Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
01koiHnedL.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\app
|
Unicode text, UTF-8 (with BOM) text, with no line terminators
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\01koiHnedL.exe
|
"C:\Users\user\Desktop\01koiHnedL.exe"
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\Desktop\01koiHnedL.exe" "01koiHnedL.exe" ENABLE
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
147.185.221.18
|
unknown
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Environment
|
SEE_MASK_NOZONECHECKS
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
352000
|
unkown
|
page readonly
|
|
|
|
2AD1000
|
trusted library allocation
|
page read and write
|
|
|
|
451A000
|
trusted library allocation
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
1069D000
|
stack
|
page read and write
|
||
|
2DD6000
|
heap
|
page read and write
|
||
|
6C4E000
|
stack
|
page read and write
|
||
|
2D2E000
|
heap
|
page read and write
|
||
|
80E0000
|
heap
|
page read and write
|
||
|
95A000
|
trusted library allocation
|
page execute and read and write
|
||
|
52D0000
|
heap
|
page read and write
|
||
|
5BDE000
|
stack
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
7B0E000
|
stack
|
page read and write
|
||
|
991D000
|
stack
|
page read and write
|
||
|
43D7000
|
trusted library allocation
|
page read and write
|
||
|
5308000
|
heap
|
page read and write
|
||
|
4C0C000
|
stack
|
page read and write
|
||
|
D65E000
|
stack
|
page read and write
|
||
|
2D2E000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
7E8E000
|
stack
|
page read and write
|
||
|
2D3D000
|
heap
|
page read and write
|
||
|
2CE0000
|
heap
|
page read and write
|
||
|
DCD000
|
stack
|
page read and write
|
||
|
931D000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
96E000
|
heap
|
page read and write
|
||
|
52FF000
|
heap
|
page read and write
|
||
|
E15E000
|
stack
|
page read and write
|
||
|
C05E000
|
stack
|
page read and write
|
||
|
D60000
|
trusted library allocation
|
page read and write
|
||
|
7ED000
|
stack
|
page read and write
|
||
|
FB1D000
|
stack
|
page read and write
|
||
|
92DE000
|
stack
|
page read and write
|
||
|
96A000
|
heap
|
page read and write
|
||
|
2D83000
|
heap
|
page read and write
|
||
|
2D1F000
|
heap
|
page read and write
|
||
|
D09D000
|
stack
|
page read and write
|
||
|
930000
|
trusted library allocation
|
page read and write
|
||
|
3E96000
|
trusted library allocation
|
page read and write
|
||
|
2FAF000
|
unkown
|
page read and write
|
||
|
2D29000
|
heap
|
page read and write
|
||
|
2D75000
|
heap
|
page read and write
|
||
|
C51D000
|
stack
|
page read and write
|
||
|
47AA000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
DF5D000
|
stack
|
page read and write
|
||
|
6CAA000
|
heap
|
page read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
2D34000
|
heap
|
page read and write
|
||
|
9E5000
|
heap
|
page read and write
|
||
|
BA5D000
|
stack
|
page read and write
|
||
|
2DDE000
|
heap
|
page read and write
|
||
|
3E63000
|
trusted library allocation
|
page read and write
|
||
|
8DDE000
|
stack
|
page read and write
|
||
|
2D85000
|
heap
|
page read and write
|
||
|
52DD000
|
stack
|
page read and write
|
||
|
CE1D000
|
stack
|
page read and write
|
||
|
2D16000
|
heap
|
page read and write
|
||
|
2D29000
|
heap
|
page read and write
|
||
|
2D31000
|
heap
|
page read and write
|
||
|
2D2F000
|
heap
|
page read and write
|
||
|
79CE000
|
stack
|
page read and write
|
||
|
4231000
|
trusted library allocation
|
page read and write
|
||
|
D55D000
|
stack
|
page read and write
|
||
|
2D37000
|
heap
