Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
ziraat bankasi_TRY M#U00fc#U015fteri No_11055699-1034 nolu TICARI 26.09.2024.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\ziraat bankasi_TRY M#U00fc#U015fteri No_11055699-1034 nolu TICARI
26.09.2024.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hy5dfaz2.cs4.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_namqra0d.f00.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_peoxt3mv.xfn.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qjdhn1mk.2a0.psm1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\ziraat bankasi_TRY M#U00fc#U015fteri No_11055699-1034 nolu TICARI 26.09.2024.exe
|
"C:\Users\user\Desktop\ziraat bankasi_TRY M#U00fc#U015fteri No_11055699-1034 nolu TICARI 26.09.2024.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\ziraat
bankasi_TRY M#U00fc#U015fteri No_11055699-1034 nolu TICARI 26.09.2024.exe"
|
|
|
|
C:\Users\user\Desktop\ziraat bankasi_TRY M#U00fc#U015fteri No_11055699-1034 nolu TICARI 26.09.2024.exe
|
"C:\Users\user\Desktop\ziraat bankasi_TRY M#U00fc#U015fteri No_11055699-1034 nolu TICARI 26.09.2024.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.telegram.org
|
unknown
|
|
|
|
https://api.telegram.org/bot
|
unknown
|
|
|
|
https://api.telegram.org/bot6783395654:AAGHZk1wugh441q673h1nDNWiVYW4p6ewXc/sendDocument?chat_id=-4209622687&caption=%20Pc%20Name:%20user%20%7C%20Snake%20Tracker%0D%0A%0D%0APW%20%7C%20user%20%7C%20Snake
|
149.154.167.220
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33
|
188.114.96.3
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://checkip.dyndns.org/
|
193.122.6.168
|
||
|
https://api.telegram.org/bot6783395654:AAGHZk1wugh441q673h1nDNWiVYW4p6ewXc/sendDocument?chat_id=-420
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://api.telegram.org
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
There are 25 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
reallyfreegeoip.org
|
188.114.96.3
|
|
|
|
api.telegram.org
|
149.154.167.220
|
|
|
|
checkip.dyndns.org
|
unknown
|
|
|
|
checkip.dyndns.com
|
193.122.6.168
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
|
|
|
188.114.96.3
|
reallyfreegeoip.org
|
European Union
|
|
|
|
193.122.6.168
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3869000
|
trusted library allocation
|
page read and write
|
|
|
|
3161000
|
trusted library allocation
|
page read and write
|
|
|
|
3215000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
294C000
|
trusted library allocation
|
page read and write
|
||
|
A69B000
|
stack
|
page read and write
|
||
|
1500000
|
trusted library allocation
|
page read and write
|
||
|
A43C000
|
heap
|
page read and write
|
||
|
1526000
|
trusted library allocation
|
page execute and read and write
|
||
|
51BE000
|
stack
|
page read and write
|
||
|
4E43000
|
heap
|
page read and write
|
||
|
A2DE000
|
stack
|
page read and write
|
||
|
41EE000
|
trusted library allocation
|
page read and write
|
||
|
32C6000
|
trusted library allocation
|
page read and write
|
||
|
3455000
|
trusted library allocation
|
page read and write
|
||
|
73D0000
|
trusted library allocation
|
page read and write
|
||
|
3263000
|
trusted library allocation
|
page read and write
|
||
|
31D9000
|
trusted library allocation
|
page read and write
|
||
|
3237000
|
trusted library allocation
|
page read and write
|
||
|
6F40000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
trusted library allocation
|
page read and write
|
||
|
5250000
|
heap
|
page read and write
|
||
|
31CA000
|
trusted library allocation
|
page read and write
|
||
|
4ED0000
|
heap
|
page read and write
|
||
|
3496000
|
trusted library allocation
|
page read and write
|
||
|
26E0000
|
trusted library allocation
