Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
cJX8BV8LYG.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\65132962348398743035428.tmp
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-core-console-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-core-datetime-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-core-debug-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-core-errorhandling-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-core-file-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-core-file-l1-2-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-core-file-l2-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-core-handle-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-core-heap-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-core-interlocked-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-core-libraryloader-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-core-localization-l1-2-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-core-memory-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-core-namedpipe-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-core-processenvironment-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-core-processthreads-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-core-processthreads-l1-1-1.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-core-profile-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-core-rtlsupport-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-core-string-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-core-synch-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-core-synch-l1-2-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-core-sysinfo-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-core-timezone-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-core-util-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-crt-conio-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-crt-convert-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-crt-environment-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-crt-filesystem-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-crt-heap-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-crt-locale-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-crt-math-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-crt-multibyte-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-crt-private-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-crt-process-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-crt-runtime-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-crt-stdio-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-crt-string-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-crt-time-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\api-ms-win-crt-utility-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\freebl3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\mozglue.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\msvcp140.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\nss3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\nssdbm3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\softokn3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\ucrtbase.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CFBCB28B\vcruntime140.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Clinton
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut31FB.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut321B.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\prophetesses
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
There are 44 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\cJX8BV8LYG.exe
|
"C:\Users\user\Desktop\cJX8BV8LYG.exe"
|
|
|
|
C:\Windows\SysWOW64\svchost.exe
|
"C:\Users\user\Desktop\cJX8BV8LYG.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c C:\Windows\system32\timeout.exe 3 & del "svchost.exe"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\timeout.exe
|
C:\Windows\system32\timeout.exe 3
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://ln6b9.shop/LN341/index.php
|
172.67.128.117
|
|
|
|
http://ln6b9.shop/LN341/index.phpA
|
unknown
|
|
|
|
http://www.mozilla.com/en-US/blocklist/
|
unknown
|
||
|
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
||
|
http://ocsp.thawte.com0
|
unknown
|
||
|
http://ip-api.com/json
|
unknown
|
||
|
http://www.mozilla.com0
|
unknown
|
||
|
https://dotbit.me/a/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ln6b9.shop
|
172.67.128.117
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.67.128.117
|
ln6b9.shop
|
United States
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
62C0000
|
direct allocation
|
page read and write
|
|
|
|
400000
|
system
|
page execute and read and write
|
|
|
|
6C60000
|
direct allocation
|
page read and write
|
|
|
|
1E50000
|
direct allocation
|
page read and write
|
|
|
|
340E000
|
stack
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
32A0000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
3A83000
|
direct allocation
|
page read and write
|
||
|
3701000
|
heap
|
page read and write
|
||
|
3960000
|
direct allocation
|
page read and write
|
||
|
3C29000
|
direct allocation
|
page read and write
|
||
|
5234000
|
direct allocation
|
page read and write
|
||
|
3681000
|
heap
|
page read and write
|
||
|
3A83000
|
direct allocation
|
page read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
1132000
|
heap
|
page read and write
|
||
|
3680000
|
heap
|
page read and write
|
||
|
7401000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
136B000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
52D8000
|
direct allocation
|
page read and write
|
||
|
136B000
|
heap
|
page read and write
|
||
|
136B000
|
heap
|
page read and write
|
||
|
3413000
|
heap
|
page read and write
|
||
|
67A000
|
stack
|
page read and write
|
||
|
3413000
|
heap
|
page read and write
|
||
|
10CF000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
10C9000
|
heap
|
page read and write
|
||
|
2D4E000
|
stack
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
5E80000
|
direct allocation
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
7100000
|
direct allocation
|
page read and write
|
||
|
3960000
|
direct allocation
|
page read and write
|
||
|
5204000
|
direct allocation
|
page read and write
|
||
|
5E80000
|
direct allocation
|
page read and write
|
||
|
5258000
|
direct allocation
|
page read and write
|
||
|
3090000
|
heap
|
page read and write
|
||
|
6208000
|
direct allocation
|
page read and write
|
||
|
5240000
|
direct allocation
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
3680000
|
heap
|
page read and write
|
||
|
1326000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
590D000
|
stack
|
page read and write
|
||
|
3612000
|
heap
|
page read and write
|
||
|
3A83000
|
direct allocation
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
5E3F000
|
stack
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
522C000
|
direct allocation
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
84C000
|
unkown
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
57CE000
|
stack
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
3B00000
|
direct allocation
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
114F000
|
heap
|
page read and write
|
||
|
5E90000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
5F80000
|
direct allocation
|
page read and write
|
||
|
