Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
file.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\file.exe.log
|
CSV text
|
modified
|
|
|
|
C:\Users\Public\Desktop\Google Chrome.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working
directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:41 2023, mtime=Thu Oct 5 05:47:19 2023,
atime=Wed Sep 27 08:36:54 2023, length=3242272, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RegAsm.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Tmp251C.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Tmp255B.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2246122658-3693405117-2476756634-1003\76b53b3ec448f7ccdda2063b15d2bfc3_9e146be9-c76a-4720-bcdb-53011b87bd06
|
data
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF, LF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Text
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/sct
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/sc/dk
|
unknown
|
||
|
http://tempuri.org/Entity/Id14ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id23ResponseD
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#HexBinary
|
unknown
|
||
|
http://tempuri.org/Entity/Id12Response
|
unknown
|
||
|
http://tempuri.org/
|
unknown
|
||
|
http://tempuri.org/Entity/Id2Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/dk/p_sha1
|
unknown
|
||
|
http://tempuri.org/Entity/Id21Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/2005/02/trust/spnego#GSS_Wrap
|
unknown
|
||
|
http://tempuri.org/Entity/Id9
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID
|
unknown
|
||
|
http://tempuri.org/Entity/Id8
|
unknown
|
||
|
http://tempuri.org/Entity/Id6ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id5
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Prepare
|
unknown
|
||
|
http://tempuri.org/Entity/Id4
|
unknown
|
||
|
http://tempuri.org/Entity/Id7
|
unknown
|
||
|
http://tempuri.org/Entity/Id6
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust#BinarySecret
|
unknown
|
||
|
http://tempuri.org/Entity/Id19Response
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-rel-token-profile-1.0.pdf#license
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Aborted
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/TerminateSequence
|
unknown
|
||
|
http://tempuri.org/Entity/Id13ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/fault
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey
|
unknown
|
||
|
http://tempuri.org/Entity/Id15Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id5ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Renew
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/Register
|
unknown
|
||
|
http://tempuri.org/Entity/Id6Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/SymmetricKey
|
unknown
|
||
|
https://api.ip.sb/ip
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/sc
|
unknown
|
||
|
http://tempuri.org/Entity/Id1ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Volatile2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id9Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id20
|
unknown
|
||
|
http://tempuri.org/Entity/Id21
|
unknown
|
||
|
http://tempuri.org/Entity/Id22
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#Kerberosv5APREQSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id23
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/CK/PSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id24
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/Issue
|
unknown
|
||
|
http://tempuri.org/Entity/Id24Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id1Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/AckRequested
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/ReadOnly
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Replay
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Durable2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/SymmetricKey
|
unknown
|
||
|
http://tempuri.org/Entity/Id21ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Completion
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust
|
unknown
|
||
|
