Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
BOSSARD_ORDER_4923521.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\BOSSARD_ORDER_4923521.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmp64C0.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\CkVzvA.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\CkVzvA.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\CkVzvA.exe.log
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_12mmlfra.ayw.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5kxtit4a.fg3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_c2f5xbht.xbr.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ekrs41ot.u2z.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pbwatn4d.1dp.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ul1al3gv.np1.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xeme1vl4.0fn.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zvwfnbf2.g1w.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp7BE1.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\BOSSARD_ORDER_4923521.exe
|
"C:\Users\user\Desktop\BOSSARD_ORDER_4923521.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\BOSSARD_ORDER_4923521.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\CkVzvA.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\CkVzvA" /XML "C:\Users\user\AppData\Local\Temp\tmp64C0.tmp"
|
|
|
|
C:\Users\user\Desktop\BOSSARD_ORDER_4923521.exe
|
"C:\Users\user\Desktop\BOSSARD_ORDER_4923521.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\CkVzvA.exe
|
C:\Users\user\AppData\Roaming\CkVzvA.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\CkVzvA" /XML "C:\Users\user\AppData\Local\Temp\tmp7BE1.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\CkVzvA.exe
|
"C:\Users\user\AppData\Roaming\CkVzvA.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://mail.iaa-airferight.com
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
There are 18 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mail.iaa-airferight.com
|
46.175.148.58
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
46.175.148.58
|
mail.iaa-airferight.com
|
Ukraine
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2B31000
|
trusted library allocation
|
page read and write
|
|
|
|
3D29000
|
trusted library allocation
|
page read and write
|
|
|
|
2B7E000
|
trusted library allocation
|
page read and write
|
|
|
|
3081000
|
trusted library allocation
|
page read and write
|
|
|
|
30CE000
|
trusted library allocation
|
page read and write
|
|
|
|
42D000
|
remote allocation
|
page execute and read and write
|
|
|
|
6AA0000
|
heap
|
page read and write
|
||
|
9B3E000
|
stack
|
page read and write
|
||
|
734F000
|
stack
|
page read and write
|
||
|
424000
|
remote allocation
|
page execute and read and write
|
||
|
42B000
|
remote allocation
|
page execute and read and write
|
||
|
300A000
|
trusted library allocation
|
page read and write
|
||
|
2D05000
|
trusted library allocation
|
page read and write
|
||
|
6A70000
|
trusted library allocation
|
page read and write
|
||
|
2C9F000
|
unkown
|
page read and write
|
||
|
39DA000
|
trusted library allocation
|
page read and write
|
||
|
C99000
|
heap
|
page read and write
|
||
|
652E000
|
stack
|
page read and write
|
||
|
2911000
|
trusted library allocation
|
page read and write
|
||
|
D96000
|
heap
|
page read and write
|
||
|
2FF6000
|
trusted library allocation
|
page read and write
|
||
|
BD4000
|
trusted library allocation
|
page read and write
|
||
|
EC7000
|
heap
|
page read and write
|
||
|
9AFE000
|
stack
|
page read and write
|
||
|
61B7000
|
trusted library allocation
|
page read and write
|
||
|
2B20000
|
heap
|
page execute and read and write
|
||
|
5540000
|
trusted library allocation
|
page read and write
|
||
|
D56000
|
heap
|
page read and write
|
||
|
A43E000
|
stack
|
page read and write
|
||
|
4E40000
|
heap
|
page execute and read and write
|
||
|
EAE000
|
heap
|
page read and write
|
||
|
61B0000
|
trusted library allocation
|
page read and write
|
||
|
3B39000
|
trusted library allocation
|
page read and write
|
||
|
3B31000
|
trusted library allocation
|
page read and write
|
||
|
3011000
|
trusted library allocation
|
page read and write
