Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
play.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\--x702s3
|
SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 2, database pages 56, cookie
0x24, schema 4, UTF-8, version-valid-for 2
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\play.exe
|
"C:\Users\user\Desktop\play.exe"
|
|
|
|
C:\Program Files (x86)\gOMvnPgwymzwrUKagBcKAGBQnssIpMkiBitvpAMRpiVtopMnbYPqzc\aAqvujXSGNo.exe
|
"C:\Program Files (x86)\gOMvnPgwymzwrUKagBcKAGBQnssIpMkiBitvpAMRpiVtopMnbYPqzc\aAqvujXSGNo.exe"
|
|
|
|
C:\Windows\SysWOW64\relog.exe
|
"C:\Windows\SysWOW64\relog.exe"
|
|
|
|
C:\Program Files (x86)\gOMvnPgwymzwrUKagBcKAGBQnssIpMkiBitvpAMRpiVtopMnbYPqzc\aAqvujXSGNo.exe
|
"C:\Program Files (x86)\gOMvnPgwymzwrUKagBcKAGBQnssIpMkiBitvpAMRpiVtopMnbYPqzc\aAqvujXSGNo.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.astrocloud.shop/7mxg/?fVU8=HRzx&ZXzt1jdX=PQHLJRKwaUPjwxhk2GYQzWR8R4DRGzyCfDD5sOvFtKjG8ZD7og/+N9qEbnENWaH4IudDgrnmQMf3V2LiiZJ44VCDghgV12m/k9bnp6b2FJp2apyWNeh51w4=
|
13.248.169.48
|
|
|
|
http://www.playdoge.buzz/dkjp/?fVU8=HRzx&ZXzt1jdX=g2307S0kJQiqPtWe9TaGLV4XrhAf17rff9mCmcpeUxXKbAyFV69cgnnV7KzKdCkqPjJMU4CDOpfM3KvXThn0JCzwXjXd5TSeD8+4iPC5x1oijKUfR6VltjM=
|
188.114.97.3
|
|
|
|
http://www.rantup.com/49cz/?ZXzt1jdX=jojqsqROcSZ/YEZnqnzfA751mBAelv+z1FKsCArF5g8fu/bWNXnvEEANdKHh77itbEpRc/umBoU8ELsN52AVYzrBAQ0zHIll5d6B3+Pe+PauASdNc9uZplY=&fVU8=HRzx
|
52.71.57.184
|
|
|
|
http://www.ablackwomansmarch.info/byvv/?fVU8=HRzx&ZXzt1jdX=tE8Yf8WYynwECT0ucMl0wg/uU5lgFM4d0lH0abgHpBN2sUJXXfRRiqZbMUuokEJXmaYUQiqZbA9PoCScD7vXiY1sERFkkaBh5gb6EBRxs5CGi9vgIcMFHkg=
|
3.33.130.190
|
|
|
|
http://www.rantup.com/49cz/
|
52.71.57.184
|
|
|
|
http://www.23ddv.top/74hi/?ZXzt1jdX=nGINNi176Mw32GVF7tlDMHUsDN0FLET+wtq3FMVEcbrakWyJqw7BUNhsS7t1Rgl5P/JWtiTsx+SLLpCMe4oAPWkmauoeOlVhsSF1Co6Ym9oRZTWO7OX8DvA=&fVU8=HRzx
|
154.23.184.218
|
|
|
|
http://www.sssqqq07-22.fun/90p1/
|
45.113.201.77
|
|
|
|
http://www.soliro.life/qkji/
|
3.33.244.179
|
|
|
|
http://www.pacoteagil.shop/xz0a/?fVU8=HRzx&ZXzt1jdX=R3gP1liecH9CEWR58z6vcTu6ZE4CAT74npPRwlq9MC9LpGUhjUlt5tD2zx/yN6MyUXEHC7bzQwr/lImARbHG2FNXY0baa7q+x6BXcM5hNR/AFuKMUDCbLno=
|
84.32.84.32
|
|
|
|
http://www.23ddv.top/74hi/
|
154.23.184.218
|
|
|
|
http://www.playdoge.buzz/dkjp/
|
188.114.97.3
|
|
|
|
http://www.soliro.life/qkji/?ZXzt1jdX=3hO+HyIcgB6G+8N3LN2uHekX7uSI4ghDkWDZahGxK7g3yB5CU5vB8EVkGOKlqaF5ueualLyQHKnu8Mv7Lxk5XzuYxgHzk6nkrMT1MeRjw16ajjrCjygjRTw=&fVU8=HRzx
|
3.33.244.179
|
|
|
|
http://www.astrocloud.shop/7mxg/
|
13.248.169.48
|
|
|
|
http://www.farukugurluakdogan.xyz/3yei/?ZXzt1jdX=nZxM6ZbVUNvqNiLtXDfR+7LNAf7PNkUZzI4HUL3o8BmDorsgh/n2PsYU59HPtFBmSHz6AM8ZTB8ClF4C+tQS6IhxM8ffpjo9QeQxbJNt08sZUqYfX3nGFAA=&fVU8=HRzx
|
85.159.66.93
|
|
|
|
http://www.x0x9x8x8x7x6.shop/ps9q/
|
188.114.96.3
|
|
|
|
http://www.pilibit.site/ydsb/
|
200.58.111.42
|
|
|
|
http://www.ablackwomansmarch.info/byvv/
|
3.33.130.190
|
|
|
|
http://www.sssqqq07-22.fun/90p1/?ZXzt1jdX=MVS+namUa0UQavAdJ03s9uygERI+uY3eTsOcU3Wjrfb6xHYz5dyozzt8oos7zGJG9hFOZSWQuwu+QIVHqyXNg2+Ky1HzvorxqHxW6JBLA1lJwD0Ad7NFYWY=&fVU8=HRzx
|
45.113.201.77
|
|
|
|
http://www.pilibit.site/ydsb/?ZXzt1jdX=5MonW/+sdj9S4Qi9EuAiwzCb3teTJ4mp2FYtUqDRNpZKZK4yIAJ/199x4+50cXOASEslm+CgFxsG9ylKFHmgriXfA832cO2sv57t9clCzJ2/NV8benXuPPs=&fVU8=HRzx
|
200.58.111.42
|
|
|
|
http://www.shipincheshi.skin/qer4/
|
154.23.176.197
|
|
|
|
http://www.farukugurluakdogan.xyz/3yei/
|
85.159.66.93
|
|
|
|
http://www.pacoteagil.shop/xz0a/
|
84.32.84.32
|
|
|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://www.hugedomains.com/domain_profile.cfm?d=rantup.com
|
unknown
|
||
|
https://www.kiristyle.shop/vod9/?ZXzt1jdX=ivZzxM4Jfmd0ai63Imd0RTeSPfjP5G
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
http://www.kiristyle.shop/vod9/?ZXzt1jdX=ivZzxM4Jfmd0ai63Imd0RTeSPfjP5G+FujZTnvobDNePA17XvJlKosOwY30TiI8/8bBp7iesbvq7jnISR7nTIeFXysPRp6fhppRWXfcEPYVY19hX8MgB2Jw=&fVU8=HRzx
