Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
7UpMyeV5pj.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Notepad.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Notepad.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Program Files (x86)\Explower.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Explower.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Umbrella.flv.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Umbrella.flv.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Explower.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\History\Explower.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Explower.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Explower.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Explower.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\Explower.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Documents\Explower.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Favorites\Explower.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SysWOW64\Explower.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\autorun.inf
|
Microsoft Windows Autorun file
|
dropped
|
|
|
|
C:\system.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\system.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Explower.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\Explower.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\History\Explower.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Explower.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\Explower.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Explower.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\app
|
Unicode text, UTF-8 (with BOM) text, with no line terminators
|
dropped
|
||
|
C:\Users\user\Desktop\Explower.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\Documents\Explower.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\Favorites\Explower.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\SysWOW64\Explower.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 21 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\7UpMyeV5pj.exe
|
"C:\Users\user\Desktop\7UpMyeV5pj.exe"
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\Desktop\7UpMyeV5pj.exe" "7UpMyeV5pj.exe" ENABLE
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Explower.exe
|
"C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Explower.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
0.tcp.eu.ngrok.io
|
3.124.142.205
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
3.124.142.205
|
0.tcp.eu.ngrok.io
|
United States
|
|
|
|
18.192.31.165
|
unknown
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Environment
|
SEE_MASK_NOZONECHECKS
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
|
DisableTaskMgr
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
B62000
|
unkown
|
page readonly
|
|
|
|
31C1000
|
trusted library allocation
|
page read and write
|
|
|
|
570E000
|
stack
|
page read and write
|
||
|
1442000
|
heap
|
page read and write
|
||
|
1298000
|
heap
|
page read and write
|
||
|
5450000
|
trusted library allocation
|
page execute and read and write
|
||
|
7894000
|
heap
|
page read and write
|
||
|
50B0000
|
heap
|
page read and write
|
||
|
14CE000
|
heap
|
page read and write
|
||
|
1447000
|
heap
|
page read and write
|
||
|
534C000
|
stack
|
page read and write
|
||
|
1517000
|
heap
|
page read and write
|
||
|
4F60000
|
heap
|
page read and write
|
||
|
542C000
|
stack
|
page read and write
|
||
|
503E000
|
stack
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
115A000
|
trusted library allocation
|
page execute and read and write
|
||
|
78B3000
|
heap
|
page read and write
|
||
|
788A000
|
heap
|
page read and write
|
||
|
1850000
|
trusted library allocation
|
page execute and read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
608E000
|
stack
|
page read and write
|
||
|
1182000
|
trusted library allocation
|
page execute and read and write
|
||
|
126A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5170000
|
heap
|
page read and write
|
||
|
7815000
|
heap
|
page read and write
|
||
|
56D8000
|
heap
|
page read and write
|
||
|
5D10000
|
heap
|
page read and write
|
||
|
544C000
|
stack
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
7853000
|
heap
|
page read and write
|
||
|
1423000
|
heap
|
page read and write
|
||
|
7643000
|
heap
|
page read and write
|
||
|
4FFC000
|
stack
|
page read and write
|
||
|
7808000
|
heap
|
page read and write
|
||
|
1337000
|
heap
|
page read and write
|
||
|
1409000
|
heap
|
page read and write
|
||
|
56E1000
|
heap
|
page read and write
|
||
|
786B000
|
heap
|
page read and write
|
||
|
77E8000
|
heap
|
page read and write
