Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
eovQPjY5wz.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\eovQPjY5wz.exe.log
|
CSV text
|
modified
|
|
|
|
C:\Users\user\AppData\Roaming\aqYlLZ8hwJ.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\saLBqUuaxl.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Desktop\Google Chrome.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working
directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:41 2023, mtime=Wed Oct 4 11:02:34 2023,
atime=Wed Sep 27 04:28:27 2023, length=3242272, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\aqYlLZ8hwJ.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Tmp9FD.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\TmpA0E.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2246122658-3693405117-2476756634-1002\76b53b3ec448f7ccdda2063b15d2bfc3_9e146be9-c76a-4720-bcdb-53011b87bd06
|
data
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF, LF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\eovQPjY5wz.exe
|
"C:\Users\user\Desktop\eovQPjY5wz.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\saLBqUuaxl.exe
|
"C:\Users\user\AppData\Roaming\saLBqUuaxl.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\aqYlLZ8hwJ.exe
|
"C:\Users\user\AppData\Roaming\aqYlLZ8hwJ.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
lootebarrkeyn.shop
|
|
||
|
reinforcenh.shop
|
|
||
|
stogeneratmns.shop
|
|
||
|
ghostreedmnu.shop
|
|
||
|
fragnantbui.shop
|
|
||
|
offensivedzvju.shop
|
|
||
|
drawzhotdog.shop
|
|
||
|
vozmeatillu.shop
|
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Text
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/sct
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/sc/dk
|
unknown
|
||
|
http://tempuri.org/Entity/Id14ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id23ResponseD
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#HexBinary
|
unknown
|
||
|
http://tempuri.org/Entity/Id12Response
|
unknown
|
||
|
http://tempuri.org/
|
unknown
|
||
|
http://tempuri.org/Entity/Id2Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/dk/p_sha1
|
unknown
|
||
|
http://tempuri.org/Entity/Id21Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/2005/02/trust/spnego#GSS_Wrap
|
unknown
|
||
|
http://tempuri.org/Entity/Id9
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID
|
unknown
|
||
|
http://tempuri.org/Entity/Id8
|
unknown
|
||
|
http://tempuri.org/Entity/Id6ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id5
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Prepare
|
unknown
|
||
|
http://tempuri.org/Entity/Id4
|
unknown
|
||
|
http://tempuri.org/Entity/Id7
|
unknown
|
||
|
http://tempuri.org/Entity/Id6
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust#BinarySecret
|
unknown
|
||
|
http://tempuri.org/Entity/Id19Response
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-rel-token-profile-1.0.pdf#license
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Aborted
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/TerminateSequence
|
unknown
|
||
|
http://tempuri.org/Entity/Id13ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/fault
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey
|
unknown
|
||
|
http://tempuri.org/Entity/Id15Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Renew
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/Register
|
unknown
|
||
|
http://tempuri.org/Entity/Id6Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/SymmetricKey
|
unknown
|
||
|
https://api.ip.sb/ip
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/sc
|
unknown
|
||
|
http://tempuri.org/Entity/Id1ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Volatile2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id9Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id20
|
unknown
|
||
|
http://tempuri.org/Entity/Id21
|
unknown
|
||
|
http://tempuri.org/Entity/Id22
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#Kerberosv5APREQSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id23
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/CK/PSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id24
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/Issue
|
unknown
|
||
|
http://tempuri.org/Entity/Id24Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id1Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/AckRequested
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/ReadOnly