|
page read and write
|
||
|
3B7F000
|
trusted library allocation
|
page read and write
|
||
|
5FDD000
|
stack
|
page read and write
|
||
|
5A80000
|
heap
|
page read and write
|
||
|
1055E000
|
stack
|
page read and write
|
||
|
2D8E000
|
heap
|
page read and write
|
||
|
661E000
|
stack
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
2319E000
|
trusted library allocation
|
page read and write
|
||
|
910000
|
trusted library allocation
|
page read and write
|
||
|
6F6000
|
stack
|
page read and write
|
||
|
499E000
|
stack
|
page read and write
|
||
|
7C0E000
|
stack
|
page read and write
|
||
|
41BE000
|
trusted library allocation
|
page read and write
|
||
|
5A6F000
|
stack
|
page read and write
|
||
|
6FCD000
|
stack
|
page read and write
|
||
|
2D4F000
|
heap
|
page read and write
|
||
|
2D4F000
|
heap
|
page read and write
|
||
|
932000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C40000
|
heap
|
page read and write
|
||
|
7F0A000
|
heap
|
page read and write
|
||
|
30AF000
|
stack
|
page read and write
|
||
|
CF5E000
|
stack
|
page read and write
|
||
|
A7EF000
|
trusted library allocation
|
page read and write
|
||
|
CF1E000
|
stack
|
page read and write
|
||
|
2D83000
|
heap
|
page read and write
|
||
|
F5E000
|
stack
|
page read and write
|
||
|
7F08000
|
heap
|
page read and write
|
||
|
7FC70000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FBF000
|
stack
|
page read and write
|
||
|
6CB6000
|
heap
|
page read and write
|
||
|
52FF000
|
heap
|
page read and write
|
||
|
5D1F000
|
stack
|
page read and write
|
||
|
5301000
|
heap
|
page read and write
|
||
|
2B7B000
|
stack
|
page read and write
|
||
|
EDDD000
|
stack
|
page read and write
|
||
|
513D000
|
stack
|
page read and write
|
||
|
2C30000
|
heap
|
page read and write
|
||
|
41AA000
|
trusted library allocation
|
page read and write
|
||
|
523D000
|
stack
|
page read and write
|
||
|
B41D000
|
stack
|
page read and write
|
||
|
2D31000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
E8DD000
|
stack
|
page read and write
|
||
|
2D7D000
|
heap
|
page read and write
|
||
|
2D78000
|
heap
|
page read and write
|
||
|
1125E000
|
stack
|
page read and write
|
||
|
56DE000
|
stack
|
page read and write
|
||
|
FC5D000
|
stack
|
page read and write
|
||
|
2D2F000
|
heap
|
page read and write
|
||
|
4480000
|
trusted library allocation
|
page read and write
|
||
|
2BFE000
|
stack
|
page read and write
|
||
|
2D29000
|
heap
|
page read and write
|
||
|
2D52000
|
heap
|
page read and write
|
||
|
4BCE000
|
stack
|
page read and write
|
||
|
2D83000
|
heap
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
2D3B000
|
heap
|
page read and write
|
||
|
93A000
|
trusted library allocation
|
page execute and read and write
|
||
|
45DA000
|
trusted library allocation
|
page read and write
|
||
|
FEDE000
|
stack
|
page read and write
|
||
|
50FE000
|
stack
|
page read and write
|
||
|
460D000
|
trusted library allocation
|
page read and write
|
||
|
D80000
|
heap
|
page execute and read and write
|
||
|
80CD000
|
stack
|
page read and write
|
||
|
E9DE000
|
stack
|
page read and write
|
||
|
2D35000
|
heap
|
page read and write
|
||
|
52FF000
|
heap
|
page read and write
|
||
|
4274000
|
trusted library allocation
|
page read and write
|
||
|
75CD000
|
stack
|
page read and write
|
||
|
41F1000
|
trusted library allocation
|
page read and write
|
||
|
7E90000
|
heap
|
page read and write
|
||
|
2D7D000
|
heap
|
page read and write
|
||
|
7EF2000
|
heap
|
page read and write
|
||
|
891D000
|
stack
|
page read and write
|
||
|
2D79000
|
heap
|
page read and write
|
||
|
52FF000
|
heap
|