http://tempuri.org/Entity/Id10
|
unknown
|
||
|
http://tempuri.org/Entity/Id11
|
unknown
|
||
|
http://tempuri.org/Entity/Id10ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id12
|
unknown
|
||
|
http://tempuri.org/Entity/Id16Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContextResponse
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id13
|
unknown
|
||
|
http://tempuri.org/Entity/Id14
|
unknown
|
||
|
http://tempuri.org/Entity/Id15
|
unknown
|
||
|
http://tempuri.org/Entity/Id16
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Nonce
|
unknown
|
||
|
http://tempuri.org/Entity/Id17
|
unknown
|
||
|
http://tempuri.org/Entity/Id18
|
unknown
|
||
|
http://tempuri.org/Entity/Id5Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id19
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dns
|
unknown
|
||
|
http://tempuri.org/Entity/Id15ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id10Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Renew
|
unknown
|
||
|
http://tempuri.org/Entity/Id11ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id8Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/PublicKey
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/SCT
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2006/02/addressingidentity
|
unknown
|
||
|
http://tempuri.org/Entity/Id17ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
||
|
http://tempuri.org/Entity/Id8ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/PublicKey
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKeySHA1
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Rollback
|
unknown
|
There are 90 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
91.211.248.215
|
unknown
|
Ukraine
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F1A578C4CB5DE79A370893983FD4DA8B67B2B064
|
Blob
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
3A95000
|
trusted library allocation
|
page read and write
|
|
|
|
38B8000
|
trusted library allocation
|
page read and write
|
||
|
BD6000
|
trusted library allocation
|
page execute and read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
DD4000
|
trusted library allocation
|
page read and write
|
||
|
3BA9000
|
trusted library allocation
|
page read and write
|
||
|
BE0000
|
trusted library allocation
|
page read and write
|
||
|
6FEC000
|
heap
|
page read and write
|
||
|
2C9C000
|
trusted library allocation
|
page read and write
|
||
|
2DFD000
|
trusted library allocation
|
page read and write
|
||
|
6810000
|
trusted library allocation
|
page read and write
|
||
|
3A12000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
2A0D000
|
trusted library allocation
|
page read and write
|
||
|
BA0000
|
trusted library allocation
|
page read and write
|
||
|
BE7000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F86000
|
heap
|
page read and write
|
||
|
4DD2000
|
trusted library allocation
|
page read and write
|
||
|
668D000
|
stack
|
page read and write
|
||
|
6E40000
|
heap
|
page read and write
|
||
|
2A38000
|
trusted library allocation
|
page read and write
|
||
|
2B73000
|
trusted library allocation
|
page read and write
|
||
|
4D10000
|
trusted library allocation
|
page read and write
|
||
|
39C1000
|
trusted library allocation
|
page read and write
|
||
|
29DD000
|
trusted library allocation
|
page read and write
|
||
|
4E4E000
|
stack
|
page read and write
|
||
|
10BD000
|
stack
|
page read and write
|
||
|
968000
|
stack
|
page read and write
|
||
|
680E000
|
stack
|
page read and write
|
||
|
2D8A000
|
trusted library allocation
|
page read and write
|
||
|
3A91000
|
trusted library allocation
|
page read and write
|
||
|
3941000
|
trusted library allocation
|
page read and write
|
||
|
2E7A000
|
trusted library allocation
|
page read and write
|
||
|
6F5B000
|
heap
|
page read and write
|
||
|
BD2000
|
trusted library allocation
|
page read and write
|
||
|
53CE000
|
stack
|
page read and write
|
||
|
B9E000
|
stack
|
page read and write
|
||
|
6222000
|
trusted library allocation
|
page read and write
|
||
|
4DE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3BE9000
|
trusted library allocation
|