|
35.244.245.121
|
||
|
http://www.x0x9x8x8x7x6.shop
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
http://www.thinkphp.cn
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
http://www.kiristyle.shop/vod9/
|
35.244.245.121
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
There are 28 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.playdoge.buzz
|
188.114.97.3
|
|
|
|
hdr-nlb9-41371129e8304c29.elb.us-east-1.amazonaws.com
|
52.71.57.184
|
|
|
|
www.astrocloud.shop
|
13.248.169.48
|
|
|
|
ablackwomansmarch.info
|
3.33.130.190
|
|
|
|
natroredirect.natrocdn.com
|
85.159.66.93
|
|
|
|
www.x0x9x8x8x7x6.shop
|
188.114.96.3
|
|
|
|
www.shipincheshi.skin
|
154.23.176.197
|
|
|
|
www.soliro.life
|
3.33.244.179
|
|
|
|
pilibit.site
|
200.58.111.42
|
|
|
|
www.dom-2.online
|
199.59.243.226
|
|
|
|
pacoteagil.shop
|
84.32.84.32
|
|
|
|
23ddv.top
|
154.23.184.218
|
|
|
|
www.sssqqq07-22.fun
|
45.113.201.77
|
|
|
|
www.pilibit.site
|
unknown
|
|
|
|
www.farukugurluakdogan.xyz
|
unknown
|
|
|
|
www.23ddv.top
|
unknown
|
|
|
|
www.pelus-pijama-pro.shop
|
unknown
|
|
|
|
www.rantup.com
|
unknown
|
|
|
|
www.pacoteagil.shop
|
unknown
|
|
|
|
206.23.85.13.in-addr.arpa
|
unknown
|
|
|
|
www.kiristyle.shop
|
unknown
|
|
|
|
www.ablackwomansmarch.info
|
unknown
|
|
|
|
shops.vipshopbuy.com
|
35.244.245.121
|
There are 13 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
13.248.169.48
|
www.astrocloud.shop
|
United States
|
|
|
|
200.58.111.42
|
pilibit.site
|
Argentina
|
|
|
|
199.59.243.226
|
www.dom-2.online
|
United States
|
|
|
|
84.32.84.32
|
pacoteagil.shop
|
Lithuania
|
|
|
|
154.23.184.218
|
23ddv.top
|
United States
|
|
|
|
85.159.66.93
|
natroredirect.natrocdn.com
|
Turkey
|
|
|
|
154.23.176.197
|
www.shipincheshi.skin
|
United States
|
|
|
|
45.113.201.77
|
www.sssqqq07-22.fun
|
China
|
|
|
|
188.114.97.3
|
www.playdoge.buzz
|
European Union
|
|
|
|
188.114.96.3
|
www.x0x9x8x8x7x6.shop
|
European Union
|
|
|
|
52.71.57.184
|
hdr-nlb9-41371129e8304c29.elb.us-east-1.amazonaws.com
|
United States
|
|
|
|
3.33.130.190
|
ablackwomansmarch.info
|
United States
|
|
|
|
3.33.244.179
|
www.soliro.life
|
United States
|
|
|
|
35.244.245.121
|
shops.vipshopbuy.com
|
United States
|
There are 4 hidden IPs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2FC0000
|
trusted library allocation
|
page read and write
|
|
|
|
2F70000
|
trusted library allocation
|
page read and write
|
|
|
|
3520000
|
unclassified section
|
page execute and read and write
|
|
|
|
5290000
|
system
|
page execute and read and write
|
|
|
|
BA1000
|
unkown
|
page execute and read and write
|
|
|
|
8B0000
|
system
|
page execute and read and write
|
|
|
|
3910000
|
unkown
|
page execute and read and write
|
|
|
|
AB0000
|
unclassified section
|
page execute and read and write
|
|
|
|
2E71000
|
heap
|
page read and write
|
||
|
A91000
|
unkown
|
page execute read
|
||
|
4722000
|
unclassified section
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
2B82000
|
unkown
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E14000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
3A28000
|
unkown
|
page execute and read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2C60000
|
heap
|
page read and write
|
||
|
191750A0000
|
trusted library allocation
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
7A8B000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2660000
|
direct allocation
|
page execute and read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
4590000
|
unclassified section
|
page read and write
|
||
|
4BD8000
|
unclassified section
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
7A04000
|
heap
|
page read and write
|
||
|
540C000
|
unkown
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
388C000
|
unkown
|
page read and write
|
||
|
2F9A000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
