Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
usxJqoxQhz.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\usxJqoxQhz.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\server.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\server.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\usxJqoxQhz.exe
|
"C:\Users\user\Desktop\usxJqoxQhz.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\server.exe
|
"C:\Users\user\AppData\Local\Temp\server.exe"
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\AppData\Local\Temp\server.exe" "server.exe" ENABLE
|
|
|
|
C:\Users\user\AppData\Local\Temp\server.exe
|
"C:\Users\user\AppData\Local\Temp\server.exe" ..
|
|
|
|
C:\Users\user\AppData\Local\Temp\server.exe
|
"C:\Users\user\AppData\Local\Temp\server.exe" ..
|
|
|
|
C:\Users\user\AppData\Local\Temp\server.exe
|
"C:\Users\user\AppData\Local\Temp\server.exe" ..
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mohmoh002.ddns.net
|
103.130.147.13
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
103.130.147.13
|
mohmoh002.ddns.net
|
Turkey
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER
|
di
|
|
|
|
HKEY_CURRENT_USER\Environment
|
SEE_MASK_NOZONECHECKS
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
d922c61e0aecad1aa02e873c7d37cf0a
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
|
d922c61e0aecad1aa02e873c7d37cf0a
|
||
|
HKEY_CURRENT_USER\SOFTWARE\d922c61e0aecad1aa02e873c7d37cf0a
|
[kl]
|
||
|
HKEY_CURRENT_USER\SOFTWARE\d922c61e0aecad1aa02e873c7d37cf0a
|
[kl]
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3161000
|
trusted library allocation
|
page read and write
|
|
|
|
2E11000
|
trusted library allocation
|
page read and write
|
|
|
|
AE2000
|
unkown
|
page readonly
|
|
|
|
951000
|
heap
|
page read and write
|
||
|
CC7000
|
trusted library allocation
|
page execute and read and write
|
||
|
9B4000
|
heap
|
page read and write
|
||
|
1025000
|
heap
|
page read and write
|
||
|
FBB000
|
trusted library allocation
|
page execute and read and write
|
||
|
E24000
|
heap
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
FFE000
|
stack
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
4C7E000
|
stack
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
9DE000
|
heap
|
page read and write
|
||
|
D5C000
|
trusted library allocation
|
page execute and read and write
|
||
|
5030000
|
trusted library allocation
|
page execute and read and write
|
||
|
F50000
|
heap
|
page execute and read and write
|
||
|
897000
|
heap
|
page read and write
|
||
|
9B4000
|
heap
|
page read and write
|
||
|
4BD0000
|
trusted library allocation
|
page read and write
|
||
|
99E000
|
stack
|
page read and write
|
||
|
C2F000
|
stack
|
page read and write
|
||
|
1427000
|
trusted library allocation
|
page execute and read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
100E000
|
stack
|
page read and write
|
||
|
B62000
|
trusted library allocation
|
page execute and read and write
|
||
|
1020000
|
trusted library allocation
|
page read and write
|
||
|
16DF000
|
stack
|
page read and write
|
||
|
967000
|
heap
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
BBE000
|
stack
|
page read and write
|
||
|
EA0000
|
heap
|
page execute and read and write
|
||
|
C97000
|
trusted library allocation
|
page execute and read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
C8A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BCE000
|
stack
|
page read and write
|
||
|
44EE000
|
stack
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
4FC9000
|
stack
|
page read and write
|
||
|
9AC000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
9DB000
|
heap
|
page read and write
|
||
|
989000
|
heap
|
page read and write
|
||
|
D5C000
|
stack
|
page read and write
|
||
|
13C0000
|
trusted library allocation
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
4FDE000
|
stack
|
page read and write
|
||
|
5060000
|
heap
|
page read and write
|
||
|
9D9000
|
heap
|
page read and write
|
||
|
CA2000
|
trusted library allocation
|
page execute and read and write
|
||
|
9A2000
|
heap
|
page read and write
|
||
|
4F90000
|
trusted library allocation
|
page read and write
|
||
|
3E11000
|
trusted library allocation
|
page read and write
|
||
|
E60000
|
trusted library allocation
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
4FF9000
|
heap
|
page read and write
|
||
|
CE8000
|
heap
|