page read and write
|
||
|
70B8000
|
heap
|
page read and write
|
||
|
2CC7000
|
trusted library allocation
|
page read and write
|
||
|
6F58000
|
heap
|
page read and write
|
||
|
2831000
|
trusted library allocation
|
page read and write
|
||
|
39A1000
|
trusted library allocation
|
page read and write
|
||
|
2DA1000
|
trusted library allocation
|
page read and write
|
||
|
2A40000
|
heap
|
page read and write
|
||
|
814B000
|
stack
|
page read and write
|
||
|
6F45000
|
heap
|
page read and write
|
||
|
2ADB000
|
trusted library allocation
|
page read and write
|
||
|
9D5000
|
heap
|
page read and write
|
||
|
2A54000
|
trusted library allocation
|
page read and write
|
||
|
6280000
|
trusted library allocation
|
page read and write
|
||
|
38D4000
|
trusted library allocation
|
page read and write
|
||
|
6FB3000
|
heap
|
page read and write
|
||
|
100A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E83000
|
heap
|
page read and write
|
||
|
61C0000
|
trusted library allocation
|
page read and write
|
||
|
72E0000
|
trusted library allocation
|
page read and write
|
||
|
28D8000
|
trusted library allocation
|
page read and write
|
||
|
2D9C000
|
trusted library allocation
|
page read and write
|
||
|
2E94000
|
trusted library allocation
|
page read and write
|
||
|
26DB000
|
stack
|
page read and write
|
||
|
61D5000
|
trusted library allocation
|
page read and write
|
||
|
5AD5000
|
heap
|
page read and write
|
||
|
2A82000
|
trusted library allocation
|
page read and write
|
||
|
62F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
D8E000
|
stack
|
page read and write
|
||
|
38C5000
|
trusted library allocation
|
page read and write
|
||
|
6F53000
|
heap
|
page read and write
|
||
|
7305000
|
trusted library allocation
|
page read and write
|
||
|
72E9000
|
trusted library allocation
|
page read and write
|
||
|
446000
|
remote allocation
|
page execute and read and write
|
||
|
3C21000
|
trusted library allocation
|
page read and write
|
||
|
3964000
|
trusted library allocation
|
page read and write
|
||
|
2B21000
|
trusted library allocation
|
page read and write
|
||
|
2920000
|
trusted library allocation
|
page read and write
|
||
|
74AF000
|
stack
|
page read and write
|
||
|
6250000
|
trusted library allocation
|
page read and write
|
||
|
64C0000
|
trusted library allocation
|
page read and write
|
||
|
38C8000
|
trusted library allocation
|
page read and write
|
||
|
3A4E000
|
trusted library allocation
|
page read and write
|
||
|
2983000
|
trusted library allocation
|
page read and write
|
||
|
5BA000
|
stack
|
page read and write
|
||
|
4D31000
|
trusted library allocation
|
page read and write
|
||
|
72F8000
|
trusted library allocation
|
page read and write
|
||
|
67A0000
|
trusted library allocation
|
page read and write
|
||
|
730A000
|
trusted library allocation
|
page read and write
|
||
|
255F000
|
stack
|
page read and write
|
||
|
C00000
|
trusted library allocation
|
page read and write
|
||
|
297F000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
trusted library allocation
|
page read and write
|
||
|
4D3D000
|
trusted library allocation
|
page read and write
|
||
|
2D83000
|
trusted library allocation
|
page read and write
|
||
|
5438000
|
trusted library allocation
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
6231000
|
trusted library allocation
|
page read and write
|
||
|
2AC3000
|
trusted library allocation
|
page read and write
|
||
|
AE6000
|
heap
|
page read and write
|
||
|
2B05000
|
trusted library allocation
|
page read and write
|
||
|
29BF000
|
trusted library allocation
|
page read and write
|
||
|
4DC0000
|
heap
|
page execute and read and write
|
||
|
6216000
|
trusted library allocation
|
page read and write
|
||
|
6F7A000
|
heap
|
page read and write
|
||
|
3A03000
|
trusted library allocation
|
page read and write
|
||
|
2DD4000
|
trusted library allocation
|
page read and write
|
||
|
3C3B000
|
trusted library allocation
|
page read and write
|
||
|
742E000
|
stack
|
page read and write
|
||
|
3C1C000
|
trusted library allocation
|
page read and write
|
||
|
2D4A000
|
trusted library allocation
