Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
rPO_CW00402902400429.exe
|
PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rPO_CW0040290240_c467604e2b9041c156143b855f9b456346c1ec4_ec16f35a_4b4e821b-314a-40c1-8f69-ae3e221c07af\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5D13.tmp.dmp
|
Mini DuMP crash report, 16 streams, Wed Sep 25 11:57:26 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5E0E.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5E2E.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\rPO_CW00402902400429.exe
|
"C:\Users\user\Desktop\rPO_CW00402902400429.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\installutil.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe"
|
|
|
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 2056 -s 1032
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://mail.visiontrade.ae
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mail.visiontrade.ae
|
192.185.35.35
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.185.35.35
|
mail.visiontrade.ae
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{adafa04f-348b-440f-5e11-0a5cf4e645d6}\Root\InventoryApplicationFile\rpo_cw0040290240|7dd4226993af6226
|
ProgramId
|
||
|
\REGISTRY\A\{adafa04f-348b-440f-5e11-0a5cf4e645d6}\Root\InventoryApplicationFile\rpo_cw0040290240|7dd4226993af6226
|
FileId
|
||
|
\REGISTRY\A\{adafa04f-348b-440f-5e11-0a5cf4e645d6}\Root\InventoryApplicationFile\rpo_cw0040290240|7dd4226993af6226
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{adafa04f-348b-440f-5e11-0a5cf4e645d6}\Root\InventoryApplicationFile\rpo_cw0040290240|7dd4226993af6226
|
LongPathHash
|
||
|
\REGISTRY\A\{adafa04f-348b-440f-5e11-0a5cf4e645d6}\Root\InventoryApplicationFile\rpo_cw0040290240|7dd4226993af6226
|
Name
|
||
|
\REGISTRY\A\{adafa04f-348b-440f-5e11-0a5cf4e645d6}\Root\InventoryApplicationFile\rpo_cw0040290240|7dd4226993af6226
|
OriginalFileName
|
||
|
\REGISTRY\A\{adafa04f-348b-440f-5e11-0a5cf4e645d6}\Root\InventoryApplicationFile\rpo_cw0040290240|7dd4226993af6226
|
Publisher
|
||
|
\REGISTRY\A\{adafa04f-348b-440f-5e11-0a5cf4e645d6}\Root\InventoryApplicationFile\rpo_cw0040290240|7dd4226993af6226
|
Version
|
||
|
\REGISTRY\A\{adafa04f-348b-440f-5e11-0a5cf4e645d6}\Root\InventoryApplicationFile\rpo_cw0040290240|7dd4226993af6226
|
BinFileVersion
|
||
|
\REGISTRY\A\{adafa04f-348b-440f-5e11-0a5cf4e645d6}\Root\InventoryApplicationFile\rpo_cw0040290240|7dd4226993af6226
|
BinaryType
|
||
|
\REGISTRY\A\{adafa04f-348b-440f-5e11-0a5cf4e645d6}\Root\InventoryApplicationFile\rpo_cw0040290240|7dd4226993af6226
|
ProductName
|
||
|
\REGISTRY\A\{adafa04f-348b-440f-5e11-0a5cf4e645d6}\Root\InventoryApplicationFile\rpo_cw0040290240|7dd4226993af6226
|
ProductVersion
|
||
|
\REGISTRY\A\{adafa04f-348b-440f-5e11-0a5cf4e645d6}\Root\InventoryApplicationFile\rpo_cw0040290240|7dd4226993af6226
|
LinkDate
|
||
|
\REGISTRY\A\{adafa04f-348b-440f-5e11-0a5cf4e645d6}\Root\InventoryApplicationFile\rpo_cw0040290240|7dd4226993af6226
|
BinProductVersion
|
||
|
\REGISTRY\A\{adafa04f-348b-440f-5e11-0a5cf4e645d6}\Root\InventoryApplicationFile\rpo_cw0040290240|7dd4226993af6226
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{adafa04f-348b-440f-5e11-0a5cf4e645d6}\Root\InventoryApplicationFile\rpo_cw0040290240|7dd4226993af6226
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{adafa04f-348b-440f-5e11-0a5cf4e645d6}\Root\InventoryApplicationFile\rpo_cw0040290240|7dd4226993af6226
|
Size
|
||
|
\REGISTRY\A\{adafa04f-348b-440f-5e11-0a5cf4e645d6}\Root\InventoryApplicationFile\rpo_cw0040290240|7dd4226993af6226
|
Language
|
||
|
\REGISTRY\A\{adafa04f-348b-440f-5e11-0a5cf4e645d6}\Root\InventoryApplicationFile\rpo_cw0040290240|7dd4226993af6226
|
Usn
|
There are 9 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3671000
|
trusted library allocation
|