|
||
|
1414000
|
heap
|
page read and write
|
||
|
E86000
|
heap
|
page read and write
|
||
|
13DA000
|
heap
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
1455000
|
heap
|
page read and write
|
||
|
14C9000
|
heap
|
page read and write
|
||
|
2E84000
|
trusted library allocation
|
page read and write
|
||
|
1510000
|
heap
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
782A000
|
heap
|
page read and write
|
||
|
566C000
|
stack
|
page read and write
|
||
|
1451000
|
heap
|
page read and write
|
||
|
53EC000
|
stack
|
page read and write
|
||
|
118A000
|
trusted library allocation
|
page execute and read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
165E000
|
stack
|
page read and write
|
||
|
1419000
|
heap
|
page read and write
|
||
|
144B000
|
heap
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
56D1000
|
heap
|
page read and write
|
||
|
56E2000
|
heap
|
page read and write
|
||
|
112F000
|
stack
|
page read and write
|
||
|
7837000
|
heap
|
page read and write
|
||
|
144E000
|
heap
|
page read and write
|
||
|
7910000
|
heap
|
page read and write
|
||
|
788D000
|
heap
|
page read and write
|
||
|
119B000
|
trusted library allocation
|
page execute and read and write
|
||
|
10F4000
|
stack
|
page read and write
|
||
|
1447000
|
heap
|
page read and write
|
||
|
1197000
|
trusted library allocation
|
page execute and read and write
|
||
|
144E000
|
heap
|
page read and write
|
||
|
556B000
|
stack
|
page read and write
|
||
|
1425000
|
heap
|
page read and write
|
||
|
1252000
|
trusted library allocation
|
page execute and read and write
|
||
|
14BD000
|
heap
|
page read and write
|
||
|
786D000
|
heap
|
page read and write
|
||
|
144D000
|
heap
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
1420000
|
heap
|
page read and write
|
||
|
14C8000
|
heap
|
page read and write
|
||
|
138F000
|
unkown
|
page read and write
|
||
|
16A0000
|
heap
|
page read and write
|
||
|
1317000
|
heap
|
page read and write
|
||
|
1443000
|
heap
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
143F000
|
heap
|
page read and write
|
||
|
523C000
|
stack
|
page read and write
|
||
|
5240000
|
trusted library allocation
|
page read and write
|
||
|
1425000
|
heap
|
page read and write
|
||
|
7883000
|
heap
|
page read and write
|
||
|
1162000
|
trusted library allocation
|
page execute and read and write
|
||
|
125C000
|
stack
|
page read and write
|
||
|
E20000
|
heap
|
page execute and read and write
|
||
|
14D0000
|
heap
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
535D000
|
stack
|
page read and write
|
||
|
6621000
|
trusted library allocation
|
page read and write
|
||
|
78A3000
|
heap
|
page read and write
|
||
|
E9E000
|
heap
|
page read and write
|
||
|
A11D000
|
stack
|
page read and write
|
||
|
141E000
|
heap
|
page read and write
|
||
|
7811000
|
heap
|
page read and write
|
||
|
147E000
|
heap
|
page read and write
|
||
|
1427000
|
heap
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
780E000
|
heap
|
page read and write
|
||
|
1451000
|
heap
|
page read and write
|
||
|
147E000
|
heap
|
page read and write
|
||
|
1414000
|
heap
|
page read and write
|
||
|
13F1000
|
heap
|
page read and write
|
||
|
50AC000
|
stack
|
page read and write
|
||
|
5F8E000
|
stack
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
1423000
|
heap
|
page read and write
|
||
|
5BCF000
|
stack
|
page read and write
|
||
|
D0B000
|
stack
|
page read and write
|
||
|
116C000
|
trusted library allocation
|
page execute and read and write
|
||
|
149F000
|
heap
|
page read and write
|
||
|
1414000
|
heap
|
page read and write
|
||
|
1449000
|
heap
|
page read and write
|
||
|
144B000
|
heap
|
page read and write
|
||
|
1406000
|
heap
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
580E000
|
stack
|
page read and write
|
||
|
14BD000
|
heap
|
page read and write
|
||
|
7FB90000
|
trusted library allocation
|
page execute and read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
1429000
|
heap
|
page read and write
|
||
|
133C000
|
heap
|
page read and write
|
||
|
143F000
|
heap
|
page read and write
|
||
|
584E000
|
stack
|
page read and write
|
||
|
7656000
|
heap
|
page read and write
|
||
|
14BE000
|
heap
|
page read and write
|
||
|
5050000
|
trusted library allocation
|
page execute and read and write
|
||
|
1427000
|
heap
|
page read and write
|
||
|
1260000
|
trusted library allocation
|
page read and write
|
||
|
667F000
|
trusted library allocation
|
page read and write
|
||
|
B60000
|
unkown
|
page readonly
|
||
|
1152000
|
trusted library allocation
|
page execute and read and write
|
||
|
1280000
|
heap
|
page read and write
|
||
|
1860000
|
heap
|
page execute and read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