|
page read and write
|
||
|
3C03000
|
trusted library allocation
|
page read and write
|
||
|
2A33000
|
trusted library allocation
|
page read and write
|
||
|
59F0000
|
heap
|
page read and write
|
||
|
3BA3000
|
trusted library allocation
|
page read and write
|
||
|
709C000
|
heap
|
page read and write
|
||
|
2CCC000
|
trusted library allocation
|
page read and write
|
||
|
297D000
|
trusted library allocation
|
page read and write
|
||
|
AC8000
|
heap
|
page read and write
|
||
|
2D12000
|
trusted library allocation
|
page read and write
|
||
|
8D8E000
|
stack
|
page read and write
|
||
|
9030000
|
trusted library allocation
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
3831000
|
trusted library allocation
|
page read and write
|
||
|
2CE3000
|
trusted library allocation
|
page read and write
|
||
|
BE5000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D5B000
|
trusted library allocation
|
page read and write
|
||
|
4D1B000
|
trusted library allocation
|
page read and write
|
||
|
CA0000
|
trusted library allocation
|
page read and write
|
||
|
60F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3BAD000
|
trusted library allocation
|
page read and write
|
||
|
396C000
|
trusted library allocation
|
page read and write
|
||
|
391B000
|
trusted library allocation
|
page read and write
|
||
|
2910000
|
trusted library allocation
|
page execute and read and write
|
||
|
5430000
|
trusted library allocation
|
page read and write
|
||
|
582000
|
unkown
|
page readonly
|
||
|
53D0000
|
heap
|
page read and write
|
||
|
2A48000
|
trusted library allocation
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
6030000
|
trusted library allocation
|
page read and write
|
||
|
5B2E000
|
stack
|
page read and write
|
||
|
620B000
|
trusted library allocation
|
page read and write
|
||
|
64A0000
|
trusted library allocation
|
page read and write
|
||
|
61D0000
|
trusted library allocation
|
page read and write
|
||
|
2D69000
|
trusted library allocation
|
page read and write
|
||
|
8DCE000
|
stack
|
page read and write
|
||
|
2A21000
|
trusted library allocation
|
page read and write
|
||
|
2997000
|
trusted library allocation
|
page read and write
|
||
|
2715000
|
trusted library allocation
|
page read and write
|
||
|
703C000
|
heap
|
page read and write
|
||
|
5AAB000
|
heap
|
page read and write
|
||
|
3966000
|
trusted library allocation
|
page read and write
|
||
|
CB7000
|
heap
|
page read and write
|
||
|
73CE000
|
stack
|
page read and write
|
||
|
6040000
|
trusted library allocation
|
page read and write
|
||
|
746E000
|
stack
|
page read and write
|
||
|
2977000
|
trusted library allocation
|
page read and write
|
||
|
61CA000
|
trusted library allocation
|
page read and write
|
||
|
39AE000
|
trusted library allocation
|
page read and write
|
||
|
FEF000
|
stack
|
page read and write
|
||
|
8F7000
|
stack
|
page read and write
|
||
|
2ACB000
|
trusted library allocation
|
page read and write
|
||
|
3948000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
trusted library allocation
|
page read and write
|
||
|
5ACC000
|
heap
|
page read and write
|
||
|
67A9000
|
trusted library allocation
|
page read and write
|
||
|
AAE000
|
stack
|
page read and write
|
||
|
2700000
|
trusted library allocation
|
page read and write
|
||
|
2A3D000
|
trusted library allocation
|
page read and write
|
||
|
5F2E000
|
stack
|
page read and write
|
||
|
64D0000
|
trusted library allocation
|
page read and write
|
||
|
29E7000
|
trusted library allocation
|
page read and write
|
||
|
6FBC000
|
heap
|
page read and write
|
||
|
3BB6000
|
trusted library allocation
|
page read and write
|
||
|
2D76000
|
trusted library allocation
|
page read and write
|
||
|
5AEA000
|
heap
|
page read and write
|
||
|
7320000
|
trusted library allocation
|
page read and write
|
||
|
5B6E000
|
stack
|
page read and write
|
||
|
26F0000
|
trusted library allocation
|
page read and write
|
||
|
5A33000
|
heap
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
BB3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B0C000
|
trusted library allocation
|
page read and write
|