page read and write
|
||
|
7F21000
|
heap
|
page read and write
|
||
|
B3DE000
|
stack
|
page read and write
|
||
|
3F9B000
|
trusted library allocation
|
page read and write
|
||
|
55E9000
|
heap
|
page read and write
|
||
|
5E5E000
|
stack
|
page read and write
|
||
|
2BBE000
|
unkown
|
page read and write
|
||
|
107DD000
|
stack
|
page read and write
|
||
|
F65D000
|
stack
|
page read and write
|
||
|
2D8D000
|
heap
|
page read and write
|
||
|
94A000
|
trusted library allocation
|
page execute and read and write
|
||
|
A92B000
|
trusted library allocation
|
page read and write
|
||
|
1015E000
|
stack
|
page read and write
|
||
|
7F1F000
|
heap
|
page read and write
|
||
|
2B6E000
|
stack
|
page read and write
|
||
|
3DDC000
|
trusted library allocation
|
page read and write
|
||
|
3E2F000
|
trusted library allocation
|
page read and write
|
||
|
748E000
|
stack
|
page read and write
|
||
|
55A0000
|
heap
|
page read and write
|
||
|
7D4E000
|
stack
|
page read and write
|
||
|
738D000
|
stack
|
page read and write
|
||
|
3C79000
|
trusted library allocation
|
page read and write
|
||
|
5306000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
454D000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
49A0000
|
heap
|
page read and write
|
||
|
3D88000
|
trusted library allocation
|
page read and write
|
||
|
7BB000
|
stack
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
2D87000
|
heap
|
page read and write
|
||
|
49FE000
|
stack
|
page read and write
|
||
|
F25E000
|
stack
|
page read and write
|
||
|
7D8D000
|
stack
|
page read and write
|
||
|
2DDA000
|
heap
|
page read and write
|
||
|
2D86000
|
heap
|
page read and write
|
||
|
527F000
|
stack
|
page read and write
|
||
|
952000
|
trusted library allocation
|
page execute and read and write
|
||
|
52FF000
|
heap
|
page read and write
|
||
|
784E000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
4056000
|
trusted library allocation
|
page read and write
|
||
|
5F9E000
|
stack
|
page read and write
|
||
|
D19E000
|
stack
|
page read and write
|
||
|
48BB000
|
trusted library allocation
|
page read and write
|
||
|
2C35000
|
heap
|
page read and write
|
||
|
3FCE000
|
trusted library allocation
|
page read and write
|
||
|
7ACE000
|
stack
|
page read and write
|
||
|
591E000
|
stack
|
page read and write
|
||
|
4D0B000
|
stack
|
page read and write
|
||
|
9EDD000
|
stack
|
page read and write
|
||
|
EEDD000
|
stack
|
page read and write
|
||
|
BD7000
|
heap
|
page read and write
|
||
|
2B7E000
|
stack
|
page read and write
|
||
|
2D85000
|
heap
|
page read and write
|
||
|
2DD7000
|
heap
|
page read and write
|
||
|
F9DD000
|
stack
|
page read and write
|
||
|
4810000
|
trusted library allocation
|
page read and write
|
||
|
6C52000
|
heap
|
page read and write
|
||
|
2DD4000
|
heap
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
981D000
|
stack
|
page read and write
|
||
|
2DDE000
|
heap
|
page read and write
|
||
|
2D2A000
|
heap
|
page read and write
|
||
|
A2E1000
|
trusted library allocation
|
page read and write
|
||
|
2D4E000
|
heap
|
page read and write
|
||
|
2CD0000
|
heap
|
page read and write
|
||
|
23080000
|
trusted library allocation
|
page read and write
|
||
|
42FD000
|
trusted library allocation
|
page read and write
|
||
|
74CD000
|
stack
|
page read and write
|
||
|
F8DE000
|
stack
|
page read and write
|
||
|
581D000
|
stack
|
page read and write
|
||
|
BAE000
|
stack
|
page read and write
|
||
|
9D5D000
|
stack
|
page read and write
|
||
|
2D4E000
|
heap
|
page read and write
|
||
|
52FF000
|
heap
|
page read and write
|
||
|
3C26000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