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Replay
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Durable2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/SymmetricKey
|
unknown
|
||
|
http://tempuri.org/Entity/Id21ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Completion
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust
|
unknown
|
||
|
http://tempuri.org/Entity/Id10
|
unknown
|
||
|
http://tempuri.org/Entity/Id11
|
unknown
|
||
|
http://tempuri.org/Entity/Id10ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id12
|
unknown
|
||
|
http://tempuri.org/Entity/Id16Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContextResponse
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id13
|
unknown
|
||
|
http://tempuri.org/Entity/Id14
|
unknown
|
||
|
http://tempuri.org/Entity/Id15
|
unknown
|
||
|
http://tempuri.org/Entity/Id16
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Nonce
|
unknown
|
||
|
http://tempuri.org/Entity/Id17
|
unknown
|
||
|
http://tempuri.org/Entity/Id18
|
unknown
|
||
|
http://tempuri.org/Entity/Id5Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id19
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dns
|
unknown
|
||
|
http://tempuri.org/Entity/Id15ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id10Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Renew
|
unknown
|
||
|
http://tempuri.org/Entity/Id11ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id8Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/PublicKey
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/SCT
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing/faultp9;
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
18.31.95.13.in-addr.arpa
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
65.21.18.51
|
unknown
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F1A578C4CB5DE79A370893983FD4DA8B67B2B064
|
Blob
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
53D000
|
unkown
|
page readonly
|
|
|
|
D87000
|
heap
|
page read and write
|
|
|
|
2701000
|
trusted library allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
252000
|
unkown
|
page readonly
|
|
|
|
DFA000
|
heap
|
page read and write
|
||
|
FF0000
|
trusted library allocation
|
page read and write
|
||
|
D96000
|
heap
|
page read and write
|
||
|
F0C000
|
heap
|
page read and write
|
||
|
1037000
|
trusted library allocation
|
page execute and read and write
|
||
|
7520000
|
trusted library allocation
|
page execute and read and write
|
||
|
F14000
|
heap
|
page read and write
|
||
|
62F1000
|
heap
|
page read and write
|
||
|
7430000
|
trusted library allocation
|
page read and write
|
||
|
2992000
|
trusted library allocation
|
page read and write
|
||
|
81D0000
|
heap
|
page read and write
|
||
|
380C000
|
trusted library allocation
|
page read and write
|
||
|
51A0000
|
trusted library allocation
|
page read and write
|
||
|
7FA50000
|
trusted library allocation
|
page execute and read and write
|
||
|
81DC000
|
heap
|
page read and write
|
||
|
2EB0000
|
heap
|
page read and write
|
||
|
863000
|
trusted library allocation
|
page execute and read and write
|
||
|
73D0000
|
trusted library allocation
|
page read and write
|
||
|
6352000
|
trusted library allocation
|
page read and write
|
||
|
AAB000
|
heap
|
page read and write
|
||
|
6600000
|
trusted library allocation
|
page execute and read and write
|
||
|
6306000
|
heap
|
page read and write
|
||
|
EEE000
|
heap
|
page read and write
|
||
|
1004000
|
trusted library allocation
|
page read and write
|
||
|
282000
|
unkown
|
page readonly
|
||
|
301E000
|
stack
|
page read and write
|
||
|
89B000
|
trusted library allocation
|
page execute and read and write
|
||
|
6490000
|
trusted library allocation
|
page execute and read and write
|
||
|
3743000
|
trusted library allocation
|
page read and write
|
||
|
26E0000
|
trusted library allocation
|
page read and write
|
||
|
2C66000
|
trusted library allocation
|
page read and write
|
||
|
291E000
|
stack
|
page read and write
|
||
|
81E8000
|
heap
|
page read and write
|
||
|
2CB1000
|
trusted library allocation
|
page read and write
|
||
|
895000
|
trusted library allocation
|
page execute and read and write
|
||
|
2984000
|
trusted library allocation
|
page read and write
|
||
|
721E000
|
heap
|
page read and write
|
||
|
2914000
|
trusted library allocation
|
page read and write
|
