Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C3KzPHU3UG.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\SyncTech Innovations\EchoSync.js
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\SyncTech Innovations\EchoSync.pif
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\585723\Designing.pif
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
modified
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EchoSync.url
|
MS Windows 95 Internet shortcut text (URL=<"C:\Users\user\AppData\Local\SyncTech Innovations\EchoSync.js" >), ASCII text,
with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\SyncTech Innovations\p
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\585723\F
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Hate
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Invitations
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Keep
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Prep
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Rod
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Sexuality
|
ASCII text, with very long lines (969), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Sexuality.cmd (copy)
|
ASCII text, with very long lines (969), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Statute
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Tsunami
|
data
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\C3KzPHU3UG.exe
|
"C:\Users\user\Desktop\C3KzPHU3UG.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /k move Sexuality Sexuality.cmd & Sexuality.cmd & exit
|
|
|
|
C:\Windows\SysWOW64\findstr.exe
|
findstr /I "wrsa.exe opssvc.exe"
|
|
|
|
C:\Windows\SysWOW64\findstr.exe
|
findstr /I "avastui.exe avgui.exe bdservicehost.exe ekrn.exe nswscsvc.exe sophoshealth.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /c md 585723
|
|
|
|
C:\Windows\SysWOW64\findstr.exe
|
findstr /V "TranscriptHousesConstitutesMedicaid" Hate
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /c copy /b ..\Rod + ..\Keep + ..\Prep + ..\Tsunami + ..\Invitations F
|
|
|
|
C:\Users\user\AppData\Local\Temp\585723\Designing.pif
|
Designing.pif F
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /k echo [InternetShortcut] > "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EchoSync.url"
& echo URL="C:\Users\user\AppData\Local\SyncTech Innovations\EchoSync.js" >> "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Startup\EchoSync.url" & exit
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Local\SyncTech Innovations\EchoSync.js"
|
|
|
|
C:\Users\user\AppData\Local\SyncTech Innovations\EchoSync.pif
|
"C:\Users\user\AppData\Local\SyncTech Innovations\EchoSync.pif" "C:\Users\user\AppData\Local\SyncTech Innovations\p"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\tasklist.exe
|
tasklist
|
||
|
C:\Windows\SysWOW64\tasklist.exe
|
tasklist
|
||
|
C:\Windows\SysWOW64\choice.exe
|
choice /d y /t 5
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 6 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.autoitscript.com/autoit3/J
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
https://www.autoitscript.com/autoit3/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
XfYprRGwPXpYAiIF.XfYprRGwPXpYAiIF
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\wscript.exe
|
JScriptSetScriptStateStarted
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
B30000
|
unkown
|
page readonly
|
||
|
322E000
|
unkown
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
2800000
|
heap
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
4B40000
|
heap
|
page read and write
|
||
|
1174000
|
heap
|
page read and write
|
||
|
1BDC000
|
heap
|
page read and write
|
||
|
469000
|
unkown
|
page read and write
|
||
|
759000
|
unkown
|
page readonly
|
||
|
1D17CFE000
|
stack
|
page read and write
|
||
|
1930000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
7DE000
|
stack
|
page read and write
|
||
|
AD3000
|
heap
|
page read and write
|
||
|
1373000
|
heap
|
page read and write
|
||
|
1FEA836A000
|
heap
|
page read and write
|
||
|
18D0000
|
trusted library allocation
|
page read and write
|
||
|
AC8000
|
heap
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
4FD000
|
unkown
|
page readonly
|
||
|
D50000
|
heap