|
page read and write
|
||
|
32A7000
|
trusted library allocation
|
page read and write
|
||
|
38B3000
|
trusted library allocation
|
page read and write
|
||
|
6EBE000
|
heap
|
page read and write
|
||
|
328B000
|
trusted library allocation
|
page read and write
|
||
|
A432000
|
heap
|
page read and write
|
||
|
72CE000
|
stack
|
page read and write
|
||
|
788E000
|
stack
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
A79C000
|
stack
|
page read and write
|
||
|
174E000
|
stack
|
page read and write
|
||
|
41FA000
|
trusted library allocation
|
page read and write
|
||
|
73CF000
|
stack
|
page read and write
|
||
|
59C9000
|
heap
|
page read and write
|
||
|
79CE000
|
stack
|
page read and write
|
||
|
A8DE000
|
stack
|
page read and write
|
||
|
285E000
|
stack
|
page read and write
|
||
|
57A000
|
stack
|
page read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
31FD000
|
trusted library allocation
|
page read and write
|
||
|
33B4000
|
trusted library allocation
|
page read and write
|
||
|
4EC0000
|
trusted library section
|
page readonly
|
||
|
B70000
|
heap
|
page read and write
|
||
|
BD3000
|
trusted library allocation
|
page read and write
|
||
|
6F8E000
|
trusted library allocation
|
page read and write
|
||
|
3475000
|
trusted library allocation
|
page read and write
|
||
|
31F9000
|
trusted library allocation
|
page read and write
|
||
|
7420000
|
trusted library allocation
|
page execute and read and write
|
||
|
5776000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
32A3000
|
trusted library allocation
|
page read and write
|
||
|
5D6000
|
heap
|
page read and write
|
||
|
6B8B000
|
heap
|
page read and write
|
||
|
7510000
|
heap
|
page read and write
|
||
|
3835000
|
trusted library allocation
|
page read and write
|
||
|
6C6E000
|
stack
|
page read and write
|
||
|
6AD2000
|
trusted library allocation
|
page read and write
|
||
|
18E0000
|
trusted library allocation
|
page read and write
|
||
|
3293000
|
trusted library allocation
|
page read and write
|
||
|
5B90000
|
trusted library allocation
|
page read and write
|
||
|
31C1000
|
trusted library allocation
|
page read and write
|
||
|
9DB000
|
heap
|
page read and write
|
||
|
FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
34A6000
|
trusted library allocation
|
page read and write
|
||
|
B1E000
|
stack
|
page read and write
|
||
|
3465000
|
trusted library allocation
|
page read and write
|
||
|
FB0000
|
trusted library allocation
|
page read and write
|
||
|
4DA4000
|
trusted library allocation
|
page read and write
|
||
|
5BA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A63000
|
trusted library allocation
|
page read and write
|
||
|
5720000
|
trusted library allocation
|
page read and write
|
||
|
6FA0000
|
trusted library allocation
|
page read and write
|
||
|
325B000
|
trusted library allocation
|
page read and write
|
||
|
5B95000
|
trusted library allocation
|
page read and write
|
||
|
53F0000
|
trusted library allocation
|
page read and write
|
||
|
315E000
|
stack
|
page read and write
|
||
|
324F000
|
trusted library allocation
|
page read and write
|
||
|
2F88000
|
trusted library allocation
|
page read and write
|
||
|
4DBE000
|
trusted library allocation
|
page read and write
|
||
|
323C000
|
trusted library allocation
|
page read and write
|
||
|
324B000
|
trusted library allocation
|
page read and write
|
||
|
5740000
|
heap
|
page read and write
|
||
|
686E000
|
stack
|
page read and write
|
||
|
4161000
|
trusted library allocation
|
page read and write
|
||
|
4DA0000
|
trusted library allocation
|
page read and write
|
||
|
5170000
|
heap
|
page read and write
|
||
|
6B90000
|
heap
|
page read and write
|
||
|
3273000
|
trusted library allocation
