2000
|
trusted library allocation
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
5B0000
|
direct allocation
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
3A501000
|
trusted library allocation
|
page read and write
|
||
|
3A501000
|
trusted library allocation
|
page read and write
|
||
|
3A4E0000
|
trusted library allocation
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
45C000
|
unkown
|
page read and write
|
||
|
3A500000
|
trusted library allocation
|
page read and write
|
||
|
39AF0000
|
heap
|
page execute and read and write
|
||
|
7A20000
|
direct allocation
|
page read and write
|
||
|
3A4F0000
|
trusted library allocation
|
page read and write
|
||
|
26BE000
|
stack
|
page read and write
|
||
|
27BF000
|
heap
|
page read and write
|
||
|
6ED000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3A520000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
3A530000
|
trusted library allocation
|
page read and write
|
||
|
3A540000
|
trusted library allocation
|
page read and write
|
||
|
37B91000
|
trusted library allocation
|
page read and write
|
There are 481 hidden memdumps, click here to show them.