|
||
|
2C10000
|
heap
|
page read and write
|
||
|
A9BE000
|
stack
|
page read and write
|
||
|
12B2000
|
trusted library allocation
|
page read and write
|
||
|
AAFC000
|
stack
|
page read and write
|
||
|
12A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
87A000
|
stack
|
page read and write
|
||
|
BF2000
|
trusted library allocation
|
page read and write
|
||
|
6A50000
|
heap
|
page read and write
|
||
|
977000
|
stack
|
page read and write
|
||
|
7F8C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A9E000
|
stack
|
page read and write
|
||
|
131E000
|
stack
|
page read and write
|
||
|
BF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
11D0000
|
trusted library allocation
|
page read and write
|
||
|
404000
|
remote allocation
|
page execute and read and write
|
||
|
F17000
|
heap
|
page read and write
|
||
|
561C000
|
stack
|
page read and write
|
||
|
C42000
|
heap
|
page read and write
|
||
|
4E90000
|
trusted library allocation
|
page read and write
|
||
|
13A5000
|
heap
|
page read and write
|
||
|
6230000
|
trusted library allocation
|
page read and write
|
||
|
B30000
|
trusted library allocation
|
page read and write
|
||
|
66B2000
|
heap
|
page read and write
|
||
|
EE6000
|
heap
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
EE2000
|
heap
|
page read and write
|
||
|
553E000
|
stack
|
page read and write
|
||
|
B8E000
|
stack
|
page read and write
|
||
|
1202000
|
trusted library allocation
|
page read and write
|
||
|
13F9000
|
heap
|
page read and write
|
||
|
D1A000
|
stack
|
page read and write
|
||
|
7EFC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3911000
|
trusted library allocation
|
page read and write
|
||
|
6DFE000
|
stack
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
61AE000
|
stack
|
page read and write
|
||
|
4E10000
|
trusted library allocation
|
page read and write
|
||
|
565E000
|
stack
|
page read and write
|
||
|
11AE000
|
stack
|
page read and write
|
||
|
AC00000
|
trusted library allocation
|
page execute and read and write
|
||
|
5022000
|
trusted library allocation
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
549A000
|
trusted library allocation
|
page read and write
|
||
|
11B5000
|
heap
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
146E000
|
heap
|
page read and write
|
||
|
5C6C000
|
trusted library allocation
|
page read and write
|
||
|
55D0000
|
heap
|
page execute and read and write
|
||
|
54C0000
|
heap
|
page read and write
|
||
|
2B7C000
|
trusted library allocation
|
page read and write
|
||
|
13A7000
|
heap
|
page read and write
|
||
|
28E0000
|
trusted library allocation
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
616F000
|
stack
|
page read and write
|
||
|
6070000
|
trusted library allocation
|
page read and write
|
||
|
12A0000
|
trusted library allocation
|
page read and write
|
||
|
C65000
|
heap
|
page read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
2AE0000
|
trusted library allocation
|
page read and write
|
||
|
AABF000
|
stack
|
page read and write
|
||
|
6236000
|
trusted library allocation
|
page read and write
|
||
|
1212000
|
trusted library allocation
|
page read and write
|
||
|
5014000
|
trusted library allocation
|
page read and write
|
||
|
5210000
|
heap
|
page read and write
|
||
|
5036000
|
trusted library allocation
|
page read and write
|
||
|
2B00000
|
trusted library allocation
|
page read and write
|
||
|
7A50000
|
trusted library allocation
|
page read and write
|
||
|
FA4000
|
trusted library allocation
|
page read and write
|
||
|
50BB000
|
stack
|
page read and write
|
||
|
12A2000
|
trusted library allocation
|
page read and write
|
||
|
5200000
|
trusted library allocation
|
page read and write
|
||
|
BDD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B94000
|
trusted library allocation
|
page read and write
|
||
|
2CC1000
|
trusted library allocation
|
page read and write
|
||
|
2910000
|
trusted library allocation
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
4B38000
|
trusted library allocation
|
page read and write
|
||
|
143D000
|
heap
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
140D000
|
heap
|
page read and write
|
||
|
F07000
|
