Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Payment TT Copy.PDF.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Payment TT Copy.PDF.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmp78CA.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\VajtonZVfAG.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\VajtonZVfAG.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\VajtonZVfAG.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2yu0mvov.uxz.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_40iq5yxn.xbt.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_menbhpka.bhk.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mkuzewzp.b5d.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_uaeimfvc.pa0.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ue55vztt.5ib.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wfo1lbrm.54f.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zbkfjvgu.fsm.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp91A1.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Payment TT Copy.PDF.exe
|
"C:\Users\user\Desktop\Payment TT Copy.PDF.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\Payment
TT Copy.PDF.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\VajtonZVfAG.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\VajtonZVfAG" /XML "C:\Users\user\AppData\Local\Temp\tmp78CA.tmp"
|
|
|
|
C:\Users\user\Desktop\Payment TT Copy.PDF.exe
|
"C:\Users\user\Desktop\Payment TT Copy.PDF.exe"
|
|
|
|
C:\Users\user\Desktop\Payment TT Copy.PDF.exe
|
"C:\Users\user\Desktop\Payment TT Copy.PDF.exe"
|
|
|
|
C:\Users\user\Desktop\Payment TT Copy.PDF.exe
|
"C:\Users\user\Desktop\Payment TT Copy.PDF.exe"
|
|
|
|
C:\Users\user\Desktop\Payment TT Copy.PDF.exe
|
"C:\Users\user\Desktop\Payment TT Copy.PDF.exe"
|
|
|
|
C:\Users\user\Desktop\Payment TT Copy.PDF.exe
|
"C:\Users\user\Desktop\Payment TT Copy.PDF.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\VajtonZVfAG.exe
|
C:\Users\user\AppData\Roaming\VajtonZVfAG.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\VajtonZVfAG" /XML "C:\Users\user\AppData\Local\Temp\tmp91A1.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\VajtonZVfAG.exe
|
"C:\Users\user\AppData\Roaming\VajtonZVfAG.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\VajtonZVfAG.exe
|
"C:\Users\user\AppData\Roaming\VajtonZVfAG.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalService -p -s LicenseManager
|
There are 9 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://www.chiark.greenend.org.uk/~sgtatham/putty/0
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
BD0000
|
direct allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
33AF000
|
unkown
|
page read and write
|
||
|
308A000
|
trusted library allocation
|
page read and write
|
||
|
171F000
|
stack
|
page read and write
|
||
|
57E0000
|
heap
|
page read and write
|
||
|
2A00000
|
heap
|
page read and write
|
||
|
2EFC000
|
trusted library allocation
|
page read and write
|
||
|
7AA0000
|
heap
|
page read and write
|
||
|
21389243000
|
heap
|
page read and write
|
||
|
2FAE000
|
trusted library allocation
|
page read and write
|
||
|
2F9E000
|
trusted library allocation
|
page read and write
|
||
|
2C7E000
|
stack
|
page read and write
|
||
|
3094000
|
trusted library allocation
|
page read and write
|
||
|
1567000
|
heap
|
page read and write
|
||
|
AF0000
|
unkown
|
page readonly
|
||
|
30AA000
|
stack
|
page read and write
|
||
|
2E50000
|
heap
|
page execute and read and write
|
||
|
3078000
|
trusted library allocation
|
page read and write
|
||
|
30E6000
|
trusted library allocation
|
page read and write
|
||
|
425E5FE000
|
unkown
|
page readonly
|
||
|
76C2000
|
trusted library allocation
|
page read and write
|
||
|
2FA8000
|
trusted library allocation
|
page read and write
|
||
|
108E000
|
direct allocation
|
page execute and read and write
|
||
|
30E0000
|
trusted library allocation
|
page read and write
|
||
|
7F80000
|
trusted library section
|
page read and write
|
||
|
2F46000
|
trusted library allocation
|
page read and write
|
||
|
1420000
|
heap
|
page read and write
|
||
|
2FAC000
|
trusted library allocation
|
page read and write
|
||
|
2F2C000
|
trusted library allocation
|
page read and write
|
||
|
2EF2000
|
trusted library allocation
|
page read and write
|
||
|
2FBC000
|
trusted library allocation
|
page read and write
|
||
|
3098000
|
trusted library allocation
|
page read and write
|
||
|
111D000
|
stack
|
page read and write
|
||
|
174A000
|
direct allocation
|
page read and write
|
||
|
2F60000
|
trusted library allocation
|
page read and write
|
||
|
2D0F000
|
stack
|
page read and write
|
||
|
30D0000
|
trusted library allocation
|
page read and write
|
||
|
2F64000
|
trusted library allocation
|
page read and write
|
||
|
30F0000
|
trusted library allocation
|
page read and write
|
||
|
30EA000
|
trusted library allocation
|
page read and write
|
||
|
12DE000
|
stack
|
page read and write
|
||
|
2EEE000
|
trusted library allocation
|
page read and write
|
||
|
21389890000
|