page read and write
|
||
|
BBE000
|
stack
|
page read and write
|
||
|
99B000
|
heap
|
page read and write
|
||
|
A05000
|
heap
|
page read and write
|
||
|
A03000
|
heap
|
page read and write
|
||
|
A05000
|
heap
|
page read and write
|
||
|
A05000
|
heap
|
page read and write
|
||
|
519F000
|
stack
|
page read and write
|
||
|
158E000
|
stack
|
page read and write
|
||
|
4720000
|
heap
|
page read and write
|
||
|
895000
|
heap
|
page read and write
|
||
|
4FEC000
|
heap
|
page read and write
|
||
|
3A94000
|
trusted library allocation
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
A05000
|
heap
|
page read and write
|
||
|
F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
9AC000
|
heap
|
page read and write
|
||
|
CAC000
|
trusted library allocation
|
page execute and read and write
|
||
|
C7A000
|
trusted library allocation
|
page execute and read and write
|
||
|
13F6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1540000
|
trusted library allocation
|
page read and write
|
||
|
A22000
|
heap
|
page read and write
|
||
|
99D000
|
heap
|
page read and write
|
||
|
55B0000
|
heap
|
page read and write
|
||
|
8B5000
|
heap
|
page read and write
|
||
|
4F5E000
|
stack
|
page read and write
|
||
|
9AC000
|
heap
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
D50000
|
trusted library allocation
|
page read and write
|
||
|
501E000
|
stack
|
page read and write
|
||
|
4161000
|
trusted library allocation
|
page read and write
|
||
|
5040000
|
unclassified section
|
page read and write
|
||
|
A24000
|
heap
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
868000
|
heap
|
page read and write
|
||
|
9BA000
|
heap
|
page read and write
|
||
|
AF9000
|
stack
|
page read and write
|
||
|
3E37000
|
trusted library allocation
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
3147000
|
trusted library allocation
|
page read and write
|
||
|
CCB000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F0E000
|
stack
|
page read and write
|
||
|
CA6000
|
trusted library allocation
|
page execute and read and write
|
||
|
146E000
|
stack
|
page read and write
|
||
|
7C5000
|
heap
|
page read and write
|
||
|
CB5000
|
heap
|
page read and write
|
||
|
9AF000
|
heap
|
page read and write
|
||
|
E12000
|
heap
|
page read and write
|
||
|
A05000
|
heap
|
page read and write
|
||
|
9AF000
|
heap
|
page read and write
|
||
|
505E000
|
stack
|
page read and write
|
||
|
139E000
|
stack
|
page read and write
|
||
|
105E000
|
stack
|
page read and write
|
||
|
4F1E000
|
stack
|
page read and write
|
||
|
46AE000
|
stack
|
page read and write
|
||
|
D72000
|
trusted library allocation
|
page execute and read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
13F0000
|
trusted library allocation
|
page read and write
|
||
|
9A7000
|
heap
|
page read and write
|
||
|
9AC000
|
heap
|
page read and write
|
||
|
1186000
|
heap
|
page read and write
|
||
|
45EE000
|
stack
|
page read and write
|
||
|
4E0E000
|
stack
|
page read and write
|
||
|
D13000
|
heap
|
page read and write
|
||
|
572F000
|
stack
|
page read and write
|
||
|
99B000
|
heap
|
page read and write
|
||
|
9D9000
|
heap
|
page read and write
|
||
|
51DE000
|
stack
|
page read and write
|
||
|
99B000
|
heap
|
page read and write
|
||
|
13F2000
|
trusted library allocation
|
page execute and read and write
|
||
|
116E000
|
heap
|
page read and write
|
||
|
9A9000
|
heap
|
page read and write
|
||
|
4FB000
|
stack
|
page read and write
|
||
|
A2A000
|
heap
|
page read and write
|
||
|
CCF000
|
stack
|
page read and write
|
||
|
98A000
|
heap
|
page read and write
|
||
|
A05000
|
heap
|
page read and write
|
||
|
53DE000
|
stack
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
1320000
|
heap
|
page execute and read and write
|
||
|
D8B000
|
trusted library allocation
|
page execute and read and write
|
||
|
C60000
|
heap
|
page execute and read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
B32000
|
trusted library allocation
|
page execute and read and write
|
||
|
54DE000
|
stack
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
2E1F000
|
stack
|
page read and write
|
||
|
4E10000
|
heap
|
page read and write
|
||
|
10FF000
|
stack
|
page read and write
|
||
|
C80000
|
trusted library allocation
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
988000
|
heap
|
page read and write
|
||
|
11DF000
|
heap
|
page read and write
