Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.Win32.CrypterX-gen.6879.11943.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\SecuriteInfo.com.Win32.CrypterX-gen.6879.11943.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_SecuriteInfo.com_f328b3eaafa9c91d9bd94872426a6bfa15601ef3_be39743d_62ab06af-1377-4cda-9754-2f756f7c2d73\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER3ACB.tmp.dmp
|
Mini DuMP crash report, 15 streams, Thu Sep 26 10:23:23 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER3C81.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER3CB1.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mkdrzkk4.prl.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mwpywpgg.guy.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_phlhqcc5.izb.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_y133hkv3.ire.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 2 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.6879.11943.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.6879.11943.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.6879.11943.exe"
|
|
|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.6879.11943.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.6879.11943.exe"
|
|
|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.6879.11943.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.6879.11943.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 8164 -s 1524
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://aborters.duckdns.org:8081
|
unknown
|
|
|
|
http://anotherarmy.dns.army:8081
|
unknown
|
|
|
|
http://upx.sf.net
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
http://checkip.dyndns.org/
|
158.101.44.242
|
||
|
http://checkip.dyndns.com
|
unknown
|
||
|
https://api.telegram.org/bot
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://varders.kozow.com:8081
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
http://51.38.247.67:8081/_send_.php?LCapplication/x-www-form-urlencoded
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
There are 2 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
checkip.dyndns.org
|
unknown
|
|
|
|
checkip.dyndns.com
|
158.101.44.242
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
158.101.44.242
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\SecuriteInfo_RASMANCS
|
FileDirectory
|
||
|
\REGISTRY\A\{cbd41353-8369-4b18-15d9-c745e57ba200}\Root\InventoryApplicationFile\securiteinfo.com|7f63400b0b2eeaad
|
ProgramId
|
||
|
\REGISTRY\A\{cbd41353-8369-4b18-15d9-c745e57ba200}\Root\InventoryApplicationFile\securiteinfo.com|7f63400b0b2eeaad
|
FileId
|
||
|
\REGISTRY\A\{cbd41353-8369-4b18-15d9-c745e57ba200}\Root\InventoryApplicationFile\securiteinfo.com|7f63400b0b2eeaad
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{cbd41353-8369-4b18-15d9-c745e57ba200}\Root\InventoryApplicationFile\securiteinfo.com|7f63400b0b2eeaad
|
LongPathHash
|
||
|
\REGISTRY\A\{cbd41353-8369-4b18-15d9-c745e57ba200}\Root\InventoryApplicationFile\securiteinfo.com|7f63400b0b2eeaad
|
Name
|
||
|
\REGISTRY\A\{cbd41353-8369-4b18-15d9-c745e57ba200}\Root\InventoryApplicationFile\securiteinfo.com|7f63400b0b2eeaad
|
OriginalFileName
|
||
|
\REGISTRY\A\{cbd41353-8369-4b18-15d9-c745e57ba200}\Root\InventoryApplicationFile\securiteinfo.com|7f63400b0b2eeaad
|
Publisher
|
||
|
\REGISTRY\A\{cbd41353-8369-4b18-15d9-c745e57ba200}\Root\InventoryApplicationFile\securiteinfo.com|7f63400b0b2eeaad
|
Version
|
||
|
\REGISTRY\A\{cbd41353-8369-4b18-15d9-c745e57ba200}\Root\InventoryApplicationFile\securiteinfo.com|7f63400b0b2eeaad
|
BinFileVersion
|
||
|
\REGISTRY\A\{cbd41353-8369-4b18-15d9-c745e57ba200}\Root\InventoryApplicationFile\securiteinfo.com|7f63400b0b2eeaad
|
BinaryType
|
||
|
\REGISTRY\A\{cbd41353-8369-4b18-15d9-c745e57ba200}\Root\InventoryApplicationFile\securiteinfo.com|7f63400b0b2eeaad