|
page read and write
|
||
|
3201000
|
trusted library allocation
|
page read and write
|
||
|
6BED000
|
stack
|
page read and write
|
||
|
31F5000
|
trusted library allocation
|
page read and write
|
||
|
4DD2000
|
trusted library allocation
|
page read and write
|
||
|
326F000
|
trusted library allocation
|
page read and write
|
||
|
349E000
|
trusted library allocation
|
page read and write
|
||
|
BE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F2E000
|
stack
|
page read and write
|
||
|
32CB000
|
trusted library allocation
|
page read and write
|
||
|
A1DE000
|
stack
|
page read and write
|
||
|
5790000
|
trusted library allocation
|
page read and write
|
||
|
50CB000
|
stack
|
page read and write
|
||
|
1504000
|
trusted library allocation
|
page read and write
|
||
|
768F000
|
stack
|
page read and write
|
||
|
5B98000
|
trusted library allocation
|
page read and write
|
||
|
4DF0000
|
trusted library allocation
|
page read and write
|
||
|
31ED000
|
trusted library allocation
|
page read and write
|
||
|
FE7000
|
heap
|
page read and write
|
||
|
F97000
|
trusted library allocation
|
page execute and read and write
|
||
|
2750000
|
heap
|
page read and write
|
||
|
31E1000
|
trusted library allocation
|
page read and write
|
||
|
6F70000
|
trusted library allocation
|
page read and write
|
||
|
519C000
|
stack
|
page read and write
|
||
|
34C6000
|
trusted library allocation
|
page read and write
|
||
|
53E0000
|
trusted library allocation
|
page read and write
|
||
|
31E5000
|
trusted library allocation
|
page read and write
|
||
|
34BA000
|
trusted library allocation
|
page read and write
|
||
|
422000
|
remote allocation
|
page execute and read and write
|
||
|
A48000
|
heap
|
page read and write
|
||
|
5820000
|
trusted library allocation
|
page read and write
|
||
|
6EB0000
|
heap
|
page read and write
|
||
|
1920000
|
heap
|
page read and write
|
||
|
6F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
3277000
|
trusted library allocation
|
page read and write
|
||
|
6AB0000
|
heap
|
page read and write
|
||
|
460000
|
unkown
|
page readonly
|
||
|
34B6000
|
trusted library allocation
|
page read and write
|
||
|
31C6000
|
trusted library allocation
|
page read and write
|
||
|
41E4000
|
trusted library allocation
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
1558000
|
heap
|
page read and write
|
||
|
A420000
|
heap
|
page read and write
|
||
|
6D6F000
|
stack
|
page read and write
|
||
|
A79000
|
heap
|
page read and write
|
||
|
5150000
|
trusted library allocation
|
page execute and read and write
|
||
|
7500000
|
heap
|
page read and write
|
||
|
4E60000
|
heap
|
page read and write
|
||
|
523E000
|
stack
|
page read and write
|
||
|
327B000
|
trusted library allocation
|
page read and write
|
||
|
33B9000
|
trusted library allocation
|
page read and write
|
||
|
59EE000
|
heap
|
page read and write
|
||
|
A19E000
|
stack
|
page read and write
|
||
|
59C0000
|
heap
|
page read and write
|
||
|
5B9B000
|
trusted library allocation
|
page read and write
|
||
|
31F1000
|
trusted library allocation
|
page read and write
|
||
|
3485000
|
trusted library allocation
|
page read and write
|
||
|
1550000
|
heap
|
page read and write
|
||
|
4DC1000
|
trusted library allocation
|
page read and write
|
||
|
3287000
|
trusted library allocation
|
page read and write
|
||
|
6C2F000
|
stack
|
page read and write
|
||
|
3A23000
|
trusted library allocation
|
page read and write
|
||
|
346D000
|
trusted library allocation
|
page read and write
|
||
|
5080000
|
heap
|
page execute and read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
3253000
|
trusted library allocation
|
page read and write
|
||
|
5A00000
|
heap
|
page read and write
|