||
|
2DA6000
|
trusted library allocation
|
page read and write
|
||
|
6FFB000
|
heap
|
page read and write
|
||
|
701C000
|
heap
|
page read and write
|
||
|
6290000
|
trusted library allocation
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
3BBB000
|
trusted library allocation
|
page read and write
|
||
|
39F4000
|
trusted library allocation
|
page read and write
|
||
|
2A80000
|
heap
|
page execute and read and write
|
||
|
6211000
|
trusted library allocation
|
page read and write
|
||
|
38D6000
|
trusted library allocation
|
page read and write
|
||
|
678C000
|
stack
|
page read and write
|
||
|
39CD000
|
trusted library allocation
|
page read and write
|
||
|
6F8D000
|
heap
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
61D7000
|
trusted library allocation
|
page read and write
|
||
|
6FDE000
|
heap
|
page read and write
|
||
|
8C8E000
|
stack
|
page read and write
|
||
|
4D2E000
|
trusted library allocation
|
page read and write
|
||
|
5ADE000
|
heap
|
page read and write
|
||
|
3A07000
|
trusted library allocation
|
page read and write
|
||
|
437000
|
remote allocation
|
page execute and read and write
|
||
|
2E72000
|
trusted library allocation
|
page read and write
|
||
|
2A2C000
|
trusted library allocation
|
page read and write
|
||
|
5A53000
|
heap
|
page read and write
|
||
|
3BC5000
|
trusted library allocation
|
page read and write
|
||
|
625E000
|
trusted library allocation
|
page read and write
|
||
|
3873000
|
trusted library allocation
|
page read and write
|
||
|
3A09000
|
trusted library allocation
|
page read and write
|
||
|
2DF0000
|
trusted library allocation
|
page read and write
|
||
|
9C8000
|
heap
|
page read and write
|
||
|
3BC1000
|
trusted library allocation
|
page read and write
|
||
|
6270000
|
trusted library allocation
|
page read and write
|
||
|
73E0000
|
trusted library allocation
|
page read and write
|
||
|
2CA9000
|
trusted library allocation
|
page read and write
|
||
|
64E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
705A000
|
heap
|
page read and write
|
||
|
39D2000
|
trusted library allocation
|
page read and write
|
||
|
A83000
|
heap
|
page read and write
|
||
|
26E0000
|
trusted library allocation
|
page read and write
|
||
|
2AFA000
|
trusted library allocation
|
page read and write
|
||
|
AF4000
|
heap
|
page read and write
|
||
|
BDA000
|
trusted library allocation
|
page execute and read and write
|
||
|
7310000
|
trusted library allocation
|
page read and write
|
||
|
BBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F40000
|
heap
|
page read and write
|
||
|
6F92000
|
heap
|
page read and write
|
||
|
7041000
|
heap
|
page read and write
|
||
|
B01000
|
heap
|
page read and write
|
||
|
4D36000
|
trusted library allocation
|
page read and write
|
||
|
4D50000
|
trusted library allocation
|
page read and write
|
||
|
39C7000
|
trusted library allocation
|
page read and write
|
||
|
DCE000
|
stack
|
page read and write
|
||
|
5AC1000
|
heap
|
page read and write
|
||
|
3988000
|
trusted library allocation
|
page read and write
|
||
|
6360000
|
trusted library allocation
|
page execute and read and write
|
||
|
86C000
|
stack
|
page read and write
|
||
|
C2E000
|
heap
|
page read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
2CD7000
|
trusted library allocation
|
page read and write
|
||
|
3B96000
|
trusted library allocation
|
page read and write
|
||
|
7019000
|
heap
|
page read and write
|
||
|
62A0000
|
trusted library allocation
|
page read and write
|
||
|
ACE000
|
heap
|
page read and write
|
||
|
51B8000
|
heap
|
page read and write
|
||
|
4E70000
|
heap
|
page read and write
|
||
|
2ABA000
|
trusted library allocation
|
page read and write
|
||
|
38DC000
|
trusted library allocation
|
page read and write
|
||
|
3852000
|
trusted library allocation
|
page read and write
|
||
|
2A91000
|
trusted library allocation
|
page execute and read and write
|
||
|
1017000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D95000
|
trusted library allocation
|
page read and write
|
||
|
6FA0000
|
heap
|
page read and write
|
||
|
72FA000
|
trusted library allocation
|