6018000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1132000
|
heap
|
page read and write
|
||
|
1128000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
3671000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
3712000
|
heap
|
page read and write
|
||
|
1161000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
3A83000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
FBF000
|
stack
|
page read and write
|
||
|
5FA0000
|
direct allocation
|
page read and write
|
||
|
3B00000
|
direct allocation
|
page read and write
|
||
|
327A000
|
stack
|
page read and write
|
||
|
3679000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
136B000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
3680000
|
heap
|
page read and write
|
||
|
3C9E000
|
direct allocation
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
5204000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
5254000
|
direct allocation
|
page read and write
|
||
|
6220000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
136B000
|
heap
|
page read and write
|
||
|
33C0000
|
heap
|
page read and write
|
||
|
1336000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
781000
|
unkown
|
page execute read
|
||
|
114E000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
136B000
|
heap
|
page read and write
|
||
|
30CB000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
52D0000
|
direct allocation
|
page read and write
|
||
|
12DD000
|
heap
|
page read and write
|
||
|
5220000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
114E000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
3060000
|
heap
|
page read and write
|
||
|
5E80000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1303000
|
heap
|
page read and write
|
||
|
60C4000
|
direct allocation
|
page read and write
|
||
|
3C9E000
|
direct allocation
|
page read and write
|
||
|
3960000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
6810000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
520C000
|
direct allocation
|
page read and write
|
||
|
5250000
|
direct allocation
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
5224000
|
direct allocation
|
page read and write
|
||
|
5204000
|
direct allocation
|
page read and write
|
||
|
7212000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
6220000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
11DE000
|
heap
|
page read and write
|
||
|
305E000
|
unkown
|
page read and write
|
||
|
5E80000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
128E000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
3010000
|
heap
|
page read and write
|
||
|
2CD0000
|
heap
|
page read and write
|
||
|
76E000
|
stack
|
page read and write
|
||
|
13D3000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
11CF000
|
heap
|
page read and write
|
||
|
3C2D000
|
direct allocation
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
323B000
|
stack
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
778C000
|
stack
|
page read and write
|
||
|
5204000
|
direct allocation
|
page read and write
|
||
|
364F000
|
heap
|
page read and write
|
||
|
3280000
|
heap
|
page read and write
|
||
|
136B000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
5E90000
|
direct allocation
|
page read and write
|
||
|
60C0000
|
direct allocation
|
page read and write
|
||
|
1132000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
5E90000
|
direct allocation
|
page read and write
|
||
|
578F000
|
stack
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
3621000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1327000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
5FD0000
|
direct allocation
|
page read and write
|
||
|
5EF0000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
13BE000
|
heap
|
page read and write
|
||
|
2D8E000
|
stack
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
520C000
|
direct allocation
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
1256000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
5F70000
|
direct allocation
|
page read and write
|
||
|
3680000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
5204000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
350F000
|
stack
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
FDB000
|
stack
|
page read and write
|
||
|
60D4000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
36C2000
|
heap
|
page read and write
|
||
|
5E80000
|
direct allocation
|
page read and write
|
||
|
5B8F000
|
stack
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
5200000
|
direct allocation
|
page read and write
|
||
|
3C4F000
|
stack
|
page read and write
|
||
|
7300000
|
trusted library allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
136B000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
3A83000
|
direct allocation
|
page read and write
|
||
|
2EE7000
|
heap
|
page read and write
|
||
|
1392000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
136B000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
70B0000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
5218000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
13C8000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
3670000
|
heap
|
page read and write
|
||
|
136B000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
3600000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
3B00000
|
direct allocation
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
FCF000
|
stack
|
page read and write
|
||
|
3C2D000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
5204000
|
direct allocation
|
page read and write
|
||
|
62C8000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
365C000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
60C0000
|
direct allocation
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
5FC0000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
3C2D000
|
direct allocation
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
3400000
|
heap
|
page read and write
|
||
|
6100000
|
direct allocation
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
326A000
|
stack
|
page read and write
|
||
|
3691000
|
heap
|
page read and write
|
||
|
3402000
|
heap
|
page read and write
|
||
|
188D000
|
stack
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
3B00000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
520C000
|
direct allocation
|
page read and write
|
||
|
3C9E000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
5230000
|
direct allocation
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
3960000
|
direct allocation
|
page read and write
|
||
|
6090000
|
direct allocation
|
page read and write
|
||
|
FFF000
|
stack
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
5A8E000
|
stack
|
page read and write
|
||
|
3C9E000
|
direct allocation
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
3644000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
3682000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
5204000
|
direct allocation
|
page read and write
|
||
|
5214000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
7200000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
51F0000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
520C000
|
direct allocation
|
page read and write
|
||
|
1298000
|
heap
|
page read and write
|
||
|
10C4000
|
heap
|
page read and write
|
||
|
5218000
|
direct allocation
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
38FE000
|
stack
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
136B000
|
heap
|
page read and write
|
||
|
3614000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