trusted library allocation
|
page execute and read and write
|
||
|
2ED0000
|
trusted library allocation
|
page read and write
|
||
|
11D4000
|
trusted library allocation
|
page read and write
|
||
|
54B0000
|
trusted library section
|
page readonly
|
||
|
D20000
|
heap
|
page read and write
|
||
|
77CE000
|
stack
|
page read and write
|
||
|
EA8000
|
heap
|
page read and write
|
||
|
3D21000
|
trusted library allocation
|
page read and write
|
||
|
66B8000
|
heap
|
page read and write
|
||
|
42A000
|
remote allocation
|
page execute and read and write
|
||
|
CB6000
|
heap
|
page read and write
|
||
|
30D6000
|
trusted library allocation
|
page read and write
|
||
|
3B59000
|
trusted library allocation
|
page read and write
|
||
|
BCE000
|
stack
|
page read and write
|
||
|
3AA4000
|
trusted library allocation
|
page read and write
|
||
|
303F000
|
stack
|
page read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
5680000
|
heap
|
page read and write
|
||
|
D54000
|
heap
|
page read and write
|
||
|
5160000
|
heap
|
page read and write
|
||
|
5412000
|
trusted library allocation
|
page read and write
|
||
|
632E000
|
stack
|
page read and write
|
||
|
517D000
|
stack
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
F50000
|
heap
|
page execute and read and write
|
||
|
12B5000
|
trusted library allocation
|
page execute and read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
54C0000
|
heap
|
page read and write
|
||
|
5480000
|
trusted library allocation
|
page read and write
|
||
|
5130000
|
trusted library allocation
|
page read and write
|
||
|
2DBE000
|
stack
|
page read and write
|
||
|
6E00000
|
trusted library allocation
|
page execute and read and write
|
||
|
E30000
|
heap
|
page read and write
|
||
|
724F000
|
stack
|
page read and write
|
||
|
120A000
|
trusted library allocation
|
page execute and read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
6576000
|
heap
|
page read and write
|
||
|
2930000
|
trusted library allocation
|
page read and write
|
||
|
554C000
|
stack
|
page read and write
|
||
|
6770000
|
trusted library allocation
|
page read and write
|
||
|
BA7000
|
stack
|
page read and write
|
||
|
CBE000
|
stack
|
page read and write
|
||
|
51FC000
|
trusted library allocation
|
page read and write
|
||
|
423000
|
remote allocation
|
page execute and read and write
|
||
|
9F8000
|
stack
|
page read and write
|
||
|
116E000
|
stack
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
3B96000
|
trusted library allocation
|
page read and write
|
||
|
502A000
|
trusted library allocation
|
page read and write
|
||
|
F0B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5560000
|
trusted library section
|
page read and write
|
||
|
56A0000
|
trusted library allocation
|
page read and write
|
||
|
5333000
|
heap
|
page read and write
|
||
|
3070000
|
heap
|
page execute and read and write
|
||
|
B45000
|
heap
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
2906000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CA0000
|
trusted library allocation
|
page read and write
|
||
|
749E000
|
stack
|
page read and write
|
||
|
BED000
|
trusted library allocation
|
page execute and read and write
|
||
|
29AA000
|
stack
|
page read and write
|
||
|
F02000
|
trusted library allocation
|
page read and write
|
||
|
7A5B000
|
trusted library allocation
|
page read and write
|
||
|
6EC2000
|
trusted library allocation
|
page read and write
|
||
|
4EBC000
|
stack
|
page read and write
|
||
|
2FF0000
|
trusted library allocation
|
page read and write
|
||
|
DCD000
|
heap
|
page read and write
|
||
|
2D8C000
|
trusted library allocation
|
page read and write
|
||
|
2B10000
|
trusted library allocation
|
page read and write
|
||
|
EFE000
|
stack
|
page read and write
|
||
|
2C90000
|
trusted library allocation
|
page read and write
|
||
|
6370000
|
trusted library allocation
|
page read and write
|
||
|
1217000
|
trusted library allocation
|
page execute and read and write
|
||
|
2990000
|
heap
|
page read and write
|
||
|
2978000
|
trusted library allocation
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
546E000
|
stack
|
page read and write
|
||
|
AAA000
|
stack
|
page read and write
|
||
|
30B0000
|