||
|
266D000
|
trusted library allocation
|
page read and write
|
||
|
4E4E000
|
stack
|
page read and write
|
||
|
633B000
|
trusted library allocation
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
D20000
|
trusted library allocation
|
page read and write
|
||
|
C9E000
|
stack
|
page read and write
|
||
|
37C7000
|
trusted library allocation
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
58EE000
|
stack
|
page read and write
|
||
|
EE8000
|
heap
|
page read and write
|
||
|
292D000
|
trusted library allocation
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
2690000
|
trusted library allocation
|
page read and write
|
||
|
6209000
|
trusted library allocation
|
page read and write
|
||
|
28A8000
|
trusted library allocation
|
page read and write
|
||
|
378F000
|
trusted library allocation
|
page read and write
|
||
|
81F8000
|
heap
|
page read and write
|
||
|
4BC0000
|
heap
|
page execute and read and write
|
||
|
3834000
|
trusted library allocation
|
page read and write
|
||
|
67AE000
|
stack
|
page read and write
|
||
|
65C0000
|
trusted library allocation
|
page read and write
|
||
|
635E000
|
trusted library allocation
|
page read and write
|
||
|
5E90000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A55000
|
trusted library allocation
|
page read and write
|
||
|
28A2000
|
trusted library allocation
|
page read and write
|
||
|
33A000
|
stack
|
page read and write
|
||
|
7170000
|
heap
|
page read and write
|
||
|
287000
|
unkown
|
page readonly
|
||
|
2979000
|
trusted library allocation
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
6311000
|
heap
|
page read and write
|
||
|
D58000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
trusted library allocation
|
page read and write
|
||
|
3722000
|
trusted library allocation
|
page read and write
|
||
|
1120000
|
trusted library allocation
|
page read and write
|
||
|
73E0000
|
trusted library allocation
|
page read and write
|
||
|
2644000
|
trusted library allocation
|
page read and write
|
||
|
6272000
|
heap
|
page read and write
|
||
|
D60000
|
trusted library allocation
|
page read and write
|
||
|
6390000
|
trusted library allocation
|
page read and write
|
||
|
109E000
|
stack
|
page read and write
|
||
|
264B000
|
trusted library allocation
|
page read and write
|
||
|
37CD000
|
trusted library allocation
|
page read and write
|
||
|
61FA000
|
trusted library allocation
|
page read and write
|
||
|
2A57000
|
trusted library allocation
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
C50000
|
heap
|
page read and write
|
||
|
6480000
|
trusted library allocation
|
page execute and read and write
|
||
|
128F000
|
stack
|
page read and write
|
||
|
7070000
|
heap
|
page read and write
|
||
|
71E8000
|
heap
|
page read and write
|
||
|
61F5000
|
trusted library allocation
|
page read and write
|
||
|
26D0000
|
heap
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
37EE000
|
trusted library allocation
|
page read and write
|
||
|
283D000
|
trusted library allocation
|
page read and write
|
||
|
6314000
|
heap
|
page read and write
|
||
|
2868000
|
trusted library allocation
|
page read and write
|
||
|
28FC000
|
trusted library allocation
|
page read and write
|
||
|
4BF0000
|
trusted library allocation
|
page read and write
|
||
|
717A000
|
heap
|
page read and write
|
||
|
762000
|
unkown
|
page readonly
|
||
|
7405000
|
trusted library allocation
|
page read and write
|
||
|
6943000
|
trusted library allocation
|
page read and write
|
||
|
373F000
|
trusted library allocation
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
A8F000
|
heap
|
page read and write
|
||
|
2BEE000
|
trusted library allocation
|
page read and write
|
||
|
88A000
|
trusted library allocation
|
page execute and read and write
|
||
|
329F000
|
stack
|
page read and write
|
||
|
73E2000
|
trusted library allocation
|
page read and write
|
||
|
3896000
|
trusted library allocation
|
page read and write
|
||
|
29FB000
|
trusted library allocation
|
page read and write
|
||
|
61F0000
|
trusted library allocation
|
page read and write
|
||
|
71BC000
|
heap
|
page read and write
|
||
|
73D8000
|
trusted library allocation
|
page read and write
|
||
|
2840000
|
trusted library allocation
|
page read and write
|
||
|
2B80000
|
heap
|
page read and write
|
||
|
7B6E000
|
stack
|
page read and write
|
||
|
71AD000
|
heap
|
page read and write
|
||
|
910000
|