19175213000
|
trusted library allocation
|
page read and write
|
||
|
BEF000
|
unkown
|
page write copy
|
||
|
2CE0000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
24B4000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
19175090000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
3552000
|
direct allocation
|
page execute and read and write
|
||
|
191753CE000
|
trusted library allocation
|
page read and write
|
||
|
508E000
|
unclassified section
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2910000
|
heap
|
page read and write
|
||
|
CB0000
|
unkown
|
page readonly
|
||
|
3622000
|
unclassified section
|
page read and write
|
||
|
D60000
|
unkown
|
page readonly
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2C80000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
9BE000
|
heap
|
page read and write
|
||
|
1570000
|
unkown
|
page readonly
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
BA0000
|
unkown
|
page readonly
|
||
|
2D11000
|
heap
|
page read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2C71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
7CA000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2990000
|
heap
|
page read and write
|
||
|
E4E000
|
stack
|
page read and write
|
||
|
814E000
|
stack
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
A90000
|
unkown
|
page readonly
|
||
|
14D0000
|
unkown
|
page readonly
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
7AA5000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
A9E000
|
unkown
|
page readonly
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2C75000
|
heap
|
page read and write
|
||
|
2F10000
|
unkown
|
page execute and read and write
|
||
|
3010000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
40DA000
|
unclassified section
|
page read and write
|
||
|
33592000
|
system
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2D56000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2C7A000
|
heap
|
page read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
83B000
|
stack
|
page read and write
|
||
|
BF0000
|
unkown
|
page readonly
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
5F90000
|
trusted library allocation
|
page read and write
|
||
|
19175200000
|
trusted library allocation
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2931000
|
direct allocation
|
page execute and read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2B70000
|
unkown
|
page read and write
|
||
|
BF1000
|
unkown
|
page readonly
|
||
|
E68000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
191750A0000
|
trusted library allocation
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
9E0000
|
unkown
|
page readonly
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
31DE000
|
stack
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
9B1000
|
heap
|
page read and write
|
||
|
3BB0000
|
unkown
|
page read and write
|
||
|
7CA000
|
heap
|
page read and write
|
||
|
BF1000
|
unkown
|
page readonly
|
||
|
19175100000
|
trusted library allocation
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
D0F000
|
stack
|
page read and write
|
||
|
367C000
|
unclassified section
|
page read and write
|
||
|
1917376F000
|
heap
|
page read and write
|
||
|
AA7000
|
unkown
|
page readonly
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
191753AC000
|
trusted library allocation
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
191753C4000
|
trusted library allocation
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
BA1000
|
unkown
|
page execute read
|
||
|
BC0000
|
unkown
|
page readonly
|
||
|
39B6000
|
unkown
|
page execute and read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
AA7000
|
unkown
|
page readonly
|
||
|
AA7000
|
unkown
|
page readonly
|
||
|
1917378B000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
A9E000
|
unkown
|
page readonly