trusted library allocation
|
page read and write
|
||
|
2FC0000
|
trusted library allocation
|
page read and write
|
||
|
21389202000
|
heap
|
page read and write
|
||
|
73DE000
|
stack
|
page read and write
|
||
|
F37000
|
stack
|
page read and write
|
||
|
4E38000
|
trusted library allocation
|
page read and write
|
||
|
1344000
|
trusted library allocation
|
page read and write
|
||
|
3002000
|
trusted library allocation
|
page read and write
|
||
|
59AE000
|
stack
|
page read and write
|
||
|
3050000
|
trusted library allocation
|
page read and write
|
||
|
5430000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FEA000
|
trusted library allocation
|
page read and write
|
||
|
A60C000
|
stack
|
page read and write
|
||
|
305A000
|
trusted library allocation
|
page read and write
|
||
|
2FF8000
|
trusted library allocation
|
page read and write
|
||
|
2FB8000
|
trusted library allocation
|
page read and write
|
||
|
FE5000
|
heap
|
page read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
2B70000
|
heap
|
page read and write
|
||
|
2FD8000
|
trusted library allocation
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
2F8A000
|
trusted library allocation
|
page read and write
|
||
|
3086000
|
trusted library allocation
|
page read and write
|
||
|
125D000
|
heap
|
page read and write
|
||
|
2EE6000
|
trusted library allocation
|
page read and write
|
||
|
342F000
|
stack
|
page read and write
|
||
|
2FD0000
|
trusted library allocation
|
page read and write
|
||
|
3006000
|
trusted library allocation
|
page read and write
|
||
|
1170000
|
trusted library allocation
|
page read and write
|
||
|
3020000
|
trusted library allocation
|
page read and write
|
||
|
40B5000
|
trusted library allocation
|
page read and write
|
||
|
114D000
|
heap
|
page read and write
|
||
|
2EA9000
|
trusted library allocation
|
page read and write
|
||
|
2CF8000
|
trusted library allocation
|
page read and write
|
||
|
2F54000
|
trusted library allocation
|
page read and write
|
||
|
30C6000
|
trusted library allocation
|
page read and write
|
||
|
3062000
|
trusted library allocation
|
page read and write
|
||
|
71FF000
|
stack
|
page read and write
|
||
|
2FC4000
|
trusted library allocation
|
page read and write
|
||
|
120A000
|
heap
|
page read and write
|
||
|
538F000
|
trusted library section
|
page readonly
|
||
|
306A000
|
trusted library allocation
|
page read and write
|
||
|
2F32000
|
trusted library allocation
|
page read and write
|
||
|
40F6000
|
trusted library allocation
|
page read and write
|
||
|
2F98000
|
trusted library allocation
|
page read and write
|
||
|
1019000
|
direct allocation
|
page execute and read and write
|
||
|
59C5000
|
heap
|
page read and write
|
||
|
309A000
|
trusted library allocation
|
page read and write
|
||
|
1265000
|
heap
|
page read and write
|
||
|
2F4C000
|
trusted library allocation
|
page read and write
|
||
|
30C8000
|
trusted library allocation
|
page read and write
|
||
|
30A0000
|
trusted library allocation
|
page read and write
|
||
|
100A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5453000
|
heap
|
page read and write
|
||
|
5440000
|
trusted library allocation
|
page read and write
|
||
|
2F88000
|
trusted library allocation
|
page read and write
|
||
|
30E2000
|
trusted library allocation
|
page read and write
|
||
|
113C000
|
stack
|
page read and write
|
||
|
5690000
|
trusted library allocation
|
page read and write
|
||
|
2F18000
|
trusted library allocation
|
page read and write
|
||
|
2EFA000
|
trusted library allocation
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
3230000
|
heap
|
page read and write
|
||
|
6FC0000
|
heap
|
page read and write
|
||
|
2FDC000
|
trusted library allocation
|
page read and write
|
||
|
2FB4000
|
trusted library allocation
|
page read and write
|
||
|
425DB6B000
|
stack
|
page read and write
|
||
|
3074000
|
trusted library allocation
|
page read and write
|
||
|
30B8000
|
trusted library allocation
|
page read and write
|
||
|
2FFA000
|
trusted library allocation
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
3046000
|
trusted library allocation
|
page read and write
|
||
|
3018000
|
trusted library allocation
|
page read and write
|
||
|
2FC6000
|
trusted library allocation
|
page read and write
|
||
|
1500000
|
trusted library allocation
|
page read and write
|
||
|
5A00000
|
trusted library section
|
page read and write
|
||
|
538E000
|
trusted library allocation
|
page read and write
|
||
|
2FE0000
|
trusted library allocation
|
page read and write
|
||
|
57F0000
|
heap
|
page read and write
|
||
|
2A4E000
|
unkown
|
page read and write
|
||
|
2E79000
|
trusted library allocation
|
page read and write
|
||
|
302C000
|
trusted library allocation
|
page read and write
|
||
|
753E000
|
stack
|
page read and write
|
||
|
3080000
|
trusted library allocation
|
page read and write
|
||
|
5410000
|
trusted library allocation
|
page read and write
|
||
|
2E3B000
|
trusted library allocation
|
page read and write
|
||
|
1328000
|
heap
|
page read and write
|
||
|