page read and write
|
||
|
4838000
|
trusted library allocation
|
page read and write
|
||
|
3BB8000
|
trusted library allocation
|
page read and write
|
||
|
BCD000
|
trusted library allocation
|
page execute and read and write
|
||
|
6813000
|
trusted library allocation
|
page read and write
|
||
|
282E000
|
stack
|
page read and write
|
||
|
8F0E000
|
stack
|
page read and write
|
||
|
3B7C000
|
trusted library allocation
|
page read and write
|
||
|
394E000
|
trusted library allocation
|
page read and write
|
||
|
70C0000
|
heap
|
page read and write
|
||
|
7B90000
|
trusted library allocation
|
page read and write
|
||
|
EEF000
|
stack
|
page read and write
|
||
|
6480000
|
trusted library allocation
|
page read and write
|
||
|
4D70000
|
trusted library allocation
|
page read and write
|
||
|
39E7000
|
trusted library allocation
|
page read and write
|
||
|
7038000
|
heap
|
page read and write
|
||
|
FF0000
|
trusted library allocation
|
page read and write
|
||
|
4ED0000
|
heap
|
page read and write
|
||
|
955000
|
heap
|
page read and write
|
||
|
A25000
|
heap
|
page read and write
|
||
|
580000
|
unkown
|
page readonly
|
||
|
39FE000
|
trusted library allocation
|
page read and write
|
||
|
BE2000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
64B0000
|
heap
|
page execute and read and write
|
||
|
5A17000
|
heap
|
page read and write
|
||
|
101B000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F80000
|
heap
|
page read and write
|
||
|
7240000
|
trusted library allocation
|
page read and write
|
||
|
38CE000
|
trusted library allocation
|
page read and write
|
||
|
8100000
|
heap
|
page read and write
|
||
|
3BF6000
|
trusted library allocation
|
page read and write
|
||
|
4D7E000
|
trusted library allocation
|
page read and write
|
||
|
6300000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B8E000
|
stack
|
page read and write
|
||
|
4DC3000
|
heap
|
page execute and read and write
|
||
|
6260000
|
trusted library allocation
|
page read and write
|
||
|
C6E000
|
stack
|
page read and write
|
||
|
2DE7000
|
trusted library allocation
|
page read and write
|
||
|
38EF000
|
trusted library allocation
|
page read and write
|
||
|
72E2000
|
trusted library allocation
|
page read and write
|
||
|
6255000
|
trusted library allocation
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
FF4000
|
trusted library allocation
|
page read and write
|
||
|
70C6000
|
heap
|
page read and write
|
||
|
9021000
|
trusted library allocation
|
page read and write
|
||
|
7028000
|
heap
|
page read and write
|
||
|
38BE000
|
trusted library allocation
|
page read and write
|
||
|
7780000
|
trusted library allocation
|
page execute and read and write
|
||
|
3B43000
|
trusted library allocation
|
page read and write
|
||
|
7250000
|
trusted library allocation
|
page execute and read and write
|
||
|
BB4000
|
trusted library allocation
|
page read and write
|
||
|
61C5000
|
trusted library allocation
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
4DB0000
|
heap
|
page read and write
|
||
|
298B000
|
trusted library allocation
|
page read and write
|
||
|
824D000
|
stack
|
page read and write
|
||
|
2AD9000
|
trusted library allocation
|
page read and write
|
||
|
62E0000
|
trusted library allocation
|
page read and write
|
||
|
518F000
|
stack
|
page read and write
|
||
|
2985000
|
trusted library allocation
|
page read and write
|
||
|
C10000
|
trusted library allocation
|
page execute and read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
7BA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C15000
|
trusted library allocation
|
page read and write
|
||
|
3C26000
|
trusted library allocation
|
page read and write
|
||
|
6240000
|
trusted library allocation
|
page read and write
|
||
|
664C000
|
stack
|
page read and write
|
||
|
7284000
|
trusted library allocation
|
page read and write
|
||
|
80F0000
|
trusted library allocation
|
page read and write
|
||
|
7047000
|
heap
|
page read and write
|
||
|
723D000
|
stack
|
page read and write
|
||
|
60D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E0C000
|
trusted library allocation
|