5E80000
|
direct allocation
|
page read and write
|
||
|
3686000
|
heap
|
page read and write
|
||
|
5204000
|
direct allocation
|
page read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
30E3000
|
heap
|
page read and write
|
||
|
5210000
|
direct allocation
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
298C000
|
stack
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
3C2D000
|
direct allocation
|
page read and write
|
||
|
2CAD000
|
stack
|
page read and write
|
||
|
1E80000
|
heap
|
page read and write
|
||
|
3684000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
61B0000
|
direct allocation
|
page read and write
|
||
|
3960000
|
direct allocation
|
page read and write
|
||
|
3C2D000
|
direct allocation
|
page read and write
|
||
|
5208000
|
direct allocation
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
6004000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
3699000
|
heap
|
page read and write
|
||
|
30E1000
|
heap
|
page read and write
|
||
|
1112000
|
heap
|
page read and write
|
||
|
3C29000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1122000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
136B000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
5204000
|
direct allocation
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
139C000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
366D000
|
heap
|
page read and write
|
||
|
1325000
|
heap
|
page read and write
|
||
|
6124000
|
direct allocation
|
page read and write
|
||
|
136B000
|
heap
|
page read and write
|
||
|
5224000
|
direct allocation
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
3680000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
850000
|
unkown
|
page write copy
|
||
|
136A000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
780000
|
unkown
|
page readonly
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
136B000
|
heap
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
5BFD000
|
stack
|
page read and write
|
||
|
81C000
|
unkown
|
page readonly
|
||
|
1355000
|
heap
|
page read and write
|
||
|
2DCE000
|
stack
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
5204000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
5230000
|
direct allocation
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
2E0F000
|
stack
|
page read and write
|
||
|
3B4E000
|
stack
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10CF000
|
heap
|
page read and write
|
||
|
58CE000
|
stack
|
page read and write
|
||
|
3C29000
|
direct allocation
|
page read and write
|
||
|
3680000
|
heap
|
page read and write
|
||
|
3646000
|
heap
|
page read and write
|
||
|
3B00000
|
direct allocation
|
page read and write
|
||
|
780000
|
unkown
|
page readonly
|
||
|
781000
|
unkown
|
page execute read
|
||
|
3C9E000
|
direct allocation
|
page read and write
|
||
|
FEF000
|
stack
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
3610000
|
heap
|
page read and write
|
||
|
3680000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
1E40000
|
direct allocation
|
page execute and read and write
|
||
|
60D0000
|
direct allocation
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
3C29000
|
direct allocation
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
294C000
|
stack
|
page read and write
|
||
|
5F80000
|
direct allocation
|
page read and write
|
||
|
10C5000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
768B000
|
stack
|
page read and write
|
||
|
5D3E000
|
stack
|
page read and write
|
||
|
5290000
|
direct allocation
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
842000
|
unkown
|
page readonly
|
||
|
5E80000
|
direct allocation
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
854000
|
unkown
|
page readonly
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
5E80000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
5268000
|
direct allocation
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
3A83000
|
direct allocation
|
page read and write
|
||
|
365F000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
3B00000
|
direct allocation
|
page read and write
|
||
|
136B000
|
heap
|
page read and write
|
||
|
1321000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
136B000
|
heap
|
page read and write
|
||
|
3680000
|
heap
|
page read and write
|
||
|
5204000
|
direct allocation
|
page read and write
|
||
|
5E80000
|
direct allocation
|
page read and write
|
||
|
3681000
|
heap
|
page read and write
|
||
|
33FE000
|
stack
|
page read and write
|
||
|
5CFD000
|
stack
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
5204000
|
direct allocation
|
page read and write
|
||
|
3C29000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
5E9C000
|
direct allocation
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
5A0D000
|
stack
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
3960000
|
direct allocation
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
10F9000
|
heap
|
page read and write
|
||
|
338F000
|
unkown
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
1354000
|
heap
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
5204000
|
direct allocation
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
61B0000
|
direct allocation
|
page read and write
|
||
|
3C2D000
|
direct allocation
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
1098000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
84C000
|
unkown
|
page write copy
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
5224000
|
direct allocation
|
page read and write
|
||
|
3699000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
3680000
|
heap
|
page read and write
|
||
|
81C000
|
unkown
|
page readonly
|
||
|
12CB000
|
heap
|
page read and write
|
||
|
52D8000
|
direct allocation
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
3C9E000
|
direct allocation
|
page read and write
|
||
|
33B0000
|
heap
|
page readonly
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
6100000
|
direct allocation
|
page read and write
|
||
|
5218000
|
direct allocation
|
page read and write
|
||
|
1E20000
|
heap
|
page read and write
|
||
|
6298000
|
direct allocation
|
page read and write
|
||
|
3631000
|
heap
|
page read and write
|
||
|
5F10000
|
direct allocation
|
page read and write
|
||
|
568E000
|
stack
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
6708000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
3C29000
|
direct allocation
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
842000
|
unkown
|
page readonly
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
136B000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1113000
|
heap
|
page read and write
|
||
|
6000000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
5284000
|
direct allocation
|
page read and write
|
||
|
5E90000
|
direct allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
2DAD000
|
stack
|
page read and write
|
||
|
13D2000
|
heap
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
5204000
|
direct allocation
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
5204000
|
direct allocation
|
page read and write
|
||
|
854000
|
unkown
|
page readonly
|
||
|
72E000
|
stack
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
5E80000
|
direct allocation
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
1C8E000
|
stack
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
720E000
|
direct allocation
|
page read and write
|
||
|
1103000
|
heap
|
page read and write
|
There are 592 hidden memdumps, click here to show them.