3092000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page execute and read and write
|
||
|
570E000
|
stack
|
page read and write
|
||
|
21389400000
|
heap
|
page read and write
|
||
|
2C90000
|
trusted library allocation
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
793F000
|
stack
|
page read and write
|
||
|
151E000
|
trusted library allocation
|
page read and write
|
||
|
2EBA000
|
trusted library allocation
|
page read and write
|
||
|
AFA000
|
stack
|
page read and write
|
||
|
2F90000
|
trusted library allocation
|
page read and write
|
||
|
3E31000
|
trusted library allocation
|
page read and write
|
||
|
1521000
|
trusted library allocation
|
page read and write
|
||
|
57E0000
|
heap
|
page read and write
|
||
|
30B0000
|
trusted library allocation
|
page read and write
|
||
|
30C2000
|
trusted library allocation
|
page read and write
|
||
|
3044000
|
trusted library allocation
|
page read and write
|
||
|
30F8000
|
trusted library allocation
|
page read and write
|
||
|
2F7A000
|
trusted library allocation
|
page read and write
|
||
|
103D000
|
stack
|
page read and write
|
||
|
1223000
|
heap
|
page read and write
|
||
|
30A4000
|
trusted library allocation
|
page read and write
|
||
|
5380000
|
trusted library section
|
page readonly
|
||
|
30E8000
|
trusted library allocation
|
page read and write
|
||
|
56C5000
|
heap
|
page read and write
|
||
|
3490000
|
heap
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
1560000
|
trusted library allocation
|
page read and write
|
||
|
2FA4000
|
trusted library allocation
|
page read and write
|
||
|
5420000
|
heap
|
page read and write
|
||
|
2EE4000
|
trusted library allocation
|
page read and write
|
||
|
323B000
|
heap
|
page read and write
|
||
|
2F0C000
|
trusted library allocation
|
page read and write
|
||
|
3056000
|
trusted library allocation
|
page read and write
|
||
|
2FDE000
|
trusted library allocation
|
page read and write
|
||
|
5400000
|
heap
|
page read and write
|
||
|
11D1000
|
heap
|
page read and write
|
||
|
502C000
|
stack
|
page read and write
|
||
|
FF3000
|
trusted library allocation
|
page read and write
|
||
|
2F9C000
|
trusted library allocation
|
page read and write
|
||
|
53F0000
|
heap
|
page execute and read and write
|
||
|
2F70000
|
trusted library allocation
|
page read and write
|
||
|
3058000
|
trusted library allocation
|
page read and write
|
||
|
2CC0000
|
heap
|
page execute and read and write
|
||
|
11B6000
|
direct allocation
|
page execute and read and write
|
||
|
5670000
|
heap
|
page read and write
|
||
|
133F000
|
stack
|
page read and write
|
||
|
107E000
|
stack
|
page read and write
|
||
|
2F72000
|
trusted library allocation
|
page read and write
|
||
|
2F3A000
|
trusted library allocation
|
page read and write
|
||
|
30E4000
|
trusted library allocation
|
page read and write
|
||
|
300C000
|
trusted library allocation
|
page read and write
|
||
|
139B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1002000
|
trusted library allocation
|
page read and write
|
||
|
2A5A000
|
heap
|
page read and write
|
||
|
2EB8000
|
trusted library allocation
|
page read and write
|
||
|
2EBC000
|
trusted library allocation
|
page read and write
|
||
|
8FD000
|
stack
|
page read and write
|
||
|
733E000
|
stack
|
page read and write
|
||
|
2F22000
|
trusted library allocation
|
page read and write
|
||
|
30B6000
|
trusted library allocation
|
page read and write
|
||
|
21389213000
|
heap
|
page read and write
|
||
|
2FD4000
|
trusted library allocation
|
page read and write
|
||
|
306E000
|
trusted library allocation
|
page read and write
|
||
|
2F50000
|
trusted library allocation
|
page read and write
|
||
|
1540000
|
trusted library allocation
|
page read and write
|
||
|
55F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
10C6000
|
heap
|
page read and write
|
||
|
425E7FE000
|
unkown
|
page readonly
|
||
|
1560000
|
heap
|
page read and write
|
||
|
57CD000
|
stack
|
page read and write
|
||
|
30AE000
|
trusted library allocation
|
page read and write
|
||
|
5800000
|
heap
|
page read and write
|
||
|
A29E000
|
stack
|
page read and write
|
||
|
3032000
|
trusted library allocation
|
page read and write
|
||
|
2A50000
|
heap
|
page read and write
|
||
|
30B4000
|
trusted library allocation
|
page read and write
|
||
|
2D20000
|
heap
|
page read and write
|
||
|
57D0000
|
heap
|
page read and write
|
||
|
1243000
|
heap
|
page read and write
|
||
|
5600000
|
trusted library allocation
|
page execute and read and write
|
||
|
1550000
|
trusted library allocation
|
page execute and read and write
|
||
|
30B2000
|
trusted library allocation
|
page read and write
|
||
|
2E4E000
|
stack
|
page read and write
|
||
|
118A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1259000
|
heap
|
page read and write
|
||
|
2EA0000
|
heap
|
page read and write
|
||
|
2E2E000
|
stack
|
page read and write
|
||
|
42D000
|
remote allocation
|
page execute and read and write
|
||
|
309C000
|
trusted library allocation
|
page read and write
|
||
|
2F80000
|
trusted library allocation