page read and write
|
|
|
|
229A4E26000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
229B4F2B000
|
trusted library allocation
|
page read and write
|
|
|
|
229A4B01000
|
trusted library allocation
|
page read and write
|
||
|
A52C000
|
stack
|
page read and write
|
||
|
3A54000
|
trusted library allocation
|
page read and write
|
||
|
229B4AC7000
|
trusted library allocation
|
page read and write
|
||
|
4671000
|
trusted library allocation
|
page read and write
|
||
|
229A2F3C000
|
heap
|
page read and write
|
||
|
229A2F95000
|
heap
|
page read and write
|
||
|
8CDC000
|
stack
|
page read and write
|
||
|
7FFB4B1DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
650D000
|
stack
|
page read and write
|
||
|
14E0000
|
trusted library allocation
|
page read and write
|
||
|
57FD000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B340000
|
trusted library allocation
|
page read and write
|
||
|
4878000
|
trusted library allocation
|
page read and write
|
||
|
47D8000
|
trusted library allocation
|
page read and write
|
||
|
3090000
|
trusted library allocation
|
page read and write
|
||
|
39FF000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B184000
|
trusted library allocation
|
page read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
47F8000
|
trusted library allocation
|
page read and write
|
||
|
6A8F000
|
stack
|
page read and write
|
||
|
57AD000
|
stack
|
page read and write
|
||
|
56AC000
|
stack
|
page read and write
|
||
|
4798000
|
trusted library allocation
|
page read and write
|
||
|
81EC000
|
stack
|
page read and write
|
||
|
3220000
|
heap
|
page read and write
|
||
|
30A5000
|
trusted library allocation
|
page execute and read and write
|
||
|
303C000
|
stack
|
page read and write
|
||
|
7FFB4B192000
|
trusted library allocation
|
page read and write
|
||
|
8F2A000
|
heap
|
page read and write
|
||
|
7FFB4B370000
|
trusted library allocation
|
page execute and read and write
|
||
|
57DE000
|
trusted library allocation
|
page read and write
|
||
|
6C8E000
|
stack
|
page read and write
|
||
|
58A0000
|
heap
|
page execute and read and write
|
||
|
229A49A0000
|
trusted library section
|
page read and write
|
||
|
1289000
|
stack
|
page read and write
|
||
|
157F000
|
heap
|
page read and write
|
||
|
81F0000
|
trusted library allocation
|
page read and write
|
||
|
229B4AC1000
|
trusted library allocation
|
page read and write
|
||
|
30A2000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B1AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
8C9C000
|
stack
|
page read and write
|
||
|
46D8000
|
trusted library allocation
|
page read and write
|
||
|
3140000
|
trusted library allocation
|
page execute and read and write
|
||
|
157C000
|
heap
|
page read and write
|
||
|
7621BFE000
|
stack
|
page read and write
|
||
|
B82C000
|
stack
|
page read and write
|
||
|
6956000
|
trusted library allocation
|
page read and write
|
||
|
4738000
|
trusted library allocation
|
page read and write
|
||
|
B52C000
|
stack
|
page read and write
|
||
|
47B8000
|
trusted library allocation
|
page read and write
|
||
|
7621AFD000
|
stack
|
page read and write
|
||
|
7FFB4B19D000
|
trusted library allocation
|
page execute and read and write
|
||
|
38B5000
|
trusted library allocation
|
page read and write
|
||
|
229A2CE2000
|
unkown
|
page readonly
|
||
|
5810000
|
trusted library allocation
|
page read and write
|
||
|
308D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4B1A0000
|
trusted library allocation
|
page read and write
|
||
|
229A2F42000
|
heap
|
page read and write
|
||
|
13C5000
|
heap
|
page read and write
|
||
|
30C0000
|
trusted library allocation
|
page read and write
|
||
|
39AB000
|
trusted library allocation
|
page read and write
|
||
|
4838000
|
trusted library allocation
|
page read and write
|
||
|