|
ProductName
|
||
|
\REGISTRY\A\{cbd41353-8369-4b18-15d9-c745e57ba200}\Root\InventoryApplicationFile\securiteinfo.com|7f63400b0b2eeaad
|
ProductVersion
|
||
|
\REGISTRY\A\{cbd41353-8369-4b18-15d9-c745e57ba200}\Root\InventoryApplicationFile\securiteinfo.com|7f63400b0b2eeaad
|
LinkDate
|
||
|
\REGISTRY\A\{cbd41353-8369-4b18-15d9-c745e57ba200}\Root\InventoryApplicationFile\securiteinfo.com|7f63400b0b2eeaad
|
BinProductVersion
|
||
|
\REGISTRY\A\{cbd41353-8369-4b18-15d9-c745e57ba200}\Root\InventoryApplicationFile\securiteinfo.com|7f63400b0b2eeaad
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{cbd41353-8369-4b18-15d9-c745e57ba200}\Root\InventoryApplicationFile\securiteinfo.com|7f63400b0b2eeaad
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{cbd41353-8369-4b18-15d9-c745e57ba200}\Root\InventoryApplicationFile\securiteinfo.com|7f63400b0b2eeaad
|
Size
|
||
|
\REGISTRY\A\{cbd41353-8369-4b18-15d9-c745e57ba200}\Root\InventoryApplicationFile\securiteinfo.com|7f63400b0b2eeaad
|
Language
|
||
|
\REGISTRY\A\{cbd41353-8369-4b18-15d9-c745e57ba200}\Root\InventoryApplicationFile\securiteinfo.com|7f63400b0b2eeaad
|
Usn
|
There are 24 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3331000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
3D89000
|
trusted library allocation
|
page read and write
|
|
|
|
7E07000
|
heap
|
page read and write
|
||
|
662E000
|
stack
|
page read and write
|
||
|
15C9000
|
heap
|
page read and write
|
||
|
795E000
|
stack
|
page read and write
|
||
|
7DEE000
|
stack
|
page read and write
|
||
|
7C80000
|
trusted library allocation
|
page read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
5780000
|
heap
|
page read and write
|
||
|
E9B000
|
heap
|
page read and write
|
||
|
4F1C000
|
stack
|
page read and write
|
||
|
E52000
|
heap
|
page read and write
|
||
|
12D0000
|
trusted library allocation
|
page read and write
|
||
|
7BDF000
|
stack
|
page read and write
|
||
|
7C90000
|
trusted library allocation
|
page read and write
|
||
|
3100000
|
trusted library allocation
|
page read and write
|
||
|
1550000
|
heap
|
page read and write
|
||
|
159B000
|
trusted library allocation
|
page execute and read and write
|
||
|
13D5000
|
heap
|
page read and write
|
||
|
5DAE000
|
stack
|
page read and write
|
||
|
12FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
4359000
|
trusted library allocation
|
page read and write
|
||
|
15A8000
|
heap
|
page read and write
|
||
|
AC4E000
|
stack
|
page read and write
|
||
|
13D0000
|
trusted library allocation
|
page read and write
|
||
|
1590000
|
trusted library allocation
|
page read and write
|
||
|
3140000
|
heap
|
page execute and read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
A5E0000
|
heap
|
page read and write
|
||
|
5660000
|
heap
|
page read and write
|
||
|
1646000
|
heap
|
page read and write
|
||
|
E44000
|
heap
|
page read and write
|
||
|
2DE5000
|
trusted library allocation
|
page read and write
|
||
|
1300000
|
trusted library allocation
|
page read and write
|
||
|
7A9E000
|
stack
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
3D81000
|
trusted library allocation
|
page read and write
|
||
|
5650000
|
heap
|
page read and write
|
||
|
2D20000
|
trusted library allocation
|
page read and write
|
||
|
A8DF000
|
stack
|
page read and write
|
||
|
1586000
|
trusted library allocation
|
page execute and read and write
|
||
|
3220000
|
heap
|
page read and write
|
||
|
137E000
|
stack
|
page read and write
|
||
|
686E000
|
stack
|
page read and write
|
||
|
52A8000
|
trusted library allocation
|
page read and write
|
||
|
7432000
|
trusted library allocation
|
page read and write
|
||
|
57ED000
|
stack
|
page read and write
|
||
|
4335000
|
trusted library allocation
|
page read and write
|
||
|
1310000
|
trusted library allocation
|
page read and write
|
||
|