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page read and write
|
||
|
BF0000
|
unkown
|
page write copy
|
||
|
1174000
|
heap
|
page read and write
|
||
|
18D0000
|
trusted library allocation
|
page read and write
|
||
|
4653000
|
trusted library allocation
|
page read and write
|
||
|
129A000
|
heap
|
page read and write
|
||
|
66D000
|
heap
|
page read and write
|
||
|
ADB000
|
heap
|
page read and write
|
||
|
1754000
|
heap
|
page read and write
|
||
|
332F000
|
unkown
|
page read and write
|
||
|
17C4000
|
heap
|
page read and write
|
||
|
1953000
|
heap
|
page read and write
|
||
|
18D0000
|
trusted library allocation
|
page read and write
|
||
|
21CE000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
75A000
|
heap
|
page read and write
|
||
|
13A6000
|
heap
|
page read and write
|
||
|
4569000
|
trusted library allocation
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
1FEA84C5000
|
heap
|
page read and write
|
||
|
1242000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
1A08000
|
heap
|
page read and write
|
||
|
1FEA832C000
|
heap
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
1CD3000
|
heap
|
page read and write
|
||
|
1AB2000
|
heap
|
page read and write
|
||
|
79B000
|
heap
|
page read and write
|
||
|
1174000
|
heap
|
page read and write
|
||
|
683000
|
heap
|
page read and write
|
||
|
1C62000
|
heap
|
page read and write
|
||
|
67A000
|
heap
|
page read and write
|
||
|
ABD000
|
heap
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
ACC000
|
heap
|
page read and write
|
||
|
5AE000
|
stack
|
page read and write
|
||
|
1B00000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1CC5000
|
heap
|
page read and write
|
||
|
15BF000
|
stack
|
page read and write
|
||
|
1AC0000
|
heap
|
page read and write
|
||
|
D4F000
|
stack
|
page read and write
|
||
|
FBF000
|
stack
|
page read and write
|
||
|
17C4000
|
heap
|
page read and write
|
||
|
1FEA8337000
|
heap
|
page read and write
|
||
|
1FEA9D80000
|
heap
|
page read and write
|
||
|
17C4000
|
heap
|
page read and write
|
||
|
1174000
|
heap
|
page read and write
|
||
|
6AC000
|
stack
|
page read and write
|
||
|
2DAE000
|
stack
|
page read and write
|
||
|
10C000
|
stack
|
page read and write
|
||
|
1174000
|
heap
|
page read and write
|
||
|
1FEA8338000
|
heap
|
page read and write
|
||
|
720000
|
unkown
|
page readonly
|
||
|
67C000
|
heap
|
page read and write
|
||
|
3D50000
|
heap
|
page read and write
|
||
|
750000
|
unkown
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
690000
|
unkown
|
page readonly
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
145C000
|
heap
|
page read and write
|
||
|
13E8000
|
heap
|
page read and write
|
||
|
2E8E000
|
stack
|
page read and write
|
||
|
6EC000
|
stack
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
17C0000
|
heap
|
page read and write
|
||
|
BC0000
|
unkown
|
page readonly
|
||
|
A7F000
|
stack
|
page read and write
|
||
|
17C4000
|
heap
|
page read and write
|
||
|
68C000
|
heap
|
page read and write
|
||
|
AD1000
|
heap
|
page read and write
|
||
|
2C6F000
|
stack
|
page read and write
|
||
|
2720000
|
heap
|
page read and write
|
||
|
3250000
|
heap
|
page read and write
|
||
|
12D9000
|
heap
|
page read and write
|
||
|
4577000
|
trusted library allocation
|
page read and write
|
||
|
691000
|
unkown
|
page execute read
|
||
|
4201000
|
heap
|
page read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
1ADB000
|
heap
|
page read and write
|
||
|
605000
|
heap
|
page read and write
|
||
|
526000
|
heap
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
B31000
|
unkown
|
page execute read
|
||
|
2DAF000
|
stack
|
page read and write
|
||
|
1FEA8331000
|
heap
|
page read and write
|
||
|
ADB000
|
heap
|
page read and write
|
||
|
1D03000
|
heap
|
page read and write
|
||
|
691000
|
unkown
|
page execute read
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
2F6D000
|
stack
|
page read and write
|
||
|
1B00000
|
trusted library allocation
|
page read and write
|
||
|
746000
|
unkown
|
page readonly
|
||
|
15CF000
|
stack
|
page read and write
|
||
|
C8E000
|
stack
|
page read and write
|
||
|
17C4000
|
heap
|
page read and write
|
||
|
17C4000
|
heap
|
page read and write
|
||
|
B31000
|
unkown
|
page execute read