229A2FA6000
|
heap
|
page read and write
|
||
|
4778000
|
trusted library allocation
|
page read and write
|
||
|
229A3020000
|
heap
|
page read and write
|
||
|
3A56000
|
trusted library allocation
|
page read and write
|
||
|
1520000
|
heap
|
page read and write
|
||
|
229BCAF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B230000
|
trusted library allocation
|
page read and write
|
||
|
4858000
|
trusted library allocation
|
page read and write
|
||
|
8C40000
|
trusted library allocation
|
page execute and read and write
|
||
|
3B19000
|
trusted library allocation
|
page read and write
|
||
|
1950000
|
trusted library allocation
|
page read and write
|
||
|
B62E000
|
stack
|
page read and write
|
||
|
307D000
|
stack
|
page read and write
|
||
|
196B000
|
heap
|
page read and write
|
||
|
229A3140000
|
trusted library allocation
|
page read and write
|
||
|
229A2F97000
|
heap
|
page read and write
|
||
|
38DF000
|
trusted library allocation
|
page read and write
|
||
|
229A3180000
|
heap
|
page read and write
|
||
|
8C30000
|
heap
|
page read and write
|
||
|
76219FC000
|
stack
|
page read and write
|
||
|
7FFB4B380000
|
trusted library allocation
|
page read and write
|
||
|
309A000
|
trusted library allocation
|
page execute and read and write
|
||
|
586C000
|
stack
|
page read and write
|
||
|
229BD2C0000
|
heap
|
page read and write
|
||
|
B409000
|
trusted library allocation
|
page read and write
|
||
|
B40E000
|
trusted library allocation
|
page read and write
|
||
|
6E0E000
|
stack
|
page read and write
|
||
|
5C2F000
|
heap
|
page read and write
|
||
|
7FFB4B330000
|
trusted library allocation
|
page read and write
|
||
|
6963000
|
trusted library allocation
|
page read and write
|
||
|
3875000
|
trusted library allocation
|
page read and write
|
||
|
1389000
|
stack
|
page read and write
|
||
|
229A3143000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B334000
|
trusted library allocation
|
page read and write
|
||
|
4718000
|
trusted library allocation
|
page read and write
|
||
|
6DCC000
|
stack
|
page read and write
|
||
|
7FFB4B350000
|
trusted library allocation
|
page read and write
|
||
|
2FFB000
|
stack
|
page read and write
|
||
|
229A3000000
|
trusted library allocation
|
page read and write
|
||
|
4699000
|
trusted library allocation
|
page read and write
|
||
|
69A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4760000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B240000
|
trusted library allocation
|
page execute and read and write
|
||
|
30A7000
|
trusted library allocation
|
page execute and read and write
|
||
|
57B0000
|
trusted library allocation
|
page read and write
|
||
|
229B5167000
|
trusted library allocation
|
page read and write
|
||
|
229A2E90000
|
heap
|
page read and write
|
||
|
6E4F000
|
stack
|
page read and write
|
||
|
1960000
|
heap
|
page read and write
|
||
|
5BEE000
|
stack
|
page read and write
|
||
|
4758000
|
trusted library allocation
|
page read and write
|
||
|
1953000
|
trusted library allocation
|
page execute and read and write
|
||
|
5E00000
|
trusted library allocation
|
page read and write
|
||
|
76217FF000
|
stack
|
page read and write
|
||
|
6950000
|
trusted library allocation
|
page read and write
|
||
|
3AEE000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B320000
|
trusted library allocation
|
page read and write
|
||
|
3092000
|
trusted library allocation
|
page read and write
|
||
|
39DB000
|
trusted library allocation
|
page read and write
|
||
|
30A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B23C000
|
trusted library allocation
|
page execute and read and write
|
||
|
69B0000
|
trusted library allocation
|
page read and write
|
||
|
229A2F11000
|
heap
|
page read and write
|
||
|
7FFB4B183000
|
trusted library allocation
|
page execute and read and write