4675000
|
trusted library allocation
|
page read and write
|
||
|
D3C000
|
stack
|
page read and write
|
||
|
A2C000
|
heap
|
page read and write
|
||
|
52F1000
|
heap
|
page read and write
|
||
|
4E7C000
|
stack
|
page read and write
|
||
|
734D000
|
stack
|
page read and write
|
||
|
9D9D000
|
stack
|
page read and write
|
||
|
92A000
|
trusted library allocation
|
page execute and read and write
|
||
|
9FDD000
|
stack
|
page read and write
|
||
|
70CD000
|
stack
|
page read and write
|
||
|
5302000
|
heap
|
page read and write
|
||
|
5A70000
|
heap
|
page read and write
|
||
|
CDE000
|
stack
|
page read and write
|
||
|
6C50000
|
heap
|
page read and write
|
||
|
D40000
|
trusted library allocation
|
page read and write
|
||
|
4103000
|
trusted library allocation
|
page read and write
|
||
|
947000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F01000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
9B20000
|
heap
|
page read and write
|
||
|
B91D000
|
stack
|
page read and write
|
||
|
2D7B000
|
heap
|
page read and write
|
||
|
2D4E000
|
heap
|
page read and write
|
||
|
1079E000
|
stack
|
page read and write
|
||
|
D39D000
|
stack
|
page read and write
|
||
|
2D8B000
|
heap
|
page read and write
|
||
|
4702000
|
trusted library allocation
|
page read and write
|
||
|
6C8F000
|
heap
|
page read and write
|
||
|
4330000
|
trusted library allocation
|
page read and write
|
||
|
760D000
|
stack
|
page read and write
|
||
|
559D000
|
stack
|
page read and write
|
||
|
FB5D000
|
stack
|
page read and write
|
||
|
5ADE000
|
stack
|
page read and write
|
||
|
4756000
|
trusted library allocation
|
page read and write
|
||
|
46CE000
|
trusted library allocation
|
page read and write
|
||
|
EB5D000
|
stack
|
page read and write
|
||
|
2D76000
|
heap
|
page read and write
|
||
|
2CF1000
|
heap
|
page read and write
|
||
|
7C4D000
|
stack
|
page read and write
|
||
|
2D37000
|
heap
|
page read and write
|
||
|
A42000
|
heap
|
page read and write
|
||
|
2D78000
|
heap
|
page read and write
|
||
|
2D8F000
|
heap
|
page read and write
|
||
|
7F03000
|
heap
|
page read and write
|
||
|
E10000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
6CB1000
|
heap
|
page read and write
|
||
|
A2E000
|
heap
|
page read and write
|
||
|
D05E000
|
stack
|
page read and write
|
||
|
2D22000
|
heap
|
page read and write
|
||
|
EC5E000
|
stack
|
page read and write
|
||
|
F4DE000
|
stack
|
page read and write
|
||
|
5D5D000
|
stack
|
page read and write
|
||
|
4886000
|
trusted library allocation
|
page read and write
|
||
|
83DE000
|
stack
|
page read and write
|
||
|
3176000
|
heap
|
page read and write
|
||
|
57DE000
|
stack
|
page read and write
|
||
|
2D80000
|
heap
|
page read and write
|
||
|
611D000
|
stack
|
page read and write
|
||
|
2DD3000
|
heap
|
page read and write
|
||
|
FE7000
|
heap
|
page read and write
|
||
|
774D000
|
stack
|
page read and write
|
||
|
2D3B000
|
heap
|
page read and write
|
||
|
BA1E000
|
stack
|
page read and write
|
||
|
6C8D000
|
heap
|
page read and write
|
||
|
4A30000
|
heap
|
page read and write
|
||
|
A2DD000
|
stack
|
page read and write
|
||
|
45A6000
|
trusted library allocation
|
page read and write
|
||
|
724D000
|
stack
|
page read and write
|
||
|
4EBE000
|
stack
|
page read and write
|
||
|
A4A000
|
heap
|
page read and write
|
||
|
2D72000
|
heap
|
page read and write
|
||
|
2D7B000
|
heap
|
page read and write
|
||
|
941D000
|
stack
|
page read and write
|
||
|
FD0000
|
trusted library allocation
|
page read and write
|
||
|
3170000
|
heap
|
page read and write
|
||
|
6CD6000
|
heap
|
page read and write
|
||
|
2D8F000