||
|
1640000
|
heap
|
page read and write
|
||
|
BC3000
|
trusted library allocation
|
page execute and read and write
|
||
|
3525000
|
trusted library allocation
|
page read and write
|
||
|
561E000
|
stack
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
6B32000
|
heap
|
page read and write
|
||
|
3211000
|
trusted library allocation
|
page read and write
|
||
|
1520000
|
trusted library allocation
|
page read and write
|
||
|
4E72000
|
trusted library allocation
|
page read and write
|
||
|
6FB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2648000
|
trusted library allocation
|
page read and write
|
||
|
6F50000
|
trusted library allocation
|
page read and write
|
||
|
3461000
|
trusted library allocation
|
page read and write
|
||
|
5175000
|
heap
|
page read and write
|
||
|
3209000
|
trusted library allocation
|
page read and write
|
||
|
157A000
|
heap
|
page read and write
|
||
|
F92000
|
trusted library allocation
|
page read and write
|
||
|
51FE000
|
stack
|
page read and write
|
||
|
9DE000
|
heap
|
page read and write
|
||
|
4E4000
|
unkown
|
page readonly
|
||
|
152A000
|
trusted library allocation
|
page execute and read and write
|
||
|
32B7000
|
trusted library allocation
|
page read and write
|
||
|
3489000
|
trusted library allocation
|
page read and write
|
||
|
575B000
|
trusted library allocation
|
page read and write
|
||
|
3040000
|
trusted library allocation
|
page read and write
|
||
|
13A6000
|
heap
|
page read and write
|
||
|
151D000
|
trusted library allocation
|
page execute and read and write
|
||
|
31DD000
|
trusted library allocation
|
page read and write
|
||
|
7030000
|
heap
|
page read and write
|
||
|
535E000
|
stack
|
page read and write
|
||
|
5160000
|
trusted library allocation
|
page read and write
|
||
|
577D000
|
trusted library allocation
|
page read and write
|
||
|
78CE000
|
stack
|
page read and write
|
||
|
18F0000
|
heap
|
page read and write
|
||
|
9F8000
|
heap
|
page read and write
|
||
|
5BB0000
|
heap
|
page execute and read and write
|
||
|
5743000
|
heap
|
page read and write
|
||
|
58D0000
|
heap
|
page read and write
|
||
|
FD0000
|
trusted library allocation
|
page read and write
|
||
|
7220000
|
trusted library section
|
page read and write
|
||
|
A55E000
|
stack
|
page read and write
|
||
|
57FD000
|
stack
|
page read and write
|
||
|
4E10000
|
trusted library allocation
|
page read and write
|
||
|
6DEE000
|
stack
|
page read and write
|
||
|
69AE000
|
stack
|
page read and write
|
||
|
571F000
|
stack
|
page read and write
|
||
|
33C7000
|
trusted library allocation
|
page read and write
|
||
|
696E000
|
stack
|
page read and write
|
||
|
2740000
|
trusted library allocation
|
page read and write
|
||
|
4E40000
|
heap
|
page read and write
|
||
|
6AAE000
|
stack
|
page read and write
|
||
|
34C2000
|
trusted library allocation
|
page read and write
|
||
|
348D000
|
trusted library allocation
|
page read and write
|
||
|
6B98000
|
heap
|
page read and write
|
||
|
529D000
|
stack
|
page read and write
|
||
|
3297000
|
trusted library allocation
|
page read and write
|
||
|
349A000
|
trusted library allocation
|
page read and write
|
||
|
320D000
|
trusted library allocation
|
page read and write
|
||
|
1586000
|
heap
|
page read and write
|
||
|
6F60000
|
trusted library allocation
|
page execute and read and write
|
||
|
32AB000
|
trusted library allocation
|
page read and write
|
||
|
31CE000
|
trusted library allocation
|
page read and write
|
||
|
32AF000
|
trusted library allocation
|
page read and write
|
||
|
34AE000
|
trusted library allocation
|
page read and write
|
||
|
1522000
|
trusted library allocation
|
page read and write
|
||
|
DFE000
|
stack
|
page read and write
|
||
|