trusted library allocation
|
page read and write
|
||
|
2C68000
|
trusted library allocation
|
page read and write
|
||
|
65F0000
|
trusted library allocation
|
page read and write
|
||
|
37BD000
|
trusted library allocation
|
page read and write
|
||
|
3FE000
|
stack
|
page read and write
|
||
|
3785000
|
trusted library allocation
|
page read and write
|
||
|
28B0000
|
trusted library allocation
|
page read and write
|
||
|
D05000
|
heap
|
page read and write
|
||
|
37B6000
|
trusted library allocation
|
page read and write
|
||
|
387D000
|
trusted library allocation
|
page read and write
|
||
|
786E000
|
stack
|
page read and write
|
||
|
38EF000
|
trusted library allocation
|
page read and write
|
||
|
918000
|
trusted library allocation
|
page read and write
|
||
|
27A8000
|
trusted library allocation
|
page read and write
|
||
|
850000
|
trusted library allocation
|
page read and write
|
||
|
32DB000
|
stack
|
page read and write
|
||
|
D75000
|
heap
|
page read and write
|
||
|
3730000
|
trusted library allocation
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
3735000
|
trusted library allocation
|
page read and write
|
||
|
315E000
|
stack
|
page read and write
|
||
|
4F1000
|
unkown
|
page execute read
|
||
|
3829000
|
trusted library allocation
|
page read and write
|
||
|
103B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A61000
|
trusted library allocation
|
page read and write
|
||
|
73DB000
|
trusted library allocation
|
page read and write
|
||
|
CBE000
|
stack
|
page read and write
|
||
|
3811000
|
trusted library allocation
|
page read and write
|
||
|
381B000
|
trusted library allocation
|
page read and write
|
||
|
3854000
|
trusted library allocation
|
page read and write
|
||
|
6380000
|
trusted library allocation
|
page read and write
|
||
|
74DF000
|
stack
|
page read and write
|
||
|
1010000
|
trusted library allocation
|
page read and write
|
||
|
7410000
|
trusted library allocation
|
page read and write
|
||
|
6370000
|
trusted library allocation
|
page read and write
|
||
|
2AC0000
|
heap
|
page execute and read and write
|
||
|
3842000
|
trusted library allocation
|
page read and write
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
2C7E000
|
trusted library allocation
|
page read and write
|
||
|
1003000
|
trusted library allocation
|
page execute and read and write
|
||
|
631C000
|
heap
|
page read and write
|
||
|
CFB000
|
stack
|
page read and write
|
||
|
886000
|
trusted library allocation
|
page execute and read and write
|
||
|
2935000
|
trusted library allocation
|
page read and write
|
||
|
37E0000
|
trusted library allocation
|
page read and write
|
||
|
7A2E000
|
stack
|
page read and write
|
||
|
61F8000
|
trusted library allocation
|
page read and write
|
||
|
71EC000
|
heap
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
3C95000
|
trusted library allocation
|
page read and write
|
||
|
718F000
|
heap
|
page read and write
|
||
|
2C98000
|
trusted library allocation
|
page read and write
|
||
|
68F3000
|
trusted library allocation
|
page read and write
|
||
|
4B40000
|
trusted library allocation
|
page execute and read and write
|
||
|
2861000
|
trusted library allocation
|
page read and write
|
||
|
4F9F000
|
stack
|
page read and write
|
||
|
5CAE000
|
stack
|
page read and write
|
||
|
638B000
|
trusted library allocation
|
page read and write
|
||
|
2897000
|
trusted library allocation
|
page read and write
|
||
|
2853000
|
trusted library allocation
|
page read and write
|
||
|
586E000
|
stack
|
page read and write
|
||
|
740F000
|
trusted library allocation
|
page read and write
|
||
|
3865000
|
trusted library allocation
|
page read and write
|
||
|
540000
|
unkown
|
page write copy
|
||
|
632D000
|
heap
|
page read and write
|
||
|
509E000
|
stack
|
page read and write
|
||
|
71DD000
|
heap
|
page read and write
|
||
|
D6E000
|
heap
|
page read and write
|
||
|
676C000
|
stack
|
page read and write
|
||
|
65E0000
|
trusted library allocation
|
page read and write
|
||
|
CFC000
|
stack
|
page read and write
|
||
|
263E000
|
stack
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
60BE000
|
stack
|
page read and write
|
||
|
9B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
63C0000
|
trusted library allocation
|
page read and write
|
||
|
2C91000
|
trusted library allocation
|
page execute and read and write
|
||
|
7283000
|
heap
|
page read and write
|
||
|
6324000