|
page read and write
|
||
|
336E000
|
unkown
|
page read and write
|
||
|
A09D000
|
stack
|
page read and write
|
||
|
30F2000
|
trusted library allocation
|
page read and write
|
||
|
2EC8000
|
trusted library allocation
|
page read and write
|
||
|
2FFC000
|
trusted library allocation
|
page read and write
|
||
|
7590000
|
trusted library allocation
|
page read and write
|
||
|
A7D0000
|
heap
|
page read and write
|
||
|
5A8E000
|
stack
|
page read and write
|
||
|
2F20000
|
trusted library allocation
|
page read and write
|
||
|
AC4E000
|
stack
|
page read and write
|
||
|
54D0000
|
heap
|
page read and write
|
||
|
129E000
|
stack
|
page read and write
|
||
|
15A7000
|
heap
|
page read and write
|
||
|
11BD000
|
direct allocation
|
page execute and read and write
|
||
|
A3E000
|
stack
|
page read and write
|
||
|
5374000
|
trusted library allocation
|
page read and write
|
||
|
1012000
|
trusted library allocation
|
page read and write
|
||
|
2CF0000
|
trusted library allocation
|
page read and write
|
||
|
1017000
|
trusted library allocation
|
page execute and read and write
|
||
|
417E000
|
trusted library allocation
|
page read and write
|
||
|
307A000
|
trusted library allocation
|
page read and write
|
||
|
2CFB000
|
trusted library allocation
|
page read and write
|
||
|
55E0000
|
trusted library allocation
|
page read and write
|
||
|
537B000
|
trusted library allocation
|
page read and write
|
||
|
13FE000
|
stack
|
page read and write
|
||
|
3120000
|
heap
|
page read and write
|
||
|
2EF6000
|
trusted library allocation
|
page read and write
|
||
|
30EC000
|
trusted library allocation
|
page read and write
|
||
|
1182000
|
trusted library allocation
|
page read and write
|
||
|
59B0000
|
trusted library allocation
|
page read and write
|
||
|
30DA000
|
trusted library allocation
|
page read and write
|
||
|
814E000
|
stack
|
page read and write
|
||
|
2F82000
|
trusted library allocation
|
page read and write
|
||
|
3F5E000
|
trusted library allocation
|
page read and write
|
||
|
3028000
|
trusted library allocation
|
page read and write
|
||
|
2FCC000
|
trusted library allocation
|
page read and write
|
||
|
737E000
|
stack
|
page read and write
|
||
|
804E000
|
stack
|
page read and write
|
||
|
425E3FE000
|
unkown
|
page readonly
|
||
|
30D6000
|
trusted library allocation
|
page read and write
|
||
|
A50C000
|
stack
|
page read and write
|
||
|
2CF2000
|
trusted library allocation
|
page read and write
|
||
|
1392000
|
trusted library allocation
|
page read and write
|
||
|
2FA6000
|
trusted library allocation
|
page read and write
|
||
|
7370000
|
trusted library allocation
|
page read and write
|
||
|
18A9000
|
direct allocation
|
page execute and read and write
|
||
|
116D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1595000
|
trusted library allocation
|
page read and write
|
||
|
783E000
|
stack
|
page read and write
|
||
|
2EEA000
|
trusted library allocation
|
page read and write
|
||
|
2F1E000
|
trusted library allocation
|
page read and write
|
||
|
1346000
|
trusted library allocation
|
page read and write
|
||
|
1173000
|
trusted library allocation
|
page read and write
|
||
|
3016000
|
trusted library allocation
|
page read and write
|
||
|
2F48000
|
trusted library allocation
|
page read and write
|
||
|
3024000
|
trusted library allocation
|
page read and write
|
||
|
3F12000
|
trusted library allocation
|
page read and write
|
||
|
2F12000
|
trusted library allocation
|
page read and write
|
||
|
5BD000
|
stack
|
page read and write
|
||
|
2F34000
|
trusted library allocation
|
page read and write
|
||
|
A70D000
|
stack
|
page read and write
|
||
|
1720000
|
direct allocation
|
page read and write
|
||
|
596E000
|
stack
|
page read and write
|
||
|
304C000
|
trusted library allocation
|
page read and write
|
||
|
1787000
|
direct allocation
|
page execute and read and write
|
||
|
2F66000
|
trusted library allocation
|
page read and write
|
||
|
2F08000
|
trusted library allocation
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
56B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
723E000
|
stack
|
page read and write
|
||
|
2F20000
|
heap
|
page read and write
|
||
|
12FE000
|
stack
|
page read and write
|
||
|
2F56000
|
trusted library allocation
|
page read and write
|
||
|
1A31000
|
direct allocation
|
page execute and read and write
|
||
|
302A000
|
trusted library allocation
|
page read and write
|
||
|
2F68000
|
trusted library allocation
|
page read and write
|
||
|
2B50000
|
heap
|
page read and write
|
||
|
7390000
|
trusted library allocation
|
page execute and read and write
|
||
|
300A000
|
trusted library allocation
|
page read and write
|
||
|
2F24000
|
trusted library allocation
|
page read and write
|
||
|
1545000
|
trusted library allocation
|
page read and write
|
||
|
308C000
|
trusted library allocation
|
page read and write
|
||
|
3F31000
|
trusted library allocation
|
page read and write
|
||
|
2CCE000
|
stack
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
2F0E000
|
trusted library allocation