heap
|
page read and write
|
||
|
940000
|
unkown
|
page readonly
|
||
|
574F000
|
stack
|
page read and write
|
||
|
C34000
|
heap
|
page read and write
|
||
|
5E6E000
|
stack
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
11E7000
|
heap
|
page read and write
|
||
|
6980000
|
heap
|
page read and write
|
||
|
5490000
|
trusted library allocation
|
page read and write
|
||
|
2967000
|
trusted library allocation
|
page read and write
|
||
|
7A00000
|
trusted library allocation
|
page read and write
|
||
|
56BE000
|
heap
|
page read and write
|
||
|
11FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
286F000
|
stack
|
page read and write
|
||
|
2CC6000
|
trusted library allocation
|
page read and write
|
||
|
FB0000
|
trusted library allocation
|
page read and write
|
||
|
28BB000
|
trusted library allocation
|
page read and write
|
||
|
6B75000
|
heap
|
page read and write
|
||
|
DCE000
|
stack
|
page read and write
|
||
|
2B80000
|
heap
|
page read and write
|
||
|
57BC000
|
stack
|
page read and write
|
||
|
6551000
|
heap
|
page read and write
|
||
|
4ED0000
|
heap
|
page read and write
|
||
|
A1BF000
|
stack
|
page read and write
|
||
|
2E1B000
|
heap
|
page read and write
|
||
|
4D28000
|
trusted library allocation
|
page read and write
|
||
|
78CE000
|
stack
|
page read and write
|
||
|
28E4000
|
trusted library allocation
|
page read and write
|
||
|
12AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
503D000
|
trusted library allocation
|
page read and write
|
||
|
2EC0000
|
trusted library allocation
|
page read and write
|
||
|
4E70000
|
trusted library allocation
|
page read and write
|
||
|
BE0000
|
trusted library allocation
|
page read and write
|
||
|
2980000
|
trusted library allocation
|
page execute and read and write
|
||
|
BFA000
|
trusted library allocation
|
page execute and read and write
|
||
|
FEE000
|
stack
|
page read and write
|
||
|
5470000
|
trusted library allocation
|
page read and write
|
||
|
2915000
|
trusted library allocation
|
page execute and read and write
|
||
|
4AAC000
|
stack
|
page read and write
|
||
|
2912000
|
trusted library allocation
|
page read and write
|
||
|
6EA0000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
trusted library allocation
|
page read and write
|
||
|
6D90000
|
trusted library section
|
page read and write
|
||
|
2E18000
|
trusted library allocation
|
page read and write
|
||
|
78D0000
|
heap
|
page read and write
|
||
|
28F5000
|
trusted library allocation
|
page read and write
|
||
|
5120000
|
heap
|
page execute and read and write
|
||
|
BD3000
|
trusted library allocation
|
page execute and read and write
|
||
|
ABFC000
|
stack
|
page read and write
|
||
|
9DFE000
|
stack
|
page read and write
|
||
|
F40000
|
trusted library allocation
|
page read and write
|
||
|
50FE000
|
stack
|
page read and write
|
||
|
DBA000
|
heap
|
page read and write
|
||
|
28DD000
|
trusted library allocation
|
page read and write
|
||
|
56B3000
|
heap
|
page read and write
|
||
|
2EB0000
|
trusted library allocation
|
page read and write
|
||
|
54E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2ED4000
|
trusted library allocation
|
page read and write
|
||
|
291B000
|
trusted library allocation
|
page execute and read and write
|
||
|
156F000
|
stack
|
page read and write
|
||
|
60D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
297A000
|
trusted library allocation
|
page read and write
|
||
|
6670000
|
heap
|
page read and write
|
||
|
11F0000
|
trusted library allocation
|
page read and write
|
||
|
2CCD000
|
trusted library allocation
|
page read and write
|
||
|
3030000
|
trusted library allocation
|
page read and write
|
||
|
3B20000
|
trusted library allocation
|
page read and write
|
||
|
75DE000
|
stack
|
page read and write
|
||
|
12B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E72000
|
trusted library allocation
|
page read and write
|
||
|
2CBE000
|
trusted library allocation
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
5125000
|
heap
|
page read and write
|
||
|
72AE000
|
heap
|
page read and write
|
||
|
1360000
|
trusted library allocation
|
page execute and read and write
|
||
|
51F0000
|
trusted library allocation