|
heap
|
page read and write
|
||
|
3AF8000
|
trusted library allocation
|
page read and write
|
||
|
4156000
|
trusted library allocation
|
page read and write
|
||
|
7F27000
|
heap
|
page read and write
|
||
|
2D18000
|
heap
|
page read and write
|
||
|
3FA000
|
stack
|
page read and write
|
||
|
2D3B000
|
heap
|
page read and write
|
||
|
922000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D35000
|
heap
|
page read and write
|
||
|
7F05000
|
heap
|
page read and write
|
||
|
2D2C000
|
heap
|
page read and write
|
||
|
2D2F000
|
heap
|
page read and write
|
||
|
B6B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1005E000
|
stack
|
page read and write
|
||
|
517F000
|
stack
|
page read and write
|
||
|
2CF4000
|
heap
|
page read and write
|
||
|
2D8A000
|
heap
|
page read and write
|
||
|
2D8A000
|
heap
|
page read and write
|
||
|
E3DD000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
CC9D000
|
stack
|
page read and write
|
||
|
3D01000
|
trusted library allocation
|
page read and write
|
||
|
2DDE000
|
heap
|
page read and write
|
||
|
65DD000
|
stack
|
page read and write
|
||
|
44B3000
|
trusted library allocation
|
page read and write
|
||
|
C41D000
|
stack
|
page read and write
|
||
|
2D8A000
|
heap
|
page read and write
|
||
|
788D000
|
stack
|
page read and write
|
||
|
FDDD000
|
stack
|
page read and write
|
||
|
2D8D000
|
heap
|
page read and write
|
||
|
40CE000
|
trusted library allocation
|
page read and write
|
||
|
2D74000
|
heap
|
page read and write
|
||
|
B5E000
|
stack
|
page read and write
|
||
|
52F4000
|
heap
|
page read and write
|
||
|
9C5D000
|
stack
|
page read and write
|
||
|
770D000
|
stack
|
page read and write
|
||
|
4384000
|
trusted library allocation
|
page read and write
|
||
|
B67000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D4E000
|
heap
|
page read and write
|
||
|
D70000
|
trusted library allocation
|
page execute and read and write
|
||
|
5C1E000
|
stack
|
page read and write
|
||
|
91DD000
|
stack
|
page read and write
|
||
|
F3DE000
|
stack
|
page read and write
|
||
|
2D3D000
|
heap
|
page read and write
|
||
|
2D54000
|
heap
|
page read and write
|
||
|
2D79000
|
heap
|
page read and write
|
||
|
2D8A000
|
heap
|
page read and write
|
||
|
3EB6000
|
trusted library allocation
|
page read and write
|
||
|
3BD2000
|
trusted library allocation
|
page read and write
|
||
|
2D8F000
|
heap
|
page read and write
|
||
|
9A20000
|
heap
|
page read and write
|
||
|
2D3D000
|
heap
|
page read and write
|
||
|
9E9D000
|
stack
|
page read and write
|
||
|
635E000
|
stack
|
page read and write
|
||
|
3D54000
|
trusted library allocation
|
page read and write
|
||
|
A25D000
|
stack
|
page read and write
|
||
|
7F5000
|
heap
|
page read and write
|
||
|
52F0000
|
heap
|
page read and write
|
||
|
2D7D000
|
heap
|
page read and write
|
||
|
2D29000
|
heap
|
page read and write
|
||
|
2D54000
|
heap
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
2D54000
|
heap
|
page read and write
|
||
|
23180000
|
trusted library allocation
|
page read and write
|
||
|
2D3C000
|
heap
|
page read and write
|
||
|
4864000
|
trusted library allocation
|
page read and write
|
||
|
42C9000
|
trusted library allocation
|
page read and write
|
||
|
7AD000
|
stack
|
page read and write
|
||
|
E51D000
|
stack
|
page read and write
|
||
|
C09E000
|
stack
|
page read and write
|
||
|
D35D000
|
stack
|
page read and write
|
||
|
4641000
|
trusted library allocation
|
page read and write
|
||
|
E05D000
|
stack
|
page read and write
|
||
|
4D50000
|
unclassified section
|
page read and write
|
||
|
B51E000
|
stack
|
page read and write