page read and write
|
||
|
2E87000
|
trusted library allocation
|
page read and write
|
||
|
777E000
|
stack
|
page read and write
|
||
|
3BDD000
|
trusted library allocation
|
page read and write
|
||
|
29C2000
|
trusted library allocation
|
page read and write
|
||
|
2A3F000
|
stack
|
page read and write
|
||
|
3994000
|
trusted library allocation
|
page read and write
|
||
|
62D0000
|
trusted library allocation
|
page read and write
|
||
|
73D0000
|
trusted library allocation
|
page read and write
|
||
|
738D000
|
stack
|
page read and write
|
||
|
2E01000
|
trusted library allocation
|
page read and write
|
||
|
2CC2000
|
trusted library allocation
|
page read and write
|
||
|
3D3B000
|
trusted library allocation
|
page read and write
|
||
|
3955000
|
trusted library allocation
|
page read and write
|
||
|
53E0000
|
heap
|
page read and write
|
||
|
39DD000
|
trusted library allocation
|
page read and write
|
||
|
70BC000
|
heap
|
page read and write
|
||
|
29BC000
|
trusted library allocation
|
page read and write
|
||
|
39B6000
|
trusted library allocation
|
page read and write
|
||
|
3910000
|
trusted library allocation
|
page read and write
|
||
|
3AD8000
|
trusted library allocation
|
page read and write
|
||
|
622E000
|
trusted library allocation
|
page read and write
|
||
|
49CB000
|
stack
|
page read and write
|
||
|
2E31000
|
trusted library allocation
|
page read and write
|
||
|
392C000
|
trusted library allocation
|
page read and write
|
||
|
6FCC000
|
heap
|
page read and write
|
||
|
3A0C000
|
trusted library allocation
|
page read and write
|
||
|
38FC000
|
trusted library allocation
|
page read and write
|
||
|
8ECF000
|
stack
|
page read and write
|
||
|
2B11000
|
trusted library allocation
|
page read and write
|
||
|
DD3000
|
trusted library allocation
|
page execute and read and write
|
||
|
3B9C000
|
trusted library allocation
|
page read and write
|
||
|
51A1000
|
heap
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
67C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6500000
|
trusted library allocation
|
page execute and read and write
|
||
|
52CE000
|
stack
|
page read and write
|
||
|
7073000
|
heap
|
page read and write
|
||
|
29CF000
|
trusted library allocation
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
72FF000
|
trusted library allocation
|
page read and write
|
||
|
3B76000
|
trusted library allocation
|
page read and write
|
||
|
7280000
|
trusted library allocation
|
page read and write
|
||
|
298F000
|
trusted library allocation
|
page read and write
|
||
|
38E3000
|
trusted library allocation
|
page read and write
|
||
|
2E68000
|
trusted library allocation
|
page read and write
|
||
|
2CBB000
|
trusted library allocation
|
page read and write
|
||
|
38D1000
|
trusted library allocation
|
page read and write
|
||
|
6816000
|
trusted library allocation
|
page read and write
|
||
|
39FA000
|
trusted library allocation
|
page read and write
|
||
|
2E06000
|
trusted library allocation
|
page read and write
|
||
|
A6E000
|
stack
|
page read and write
|
||
|
7010000
|
heap
|
page read and write
|
||
|
6FF5000
|
heap
|
page read and write
|
||
|
61C8000
|
trusted library allocation
|
page read and write
|
||
|
2DB1000
|
trusted library allocation
|
page read and write
|
||
|
2930000
|
heap
|
page read and write
|
||
|
3A26000
|
trusted library allocation
|
page read and write
|
||
|
4D42000
|
trusted library allocation
|
page read and write
|
||
|
2A00000
|
trusted library allocation
|
page read and write
|
||
|
6490000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
trusted library allocation
|
page read and write
|
||
|
625B000
|
trusted library allocation
|
page read and write
|
||
|
4E80000
|
heap
|
page read and write
|
||
|
2AF3000
|
trusted library allocation
|
page read and write
|
||
|
99B000
|
heap
|
page read and write
|
||
|
2927000
|
trusted library allocation
|
page read and write
|
||
|
3A5E000
|
trusted library allocation
|
page read and write
|
||
|
2DE5000
|
trusted library allocation
|
page read and write
|
||
|
6350000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D53000
|