|
page read and write
|
||
|
6CE0000
|
heap
|
page read and write
|
||
|
4EE3000
|
heap
|
page read and write
|
||
|
3B98000
|
trusted library allocation
|
page read and write
|
||
|
5C62000
|
trusted library allocation
|
page read and write
|
||
|
402000
|
remote allocation
|
page execute and read and write
|
||
|
C0E000
|
heap
|
page read and write
|
||
|
75BE000
|
stack
|
page read and write
|
||
|
942000
|
unkown
|
page readonly
|
||
|
3002000
|
trusted library allocation
|
page read and write
|
||
|
135C000
|
stack
|
page read and write
|
||
|
8F9000
|
stack
|
page read and write
|
||
|
D28000
|
heap
|
page read and write
|
||
|
2D4A000
|
heap
|
page read and write
|
||
|
54D0000
|
heap
|
page read and write
|
||
|
2FFE000
|
stack
|
page read and write
|
||
|
1183000
|
trusted library allocation
|
page execute and read and write
|
||
|
10F9000
|
stack
|
page read and write
|
||
|
5119000
|
trusted library allocation
|
page read and write
|
||
|
2FFE000
|
trusted library allocation
|
page read and write
|
||
|
1206000
|
trusted library allocation
|
page execute and read and write
|
||
|
CDB000
|
heap
|
page read and write
|
||
|
9F7C000
|
stack
|
page read and write
|
||
|
2D21000
|
trusted library allocation
|
page read and write
|
||
|
2E7E000
|
unkown
|
page read and write
|
||
|
2CAB000
|
trusted library allocation
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
2ED6000
|
trusted library allocation
|
page read and write
|
||
|
39A0000
|
trusted library allocation
|
page read and write
|
||
|
28FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2900000
|
heap
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
5AFE000
|
stack
|
page read and write
|
||
|
78E4000
|
heap
|
page read and write
|
||
|
6B6D000
|
heap
|
page read and write
|
||
|
6380000
|
trusted library allocation
|
page read and write
|
||
|
F9E000
|
stack
|
page read and write
|
||
|
3B9D000
|
trusted library allocation
|
page read and write
|
||
|
28ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
628E000
|
stack
|
page read and write
|
||
|
2B6C000
|
stack
|
page read and write
|
||
|
297E000
|
stack
|
page read and write
|
||
|
A72E000
|
stack
|
page read and write
|
||
|
C0A000
|
heap
|
page read and write
|
||
|
501B000
|
trusted library allocation
|
page read and write
|
||
|
5042000
|
trusted library allocation
|
page read and write
|
||
|
636E000
|
stack
|
page read and write
|
||
|
5010000
|
trusted library allocation
|
page read and write
|
||
|
DB8000
|
heap
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
542E000
|
stack
|
page read and write
|
||
|
6C8E000
|
stack
|
page read and write
|
||
|
290A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4DF0000
|
trusted library allocation
|
page read and write
|
||
|
5200000
|
heap
|
page read and write
|
||
|
2C8E000
|
stack
|
page read and write
|
||
|
9CFE000
|
stack
|
page read and write
|
||
|
A82E000
|
stack
|
page read and write
|
||
|
5570000
|
heap
|
page execute and read and write
|
||
|
28E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
F69000
|
heap
|
page read and write
|
||
|
72A0000
|
heap
|
page read and write
|
||
|
56D0000
|
heap
|
page read and write
|
||
|
1200000
|
trusted library allocation
|
page read and write
|
||
|
A0BE000
|
stack
|
page read and write
|
||
|
6AB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F4F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
118D000
|
trusted library allocation
|
page execute and read and write
|
||
|
60CD000
|
stack
|
page read and write
|
||
|
54A0000
|
heap
|
page read and write
|
||
|
40A9000
|
trusted library allocation
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
FA6000
|
trusted library allocation
|
page read and write
|
||
|
6BAA000
|
heap
|
page read and write
|
||
|
FC7000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
5031000
|
trusted library allocation
|
page read and write
|
||
|
296D000
|
stack
|
page read and write
|
||
|
502E000
|
trusted library allocation
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
3C19000
|
trusted library allocation
|
page read and write
|
||
|
3022000
|
trusted library allocation
|
page read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