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
1B00000
|
trusted library allocation
|
page read and write
|
||
|
67C000
|
heap
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
13B1000
|
heap
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
1FEA84C0000
|
heap
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
170000
|
heap
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
BA6000
|
heap
|
page read and write
|
||
|
1C6D000
|
heap
|
page read and write
|
||
|
BF9000
|
unkown
|
page readonly
|
||
|
1174000
|
heap
|
page read and write
|
||
|
27FF000
|
stack
|
page read and write
|
||
|
2150000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
18D0000
|
trusted library allocation
|
page read and write
|
||
|
1559000
|
heap
|
page read and write
|
||
|
65E000
|
heap
|
page read and write
|
||
|
17D5000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
18D0000
|
heap
|
page read and write
|
||
|
346F000
|
stack
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
1D176FF000
|
stack
|
page read and write
|
||
|
1D17BFF000
|
stack
|
page read and write
|
||
|
690000
|
unkown
|
page readonly
|
||
|
FCE000
|
stack
|
page read and write
|
||
|
1D17EFE000
|
stack
|
page read and write
|
||
|
D0E000
|
stack
|
page read and write
|
||
|
41E000
|
unkown
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
1223000
|
heap
|
page read and write
|
||
|
BE6000
|
unkown
|
page readonly
|
||
|
4201000
|
heap
|
page read and write
|
||
|
1FEA8230000
|
heap
|
page read and write
|
||
|
4661000
|
trusted library allocation
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
FDD000
|
stack
|
page read and write
|
||
|
66E000
|
heap
|
page read and write
|
||
|
2CFC000
|
stack
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
1D17AFE000
|
stack
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
30E2000
|
heap
|
page read and write
|
||
|
ABB000
|
heap
|
page read and write
|
||
|
1FEAA0F0000
|
heap
|
page read and write
|
||
|
152A000
|
heap
|
page read and write
|
||
|
88E000
|
stack
|
page read and write
|
||
|
AB4000
|
heap
|
page read and write
|
||
|
17C4000
|
heap
|
page read and write
|
||
|
1B00000
|
trusted library allocation
|
page read and write
|
||
|
ADB000
|
heap
|
page read and write
|
||
|
26FE000
|
stack
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
CBE000
|
stack
|
page read and write
|
||
|
17C4000
|
heap
|
page read and write
|
||
|
2DEC000
|
stack
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
1232000
|
heap
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
1FEA8372000
|
heap
|
page read and write
|
||
|
B30000
|
unkown
|
page readonly
|
||
|
4201000
|
heap
|
page read and write
|
||
|
D8F000
|
stack
|
page read and write
|
||
|
1CE5000
|
heap
|
page read and write
|
||
|
1C93000
|
heap
|
page read and write
|
||
|
17C4000
|
heap
|
page read and write
|
||
|
1416000
|
heap
|
page read and write
|
||
|
1964000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
1CD0000
|
heap
|
page read and write
|
||
|
1FEA8430000
|
heap
|
page read and write
|
||
|
1B00000
|
trusted library allocation
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
1174000
|
heap
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
67C000
|
heap
|
page read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
754000
|
unkown
|
page write copy
|
||
|
520000
|
heap
|
page read and write
|
||
|
1D179FF000
|
stack
|
page read and write
|
||
|
56E000
|
stack
|
page read and write
|
||
|
18D0000
|
trusted library allocation
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
68C000
|
heap
|
page read and write
|
||
|
5EE000
|
stack
|
page read and write
|
||
|
1FEA8331000
|
heap
|
page read and write
|
||
|
2CBC000
|
stack
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
64E000
|
stack
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
1FF000
|
stack
|
page read and write
|
||
|
18D0000
|
trusted library allocation
|
page read and write
|
||
|
387E000
|
stack
|
page read and write
|
||
|
3310000
|
heap
|
page read and write
|
||
|
1FEA8377000
|
heap
|
page read and write
|
||
|
19BA000
|
heap
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
1FEA84CC000
|
heap
|
page read and write
|
||
|
CCF000
|
stack
|
page read and write
|
||
|
1B00000
