Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
PURCHASE ORDER-6350.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\PURCHASE ORDER-6350.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmpD091.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\fPtPRnPDTzobXQ.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\fPtPRnPDTzobXQ.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\fPtPRnPDTzobXQ.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4rtfqxeq.cdh.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_b5lpzwhm.wjg.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_e5acxq3i.5ej.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nip2so1y.owr.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_o2nhutoj.orl.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pdj4atp2.ssw.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vmmlhuuy.mm4.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xipeto1i.szt.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpE850.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\PURCHASE ORDER-6350.exe
|
"C:\Users\user\Desktop\PURCHASE ORDER-6350.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\PURCHASE
ORDER-6350.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\fPtPRnPDTzobXQ.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\fPtPRnPDTzobXQ" /XML "C:\Users\user\AppData\Local\Temp\tmpD091.tmp"
|
|
|
|
C:\Users\user\Desktop\PURCHASE ORDER-6350.exe
|
"C:\Users\user\Desktop\PURCHASE ORDER-6350.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\fPtPRnPDTzobXQ.exe
|
C:\Users\user\AppData\Roaming\fPtPRnPDTzobXQ.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\fPtPRnPDTzobXQ" /XML "C:\Users\user\AppData\Local\Temp\tmpE850.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\fPtPRnPDTzobXQ.exe
|
"C:\Users\user\AppData\Roaming\fPtPRnPDTzobXQ.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
There are 16 hidden URLs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
D00000
|
direct allocation
|
page read and write
|
|
|
|
5A20000
|
trusted library allocation
|
page read and write
|
||
|
436B000
|
trusted library allocation
|
page read and write
|
||
|
1260000
|
trusted library allocation
|
page read and write
|
||
|
CC5E000
|
stack
|
page read and write
|
||
|
5830000
|
trusted library allocation
|
page read and write
|
||
|
2D70000
|
trusted library allocation
|
page read and write
|
||
|
5420000
|
heap
|
page read and write
|
||
|
D50E000
|
stack
|
page read and write
|
||
|
127D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EEE000
|
trusted library allocation
|
page read and write
|
||
|
776A000
|
heap
|
page read and write
|
||
|
14B6000
|
direct allocation
|
page execute and read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
13A2000
|
trusted library allocation
|
page read and write
|
||
|
5360000
|
trusted library section
|
page readonly
|
||
|
AB1E000
|
stack
|
page read and write
|
||
|
176F000
|
stack
|
page read and write
|
||
|
CFE000
|
stack
|
page read and write
|
||
|
5780000
|
trusted library allocation
|
page read and write
|
||
|
14B0000
|
heap
|
page read and write
|
||
|
1560000
|
trusted library allocation
|
page read and write
|
||
|
A0A0000
|
trusted library allocation
|
page read and write
|
||
|
15A6000
|
heap
|
page read and write
|
||
|
1319000
|
direct allocation
|
page execute and read and write
|
||
|
15B0000
|
heap
|
page read and write
|
||
|
F95000
|
heap
|
page read and write
|
||
|
31A0000
|
heap
|
page read and write
|
||
|
1530000
|
heap
|
page read and write
|
||
|
5832000
|
trusted library allocation
|
page read and write
|
||
|
2F91000
|
trusted library allocation
|
page read and write
|
||
|
5770000
|
trusted library allocation
|
page read and write
|
||
|
A3D000
|
stack
|
page read and write
|
||
|
5710000
|
heap
|
page read and write
|
||
|
5423000
|
heap
|
page read and write
|
||
|
6F90000
|
trusted library allocation
|
page read and write
|
||
|
765E000
|
stack
|
page read and write
|
||
|
14B7000
|
heap
|
page read and write
|
||
|
FA2000
|
heap
|
page read and write
|
||
|
1578000
|
heap
|
page read and write
|
||
|
5790000
|
trusted library allocation
|
page read and write
|
||
|
181E000
|
stack
|
page read and write
|
||
|
5816000
|
heap
|
page read and write
|
||
|
760E000
|
stack
|
page read and write
|
||
|
15FD000
|
direct allocation
|
page execute and read and write
|
||
|
7660000
|
trusted library allocation
|
page read and write
|
||
|
2D5E000
|
stack
|
page read and write
|
||
|
58BB000
|
stack
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
2F02000
|
trusted library allocation
|
page read and write
|
||
|
575D000
|
trusted library allocation
|
page read and write
|
||
|
1395000
|
heap
|
page read and write
|
||
|
A65D000
|
stack
|
page read and write
|
||
|
2880000
|
heap
|
page read and write
|
||
|