78EC000
|
heap
|
page read and write
|
||
|
D4A000
|
heap
|
page read and write
|
||
|
28B0000
|
trusted library allocation
|
page read and write
|
||
|
132E000
|
stack
|
page read and write
|
||
|
567D000
|
stack
|
page read and write
|
||
|
4EC0000
|
trusted library section
|
page readonly
|
||
|
ED5000
|
heap
|
page read and write
|
||
|
7A4E000
|
stack
|
page read and write
|
||
|
771E000
|
stack
|
page read and write
|
||
|
2917000
|
trusted library allocation
|
page execute and read and write
|
||
|
12BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
300E000
|
trusted library allocation
|
page read and write
|
||
|
A3ED000
|
stack
|
page read and write
|
||
|
5C66000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
5330000
|
heap
|
page read and write
|
||
|
4EE0000
|
heap
|
page read and write
|
||
|
301D000
|
trusted library allocation
|
page read and write
|
||
|
40E7000
|
trusted library allocation
|
page read and write
|
||
|
6290000
|
trusted library allocation
|
page execute and read and write
|
||
|
58BE000
|
stack
|
page read and write
|
||
|
3016000
|
trusted library allocation
|
page read and write
|
||
|
DFF000
|
stack
|
page read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
6080000
|
trusted library allocation
|
page execute and read and write
|
||
|
403000
|
remote allocation
|
page execute and read and write
|
||
|
F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
28F0000
|
trusted library allocation
|
page read and write
|
||
|
28CE000
|
trusted library allocation
|
page read and write
|
||
|
6377000
|
trusted library allocation
|
page read and write
|
||
|
A07C000
|
stack
|
page read and write
|
||
|
5690000
|
heap
|
page read and write
|
||
|
4CCD000
|
stack
|
page read and write
|
||
|
A6EE000
|
stack
|
page read and write
|
||
|
549B000
|
stack
|
page read and write
|
||
|
2EBF000
|
unkown
|
page read and write
|
||
|
4089000
|
trusted library allocation
|
page read and write
|
||
|
5110000
|
trusted library allocation
|
page read and write
|
||
|
5410000
|
trusted library allocation
|
page read and write
|
||
|
2C5E000
|
unkown
|
page read and write
|
||
|
2AE0000
|
trusted library allocation
|
page read and write
|
||
|
2B04000
|
trusted library allocation
|
page read and write
|
||
|
5430000
|
trusted library allocation
|
page read and write
|
||
|
509C000
|
stack
|
page read and write
|
||
|
67B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
761E000
|
stack
|
page read and write
|
||
|
5C60000
|
trusted library allocation
|
page read and write
|
||
|
2B2E000
|
stack
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
7E7E000
|
stack
|
page read and write
|
||
|
13FD000
|
heap
|
page read and write
|
||
|
3A27000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
2CCA000
|
stack
|
page read and write
|
||
|
129D000
|
trusted library allocation
|
page execute and read and write
|
||
|
714E000
|
stack
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
1184000
|
trusted library allocation
|
page read and write
|
||
|
1170000
|
trusted library allocation
|
page read and write
|
||
|
501E000
|
trusted library allocation
|
page read and write
|
||
|
2B86000
|
trusted library allocation
|
page read and write
|
||
|
2ADC000
|
stack
|
page read and write
|
||
|
51AE000
|
stack
|
page read and write
|
||
|
C27000
|
heap
|
page read and write
|
||
|
BD0000
|
trusted library allocation
|
page read and write
|
||
|
59FE000
|
stack
|
page read and write
|
||
|
2B70000
|
trusted library allocation
|
page execute and read and write
|
||
|
59BE000
|
stack
|
page read and write
|
||
|
2902000
|
trusted library allocation
|
page read and write
|
||
|
4081000
|
trusted library allocation
|
page read and write
|
||
|
12D0000
|
trusted library allocation
|
page read and write
|
||
|
28E2000
|
trusted library allocation
|
page read and write
|
||
|
56A9000
|
trusted library allocation
|
page read and write
|
||
|
2D77000
|
trusted library allocation
|
page read and write
|
||
|
6076000
|
trusted library allocation
|
page read and write
|
||
|
54F0000
|
heap
|
page read and write
|
||
|
5016000
|
trusted library allocation
|
page read and write
|
||
|
6B50000
|
heap
|
page read and write
|