|
page read and write
|
||
|
2EB2000
|
trusted library allocation
|
page read and write
|
||
|
2F36000
|
trusted library allocation
|
page read and write
|
||
|
AE8E000
|
stack
|
page read and write
|
||
|
5780000
|
trusted library allocation
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
1198000
|
heap
|
page read and write
|
||
|
2FB2000
|
trusted library allocation
|
page read and write
|
||
|
3096000
|
trusted library allocation
|
page read and write
|
||
|
2FD6000
|
trusted library allocation
|
page read and write
|
||
|
12BE000
|
stack
|
page read and write
|
||
|
2F78000
|
trusted library allocation
|
page read and write
|
||
|
2F8E000
|
trusted library allocation
|
page read and write
|
||
|
131B000
|
stack
|
page read and write
|
||
|
AB4E000
|
stack
|
page read and write
|
||
|
301A000
|
trusted library allocation
|
page read and write
|
||
|
56C0000
|
heap
|
page read and write
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
113A000
|
heap
|
page read and write
|
||
|
57DA000
|
trusted library allocation
|
page read and write
|
||
|
2F30000
|
trusted library allocation
|
page read and write
|
||
|
2F96000
|
trusted library allocation
|
page read and write
|
||
|
E3F000
|
stack
|
page read and write
|
||
|
11C7000
|
heap
|
page read and write
|
||
|
2EF8000
|
trusted library allocation
|
page read and write
|
||
|
2F76000
|
trusted library allocation
|
page read and write
|
||
|
537C000
|
stack
|
page read and write
|
||
|
2F74000
|
trusted library allocation
|
page read and write
|
||
|
592E000
|
stack
|
page read and write
|
||
|
7AE8000
|
heap
|
page read and write
|
||
|
2F5C000
|
trusted library allocation
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
406F000
|
trusted library allocation
|
page read and write
|
||
|
2E39000
|
trusted library allocation
|
page read and write
|
||
|
2FF2000
|
trusted library allocation
|
page read and write
|
||
|
FFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
A74E000
|
stack
|
page read and write
|
||
|
2F92000
|
trusted library allocation
|
page read and write
|
||
|
2FF0000
|
trusted library allocation
|
page read and write
|
||
|
59C0000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
trusted library allocation
|
page read and write
|
||
|
2FD2000
|
trusted library allocation
|
page read and write
|
||
|
2F9A000
|
trusted library allocation
|
page read and write
|
||
|
2EE8000
|
trusted library allocation
|
page read and write
|
||
|
2F6E000
|
trusted library allocation
|
page read and write
|
||
|
30DE000
|
trusted library allocation
|
page read and write
|
||
|
30BE000
|
trusted library allocation
|
page read and write
|
||
|
FC0000
|
trusted library allocation
|
page read and write
|
||
|
30A2000
|
trusted library allocation
|
page read and write
|
||
|
307E000
|
trusted library allocation
|
page read and write
|
||
|
15A0000
|
heap
|
page read and write
|
||
|
305C000
|
trusted library allocation
|
page read and write
|
||
|
2F1A000
|
trusted library allocation
|
page read and write
|
||
|
161F000
|
stack
|
page read and write
|
||
|
2F58000
|
trusted library allocation
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
F8D000
|
stack
|
page read and write
|
||
|
11D4000
|
heap
|
page read and write
|
||
|
A84F000
|
stack
|
page read and write
|
||
|
59C0000
|
heap
|
page read and write
|
||
|
2FAD000
|
trusted library allocation
|
page read and write
|
||
|
3000000
|
trusted library allocation
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
122E000
|
heap
|
page read and write
|
||
|
1005000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
150E000
|
stack
|
page read and write
|
||
|
1780000
|
direct allocation
|
page execute and read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
21389200000
|
heap
|
page read and write
|
||
|
2FFE000
|
trusted library allocation
|
page read and write
|
||
|
309E000
|
trusted library allocation
|
page read and write
|
||
|
306C000
|
trusted library allocation
|
page read and write
|
||
|
3054000
|
trusted library allocation
|
page read and write
|
||
|
2F96000
|
trusted library allocation
|
page read and write
|
||
|
21389120000
|
heap
|
page read and write
|
||
|
10D5000
|
heap
|
page read and write
|
||
|
2FC2000
|
trusted library allocation
|
page read and write
|
||
|
3010000
|
trusted library allocation
|
page read and write
|
||
|
301C000
|
trusted library allocation
|
page read and write
|
||
|
30D8000
|
trusted library allocation
|
page read and write
|
||
|
2EFE000
|
trusted library allocation
|
page read and write
|
||
|
30C4000
|
trusted library allocation
|
page read and write
|
||
|
2FAA000
|
trusted library allocation
|
page read and write
|
||
|
30D2000
|
trusted library allocation
|
page read and write
|
||
|
30F6000
|
trusted library allocation
|
page read and write
|
||
|
1550000
|
trusted library allocation
|
page read and write
|
||
|
425E8FE000
|
stack
|
page read and write
|
||
|
3076000
|
trusted library allocation
|
page read and write
|
||
|
303C000
|
trusted library allocation
|
page read and write