7DF0000
|
heap
|
page read and write
|
||
|
4331000
|
trusted library allocation
|
page read and write
|
||
|
1302000
|
trusted library allocation
|
page read and write
|
||
|
A1E000
|
unkown
|
page readonly
|
||
|
52FB000
|
stack
|
page read and write
|
||
|
11BE000
|
stack
|
page read and write
|
||
|
A7DE000
|
stack
|
page read and write
|
||
|
6FA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
799E000
|
stack
|
page read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
672F000
|
stack
|
page read and write
|
||
|
ABA000
|
stack
|
page read and write
|
||
|
2CF0000
|
trusted library allocation
|
page read and write
|
||
|
652E000
|
stack
|
page read and write
|
||
|
33FC000
|
trusted library allocation
|
page read and write
|
||
|
3400000
|
trusted library allocation
|
page read and write
|
||
|
6F85000
|
trusted library allocation
|
page read and write
|
||
|
5CAE000
|
stack
|
page read and write
|
||
|
1597000
|
trusted library allocation
|
page execute and read and write
|
||
|
1563000
|
trusted library allocation
|
page execute and read and write
|
||
|
7CEE000
|
stack
|
page read and write
|
||
|
14EE000
|
stack
|
page read and write
|
||
|
5880000
|
heap
|
page execute and read and write
|
||
|
682F000
|
stack
|
page read and write
|
||
|
7ADE000
|
stack
|
page read and write
|
||
|
6F7E000
|
stack
|
page read and write
|
||
|
AB4C000
|
stack
|
page read and write
|
||
|
7EF0000
|
trusted library section
|
page read and write
|
||
|
57A5000
|
trusted library allocation
|
page read and write
|
||
|
7F660000
|
trusted library allocation
|
page execute and read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
52A0000
|
trusted library allocation
|
page read and write
|
||
|
582D000
|
stack
|
page read and write
|
||
|
2CDD000
|
trusted library allocation
|
page read and write
|
||
|
2D81000
|
trusted library allocation
|
page read and write
|
||
|
54A0000
|
trusted library section
|
page readonly
|
||
|
1580000
|
trusted library allocation
|
page read and write
|
||
|
2CBB000
|
trusted library allocation
|
page read and write
|
||
|
6FC0000
|
trusted library allocation
|
page read and write
|
||
|
1407000
|
heap
|
page read and write
|
||
|
2CAE000
|
stack
|
page read and write
|
||
|
2CB0000
|
trusted library allocation
|
page read and write
|
||
|
17C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
53A0000
|
heap
|
page read and write
|
||
|
7C00000
|
trusted library allocation
|
page read and write
|
||
|
3114000
|
trusted library allocation
|
page read and write
|
||
|
15A0000
|
heap
|
page read and write
|
||
|
E37000
|
heap
|
page read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
1317000
|
trusted library allocation
|
page execute and read and write
|
||
|
108E000
|
stack
|
page read and write
|
||
|
5DEE000
|
stack
|
page read and write
|
||
|
312B000
|
trusted library allocation
|
page read and write
|
||
|
2CE2000
|
trusted library allocation
|
page read and write
|
||
|
696E000
|
stack
|
page read and write
|
||
|
5760000
|
heap
|
page read and write
|
||
|
2DE3000
|
trusted library allocation
|
page read and write
|
||
|
7290000
|
trusted library section
|
page read and write
|
||
|
123B000
|
stack
|
page read and write
|
||
|
73DE000
|
stack
|
page read and write
|
||
|
2D30000
|
heap
|
page execute and read and write
|
||
|
13E0000
|
trusted library allocation
|
page read and write
|
||
|
5540000
|
heap
|
page read and write
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
739D000
|
stack
|
page read and write
|
||
|
2CE0000
|
trusted library allocation
|
page read and write
|
||
|
7810000
|
trusted library allocation
|
page execute and read and write
|
||
|
13C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
13BB000
|
stack
|
page read and write
|
||
|
785E000
|
stack
|
page read and write
|
||
|
152E000
|
stack
|