|
||
|
14F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
229A2FE0000
|
trusted library allocation
|
page read and write
|
||
|
76216FE000
|
stack
|
page read and write
|
||
|
229A4AC1000
|
trusted library allocation
|
page read and write
|
||
|
3168000
|
trusted library allocation
|
page read and write
|
||
|
1500000
|
trusted library allocation
|
page read and write
|
||
|
15E4000
|
heap
|
page read and write
|
||
|
229A3025000
|
heap
|
page read and write
|
||
|
7FFB4B18D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6960000
|
trusted library allocation
|
page read and write
|
||
|
57C0000
|
trusted library allocation
|
page read and write
|
||
|
37E9000
|
trusted library allocation
|
page read and write
|
||
|
3721000
|
trusted library allocation
|
page read and write
|
||
|
8E8E000
|
stack
|
page read and write
|
||
|
69FE000
|
stack
|
page read and write
|
||
|
7FFB4B2A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
81A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
229B4CFA000
|
trusted library allocation
|
page read and write
|
||
|
8D50000
|
heap
|
page read and write
|
||
|
8F20000
|
heap
|
page read and write
|
||
|
5AAC000
|
stack
|
page read and write
|
||
|
6970000
|
trusted library allocation
|
page execute and read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
7FFB4B35E000
|
trusted library allocation
|
page read and write
|
||
|
37AF000
|
trusted library allocation
|
page read and write
|
||
|
440000
|
remote allocation
|
page execute and read and write
|
||
|
3825000
|
trusted library allocation
|
page read and write
|
||
|
3214000
|
heap
|
page read and write
|
||
|
57D0000
|
trusted library allocation
|
page read and write
|
||
|
1940000
|
trusted library allocation
|
page read and write
|
||
|
5DF6000
|
trusted library allocation
|
page read and write
|
||
|
229A4BC6000
|
trusted library allocation
|
page read and write
|
||
|
375D000
|
trusted library allocation
|
page read and write
|
||
|
1548000
|
heap
|
page read and write
|
||
|
3B3D000
|
trusted library allocation
|
page read and write
|
||
|
229A2F3A000
|
heap
|
page read and write
|
||
|
5802000
|
trusted library allocation
|
page read and write
|
||
|
39B0000
|
trusted library allocation
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
229A2EFA000
|
heap
|
page read and write
|
||
|
68A0000
|
trusted library allocation
|
page read and write
|
||
|
696D000
|
trusted library allocation
|
page read and write
|
||
|
229A3010000
|
heap
|
page read and write
|
||
|
2FBB000
|
stack
|
page read and write
|
||
|
332E000
|
stack
|
page read and write
|
||
|
8D1C000
|
stack
|
page read and write
|
||
|
7621CFE000
|
stack
|
page read and write
|
||
|
3973000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B1A4000
|
trusted library allocation
|
page read and write
|
||
|
15DB000
|
heap
|
page read and write
|
||
|
3A05000
|
trusted library allocation
|
page read and write
|
||
|
229A2E50000
|
heap
|
page read and write
|
||
|
6ACE000
|
stack
|
page read and write
|
||
|
8D66000
|
heap
|
page read and write
|
||
|
46F8000
|
trusted library allocation
|
page read and write
|
||
|
A42C000
|
stack
|
page read and write
|
||
|
7FFB4B182000
|
trusted library allocation
|
page read and write
|
||
|
8D40000
|
heap
|
page read and write
|
||
|
57EE000
|
trusted library allocation
|
page read and write
|
||
|
160D000
|
heap
|
page read and write
|
||
|
57F1000
|
trusted library allocation
|
page read and write
|
||
|
3A92000
|
trusted library allocation
|
page read and write
|
||
|
37AB000
|
trusted library allocation
|
page read and write
|
||
|
3A30000
|
trusted library allocation
|
page read and write
|
||
|
3BA5000
|
trusted library allocation
|
page read and write
|
||
|
30AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1966000
|