|
||
|
425E1FE000
|
unkown
|
page readonly
|
||
|
33EE000
|
stack
|
page read and write
|
||
|
2F14000
|
trusted library allocation
|
page read and write
|
||
|
7AD1000
|
heap
|
page read and write
|
||
|
154C000
|
stack
|
page read and write
|
||
|
30CA000
|
trusted library allocation
|
page read and write
|
||
|
7C9F000
|
stack
|
page read and write
|
||
|
2E6D000
|
trusted library allocation
|
page read and write
|
||
|
425E4FE000
|
stack
|
page read and write
|
||
|
30DC000
|
trusted library allocation
|
page read and write
|
||
|
3048000
|
trusted library allocation
|
page read and write
|
||
|
7F6C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
7580000
|
trusted library allocation
|
page read and write
|
||
|
FD4000
|
trusted library allocation
|
page read and write
|
||
|
2F6A000
|
trusted library allocation
|
page read and write
|
||
|
2E31000
|
trusted library allocation
|
page read and write
|
||
|
1532000
|
trusted library allocation
|
page read and write
|
||
|
2FEE000
|
trusted library allocation
|
page read and write
|
||
|
2F42000
|
trusted library allocation
|
page read and write
|
||
|
30BC000
|
trusted library allocation
|
page read and write
|
||
|
2FCE000
|
trusted library allocation
|
page read and write
|
||
|
2F02000
|
trusted library allocation
|
page read and write
|
||
|
1163000
|
trusted library allocation
|
page execute and read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
303E000
|
trusted library allocation
|
page read and write
|
||
|
BA2000
|
unkown
|
page readonly
|
||
|
2EE1000
|
trusted library allocation
|
page read and write
|
||
|
2FBA000
|
trusted library allocation
|
page read and write
|
||
|
5450000
|
heap
|
page read and write
|
||
|
2F2E000
|
trusted library allocation
|
page read and write
|
||
|
75B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1238000
|
direct allocation
|
page execute and read and write
|
||
|
152D000
|
trusted library allocation
|
page read and write
|
||
|
21389302000
|
heap
|
page read and write
|
||
|
1330000
|
trusted library allocation
|
page read and write
|
||
|
2F1C000
|
trusted library allocation
|
page read and write
|
||
|
308E000
|
trusted library allocation
|
page read and write
|
||
|
2F31000
|
trusted library allocation
|
page read and write
|
||
|
2E86000
|
trusted library allocation
|
page read and write
|
||
|
54D3000
|
heap
|
page read and write
|
||
|
1A4D000
|
direct allocation
|
page execute and read and write
|
||
|
1580000
|
trusted library allocation
|
page read and write
|
||
|
FFE000
|
stack
|
page read and write
|
||
|
7040000
|
heap
|
page read and write
|
||
|
53A0000
|
heap
|
page read and write
|
||
|
FDD000
|
trusted library allocation
|
page execute and read and write
|
||
|
30CC000
|
trusted library allocation
|
page read and write
|
||
|
3ECC000
|
trusted library allocation
|
page read and write
|
||
|
1842000
|
direct allocation
|
page execute and read and write
|
||
|
3090000
|
trusted library allocation
|
page read and write
|
||
|
30AA000
|
trusted library allocation
|
page read and write
|
||
|
2F00000
|
trusted library allocation
|
page read and write
|
||
|
2F7C000
|
trusted library allocation
|
page read and write
|
||
|
2F3E000
|
trusted library allocation
|
page read and write
|
||
|
3070000
|
trusted library allocation
|
page read and write
|
||
|
2F4A000
|
trusted library allocation
|
page read and write
|
||
|
2F44000
|
trusted library allocation
|
page read and write
|
||
|
2FCA000
|
trusted library allocation
|
page read and write
|
||
|
A610000
|
heap
|
page read and write
|
||
|
7B5E000
|
stack
|
page read and write
|
||
|
5600000
|
heap
|
page execute and read and write
|
||
|
2F40000
|
trusted library allocation
|
page read and write
|
||
|
1390000
|
trusted library allocation
|
page read and write
|
||
|
7240000
|
heap
|
page read and write
|
||
|
304E000
|
trusted library allocation
|
page read and write
|
||
|
2E68000
|
trusted library allocation
|
page read and write
|
||
|
2FF6000
|
trusted library allocation
|
page read and write
|
||
|
2FF4000
|
trusted library allocation
|
page read and write
|
||
|
2D10000
|
trusted library allocation
|
page read and write
|
||
|
275D000
|
stack
|
page read and write
|
||
|
3042000
|
trusted library allocation
|
page read and write
|
||
|
21389222000
|
heap
|
page read and write
|
||
|
5680000
|
heap
|
page read and write
|
||
|
30EE000
|
trusted library allocation
|
page read and write
|
||
|
101B000
|
trusted library allocation
|
page execute and read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
AC8C000
|
stack
|
page read and write
|
||
|
2F04000
|
trusted library allocation
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
3060000
|
trusted library allocation
|
page read and write
|
||
|
30FE000
|
trusted library allocation
|
page read and write
|
||
|
2F86000
|
trusted library allocation
|
page read and write
|
||
|
FF0000
|
trusted library allocation
|
page read and write
|
||
|
1B90000
|
heap
|
page read and write
|
||
|
2E96000
|
trusted library allocation
|