|
heap
|
page read and write
|
||
|
282E000
|
trusted library allocation
|
page read and write
|
||
|
6341000
|
trusted library allocation
|
page read and write
|
||
|
10F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5CEE000
|
stack
|
page read and write
|
||
|
1014000
|
trusted library allocation
|
page read and write
|
||
|
7570000
|
trusted library allocation
|
page read and write
|
||
|
8B0000
|
trusted library allocation
|
page read and write
|
||
|
6430000
|
trusted library allocation
|
page execute and read and write
|
||
|
5F7D000
|
stack
|
page read and write
|
||
|
D80000
|
trusted library allocation
|
page read and write
|
||
|
7201000
|
heap
|
page read and write
|
||
|
102A000
|
trusted library allocation
|
page execute and read and write
|
||
|
68F0000
|
trusted library allocation
|
page read and write
|
||
|
4E90000
|
heap
|
page read and write
|
||
|
F4B000
|
heap
|
page read and write
|
||
|
706C000
|
stack
|
page read and write
|
||
|
28C9000
|
trusted library allocation
|
page read and write
|
||
|
550000
|
unkown
|
page readonly
|
||
|
38AD000
|
trusted library allocation
|
page read and write
|
||
|
386F000
|
trusted library allocation
|
page read and write
|
||
|
2A5D000
|
trusted library allocation
|
page read and write
|
||
|
2640000
|
trusted library allocation
|
page read and write
|
||
|
D30000
|
trusted library allocation
|
page read and write
|
||
|
74F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3860000
|
trusted library allocation
|
page read and write
|
||
|
A81000
|
heap
|
page read and write
|
||
|
749E000
|
stack
|
page read and write
|
||
|
73E9000
|
trusted library allocation
|
page read and write
|
||
|
389B000
|
trusted library allocation
|
page read and write
|
||
|
7580000
|
trusted library allocation
|
page execute and read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
D65000
|
trusted library allocation
|
page read and write
|
||
|
A68000
|
heap
|
page read and write
|
||
|
6346000
|
trusted library allocation
|
page read and write
|
||
|
71D5000
|
heap
|
page read and write
|
||
|
62AD000
|
heap
|
page read and write
|
||
|
71B6000
|
heap
|
page read and write
|
||
|
63B0000
|
trusted library allocation
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
370F000
|
trusted library allocation
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
2906000
|
trusted library allocation
|
page read and write
|
||
|
D70000
|
heap
|
page execute and read and write
|
||
|
6420000
|
trusted library allocation
|
page execute and read and write
|
||
|
37F9000
|
trusted library allocation
|
page read and write
|
||
|
37CA000
|
trusted library allocation
|
page read and write
|
||
|
4F0000
|
unkown
|
page readonly
|
||
|
3701000
|
trusted library allocation
|
page read and write
|
||
|
58AE000
|
stack
|
page read and write
|
||
|
722C000
|
heap
|
page read and write
|
||
|
73FA000
|
trusted library allocation
|
page read and write
|
||
|
1016000
|
trusted library allocation
|
page read and write
|
||
|
71A9000
|
heap
|
page read and write
|
||
|
381E000
|
trusted library allocation
|
page read and write
|
||
|
2A51000
|
trusted library allocation
|
page read and write
|
||
|
250000
|
unkown
|
page readonly
|
||
|
80E000
|
stack
|
page read and write
|
||
|
51B0000
|
trusted library allocation
|
page read and write
|
||
|
62CC000
|
heap
|
page read and write
|
||
|
7414000
|
trusted library allocation
|
page read and write
|
||
|
6361000
|
trusted library allocation
|
page read and write
|
||
|
305E000
|
stack
|
page read and write
|
||
|
7A6E000
|
stack
|
page read and write
|
||
|
2C93000
|
trusted library allocation
|
page read and write
|
||
|
296000
|
unkown
|
page readonly
|
||
|
882000
|
trusted library allocation
|
page read and write
|
||
|
74E0000
|
trusted library allocation
|
page read and write
|
||
|
815000
|
heap
|
page read and write
|
||
|
73C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
E22000
|
heap
|
page read and write
|
||
|
9D8000
|
stack
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
6330000
|
trusted library allocation
|
page read and write
|
||
|
8EC000
|
stack
|
page read and write
|
||
|
29D8000
|
trusted library allocation
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
CDE000
|
stack
|
page read and write
|
||
|
5DEF000
|
stack
|
page read and write
|
||
|
295F000
|
trusted library allocation
|
page read and write
|
||
|
550000
|
unkown