heap
|
page read and write
|
||
|
1540000
|
heap
|
page read and write
|
||
|
229A2ED0000
|
heap
|
page read and write
|
||
|
6890000
|
heap
|
page read and write
|
||
|
229A4AB0000
|
heap
|
page execute and read and write
|
||
|
4818000
|
trusted library allocation
|
page read and write
|
||
|
3903000
|
trusted library allocation
|
page read and write
|
||
|
3096000
|
trusted library allocation
|
page execute and read and write
|
||
|
229A2E70000
|
heap
|
page read and write
|
||
|
3AE0000
|
trusted library allocation
|
page read and write
|
||
|
5BF0000
|
heap
|
page read and write
|
||
|
7621DFF000
|
stack
|
page read and write
|
||
|
6AE0000
|
trusted library allocation
|
page read and write
|
||
|
195D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3ABC000
|
trusted library allocation
|
page read and write
|
||
|
8F30000
|
trusted library allocation
|
page read and write
|
||
|
8C2C000
|
stack
|
page read and write
|
||
|
7FFB4B360000
|
trusted library allocation
|
page read and write
|
||
|
155E000
|
heap
|
page read and write
|
||
|
660D000
|
stack
|
page read and write
|
||
|
156A000
|
heap
|
page read and write
|
||
|
7FFB4B236000
|
trusted library allocation
|
page read and write
|
||
|
3120000
|
heap
|
page read and write
|
||
|
5820000
|
trusted library allocation
|
page read and write
|
||
|
6AD0000
|
trusted library allocation
|
page read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
37B1000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B339000
|
trusted library allocation
|
page read and write
|
||
|
3B7B000
|
trusted library allocation
|
page read and write
|
||
|
57E2000
|
trusted library allocation
|
page read and write
|
||
|
229A2F0F000
|
heap
|
page read and write
|
||
|
3080000
|
trusted library allocation
|
page read and write
|
||
|
229A2CE0000
|
unkown
|
page readonly
|
||
|
58B0000
|
heap
|
page read and write
|
||
|
7FFB4B266000
|
trusted library allocation
|
page execute and read and write
|
||
|
5DF0000
|
trusted library allocation
|
page read and write
|
||
|
57DB000
|
trusted library allocation
|
page read and write
|
||
|
229B4BE2000
|
trusted library allocation
|
page read and write
|
||
|
7FF47DBB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
229A2D70000
|
heap
|
page read and write
|
||
|
177C000
|
stack
|
page read and write
|
||
|
1954000
|
trusted library allocation
|
page read and write
|
||
|
6777000
|
heap
|
page read and write
|
||
|
5AEE000
|
stack
|
page read and write
|
||
|
670E000
|
stack
|
page read and write
|
||
|
76218FE000
|
stack
|
page read and write
|
||
|
229B4E12000
|
trusted library allocation
|
page read and write
|
||
|
17A0000
|
heap
|
page read and write
|
||
|
5E50000
|
heap
|
page read and write
|
||
|
6710000
|
heap
|
page read and write
|
||
|
6799000
|
heap
|
page read and write
|
||
|
7FFB4B180000
|
trusted library allocation
|
page read and write
|
||
|
229A4A80000
|
heap
|
page execute and read and write
|
||
|
7621383000
|
stack
|
page read and write
|
||
|
6CCC000
|
stack
|
page read and write
|
||
|
17A7000
|
heap
|
page read and write
|
||
|
7FFB4B190000
|
trusted library allocation
|
page read and write
|
||
|
229A3185000
|
heap
|
page read and write
|
||
|
B406000
|
trusted library allocation
|
page read and write
|
||
|
167C000
|
unkown
|
page read and write
|
||
|
3B3F000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B1AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
229A2EFC000
|
heap
|
page read and write
|
||
|
15B9000
|
heap
|
page read and write
|
||
|
57F6000
|
trusted library allocation
|
page read and write
|
||
|
384F000
|
trusted library allocation
|
page read and write
|
||
|
229A2EDC000
|
heap
|
page read and write
|
||
|
3150000
|
heap
|
page execute and read and write
|
There are 256 hidden memdumps, click here to show them.