|
||
|
8A1E000
|
stack
|
page read and write
|
||
|
3F34000
|
trusted library allocation
|
page read and write
|
||
|
2D2E000
|
heap
|
page read and write
|
||
|
2D15000
|
heap
|
page read and write
|
||
|
2D18000
|
heap
|
page read and write
|
||
|
FA1D000
|
stack
|
page read and write
|
||
|
2D3D000
|
heap
|
page read and write
|
||
|
2D39000
|
heap
|
page read and write
|
||
|
2D51000
|
heap
|
page read and write
|
||
|
BB5E000
|
stack
|
page read and write
|
||
|
A2A000
|
heap
|
page read and write
|
||
|
2D54000
|
heap
|
page read and write
|
||
|
50BE000
|
stack
|
page read and write
|
||
|
B62000
|
trusted library allocation
|
page read and write
|
||
|
6D3A000
|
heap
|
page read and write
|
||
|
2D87000
|
heap
|
page read and write
|
||
|
2D76000
|
heap
|
page read and write
|
||
|
52D1000
|
heap
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
60DE000
|
stack
|
page read and write
|
||
|
E4DE000
|
stack
|
page read and write
|
||
|
2D74000
|
heap
|
page read and write
|
||
|
4D4C000
|
stack
|
page read and write
|
||
|
A8EC000
|
trusted library allocation
|
page read and write
|
||
|
64DD000
|
stack
|
page read and write
|
||
|
E61E000
|
stack
|
page read and write
|
||
|
671D000
|
stack
|
page read and write
|
||
|
549D000
|
stack
|
page read and write
|
||
|
52FF000
|
heap
|
page read and write
|
||
|
625E000
|
stack
|
page read and write
|
||
|
E57000
|
heap
|
page read and write
|
||
|
6CAE000
|
heap
|
page read and write
|
||
|
E0D000
|
stack
|
page read and write
|
||
|
3AD1000
|
trusted library allocation
|
page read and write
|
||
|
442C000
|
trusted library allocation
|
page read and write
|
||
|
4096000
|
trusted library allocation
|
page read and write
|
||
|
2B74000
|
stack
|
page read and write
|
||
|
2D38000
|
heap
|
page read and write
|
||
|
A1E000
|
heap
|
page read and write
|
||
|
2D8B000
|
heap
|
page read and write
|
||
|
2D88000
|
heap
|
page read and write
|
||
|
F75D000
|
stack
|
page read and write
|
||
|
4D70000
|
heap
|
page read and write
|
||
|
2D2C000
|
heap
|
page read and write
|
||
|
3CCD000
|
trusted library allocation
|
page read and write
|
||
|
350000
|
unkown
|
page readonly
|
||
|
A0E000
|
heap
|
page read and write
|
||
|
621E000
|
stack
|
page read and write
|
||
|
108DE000
|
stack
|
page read and write
|
||
|
541C000
|
stack
|
page read and write
|
||
|
798E000
|
stack
|
page read and write
|
||
|
47DC000
|
trusted library allocation
|
page read and write
|
||
|
A15D000
|
stack
|
page read and write
|
||
|
2D8E000
|
heap
|
page read and write
|
||
|
4002000
|
trusted library allocation
|
page read and write
|
||
|
D31D000
|
stack
|
page read and write
|
||
|
2D80000
|
heap
|
page read and write
|
||
|
53DE000
|
stack
|
page read and write
|
||
|
9920000
|
heap
|
page read and write
|
||
|
1065E000
|
stack
|
page read and write
|
||
|
5301000
|
heap
|
page read and write
|
||
|
545B000
|
stack
|
page read and write
|
||
|
BF5E000
|
stack
|
page read and write
|
||
|
4506000
|
trusted library allocation
|
page read and write
|
||
|
C19E000
|
stack
|
page read and write
|
||
|
52F2000
|
heap
|
page read and write
|
||
|
2D7B000
|
heap
|
page read and write
|
||
|
5930000
|
trusted library allocation
|
page execute and read and write
|
||
|
8CDD000
|
stack
|
page read and write
|
||
|
3B4B000
|
trusted library allocation
|
page read and write
|
||
|
5A90000
|
heap
|
page read and write
|
||
|
3F67000
|
trusted library allocation
|
page read and write
|
||
|
CB9D000
|
stack
|
page read and write
|
||
|
5E9D000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
There are 438 hidden memdumps, click here to show them.