1240000
|
trusted library allocation
|
page read and write
|
||
|
782D000
|
heap
|
page read and write
|
||
|
1459000
|
heap
|
page read and write
|
||
|
1262000
|
trusted library allocation
|
page execute and read and write
|
||
|
1492000
|
trusted library allocation
|
page read and write
|
||
|
1445000
|
heap
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
E39000
|
stack
|
page read and write
|
||
|
5460000
|
heap
|
page read and write
|
||
|
75F0000
|
heap
|
page read and write
|
||
|
67BF000
|
trusted library allocation
|
page read and write
|
||
|
1454000
|
heap
|
page read and write
|
||
|
1427000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
1277000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E86000
|
trusted library allocation
|
page read and write
|
||
|
5ACD000
|
stack
|
page read and write
|
||
|
145B000
|
heap
|
page read and write
|
||
|
13F1000
|
heap
|
page read and write
|
||
|
14BF000
|
heap
|
page read and write
|
||
|
1285000
|
heap
|
page read and write
|
||
|
56E1000
|
heap
|
page read and write
|
||
|
56E5000
|
heap
|
page read and write
|
||
|
F36000
|
stack
|
page read and write
|
||
|
D75000
|
heap
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
E30000
|
heap
|
page read and write
|
||
|
24788000
|
trusted library allocation
|
page read and write
|
||
|
14CA000
|
heap
|
page read and write
|
||
|
1500000
|
trusted library allocation
|
page execute and read and write
|
||
|
69C9000
|
trusted library allocation
|
page read and write
|
||
|
7886000
|
heap
|
page read and write
|
||
|
55CE000
|
stack
|
page read and write
|
||
|
75C0000
|
heap
|
page read and write
|
||
|
367F000
|
stack
|
page read and write
|
||
|
2E8D000
|
trusted library allocation
|
page read and write
|
||
|
1459000
|
heap
|
page read and write
|
||
|
C3B000
|
stack
|
page read and write
|
||
|
7F5E000
|
stack
|
page read and write
|
||
|
1453000
|
heap
|
page read and write
|
||
|
594E000
|
stack
|
page read and write
|
||
|
E0E000
|
stack
|
page read and write
|
||
|
935E000
|
stack
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
77FB000
|
heap
|
page read and write
|
||
|
11C0000
|
trusted library allocation
|
page read and write
|
||
|
666F000
|
trusted library allocation
|
page read and write
|
||
|
1428000
|
heap
|
page read and write
|
||
|
41C1000
|
trusted library allocation
|
page read and write
|
||
|
1276000
|
heap
|
page read and write
|
||
|
56E7000
|
heap
|
page read and write
|
||
|
14C0000
|
trusted library allocation
|
page read and write
|
||
|
117A000
|
trusted library allocation
|
page execute and read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
41E8000
|
trusted library allocation
|
page read and write
|
||
|
1490000
|
trusted library allocation
|
page read and write
|
||
|
135F000
|
heap
|
page read and write
|
||
|
7869000
|
heap
|
page read and write
|
||
|
121E000
|
stack
|
page read and write
|
||
|
128A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1327000
|
heap
|
page read and write
|
||
|
925D000
|
stack
|
page read and write
|
||
|
1290000
|
heap
|
page read and write
|
||
|
143D000
|
heap
|
page read and write
|
||
|
1442000
|
heap
|
page read and write
|
||
|
56E1000
|
heap
|
page read and write
|
||
|
1282000
|
trusted library allocation
|
page execute and read and write
|
||
|
14CE000
|
heap
|
page read and write
|
||
|
144B000
|
heap
|
page read and write
|
||
|
3E61000
|
trusted library allocation
|
page read and write
|
||
|
1447000
|
heap
|
page read and write
|
||
|
D36000
|
stack
|
page read and write
|
||
|
530B000
|
stack
|
page read and write
|
||
|
14BD000
|
heap
|
page read and write
|
||
|
141C000
|
heap
|
page read and write
|
||
|
1459000
|
heap
|
page read and write
|
||
|
ABEA000
|
heap
|
page read and write
|
||
|
548E000
|
stack
|
page read and write
|
||
|
56E2000
|
heap
|
page read and write
|
||
|
77E0000
|
heap
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
ABE0000
|
heap
|
page read and write
|
||
|
2E90000
|
trusted library allocation
|
page read and write
|
||
|
1448000
|
heap
|
page read and write
|
||
|
129E000
|
heap
|
page read and write
|
||
|
78E0000
|
heap
|
page read and write
|
||
|
C09D000
|
stack
|
page read and write
|
||
|
56E8000
|
heap
|
page read and write
|
||
|
56E1000
|
heap
|
page read and write
|
||
|
108E000
|
stack
|
page read and write
|
||
|
1418000
|
heap
|
page read and write
|
||
|
4F0E000
|
stack
|
page read and write
|
||
|
56E6000
|
heap
|
page read and write
|
||
|
6311000
|
trusted library allocation
|
page read and write
|
||
|
6717000
|
trusted library allocation
|
page read and write
|
||
|
1459000
|
heap
|
page read and write
|
||
|
558E000
|
stack
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