|
||
|
3E31000
|
trusted library allocation
|
page read and write
|
||
|
5C2C000
|
stack
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
D10000
|
trusted library allocation
|
page read and write
|
||
|
55C0000
|
heap
|
page read and write
|
||
|
59EE000
|
stack
|
page read and write
|
||
|
6EE000
|
stack
|
page read and write
|
||
|
1700000
|
heap
|
page read and write
|
||
|
E35000
|
heap
|
page read and write
|
||
|
11BF000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
7DE000
|
stack
|
page read and write
|
||
|
C92000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FE1000
|
heap
|
page read and write
|
||
|
4FFB000
|
heap
|
page read and write
|
||
|
586E000
|
stack
|
page read and write
|
||
|
6F3000
|
stack
|
page read and write
|
||
|
99B000
|
heap
|
page read and write
|
||
|
14D0000
|
heap
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
1500000
|
trusted library allocation
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
5440000
|
trusted library allocation
|
page execute and read and write
|
||
|
B2E000
|
unkown
|
page read and write
|
||
|
14BE000
|
stack
|
page read and write
|
||
|
9A2000
|
heap
|
page read and write
|
||
|
B20000
|
trusted library allocation
|
page read and write
|
||
|
4F6F000
|
stack
|
page read and write
|
||
|
B7B000
|
stack
|
page read and write
|
||
|
54EE000
|
stack
|
page read and write
|
||
|
46F0000
|
heap
|
page read and write
|
||
|
4F8C000
|
stack
|
page read and write
|
||
|
57A0000
|
heap
|
page read and write
|
||
|
AE0000
|
unkown
|
page readonly
|
||
|
4FEC000
|
heap
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
9A6000
|
heap
|
page read and write
|
||
|
4BDF000
|
trusted library allocation
|
page read and write
|
||
|
4FF8000
|
heap
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
13FC000
|
trusted library allocation
|
page execute and read and write
|
||
|
EF6000
|
stack
|
page read and write
|
||
|
87F000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
A2E000
|
heap
|
page read and write
|
||
|
9B6000
|
heap
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
4FFB000
|
heap
|
page read and write
|
||
|
9ED000
|
heap
|
page read and write
|
||
|
89C000
|
heap
|
page read and write
|
||
|
15B0000
|
trusted library allocation
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
9A9000
|
heap
|
page read and write
|
||
|
11D7000
|
heap
|
page read and write
|
||
|
B4C000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FEC000
|
heap
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
A2B000
|
heap
|
page read and write
|
||
|
4FE1000
|
heap
|
page read and write
|
||
|
855000
|
heap
|
page read and write
|
||
|
A26000
|
heap
|
page read and write
|
||
|
1060000
|
trusted library allocation
|
page read and write
|
||
|
4ACE000
|
stack
|
page read and write
|
||
|
4C90000
|
heap
|
page read and write
|
||
|
7EB000
|
stack
|
page read and write
|
||
|
D88000
|
heap
|
page read and write
|
||
|
5C8D000
|
stack
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
975000
|
heap
|
page read and write
|
||
|
4FE2000
|
heap
|
page read and write
|
||
|
5B6000
|
stack
|
page read and write
|
||
|
4D0E000
|
stack
|
page read and write
|
||
|
976000
|
heap
|
page read and write
|
||
|
4E5E000
|
stack
|
page read and write
|
||
|
7F6000
|
heap
|
page read and write
|
||
|
A2E000
|
heap
|
page read and write
|
||
|
4C60000
|
trusted library allocation
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
55EE000
|
stack
|
page read and write
|
||
|
CE6000
|
heap
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
C0E000
|
stack
|
page read and write
|
||
|
CBE000
|
stack
|
page read and write
|
||
|
4FEC000
|
heap
|
page read and write
|
||
|
4F2E000
|
stack
|
page read and write
|
||
|
AF6000
|
stack
|
page read and write
|
||
|
2B81000
|
trusted library allocation
|
page read and write
|
||
|
56D8000
|
heap
|
page read and write
|
||
|
56A0000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
4DDE000
|
stack
|
page read and write
|
||
|
987000
|
heap
|
page read and write
|
||
|
3B84000
|
trusted library allocation
|
page read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
C72000
|
trusted library allocation
|
page execute and read and write
|
||
|
99B000
|
heap
|
page read and write
|
||
|
955000
|
heap
|
page read and write
|
||
|
4CDE000
|
stack
|
page read and write
|
||
|
116A000
|
heap
|
page read and write