|
page readonly
|
||
|
892000
|
trusted library allocation
|
page read and write
|
||
|
3872000
|
trusted library allocation
|
page read and write
|
||
|
290C000
|
trusted library allocation
|
page read and write
|
||
|
73E5000
|
trusted library allocation
|
page read and write
|
||
|
9F4000
|
heap
|
page read and write
|
||
|
760000
|
unkown
|
page readonly
|
||
|
28D0000
|
trusted library allocation
|
page read and write
|
||
|
38B4000
|
trusted library allocation
|
page read and write
|
||
|
2CA4000
|
trusted library allocation
|
page read and write
|
||
|
880000
|
trusted library allocation
|
page read and write
|
||
|
2A5B000
|
trusted library allocation
|
page read and write
|
||
|
D40000
|
trusted library allocation
|
page read and write
|
||
|
71C2000
|
heap
|
page read and write
|
||
|
C50000
|
heap
|
page read and write
|
||
|
65B0000
|
trusted library allocation
|
page read and write
|
||
|
860000
|
trusted library allocation
|
page read and write
|
||
|
6385000
|
trusted library allocation
|
page read and write
|
||
|
2C81000
|
trusted library allocation
|
page read and write
|
||
|
2F1E000
|
stack
|
page read and write
|
||
|
3821000
|
trusted library allocation
|
page read and write
|
||
|
68ED000
|
stack
|
page read and write
|
||
|
2909000
|
trusted library allocation
|
page read and write
|
||
|
6946000
|
trusted library allocation
|
page read and write
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
265E000
|
trusted library allocation
|
page read and write
|
||
|
33DC000
|
stack
|
page read and write
|
||
|
2661000
|
trusted library allocation
|
page read and write
|
||
|
5BAE000
|
stack
|
page read and write
|
||
|
7500000
|
trusted library allocation
|
page read and write
|
||
|
296A000
|
trusted library allocation
|
page read and write
|
||
|
37A8000
|
trusted library allocation
|
page read and write
|
||
|
1050000
|
trusted library allocation
|
page read and write
|
||
|
897000
|
trusted library allocation
|
page execute and read and write
|
||
|
870000
|
trusted library allocation
|
page read and write
|
||
|
106E000
|
stack
|
page read and write
|
||
|
2666000
|
trusted library allocation
|
page read and write
|
||
|
864000
|
trusted library allocation
|
page read and write
|
||
|
68AE000
|
stack
|
page read and write
|
||
|
319E000
|
stack
|
page read and write
|
||
|
2C6C000
|
trusted library allocation
|
page read and write
|
||
|
269E000
|
trusted library allocation
|
page read and write
|
||
|
53D000
|
unkown
|
page readonly
|
||
|
638E000
|
trusted library allocation
|
page read and write
|
||
|
3792000
|
trusted library allocation
|
page read and write
|
||
|
46A000
|
remote allocation
|
page execute and read and write
|
||
|
2A7E000
|
trusted library allocation
|
page read and write
|
||
|
373C000
|
trusted library allocation
|
page read and write
|
||
|
78EE000
|
stack
|
page read and write
|
||
|
540000
|
unkown
|
page write copy
|
||
|
3729000
|
trusted library allocation
|
page read and write
|
||
|
2672000
|
trusted library allocation
|
page read and write
|
||
|
4BF8000
|
trusted library allocation
|
page read and write
|
||
|
61BE000
|
stack
|
page read and write
|
||
|
71A7000
|
heap
|
page read and write
|
||
|
71CB000
|
heap
|
page read and write
|
||
|
9C8000
|
heap
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
4BE0000
|
heap
|
page read and write
|
||
|
6410000
|
trusted library allocation
|
page read and write
|
||
|
73FF000
|
trusted library allocation
|
page read and write
|
||
|
607E000
|
stack
|
page read and write
|
||
|
86D000
|
trusted library allocation
|
page execute and read and write
|
||
|
666C000
|
stack
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
2848000
|
trusted library allocation
|
page read and write
|
||
|
291F000
|
trusted library allocation
|
page read and write
|
||
|
7591000
|
trusted library allocation
|
page read and write
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
73F8000
|
trusted library allocation
|
page read and write
|
||
|
4F0000
|
unkown
|
page readonly
|
||
|
62E0000
|
heap
|
page read and write
|
||
|
D6A000
|
heap
|
page read and write
|
||
|
4E8E000
|
stack
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
4D8E000
|
stack
|
page read and write
|
||
|
3888000
|
trusted library allocation
|
page read and write
|
||
|
630E000
|
heap
|
page read and write
|
||
|
2971000
|
trusted library allocation
|
page read and write
|
||