1454000
|
heap
|
page read and write
|
||
|
6785000
|
trusted library allocation
|
page read and write
|
||
|
14BD000
|
heap
|
page read and write
|
||
|
1453000
|
heap
|
page read and write
|
||
|
1190000
|
trusted library allocation
|
page read and write
|
||
|
782F000
|
heap
|
page read and write
|
||
|
1425000
|
heap
|
page read and write
|
||
|
1429000
|
heap
|
page read and write
|
||
|
E6A000
|
heap
|
page read and write
|
||
|
14C1000
|
heap
|
page read and write
|
||
|
2B1E000
|
stack
|
page read and write
|
||
|
1457000
|
heap
|
page read and write
|
||
|
767A000
|
heap
|
page read and write
|
||
|
56DB000
|
heap
|
page read and write
|
||
|
169C000
|
stack
|
page read and write
|
||
|
AE20000
|
heap
|
page read and write
|
||
|
147E000
|
heap
|
page read and write
|
||
|
24680000
|
trusted library allocation
|
page read and write
|
||
|
51BF000
|
stack
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
1454000
|
heap
|
page read and write
|
||
|
1429000
|
heap
|
page read and write
|
||
|
145C000
|
heap
|
page read and write
|
||
|
127A000
|
trusted library allocation
|
page execute and read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
A01D000
|
stack
|
page read and write
|
||
|
1105000
|
heap
|
page read and write
|
||
|
120E000
|
stack
|
page read and write
|
||
|
4EC0000
|
heap
|
page read and write
|
||
|
24795000
|
trusted library allocation
|
page read and write
|
||
|
14BD000
|
heap
|
page read and write
|
||
|
1428000
|
heap
|
page read and write
|
||
|
155E000
|
stack
|
page read and write
|
||
|
3E64000
|
trusted library allocation
|
page read and write
|
||
|
7E5D000
|
stack
|
page read and write
|
||
|
14BD000
|
heap
|
page read and write
|
||
|
142A000
|
heap
|
page read and write
|
||
|
125A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5040000
|
trusted library allocation
|
page read and write
|
||
|
7870000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
1497000
|
trusted library allocation
|
page execute and read and write
|
||
|
1388000
|
heap
|
page read and write
|
||
|
1454000
|
heap
|
page read and write
|
||
|
5F4E000
|
stack
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
1459000
|
heap
|
page read and write
|
||
|
1140000
|
trusted library allocation
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
14F0000
|
trusted library allocation
|
page read and write
|
||
|
56B0000
|
heap
|
page read and write
|
||
|
1416000
|
heap
|
page read and write
|
||
|
7857000
|
heap
|
page read and write
|
||
|
10FB000
|
stack
|
page read and write
|
||
|
AF20000
|
heap
|
page read and write
|
||
|
56AF000
|
stack
|
page read and write
|
||
|
5430000
|
unclassified section
|
page read and write
|
||
|
DBE000
|
unkown
|
page read and write
|
||
|
149B000
|
trusted library allocation
|
page execute and read and write
|
||
|
145C000
|
heap
|
page read and write
|
||
|
7900000
|
heap
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
56E1000
|
heap
|
page read and write
|
||
|
1445000
|
heap
|
page read and write
|
||
|
56E9000
|
heap
|
page read and write
|
||
|
5E4D000
|
stack
|
page read and write
|
||
|
147E000
|
heap
|
page read and write
|
||
|
120F000
|
stack
|
page read and write
|
||
|
56CE000
|
stack
|
page read and write
|
||
|
1423000
|
heap
|
page read and write
|
||
|
1440000
|
heap
|
page read and write
|
||
|
780C000
|
heap
|
page read and write
|
||
|
56D2000
|
heap
|
page read and write
|
||
|
144E000
|
heap
|
page read and write
|
||
|
14C5000
|
heap
|
page read and write
|
||
|
2E61000
|
trusted library allocation
|
page read and write
|
||
|
747B000
|
stack
|
page read and write
|
||
|
144E000
|
heap
|
page read and write
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
10EE000
|
stack
|
page read and write
|
||
|
7623000
|
heap
|
page read and write
|
||
|
10FE000
|
stack
|
page read and write
|
||
|
1448000
|
heap
|
page read and write
|
||
|
783E000
|
heap
|
page read and write
|
||
|
C19E000
|
stack
|
page read and write
|
||
|
145C000
|
heap
|
page read and write
|
||
|
E6E000
|
heap
|
page read and write
|
||
|
1418000
|
heap
|
page read and write
|
||
|
144B000
|
heap
|
page read and write
|
||
|
143D000
|
heap
|
page read and write
|
||
|
14BD000
|
heap
|
page read and write
|
||
|
1443000
|
heap
|
page read and write
|
||
|
77F8000
|
heap
|
page read and write
|
||
|
116A000
|
trusted library allocation
|
page execute and read and write
|
||
|
667D000
|
trusted library allocation
|
page read and write
|
||
|
14D7000
|
heap
|
page read and write
|
||
|
16A7000
|
heap
|
page read and write
|
||
|
1429000
|
heap
|
page read and write
|
||
|
1160000
|
trusted library allocation
|
page read and write
|
There are 331 hidden memdumps, click here to show them.