|
||
|
951000
|
heap
|
page read and write
|
||
|
9AF000
|
heap
|
page read and write
|
||
|
F7E000
|
stack
|
page read and write
|
||
|
13EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
9A3000
|
heap
|
page read and write
|
||
|
D8E000
|
heap
|
page read and write
|
||
|
964000
|
heap
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
CA2000
|
trusted library allocation
|
page execute and read and write
|
||
|
9DB000
|
heap
|
page read and write
|
||
|
C60000
|
trusted library allocation
|
page read and write
|
||
|
5610000
|
heap
|
page read and write
|
||
|
78E000
|
stack
|
page read and write
|
||
|
987000
|
heap
|
page read and write
|
||
|
9AE000
|
heap
|
page read and write
|
||
|
9A1000
|
heap
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
C82000
|
trusted library allocation
|
page execute and read and write
|
||
|
E6F000
|
trusted library allocation
|
page read and write
|
||
|
97C000
|
heap
|
page read and write
|
||
|
6FB000
|
stack
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
E44000
|
heap
|
page read and write
|
||
|
D52000
|
trusted library allocation
|
page execute and read and write
|
||
|
C9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
58AE000
|
stack
|
page read and write
|
||
|
4FF7000
|
heap
|
page read and write
|
||
|
4E1E000
|
stack
|
page read and write
|
||
|
74D000
|
unkown
|
page read and write
|
||
|
3E34000
|
trusted library allocation
|
page read and write
|
||
|
945000
|
heap
|
page read and write
|
||
|
9D8000
|
heap
|
page read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
12D0000
|
trusted library allocation
|
page read and write
|
||
|
C80000
|
trusted library allocation
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
981000
|
heap
|
page read and write
|
||
|
529F000
|
stack
|
page read and write
|
||
|
13FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
97B000
|
heap
|
page read and write
|
||
|
B46000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FFA000
|
heap
|
page read and write
|
||
|
CFD000
|
heap
|
page read and write
|
||
|
975000
|
heap
|
page read and write
|
||
|
989000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
951000
|
heap
|
page read and write
|
||
|
FB7000
|
trusted library allocation
|
page execute and read and write
|
||
|
97C000
|
heap
|
page read and write
|
||
|
99F000
|
heap
|
page read and write
|
||
|
52FE000
|
stack
|
page read and write
|
||
|
975000
|
heap
|
page read and write
|
||
|
A29000
|
heap
|
page read and write
|
||
|
4FED000
|
heap
|
page read and write
|
||
|
9D9000
|
heap
|
page read and write
|
||
|
4BB000
|
stack
|
page read and write
|
||
|
9A8000
|
heap
|
page read and write
|
||
|
1240000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FE9000
|
heap
|
page read and write
|
||
|
9B3000
|
heap
|
page read and write
|
||
|
B9E000
|
stack
|
page read and write
|
||
|
FAF000
|
stack
|
page read and write
|
||
|
576E000
|
stack
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
941000
|
heap
|
page read and write
|
||
|
4FED000
|
heap
|
page read and write
|
||
|
99F000
|
heap
|
page read and write
|
||
|
D42000
|
trusted library allocation
|
page execute and read and write
|
||
|
3B81000
|
trusted library allocation
|
page read and write
|
||
|
A05000
|
heap
|
page read and write
|
||
|
4164000
|
trusted library allocation
|
page read and write
|
||
|
B7B000
|
trusted library allocation
|
page execute and read and write
|
||
|
D87000
|
trusted library allocation
|
page execute and read and write
|
||
|
39B000
|
stack
|
page read and write
|
||
|
9E1000
|
heap
|
page read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
C9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
CC2000
|
trusted library allocation
|
page read and write
|
||
|
13E2000
|
trusted library allocation
|
page execute and read and write
|
||
|
B3A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1412000
|
trusted library allocation
|
page execute and read and write
|
||
|
A3C000
|
heap
|
page read and write
|
||
|
3A91000
|
trusted library allocation
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
2E31000
|
trusted library allocation
|
page read and write
|
||
|
9DB000
|
heap
|
page read and write
|
||
|
D56000
|
trusted library allocation
|
page execute and read and write
|
||
|
46EE000
|
stack
|
page read and write
|
||
|
987000
|
heap
|
page read and write
|
||
|
EF9000