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
740000
|
direct allocation
|
page read and write
|
||
|
DE0000
|
unkown
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
7A5C000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
53BA000
|
system
|
page execute and read and write
|
||
|
2A60000
|
unkown
|
page readonly
|
||
|
7A14000
|
heap
|
page read and write
|
||
|
383C000
|
unclassified section
|
page read and write
|
||
|
2A5F000
|
stack
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
1917377C000
|
heap
|
page read and write
|
||
|
7D5000
|
heap
|
page read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
19175203000
|
trusted library allocation
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
818F000
|
stack
|
page read and write
|
||
|
BE0000
|
unkown
|
page readonly
|
||
|
380000
|
heap
|
page read and write
|
||
|
2D37000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
1917378F000
|
heap
|
page read and write
|
||
|
191753BE000
|
trusted library allocation
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
1900000
|
unkown
|
page readonly
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2914000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
29B0000
|
heap
|
page read and write
|
||
|
451C000
|
unkown
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
19173792000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2910000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
1917376A000
|
heap
|
page read and write
|
||
|
19175300000
|
trusted library allocation
|
page read and write
|
||
|
4066000
|
unkown
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
7BE000
|
heap
|
page read and write
|
||
|
9D0000
|
unkown
|
page readonly
|
||
|
19173600000
|
system
|
page execute and read and write
|
||
|
2B50000
|
unkown
|
page readonly
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
BBD000
|
stack
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
19173710000
|
heap
|
page read and write
|
||
|
7B8000
|
heap
|
page read and write
|
||
|
A90000
|
unkown
|
page readonly
|
||
|
AA5000
|
unkown
|
page read and write
|
||
|
25DD000
|
heap
|
page read and write
|
||
|
1130000
|
unkown
|
page readonly
|
||
|
7CE000
|
heap
|
page read and write
|
||
|
37265FB000
|
stack
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
BBD000
|
stack
|
page read and write
|
||
|
D80000
|
unkown
|
page readonly
|
||
|
4A46000
|
unclassified section
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
3DB6000
|
unclassified section
|
page read and write
|
||
|
DF1000
|
unkown
|
page readonly
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
624E000
|
stack
|
page read and write
|
||
|
37285FE000
|
stack
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
124E000
|
stack
|
page read and write
|
||
|
7A1D000
|
heap
|
page read and write
|
||
|
19175221000
|
trusted library allocation
|
page read and write
|
||
|
D80000
|
unkown
|
page readonly
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
A5A000
|
stack
|
page read and write
|
||
|
3210000
|
direct allocation
|
page execute and read and write
|
||
|
2C7A000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
426C000
|
unclassified section
|
page read and write
|
||
|
2789000
|
direct allocation
|
page execute and read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
29A2000
|
direct allocation
|
page execute and read and write
|
||
|
318D000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
1917520E000
|
trusted library allocation
|
page read and write
|
||
|
3D42000
|
unkown
|
page read and write
|
||
|
1570000
|
unkown
|
page readonly
|
||
|
19173740000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
3100000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
30C000
|
stack
|
page read and write
|
||
|
41F8000
|
unkown
|
page read and write
|
||
|
29B4000
|
heap
|
page read and write
|
||
|
2D1D000
|
heap