page read and write
|
||
|
53A3000
|
heap
|
page read and write
|
||
|
12ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
E4F000
|
heap
|
page read and write
|
||
|
104E000
|
stack
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
12BF000
|
stack
|
page read and write
|
||
|
58C0000
|
heap
|
page read and write
|
||
|
EDD000
|
heap
|
page read and write
|
||
|
130A000
|
trusted library allocation
|
page execute and read and write
|
||
|
12F0000
|
trusted library allocation
|
page read and write
|
||
|
1330000
|
trusted library allocation
|
page read and write
|
||
|
18DF000
|
stack
|
page read and write
|
||
|
AA4C000
|
stack
|
page read and write
|
||
|
1337000
|
stack
|
page read and write
|
||
|
564E000
|
stack
|
page read and write
|
||
|
4D88000
|
trusted library allocation
|
page read and write
|
||
|
5260000
|
heap
|
page read and write
|
||
|
12E0000
|
trusted library allocation
|
page read and write
|
||
|
2CCE000
|
trusted library allocation
|
page read and write
|
||
|
5E6D000
|
stack
|
page read and write
|
||
|
2CD1000
|
trusted library allocation
|
page read and write
|
||
|
156D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F80000
|
trusted library allocation
|
page read and write
|
||
|
5670000
|
heap
|
page read and write
|
||
|
12E4000
|
trusted library allocation
|
page read and write
|
||
|
30BE000
|
stack
|
page read and write
|
||
|
1540000
|
trusted library allocation
|
page read and write
|
||
|
BB7000
|
stack
|
page read and write
|
||
|
179F000
|
stack
|
page read and write
|
||
|
15D5000
|
heap
|
page read and write
|
||
|
1655000
|
heap
|
page read and write
|
||
|
2DD8000
|
trusted library allocation
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
2CD6000
|
trusted library allocation
|
page read and write
|
||
|
542E000
|
stack
|
page read and write
|
||
|
12F3000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
5270000
|
trusted library allocation
|
page execute and read and write
|
||
|
5545000
|
heap
|
page read and write
|
||
|
13F0000
|
trusted library allocation
|
page read and write
|
||
|
5970000
|
heap
|
page read and write
|
||
|
972000
|
unkown
|
page readonly
|
||
|
17B0000
|
trusted library allocation
|
page read and write
|
||
|
2CF5000
|
trusted library allocation
|
page read and write
|
||
|
5280000
|
trusted library allocation
|
page read and write
|
||
|
131B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1564000
|
trusted library allocation
|
page read and write
|
||
|
E1E000
|
heap
|
page read and write
|
||
|
1592000
|
trusted library allocation
|
page read and write
|
||
|
30FE000
|
stack
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
12E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7E11000
|
heap
|
page read and write
|
||
|
3110000
|
trusted library allocation
|
page read and write
|
||
|
446000
|
remote allocation
|
page execute and read and write
|
||
|
164C000
|
heap
|
page read and write
|
||
|
586E000
|
stack
|
page read and write
|
||
|
970000
|
unkown
|
page readonly
|
||
|
5E2E000
|
stack
|
page read and write
|
||
|
168B000
|
heap
|
page read and write
|
||
|
735D000
|
stack
|
page read and write
|
||
|
7FFE000
|
stack
|
page read and write
|
||
|
54B0000
|
heap
|
page execute and read and write
|
||
|
5770000
|
heap
|
page read and write
|
||
|
5690000
|
heap
|
page read and write
|
||
|
1306000
|
trusted library allocation
|
page execute and read and write
|
||
|
158A000
|
trusted library allocation
|
page execute and read and write
|
||
|
17D0000
|
heap
|
page read and write
|
||
|
332E000
|
stack
|
page read and write
|
||
|
3120000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
1312000
|
trusted library allocation
|
page read and write
|
||
|
3116000
|
trusted library allocation
|
page read and write
|
There are 187 hidden memdumps, click here to show them.