|
trusted library allocation
|
page read and write
|
||
|
22B0000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
1D17DFE000
|
stack
|
page read and write
|
||
|
143F000
|
heap
|
page read and write
|
||
|
1D177FF000
|
stack
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
3D9E000
|
heap
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
4200000
|
heap
|
page read and write
|
||
|
FFC000
|
stack
|
page read and write
|
||
|
1B00000
|
heap
|
page read and write
|
||
|
476F000
|
stack
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
1FEA834D000
|
heap
|
page read and write
|
||
|
1FEA834E000
|
heap
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
1244000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2ECF000
|
stack
|
page read and write
|
||
|
98F000
|
stack
|
page read and write
|
||
|
1FEA837D000
|
heap
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
30F0000
|
heap
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
65E000
|
heap
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
336E000
|
stack
|
page read and write
|
||
|
436F000
|
stack
|
page read and write
|
||
|
F6A000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1BE000
|
stack
|
page read and write
|
||
|
67C000
|
heap
|
page read and write
|
||
|
4A3E000
|
stack
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
2E4F000
|
stack
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
BC0000
|
unkown
|
page readonly
|
||
|
C4F000
|
stack
|
page read and write
|
||
|
12B9000
|
heap
|
page read and write
|
||
|
17C4000
|
heap
|
page read and write
|
||
|
720000
|
unkown
|
page readonly
|
||
|
660000
|
heap
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
AC8000
|
heap
|
page read and write
|
||
|
79E000
|
stack
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
2CAE000
|
stack
|
page read and write
|
||
|
AB1000
|
heap
|
page read and write
|
||
|
4A7F000
|
stack
|
page read and write
|
||
|
15FC000
|
stack
|
page read and write
|
||
|
1242000
|
heap
|
page read and write
|
||
|
3D40000
|
heap
|
page read and write
|
||
|
746000
|
unkown
|
page readonly
|
||
|
1FEA8355000
|
heap
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
9AA000
|
stack
|
page read and write
|
||
|
ACB000
|
heap
|
page read and write
|
||
|
684000
|
heap
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
2B6E000
|
stack
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1FEA8355000
|
heap
|
page read and write
|
||
|
30FC000
|
heap
|
page read and write
|
||
|
1750000
|
heap
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
18D0000
|
trusted library allocation
|
page read and write
|
||
|
1FEA8345000
|
heap
|
page read and write
|
||
|
1BF8000
|
heap
|
page read and write
|
||
|
75E000
|
heap
|
page read and write
|
||
|
18D0000
|
trusted library allocation
|
page read and write
|
||
|
662000
|
heap
|
page read and write
|
||
|
15B2000
|
heap
|
page read and write
|
||
|
18D0000
|
trusted library allocation
|
page read and write
|
||
|
14CF000
|
heap
|
page read and write
|
||
|
AD2000
|
heap
|
page read and write
|
||
|
1FEA8345000
|
heap
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
1B60000
|
heap
|
page read and write
|
||
|
1FEA8355000
|
heap
|
page read and write
|
||
|
34B0000
|
heap
|
page read and write
|
||
|
2E6D000
|
stack
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
3339000
|
heap
|
page read and write
|
||
|
BE6000
|
unkown
|
page readonly
|
||
|
18D0000
|
trusted library allocation
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
AC8000
|
heap
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
1242000
|
heap
|
page read and write
|
||
|
1B00000
|
trusted library allocation
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
BF9000
|
unkown
|
page readonly
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
1B00000
|
trusted library allocation
|
page read and write
|
||
|
1FEA8410000
|
heap
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
1FEA8375000
|
heap
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
74F000
|
stack
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
18D0000
|
trusted library allocation
|
page read and write
|
||
|
1174000
|
heap
|
page read and write
|
||
|
750000
|
unkown
|
page write copy
|
||
|
750000
|