|
stack
|
page read and write
|
||
|
112E000
|
stack
|
page read and write
|
||
|
71A000
|
stack
|
page read and write
|
||
|
1510000
|
trusted library allocation
|
page execute and read and write
|
||
|
14F0000
|
heap
|
page execute and read and write
|
||
|
4FC0000
|
heap
|
page read and write
|
||
|
99C000
|
heap
|
page read and write
|
||
|
4D6F000
|
stack
|
page read and write
|
||
|
CA0000
|
trusted library allocation
|
page read and write
|
||
|
7F2B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
9B4000
|
heap
|
page read and write
|
||
|
15BF000
|
trusted library allocation
|
page read and write
|
||
|
F88000
|
trusted library allocation
|
page read and write
|
||
|
142B000
|
trusted library allocation
|
page execute and read and write
|
||
|
A6E000
|
stack
|
page read and write
|
||
|
5AEF000
|
stack
|
page read and write
|
||
|
E0D000
|
heap
|
page read and write
|
||
|
97D000
|
heap
|
page read and write
|
||
|
A29000
|
heap
|
page read and write
|
||
|
985000
|
heap
|
page read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
5D8E000
|
stack
|
page read and write
|
||
|
4D70000
|
heap
|
page read and write
|
||
|
9AF000
|
heap
|
page read and write
|
||
|
987000
|
heap
|
page read and write
|
||
|
CAA000
|
trusted library allocation
|
page execute and read and write
|
||
|
131C000
|
stack
|
page read and write
|
||
|
B0E000
|
stack
|
page read and write
|
||
|
119E000
|
heap
|
page read and write
|
||
|
B77000
|
trusted library allocation
|
page execute and read and write
|
||
|
D4A000
|
trusted library allocation
|
page execute and read and write
|
||
|
DCF000
|
stack
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
982000
|
heap
|
page read and write
|
||
|
4F9E000
|
stack
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
A23000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
985000
|
heap
|
page read and write
|
||
|
6FE000
|
stack
|
page read and write
|
||
|
509E000
|
stack
|
page read and write
|
||
|
5F6000
|
stack
|
page read and write
|
||
|
5063000
|
heap
|
page read and write
|
||
|
AF6000
|
stack
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
E1E000
|
stack
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
1560000
|
heap
|
page read and write
|
||
|
9B1000
|
heap
|
page read and write
|
||
|
D0E000
|
stack
|
page read and write
|
||
|
DF5000
|
heap
|
page read and write
|
||
|
99F000
|
heap
|
page read and write
|
||
|
9DB000
|
heap
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
4F5E000
|
stack
|
page read and write
|
||
|
5B2B000
|
stack
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
9B2000
|
heap
|
page read and write
|
||
|
59AE000
|
stack
|
page read and write
|
||
|
A2E000
|
heap
|
page read and write
|
||
|
15C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
AF9000
|
stack
|
page read and write
|
||
|
B42000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A91000
|
trusted library allocation
|
page read and write
|
||
|
5090000
|
heap
|
page read and write
|
||
|
9D9000
|
heap
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
9BC000
|
heap
|
page read and write
|
||
|
C15000
|
heap
|
page read and write
|
||
|
562E000
|
stack
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
9B4000
|
heap
|
page read and write
|
||
|
9DC000
|
heap
|
page read and write
|
||
|
539E000
|
stack
|
page read and write
|
||
|
505E000
|
stack
|
page read and write
|
||
|
CD2000
|
trusted library allocation
|
page execute and read and write
|
||
|
50DE000
|
stack
|
page read and write
|
||
|
B40000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
4F4B000
|
stack
|
page read and write
|
||
|
A21000
|
heap
|
page read and write
|
||
|
123E000
|
stack
|
page read and write
|
||
|
DCE000
|
stack
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
1420000
|
trusted library allocation
|
page read and write
|
||
|
93B000
|
heap
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
129E000
|
stack
|
page read and write
|
||
|
981000
|
heap
|
page read and write
|
||
|
9A1000
|
heap
|
page read and write
|
||
|
274F000
|
stack
|
page read and write
|
||
|
9BF000
|
heap
|
page read and write
|
||
|
A05000
|
heap
|
page read and write
|
||
|
9AC000
|
heap
|
page read and write
|
||
|
12C0000
|
trusted library allocation
|
page read and write
|
||
|
B6E000
|
stack
|
page read and write
|
There are 434 hidden memdumps, click here to show them.