|
2C90000
|
trusted library allocation
|
page read and write
|
||
|
3800000
|
trusted library allocation
|
page read and write
|
||
|
5E70000
|
heap
|
page read and write
|
||
|
2800000
|
trusted library allocation
|
page read and write
|
||
|
28A5000
|
trusted library allocation
|
page read and write
|
||
|
2C6E000
|
trusted library allocation
|
page read and write
|
||
|
28BB000
|
trusted library allocation
|
page read and write
|
||
|
78AE000
|
stack
|
page read and write
|
||
|
6400000
|
trusted library allocation
|
page read and write
|
||
|
3847000
|
trusted library allocation
|
page read and write
|
||
|
38A1000
|
trusted library allocation
|
page read and write
|
||
|
756E000
|
stack
|
page read and write
|
||
|
8DC000
|
stack
|
page read and write
|
||
|
3875000
|
trusted library allocation
|
page read and write
|
||
|
47FC000
|
stack
|
page read and write
|
||
|
D81000
|
heap
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
3795000
|
trusted library allocation
|
page read and write
|
||
|
4BAE000
|
stack
|
page read and write
|
||
|
26F0000
|
heap
|
page read and write
|
||
|
2C8E000
|
stack
|
page read and write
|
||
|
9EC000
|
stack
|
page read and write
|
||
|
4F1000
|
unkown
|
page execute read
|
||
|
37D5000
|
trusted library allocation
|
page read and write
|
||
|
3C91000
|
trusted library allocation
|
page read and write
|
||
|
4C03000
|
heap
|
page read and write
|
||
|
10DE000
|
stack
|
page read and write
|
||
|
740A000
|
trusted library allocation
|
page read and write
|
||
|
907000
|
heap
|
page read and write
|
||
|
87D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6205000
|
trusted library allocation
|
page read and write
|
||
|
2C8D000
|
trusted library allocation
|
page read and write
|
||
|
379D000
|
trusted library allocation
|
page read and write
|
||
|
102E000
|
stack
|
page read and write
|
||
|
28FA000
|
trusted library allocation
|
page read and write
|
||
|
890000
|
trusted library allocation
|
page read and write
|
||
|
6207000
|
trusted library allocation
|
page read and write
|
||
|
7180000
|
heap
|
page read and write
|
||
|
264E000
|
trusted library allocation
|
page read and write
|
||
|
3B0000
|
heap
|
page read and write
|
||
|
3859000
|
trusted library allocation
|
page read and write
|
||
|
2C8A000
|
trusted library allocation
|
page read and write
|
||
|
37F3000
|
trusted library allocation
|
page read and write
|
||
|
2839000
|
trusted library allocation
|
page read and write
|
||
|
2A1F000
|
stack
|
page read and write
|
||
|
6940000
|
trusted library allocation
|
page read and write
|
||
|
D50000
|
trusted library allocation
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
792E000
|
stack
|
page read and write
|
||
|
9CE000
|
heap
|
page read and write
|
||
|
38A8000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
3805000
|
trusted library allocation
|
page read and write
|
||
|
7420000
|
trusted library allocation
|
page read and write
|
||
|
5E80000
|
trusted library allocation
|
page execute and read and write
|
||
|
EDF000
|
stack
|
page read and write
|
||
|
97C000
|
stack
|
page read and write
|
||
|
6322000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
27F7000
|
trusted library allocation
|
page read and write
|
||
|
479000
|
remote allocation
|
page execute and read and write
|
||
|
2999000
|
trusted library allocation
|
page read and write
|
||
|
384D000
|
trusted library allocation
|
page read and write
|
||
|
F22000
|
heap
|
page read and write
|
||
|
1020000
|
trusted library allocation
|
page read and write
|
||
|
2C84000
|
trusted library allocation
|
page read and write
|
||
|
26E2000
|
trusted library allocation
|
page read and write
|
||
|
63A0000
|
trusted library allocation
|
page read and write
|
||
|
6240000
|
heap
|
page read and write
|
||
|
4DC000
|
remote allocation
|
page execute and read and write
|
||
|
6200000
|
trusted library allocation
|
page read and write
|
||
|
296E000
|
trusted library allocation
|
page read and write
|
||
|
6620000
|
trusted library allocation
|
page execute and read and write
|
||
|
65D0000
|
trusted library allocation
|
page read and write
|
||
|
38C7000
|
trusted library allocation
|
page read and write
|
||
|
6F7000
|
stack
|
page read and write
|
||
|
BBE000
|
stack
|
page read and write
|
||
|
63D0000
|
trusted library allocation
|
page read and write
|
There are 428 hidden memdumps, click here to show them.