trusted library allocation
|
page read and write
|
||
|
6200000
|
trusted library allocation
|
page read and write
|
||
|
724A000
|
trusted library allocation
|
page read and write
|
||
|
542E000
|
stack
|
page read and write
|
||
|
AEB000
|
heap
|
page read and write
|
||
|
4D14000
|
trusted library allocation
|
page read and write
|
||
|
3927000
|
trusted library allocation
|
page read and write
|
||
|
3C31000
|
trusted library allocation
|
page read and write
|
||
|
3C0A000
|
trusted library allocation
|
page read and write
|
||
|
C25000
|
heap
|
page read and write
|
||
|
3909000
|
trusted library allocation
|
page read and write
|
||
|
39ED000
|
trusted library allocation
|
page read and write
|
||
|
2B96000
|
trusted library allocation
|
page read and write
|
||
|
3B81000
|
trusted library allocation
|
page read and write
|
||
|
2720000
|
heap
|
page execute and read and write
|
||
|
3B50000
|
trusted library allocation
|
page read and write
|
||
|
3B64000
|
trusted library allocation
|
page read and write
|
||
|
72E5000
|
trusted library allocation
|
page read and write
|
||
|
730F000
|
trusted library allocation
|
page read and write
|
||
|
2B2D000
|
trusted library allocation
|
page read and write
|
||
|
2D5D000
|
trusted library allocation
|
page read and write
|
||
|
3958000
|
trusted library allocation
|
page read and write
|
||
|
2B16000
|
trusted library allocation
|
page read and write
|
||
|
5A8C000
|
heap
|
page read and write
|
||
|
B2C000
|
heap
|
page read and write
|
||
|
3B5D000
|
trusted library allocation
|
page read and write
|
||
|
7790000
|
heap
|
page read and write
|
||
|
432000
|
remote allocation
|
page execute and read and write
|
||
|
3961000
|
trusted library allocation
|
page read and write
|
||
|
383F000
|
trusted library allocation
|
page read and write
|
||
|
5A7A000
|
heap
|
page read and write
|
||
|
107E000
|
stack
|
page read and write
|
||
|
BEB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A02000
|
trusted library allocation
|
page read and write
|
||
|
269E000
|
stack
|
page read and write
|
||
|
270E000
|
trusted library allocation
|
page read and write
|
||
|
724C000
|
trusted library allocation
|
page read and write
|
||
|
2A93000
|
trusted library allocation
|
page read and write
|
||
|
2CB0000
|
trusted library allocation
|
page read and write
|
||
|
654C000
|
stack
|
page read and write
|
||
|
602E000
|
stack
|
page read and write
|
||
|
2710000
|
trusted library allocation
|
page read and write
|
||
|
38B1000
|
trusted library allocation
|
page read and write
|
||
|
6F77000
|
heap
|
page read and write
|
||
|
707F000
|
heap
|
page read and write
|
||
|
3B6F000
|
trusted library allocation
|
page read and write
|
||
|
395E000
|
trusted library allocation
|
page read and write
|
||
|
3B8C000
|
trusted library allocation
|
page read and write
|
||
|
3EE0000
|
trusted library allocation
|
page read and write
|
||
|
2DBE000
|
trusted library allocation
|
page read and write
|
||
|
265E000
|
stack
|
page read and write
|
||
|
3922000
|
trusted library allocation
|
page read and write
|
||
|
2AE6000
|
trusted library allocation
|
page read and write
|
||
|
BC0000
|
trusted library allocation
|
page read and write
|
||
|
3BB2000
|
trusted library allocation
|
page read and write
|
||
|
A5D000
|
heap
|
page read and write
|
||
|
900E000
|
stack
|
page read and write
|
||
|
2A1A000
|
trusted library allocation
|
page read and write
|
||
|
5E2E000
|
stack
|
page read and write
|
||
|
3971000
|
trusted library allocation
|
page read and write
|
||
|
2993000
|
trusted library allocation
|
page read and write
|
||
|
FF6000
|
trusted library allocation
|
page read and write
|
||
|
29F2000
|
trusted library allocation
|
page read and write
|
||
|
7F170000
|
trusted library allocation
|
page execute and read and write
|
||
|
2989000
|
trusted library allocation
|
page read and write
|
||
|
AB0000
|
trusted library allocation
|
page read and write
|
||
|
3937000
|
trusted library allocation
|
page read and write
|
||
|
61D9000
|
trusted library allocation
|
page read and write
|
There are 457 hidden memdumps, click here to show them.