150D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1337000
|
stack
|
page read and write
|
||
|
34B2000
|
trusted library allocation
|
page read and write
|
||
|
1503000
|
trusted library allocation
|
page execute and read and write
|
||
|
3283000
|
trusted library allocation
|
page read and write
|
||
|
14BE000
|
stack
|
page read and write
|
||
|
3481000
|
trusted library allocation
|
page read and write
|
||
|
7F380000
|
trusted library allocation
|
page execute and read and write
|
||
|
576E000
|
trusted library allocation
|
page read and write
|
||
|
741E000
|
stack
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
575E000
|
trusted library allocation
|
page read and write
|
||
|
33C2000
|
trusted library allocation
|
page read and write
|
||
|
123A000
|
stack
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
273B000
|
stack
|
page read and write
|
||
|
4EE0000
|
heap
|
page read and write
|
||
|
1530000
|
trusted library allocation
|
page read and write
|
||
|
CFF000
|
stack
|
page read and write
|
||
|
AC7000
|
heap
|
page read and write
|
||
|
1537000
|
trusted library allocation
|
page execute and read and write
|
||
|
3471000
|
trusted library allocation
|
page read and write
|
||
|
1510000
|
trusted library allocation
|
page read and write
|
||
|
6ACE000
|
heap
|
page read and write
|
||
|
4DE5000
|
trusted library allocation
|
page read and write
|
||
|
6ED0000
|
heap
|
page read and write
|
||
|
33AF000
|
trusted library allocation
|
page read and write
|
||
|
3257000
|
trusted library allocation
|
page read and write
|
||
|
462000
|
unkown
|
page readonly
|
||
|
59B0000
|
heap
|
page read and write
|
||
|
3267000
|
trusted library allocation
|
page read and write
|
||
|
5750000
|
trusted library allocation
|
page read and write
|
||
|
3247000
|
trusted library allocation
|
page read and write
|
||
|
53D0000
|
trusted library section
|
page read and write
|
||
|
495C000
|
stack
|
page read and write
|
||
|
6AB0000
|
trusted library allocation
|
page read and write
|
||
|
263E000
|
stack
|
page read and write
|
||
|
3050000
|
heap
|
page read and write
|
||
|
4DE0000
|
trusted library allocation
|
page read and write
|
||
|
32BF000
|
trusted library allocation
|
page read and write
|
||
|
41F1000
|
trusted library allocation
|
page read and write
|
||
|
6F49000
|
trusted library allocation
|
page read and write
|
||
|
3020000
|
heap
|
page execute and read and write
|
||
|
34AA000
|
trusted library allocation
|
page read and write
|
||
|
347D000
|
trusted library allocation
|
page read and write
|
||
|
34A2000
|
trusted library allocation
|
page read and write
|
||
|
B5E000
|
stack
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
329F000
|
trusted library allocation
|
page read and write
|
||
|
3492000
|
trusted library allocation
|
page read and write
|
||
|
34CA000
|
trusted library allocation
|
page read and write
|
||
|
3861000
|
trusted library allocation
|
page read and write
|
||
|
41CA000
|
trusted library allocation
|
page read and write
|
||
|
322D000
|
trusted library allocation
|
page read and write
|
||
|
4E80000
|
trusted library allocation
|
page execute and read and write
|
||
|
34CE000
|
trusted library allocation
|
page read and write
|
||
|
BC0000
|
trusted library allocation
|
page read and write
|
||
|
1535000
|
trusted library allocation
|
page execute and read and write
|
||
|
778E000
|
stack
|
page read and write
|
||
|
31D2000
|
trusted library allocation
|
page read and write
|
||
|
A09D000
|
stack
|
page read and write
|
||
|
3030000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
6E2E000
|
stack
|
page read and write
|
||
|
31E9000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
trusted library allocation
|