|
page read and write
|
||
|
2CDE000
|
heap
|
page read and write
|
||
|
3244000
|
unkown
|
page read and write
|
||
|
1478000
|
heap
|
page read and write
|
||
|
33AE000
|
direct allocation
|
page execute and read and write
|
||
|
A91000
|
unkown
|
page execute read
|
||
|
A91000
|
unkown
|
page execute read
|
||
|
9D0000
|
unkown
|
page readonly
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
292D000
|
direct allocation
|
page execute and read and write
|
||
|
2D44000
|
heap
|
page read and write
|
||
|
10FC000
|
stack
|
page read and write
|
||
|
3F48000
|
unclassified section
|
page read and write
|
||
|
7A19000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
7D5000
|
heap
|
page read and write
|
||
|
2E10000
|
heap
|
page read and write
|
||
|
33652000
|
system
|
page read and write
|
||
|
2B20000
|
unclassified section
|
page execute and read and write
|
||
|
29FF000
|
stack
|
page read and write
|
||
|
AB0000
|
direct allocation
|
page read and write
|
||
|
7A6C000
|
heap
|
page read and write
|
||
|
AE1000
|
heap
|
page read and write
|
||
|
1901000
|
unkown
|
page readonly
|
||
|
438A000
|
unkown
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
BC0000
|
unkown
|
page readonly
|
||
|
CC0000
|
unkown
|
page readonly
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2C6F000
|
heap
|
page read and write
|
||
|
4EFC000
|
unclassified section
|
page read and write
|
||
|
AA5000
|
unkown
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2A60000
|
unkown
|
page readonly
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2C68000
|
heap
|
page read and write
|
||
|
298E000
|
stack
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2C7A000
|
heap
|
page read and write
|
||
|
D60000
|
unkown
|
page readonly
|
||
|
E50000
|
unkown
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
A5A000
|
stack
|
page read and write
|
||
|
E4E000
|
stack
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
333D000
|
direct allocation
|
page execute and read and write
|
||
|
1260000
|
unkown
|
page read and write
|
||
|
D2A000
|
stack
|
page read and write
|
||
|
DDE000
|
stack
|
page read and write
|
||
|
3050000
|
heap
|
page read and write
|
||
|
7D5000
|
heap
|
page read and write
|
||
|
A90000
|
unkown
|
page readonly
|
||
|
1130000
|
unkown
|
page readonly
|
||
|
5363000
|
system
|
page execute and read and write
|
||
|
9F0000
|
unkown
|
page readonly
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2D07000
|
heap
|
page read and write
|
||
|
6FC000
|
stack
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
7A90000
|
heap
|
page read and write
|
||
|
3064000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
73E000
|
stack
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
BEC000
|
unkown
|
page readonly
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2B82000
|
unkown
|
page read and write
|
||
|
2D4F000
|
heap
|
page read and write
|
||
|
28E0000
|
heap
|
page read and write
|
||
|
3727DFE000
|
stack
|
page read and write
|
||
|
7D30000
|
heap
|
page read and write
|
||
|
7A0F000
|
heap
|
page read and write
|
||
|
2F70000
|
trusted library allocation
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
7A4D000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
13BF000
|
stack
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
D2A000
|
stack
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
3ED4000
|
unkown
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
3638000
|
unclassified section
|
page execute and read and write
|
||
|
25E1000
|
heap
|
page read and write
|
||
|
AB0000
|
direct allocation
|
page read and write
|
||
|
2E77000
|
heap
|
page read and write
|
||
|
CA0000
|
unkown
|
page readonly
|
||
|
CA0000
|
unkown
|
page readonly
|
||
|
DE0000
|
unkown
|
page read and write
|
||
|
11F0000
|
unkown
|
page readonly
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