page read and write
|
||
|
2FC8000
|
trusted library allocation
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
1160000
|
trusted library allocation
|
page read and write
|
||
|
10E1000
|
heap
|
page read and write
|
||
|
301E000
|
trusted library allocation
|
page read and write
|
||
|
2FB6000
|
trusted library allocation
|
page read and write
|
||
|
2FEC000
|
trusted library allocation
|
page read and write
|
||
|
1350000
|
trusted library allocation
|
page read and write
|
||
|
2F28000
|
trusted library allocation
|
page read and write
|
||
|
3E39000
|
trusted library allocation
|
page read and write
|
||
|
2FDA000
|
trusted library allocation
|
page read and write
|
||
|
2F8C000
|
trusted library allocation
|
page read and write
|
||
|
FD3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EB6000
|
trusted library allocation
|
page read and write
|
||
|
3038000
|
trusted library allocation
|
page read and write
|
||
|
3034000
|
trusted library allocation
|
page read and write
|
||
|
3082000
|
trusted library allocation
|
page read and write
|
||
|
2F16000
|
trusted library allocation
|
page read and write
|
||
|
30C0000
|
trusted library allocation
|
page read and write
|
||
|
117D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EF4000
|
trusted library allocation
|
page read and write
|
||
|
70FE000
|
stack
|
page read and write
|
||
|
302E000
|
trusted library allocation
|
page read and write
|
||
|
2F52000
|
trusted library allocation
|
page read and write
|
||
|
30D4000
|
trusted library allocation
|
page read and write
|
||
|
2FAF000
|
trusted library allocation
|
page read and write
|
||
|
101D000
|
direct allocation
|
page execute and read and write
|
||
|
2EF0000
|
trusted library allocation
|
page read and write
|
||
|
2ED5000
|
trusted library allocation
|
page read and write
|
||
|
724B000
|
heap
|
page read and write
|
||
|
5391000
|
trusted library allocation
|
page read and write
|
||
|
2F94000
|
trusted library allocation
|
page read and write
|
||
|
124A000
|
heap
|
page read and write
|
||
|
10A8000
|
heap
|
page read and write
|
||
|
2F5A000
|
trusted library allocation
|
page read and write
|
||
|
3014000
|
trusted library allocation
|
page read and write
|
||
|
2E99000
|
trusted library allocation
|
page read and write
|
||
|
57D0000
|
trusted library allocation
|
page read and write
|
||
|
3064000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
trusted library allocation
|
page read and write
|
||
|
3105000
|
trusted library allocation
|
page read and write
|
||
|
2EDF000
|
trusted library allocation
|
page read and write
|
||
|
2FE6000
|
trusted library allocation
|
page read and write
|
||
|
2FA2000
|
trusted library allocation
|
page read and write
|
||
|
2F3C000
|
trusted library allocation
|
page read and write
|
||
|
3012000
|
trusted library allocation
|
page read and write
|
||
|
AF2000
|
unkown
|
page readonly
|
||
|
30F4000
|
trusted library allocation
|
page read and write
|
||
|
2FE4000
|
trusted library allocation
|
page read and write
|
||
|
13B0000
|
trusted library allocation
|
page read and write
|
||
|
3FE7000
|
trusted library allocation
|
page read and write
|
||
|
119E000
|
heap
|
page read and write
|
||
|
138E000
|
stack
|
page read and write
|
||
|
EF0000
|
direct allocation
|
page execute and read and write
|
||
|
A9CE000
|
stack
|
page read and write
|
||
|
3088000
|
trusted library allocation
|
page read and write
|
||
|
304A000
|
trusted library allocation
|
page read and write
|
||
|
BF7000
|
stack
|
page read and write
|
||
|
2F5E000
|
trusted library allocation
|
page read and write
|
||
|
30CE000
|
trusted library allocation
|
page read and write
|
||
|
18A3000
|
direct allocation
|
page execute and read and write
|
||
|
425E0FD000
|
stack
|
page read and write
|
||
|
5660000
|
trusted library section
|
page readonly
|
||
|
300E000
|
trusted library allocation
|
page read and write
|
||
|
1A46000
|
direct allocation
|
page execute and read and write
|
||
|
30A8000
|
trusted library allocation
|
page read and write
|
||
|
1806000
|
direct allocation
|
page execute and read and write
|
||
|
116A000
|
heap
|
page read and write
|
||
|
3008000
|
trusted library allocation
|
page read and write
|
||
|
4FCC000
|
stack
|
page read and write
|
||
|
3066000
|
trusted library allocation
|
page read and write
|
||
|
2F38000
|
trusted library allocation
|
page read and write
|
||
|
307C000
|
trusted library allocation
|
page read and write
|
||
|
2F10000
|
trusted library allocation
|
page read and write
|
||
|
3040000
|
trusted library allocation
|
page read and write
|
||
|
1000000
|
trusted library allocation
|
page read and write
|
||
|
55D0000
|
trusted library allocation
|
page read and write
|
||
|
A3CE000
|
stack
|
page read and write
|
||
|
2FE8000
|
trusted library allocation
|
page read and write
|
||
|
21389100000
|
heap
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
30AC000
|
trusted library allocation
|
page read and write
|
||
|
425E9FE000
|
unkown
|
page readonly
|
||
|
2CE0000
|
heap
|