||
|
28F0000
|
trusted library allocation
|
page read and write
|
||
|
E7E000
|
stack
|
page read and write
|
||
|
1290000
|
trusted library allocation
|
page read and write
|
||
|
3919000
|
trusted library allocation
|
page read and write
|
||
|
28D1000
|
trusted library allocation
|
page read and write
|
||
|
A5EE000
|
stack
|
page read and write
|
||
|
11F3000
|
trusted library allocation
|
page read and write
|
||
|
50C0000
|
heap
|
page read and write
|
||
|
74DE000
|
stack
|
page read and write
|
||
|
BE3000
|
trusted library allocation
|
page read and write
|
||
|
13F7000
|
heap
|
page read and write
|
||
|
516E000
|
stack
|
page read and write
|
||
|
67A0000
|
heap
|
page read and write
|
||
|
2FFB000
|
trusted library allocation
|
page read and write
|
||
|
2900000
|
trusted library allocation
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
56B0000
|
heap
|
page read and write
|
||
|
30CC000
|
trusted library allocation
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
636E000
|
stack
|
page read and write
|
||
|
30E4000
|
trusted library allocation
|
page read and write
|
||
|
2FEE000
|
stack
|
page read and write
|
||
|
5120000
|
heap
|
page read and write
|
||
|
5203000
|
heap
|
page read and write
|
||
|
1378000
|
heap
|
page read and write
|
||
|
50D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
121B000
|
trusted library allocation
|
page execute and read and write
|
||
|
3B5B000
|
trusted library allocation
|
page read and write
|
||
|
5270000
|
heap
|
page read and write
|
||
|
54A5000
|
heap
|
page read and write
|
||
|
5220000
|
trusted library allocation
|
page read and write
|
||
|
57B0000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
139A000
|
heap
|
page read and write
|
||
|
4EC4000
|
trusted library section
|
page readonly
|
||
|
61C0000
|
trusted library allocation
|
page read and write
|
||
|
526D000
|
stack
|
page read and write
|
||
|
2E10000
|
heap
|
page read and write
|
||
|
58E0000
|
trusted library allocation
|
page read and write
|
||
|
11DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
4918000
|
trusted library allocation
|
page read and write
|
||
|
2AF0000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
trusted library allocation
|
page read and write
|
||
|
11D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
5420000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CD2000
|
trusted library allocation
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
6684000
|
heap
|
page read and write
|
||
|
6D8E000
|
stack
|
page read and write
|
||
|
6530000
|
heap
|
page read and write
|
||
|
5400000
|
heap
|
page read and write
|
||
|
564E000
|
stack
|
page read and write
|
||
|
28D6000
|
trusted library allocation
|
page read and write
|
||
|
ECB000
|
heap
|
page read and write
|
||
|
5280000
|
heap
|
page read and write
|
||
|
1210000
|
trusted library allocation
|
page read and write
|
||
|
2CE0000
|
trusted library allocation
|
page read and write
|
||
|
9E0000
|
unkown
|
page readonly
|
||
|
1180000
|
trusted library allocation
|
page read and write
|
||
|
7D00000
|
trusted library section
|
page read and write
|
||
|
7F1A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
11C0000
|
trusted library allocation
|
page read and write
|
||
|
2CF0000
|
trusted library allocation
|
page read and write
|
||
|
4E80000
|
trusted library allocation
|
page execute and read and write
|
||
|
511E000
|
stack
|
page read and write
|
||
|
569E000
|
stack
|
page read and write
|
||
|
D10000
|
trusted library allocation
|
page read and write
|
||
|
2D10000
|
heap
|
page execute and read and write
|
||
|
6240000
|
trusted library allocation
|
page execute and read and write
|
||
|
28AC000
|
stack
|
page read and write
|
||
|
4E60000
|
heap
|
page read and write
|
||
|
6220000
|
trusted library allocation
|
page read and write
|
||
|
D3E000
|
heap
|
page read and write
|
||
|
2C8D000
|
stack
|
page read and write
|
||
|
2DFF000
|
stack
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
12B0000
|
trusted library allocation
|
page read and write
|
||
|
2D30000
|
heap
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
There are 500 hidden memdumps, click here to show them.