3CE000
|
stack
|
page read and write
|
||
|
112F000
|
stack
|
page read and write
|
||
|
878000
|
stack
|
page read and write
|
||
|
2E14000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
BEC000
|
unkown
|
page readonly
|
||
|
2D32000
|
heap
|
page read and write
|
||
|
29B4000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
28F0000
|
unkown
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
7CC000
|
heap
|
page read and write
|
||
|
25AF000
|
stack
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
7DB000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
7A3B000
|
heap
|
page read and write
|
||
|
7A9B000
|
heap
|
page read and write
|
||
|
191736F0000
|
heap
|
page read and write
|
||
|
11F0000
|
unkown
|
page readonly
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
1331000
|
unkown
|
page readonly
|
||
|
1331000
|
unkown
|
page readonly
|
||
|
2C7A000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
AB0000
|
direct allocation
|
page read and write
|
||
|
2C9C000
|
unkown
|
page read and write
|
||
|
2D2D000
|
heap
|
page read and write
|
||
|
33C54000
|
system
|
page read and write
|
||
|
AA7000
|
unkown
|
page readonly
|
||
|
1917365D000
|
system
|
page execute and read and write
|
||
|
29B4000
|
heap
|
page read and write
|
||
|
390000
|
direct allocation
|
page read and write
|
||
|
34DD000
|
direct allocation
|
page execute and read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
7A97000
|
heap
|
page read and write
|
||
|
2914000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2C75000
|
heap
|
page read and write
|
||
|
19175301000
|
trusted library allocation
|
page read and write
|
||
|
2E20000
|
unkown
|
page readonly
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E5C000
|
unkown
|
page read and write
|
||
|
3339000
|
direct allocation
|
page execute and read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
53C0000
|
unkown
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2B50000
|
unkown
|
page readonly
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
D70000
|
unkown
|
page readonly
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
34E1000
|
direct allocation
|
page execute and read and write
|
||
|
AA5000
|
unkown
|
page read and write
|
||
|
9F0000
|
unkown
|
page readonly
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
1260000
|
unkown
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
3060000
|
trusted library allocation
|
page read and write
|
||
|
112F000
|
stack
|
page read and write
|
||
|
7A77000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
3562000
|
unclassified section
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
7A7F000
|
heap
|
page read and write
|
||
|
3010000
|
trusted library allocation
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
35C6000
|
unclassified section
|
page execute and read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
550C000
|
unkown
|
page read and write
|
||
|
14D1000
|
unkown
|
page readonly
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
7D5000
|
heap
|
page read and write
|
||
|
A91000
|
unkown
|
page execute read
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
4D6A000
|
unclassified section
|
page read and write
|
||
|
5347000
|
system
|
page execute and read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2B70000
|
unkown
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
33D6000
|
unkown
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
1478000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2652000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
19173760000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
D93000
|
unkown
|
page read and write
|
||
|
BEF000
|
unkown
|
page write copy
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
7A63000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
2E0F000
|
stack
|
page read and write