page read and write
|
||
|
10AE000
|
heap
|
page read and write
|
||
|
723E000
|
stack
|
page read and write
|
||
|
BCE000
|
stack
|
page read and write
|
||
|
2EB4000
|
trusted library allocation
|
page read and write
|
||
|
A6CD000
|
stack
|
page read and write
|
||
|
30FC000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
53B0000
|
trusted library allocation
|
page read and write
|
||
|
1800000
|
direct allocation
|
page execute and read and write
|
||
|
1164000
|
trusted library allocation
|
page read and write
|
||
|
7540000
|
trusted library allocation
|
page read and write
|
||
|
1590000
|
trusted library allocation
|
page read and write
|
||
|
2F2A000
|
trusted library allocation
|
page read and write
|
||
|
5370000
|
trusted library allocation
|
page read and write
|
||
|
E3A000
|
stack
|
page read and write
|
||
|
7F540000
|
trusted library allocation
|
page execute and read and write
|
||
|
5412000
|
trusted library allocation
|
page read and write
|
||
|
57FE000
|
heap
|
page read and write
|
||
|
123F000
|
heap
|
page read and write
|
||
|
2138923B000
|
heap
|
page read and write
|
||
|
5418000
|
trusted library allocation
|
page read and write
|
||
|
30BA000
|
trusted library allocation
|
page read and write
|
||
|
425E2FE000
|
stack
|
page read and write
|
||
|
3F57000
|
trusted library allocation
|
page read and write
|
||
|
539D000
|
trusted library allocation
|
page read and write
|
||
|
1397000
|
trusted library allocation
|
page execute and read and write
|
||
|
425E6FC000
|
stack
|
page read and write
|
||
|
5396000
|
trusted library allocation
|
page read and write
|
||
|
2F84000
|
trusted library allocation
|
page read and write
|
||
|
306D000
|
stack
|
page read and write
|
||
|
11A1000
|
direct allocation
|
page execute and read and write
|
||
|
3110000
|
heap
|
page read and write
|
||
|
2F7E000
|
trusted library allocation
|
page read and write
|
||
|
773E000
|
stack
|
page read and write
|
||
|
2FBE000
|
trusted library allocation
|
page read and write
|
||
|
2138922B000
|
heap
|
page read and write
|
||
|
3072000
|
trusted library allocation
|
page read and write
|
||
|
2FB0000
|
trusted library allocation
|
page read and write
|
||
|
30FA000
|
trusted library allocation
|
page read and write
|
||
|
3030000
|
trusted library allocation
|
page read and write
|
||
|
3F39000
|
trusted library allocation
|
page read and write
|
||
|
747E000
|
stack
|
page read and write
|
||
|
21389A02000
|
trusted library allocation
|
page read and write
|
||
|
305E000
|
trusted library allocation
|
page read and write
|
||
|
3022000
|
trusted library allocation
|
page read and write
|
||
|
2C8F000
|
unkown
|
page read and write
|
||
|
3084000
|
trusted library allocation
|
page read and write
|
||
|
C47000
|
heap
|
page read and write
|
||
|
2FE2000
|
trusted library allocation
|
page read and write
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
heap
|
page read and write
|
||
|
5320000
|
trusted library allocation
|
page execute and read and write
|
||
|
A4CE000
|
stack
|
page read and write
|
||
|
2F6C000
|
trusted library allocation
|
page read and write
|
||
|
1504000
|
trusted library allocation
|
page read and write
|
||
|
17A6000
|
direct allocation
|
page execute and read and write
|
||
|
3004000
|
trusted library allocation
|
page read and write
|
||
|
2F62000
|
trusted library allocation
|
page read and write
|
||
|
1180000
|
trusted library allocation
|
page read and write
|
||
|
2F0A000
|
trusted library allocation
|
page read and write
|
||
|
1150000
|
trusted library allocation
|
page read and write
|
||
|
2F26000
|
trusted library allocation
|
page read and write
|
||
|
2F00000
|
trusted library allocation
|
page read and write
|
||
|
1526000
|
trusted library allocation
|
page read and write
|
||
|
3026000
|
trusted library allocation
|
page read and write
|
||
|
565B000
|
stack
|
page read and write
|
||
|
303A000
|
trusted library allocation
|
page read and write
|
||
|
21389256000
|
heap
|
page read and write
|
||
|
AD8C000
|
stack
|
page read and write
|
||
|
3052000
|
trusted library allocation
|
page read and write
|
||
|
1186000
|
trusted library allocation
|
page execute and read and write
|
||
|
2799000
|
stack
|
page read and write
|
||
|
150B000
|
trusted library allocation
|
page read and write
|
||
|
1340000
|
trusted library allocation
|
page read and write
|
||
|
30A6000
|
trusted library allocation
|
page read and write
|
||
|
56A0000
|
trusted library allocation
|
page read and write
|
||
|
3068000
|
trusted library allocation
|
page read and write
|
||
|
3036000
|
trusted library allocation
|
page read and write
|
||
|
2EEC000
|
trusted library allocation
|
page read and write
|
||
|
2F4E000
|
trusted library allocation
|
page read and write
|
||
|
2F06000
|
trusted library allocation
|
page read and write
|
||
|
1320000
|
trusted library allocation
|
page execute and read and write
|
||
|
1006000
|
trusted library allocation
|
page execute and read and write
|
There are 640 hidden memdumps, click here to show them.