heap
|
page read and write
|
||
|
1FEA8355000
|
heap
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
1D173BA000
|
stack
|
page read and write
|
||
|
17B0000
|
heap
|
page read and write
|
||
|
1FEA836C000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
68C000
|
heap
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
BF0000
|
unkown
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
48AF000
|
stack
|
page read and write
|
||
|
A98000
|
heap
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
789000
|
heap
|
page read and write
|
||
|
2EEC000
|
stack
|
page read and write
|
||
|
AC8000
|
heap
|
page read and write
|
||
|
18D0000
|
trusted library allocation
|
page read and write
|
||
|
3120000
|
heap
|
page read and write
|
||
|
1FEA837A000
|
heap
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
4FD000
|
unkown
|
page readonly
|
||
|
15CB000
|
heap
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
18D0000
|
trusted library allocation
|
page read and write
|
||
|
4B10000
|
heap
|
page read and write
|
||
|
26FE000
|
stack
|
page read and write
|
||
|
648000
|
heap
|
page read and write
|
||
|
34B4000
|
heap
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
18D0000
|
trusted library allocation
|
page read and write
|
||
|
608000
|
heap
|
page read and write
|
||
|
1B00000
|
trusted library allocation
|
page read and write
|
||
|
D4E000
|
stack
|
page read and write
|
||
|
17C4000
|
heap
|
page read and write
|
||
|
3322000
|
heap
|
page read and write
|
||
|
44B4000
|
trusted library allocation
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
17C4000
|
heap
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
19D9000
|
heap
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
ADB000
|
heap
|
page read and write
|
||
|
1384000
|
heap
|
page read and write
|
||
|
17C4000
|
heap
|
page read and write
|
||
|
1FEA8345000
|
heap
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
21F0000
|
heap
|
page read and write
|
||
|
AD5000
|
heap
|
page read and write
|
||
|
1FEA8379000
|
heap
|
page read and write
|
||
|
68C000
|
heap
|
page read and write
|
||
|
48EE000
|
stack
|
page read and write
|
||
|
1FEA8310000
|
heap
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
17C4000
|
heap
|
page read and write
|
||
|
CFF000
|
stack
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
1B00000
|
trusted library allocation
|
page read and write
|
||
|
4201000
|
heap
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
BF4000
|
unkown
|
page write copy
|
||
|
1B00000
|
trusted library allocation
|
page read and write
|
||
|
2EE8000
|
heap
|
page read and write
|
||
|
2E0E000
|
stack
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
1FEA835F000
|
heap
|
page read and write
|
||
|
1398000
|
heap
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
17C4000
|
heap
|
page read and write
|
||
|
3CC1000
|
heap
|
page read and write
|
||
|
1B00000
|
trusted library allocation
|
page read and write
|
||
|
3128000
|
heap
|
page read and write
|
||
|
A3E000
|
stack
|
page read and write
|
||
|
4CEF000
|
stack
|
page read and write
|
||
|
383E000
|
stack
|
page read and write
|
||
|
1938000
|
heap
|
page read and write
|
||
|
1FEA8345000
|
heap
|
page read and write
|
||
|
AC8000
|
heap
|
page read and write
|
||
|
223E000
|
stack
|
page read and write
|
||
|
1FEA836D000
|
heap
|
page read and write
|
||
|
3470000
|
heap
|
page read and write
|
||
|
1208000
|
heap
|
page read and write
|
||
|
1FEA8378000
|
heap
|
page read and write
|
||
|
17C4000
|
heap
|
page read and write
|
||
|
459E000
|
trusted library allocation
|
page read and write
|
||
|
1FEA835D000
|
heap
|
page read and write
|
||
|
15DD000
|
stack
|
page read and write
|
||
|
12CA000
|
heap
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
15AB000
|
heap
|
page read and write
|
||
|
17C4000
|
heap
|
page read and write
|
||
|
2180000
|
heap
|
page read and write
|
||
|
2DEF000
|
stack
|
page read and write
|
||
|
1C16000
|
heap
|
page read and write
|
||
|
3CC0000
|
heap
|
page read and write
|
||
|
CC000
|
stack
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
1A62000
|
heap
|
page read and write
|
||
|
759000
|
unkown
|
page readonly
|
There are 443 hidden memdumps, click here to show them.