|
||
|
A9E000
|
unkown
|
page readonly
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
11D0000
|
unkown
|
page read and write
|
||
|
7D1000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
3386C000
|
system
|
page read and write
|
||
|
2E10000
|
heap
|
page read and write
|
||
|
2C42000
|
unkown
|
page read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
28F0000
|
unkown
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
278D000
|
direct allocation
|
page execute and read and write
|
||
|
46AE000
|
unkown
|
page read and write
|
||
|
27FE000
|
direct allocation
|
page execute and read and write
|
||
|
7B10000
|
trusted library allocation
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
7A92000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
CC0000
|
unkown
|
page readonly
|
||
|
E7F000
|
heap
|
page read and write
|
||
|
36FA000
|
unkown
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
7A2A000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
336AC000
|
system
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
A9E000
|
unkown
|
page readonly
|
||
|
5365000
|
system
|
page execute and read and write
|
||
|
10FC000
|
stack
|
page read and write
|
||
|
2D22000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
7A84000
|
heap
|
page read and write
|
||
|
BE0000
|
unkown
|
page readonly
|
||
|
3C24000
|
unclassified section
|
page read and write
|
||
|
9B1000
|
heap
|
page read and write
|
||
|
7D5000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
37275FF000
|
stack
|
page read and write
|
||
|
28E0000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
370000
|
heap
|
page read and write
|
||
|
3191000
|
heap
|
page read and write
|
||
|
2E20000
|
unkown
|
page readonly
|
||
|
7B00000
|
trusted library allocation
|
page read and write
|
||
|
2C7A000
|
heap
|
page read and write
|
||
|
3202000
|
heap
|
page read and write
|
||
|
E50000
|
unkown
|
page read and write
|
||
|
7A35000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2C80000
|
heap
|
page read and write
|
||
|
D70000
|
unkown
|
page readonly
|
||
|
3726DFF000
|
stack
|
page read and write
|
||
|
BE7000
|
unkown
|
page execute read
|
||
|
3568000
|
unkown
|
page read and write
|
||
|
48B4000
|
unclassified section
|
page read and write
|
||
|
DF1000
|
unkown
|
page readonly
|
||
|
2C7A000
|
heap
|
page read and write
|
||
|
BA0000
|
unkown
|
page readonly
|
||
|
7DB000
|
heap
|
page read and write
|
||
|
A90000
|
unkown
|
page readonly
|
||
|
19175210000
|
trusted library allocation
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
CB0000
|
unkown
|
page readonly
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
9E0000
|
unkown
|
page readonly
|
||
|
4038000
|
unclassified section
|
page execute and read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
7A12000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
7A56000
|
heap
|
page read and write
|
||
|
7A97000
|
heap
|
page read and write
|
||
|
AA5000
|
unkown
|
page read and write
|
||
|
3010000
|
trusted library allocation
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2C6F000
|
heap
|
page read and write
|
||
|
BF0000
|
unkown
|
page readonly
|
||
|
7A68000
|
heap
|
page read and write
|
||
|
2CD6000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
7A31000
|
heap
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
7D5000
|
heap
|
page read and write
|
||
|
2E5C000
|
unkown
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
295E000
|
stack
|
page read and write
|
||
|
4428000
|
unkown
|
page execute and read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
11D0000
|
unkown
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
2E71000
|
heap
|
page read and write
|
||
|
E68000
|
heap
|
page read and write
|
||
|
5357000
|
system
|
page execute and read and write
|
There are 568 hidden memdumps, click here to show them.