page read and write
|
||
|
A7DE000
|
stack
|
page read and write
|
||
|
3469000
|
trusted library allocation
|
page read and write
|
||
|
156E000
|
heap
|
page read and write
|
||
|
4DC6000
|
trusted library allocation
|
page read and write
|
||
|
5771000
|
trusted library allocation
|
page read and write
|
||
|
6F80000
|
trusted library allocation
|
page read and write
|
||
|
4DCD000
|
trusted library allocation
|
page read and write
|
||
|
5782000
|
trusted library allocation
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
325F000
|
trusted library allocation
|
page read and write
|
||
|
33AA000
|
trusted library allocation
|
page read and write
|
||
|
2A99000
|
trusted library allocation
|
page read and write
|
||
|
329B000
|
trusted library allocation
|
page read and write
|
||
|
33CC000
|
trusted library allocation
|
page read and write
|
||
|
33A7000
|
trusted library allocation
|
page read and write
|
||
|
4189000
|
trusted library allocation
|
page read and write
|
||
|
4CA0000
|
heap
|
page read and write
|
||
|
1910000
|
trusted library allocation
|
page execute and read and write
|
||
|
1532000
|
trusted library allocation
|
page read and write
|
||
|
327F000
|
trusted library allocation
|
page read and write
|
||
|
4E70000
|
trusted library allocation
|
page read and write
|
||
|
5CBE000
|
stack
|
page read and write
|
||
|
3205000
|
trusted library allocation
|
page read and write
|
||
|
2F7E000
|
stack
|
page read and write
|
||
|
5756000
|
trusted library allocation
|
page read and write
|
||
|
33BD000
|
trusted library allocation
|
page read and write
|
||
|
BEA000
|
trusted library allocation
|
page execute and read and write
|
||
|
BCD000
|
trusted library allocation
|
page execute and read and write
|
||
|
4DAB000
|
trusted library allocation
|
page read and write
|
||
|
326B000
|
trusted library allocation
|
page read and write
|
||
|
32B3000
|
trusted library allocation
|
page read and write
|
||
|
3044000
|
trusted library allocation
|
page read and write
|
||
|
3232000
|
trusted library allocation
|
page read and write
|
||
|
6AEC000
|
heap
|
page read and write
|
||
|
6DAE000
|
stack
|
page read and write
|
||
|
14F0000
|
trusted library allocation
|
page read and write
|
||
|
BE2000
|
trusted library allocation
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
BDD000
|
trusted library allocation
|
page execute and read and write
|
||
|
F9B000
|
trusted library allocation
|
page execute and read and write
|
||
|
3479000
|
trusted library allocation
|
page read and write
|
||
|
746E000
|
stack
|
page read and write
|
||
|
26F0000
|
heap
|
page execute and read and write
|
||
|
32C3000
|
trusted library allocation
|
page read and write
|
||
|
A65F000
|
stack
|
page read and write
|
||
|
BC4000
|
trusted library allocation
|
page read and write
|
||
|
6F90000
|
trusted library allocation
|
page execute and read and write
|
||
|
58E0000
|
heap
|
page read and write
|
||
|
34BE000
|
trusted library allocation
|
page read and write
|
||
|
153B000
|
trusted library allocation
|
page execute and read and write
|
||
|
3459000
|
trusted library allocation
|
page read and write
|
||
|
6B29000
|
heap
|
page read and write
|
||
|
8F7000
|
stack
|
page read and write
|
||
|
345D000
|
trusted library allocation
|
page read and write
|
||
|
2861000
|
trusted library allocation
|
page read and write
|
||
|
328F000
|
trusted library allocation
|
page read and write
|
||
|
A13000
|
heap
|
page read and write
|
||
|
4E90000
|
trusted library allocation
|
page read and write
|
||
|
32BB000
|
trusted library allocation
|
page read and write
|
||
|
576A000
|
trusted library allocation
|
page read and write
|
There are 342 hidden memdumps, click here to show them.