11BF000
|
stack
|
page read and write
|
||
|
1614000
|
heap
|
page read and write
|
||
|
1770000
|
trusted library allocation
|
page read and write
|
||
|
1827000
|
heap
|
page read and write
|
||
|
59D0000
|
trusted library section
|
page read and write
|
||
|
E0E000
|
stack
|
page read and write
|
||
|
574E000
|
trusted library allocation
|
page read and write
|
||
|
57EE000
|
heap
|
page read and write
|
||
|
1550000
|
trusted library allocation
|
page read and write
|
||
|
A3DE000
|
stack
|
page read and write
|
||
|
1782000
|
trusted library allocation
|
page read and write
|
||
|
787E000
|
stack
|
page read and write
|
||
|
15F7000
|
heap
|
page read and write
|
||
|
1690000
|
heap
|
page read and write
|
||
|
58B0000
|
heap
|
page read and write
|
||
|
2F30000
|
trusted library allocation
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
443C000
|
trusted library allocation
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
2F20000
|
trusted library allocation
|
page read and write
|
||
|
42D1000
|
trusted library allocation
|
page read and write
|
||
|
CB28000
|
heap
|
page read and write
|
||
|
74F8000
|
heap
|
page read and write
|
||
|
7ACE000
|
stack
|
page read and write
|
||
|
57A0000
|
heap
|
page read and write
|
||
|
288A000
|
heap
|
page read and write
|
||
|
A8BE000
|
stack
|
page read and write
|
||
|
178A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5700000
|
trusted library allocation
|
page execute and read and write
|
||
|
A0FE000
|
stack
|
page read and write
|
||
|
573C000
|
trusted library allocation
|
page read and write
|
||
|
3595000
|
trusted library allocation
|
page read and write
|
||
|
4232000
|
trusted library allocation
|
page read and write
|
||
|
F6E000
|
heap
|
page read and write
|
||
|
13A0000
|
trusted library allocation
|
page read and write
|
||
|
1637000
|
heap
|
page read and write
|
||
|
53CC000
|
stack
|
page read and write
|
||
|
57B0000
|
heap
|
page read and write
|
||
|
125E000
|
stack
|
page read and write
|
||
|
13AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
5302000
|
trusted library allocation
|
page read and write
|
||
|
1280000
|
heap
|
page read and write
|
||
|
5795000
|
trusted library allocation
|
page read and write
|
||
|
55E0000
|
heap
|
page read and write
|
||
|
2A50000
|
heap
|
page read and write
|
||
|
D0EE000
|
stack
|
page read and write
|
||
|
5760000
|
trusted library allocation
|
page read and write
|
||
|
52F0000
|
heap
|
page read and write
|
||
|
5300000
|
trusted library allocation
|
page read and write
|
||
|
2ED4000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
7521000
|
heap
|
page read and write
|
||
|
57A0000
|
trusted library allocation
|
page read and write
|
||
|
30CE000
|
unkown
|
page read and write
|
||
|
F88000
|
heap
|
page read and write
|
||
|
7490000
|
trusted library allocation
|
page read and write
|
||
|
7680000
|
trusted library allocation
|
page read and write
|
||
|
CA1D000
|
stack
|
page read and write
|
||
|
2FE2000
|
trusted library allocation
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
CB1D000
|
stack
|
page read and write
|
||
|
EC8000
|
heap
|
page read and write
|
||
|
310F000
|
unkown
|
page read and write
|
||
|
27C0000
|
heap
|
page read and write
|
||
|
5751000
|
trusted library allocation
|
page read and write
|
||
|
461D000
|
trusted library allocation
|
page read and write
|
||
|
5A00000
|
heap
|
page read and write
|
||
|
140E000
|
stack
|
page read and write
|
||
|
F68000
|
heap
|
page read and write
|
||
|
5800000
|
heap
|
page read and write
|
||
|
74D5000
|
heap
|
page read and write
|
||
|
5762000
|
trusted library allocation
|
page read and write
|
||
|
1453000
|
direct allocation
|
page execute and read and write
|
||
|
717D000
|
trusted library allocation
|
page read and write
|
||
|
1418000
|
trusted library allocation
|
page read and write
|
||
|
A41E000
|
stack
|
page read and write
|
||
|
CFEE000
|
stack
|
page read and write
|
||
|
5A10000
|
trusted library allocation
|
page execute and read and write
|
||
|
138F000
|
stack
|
page read and write
|
||
|
2EFD000
|
trusted library allocation
|
page read and write
|
||
|
138E000
|
direct allocation
|
page execute and read and write
|
||
|
1390000
|
trusted library allocation
|
page read and write
|
||
|
A0B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
139A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5320000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
13B6000
|
direct allocation
|
page execute and read and write
|
||
|
160B000
|
heap
|
page read and write
|
||
|
57C0000
|
trusted library allocation
|
page read and write
|
||
|
5820000
|
heap
|
page read and write
|
||
|
5776000
|
trusted library allocation
|
page read and write
|
||
|
AB9C000
|
stack
|
page read and write
|
||
|
CE9E000
|
stack
|
page read and write
|
||
|
3080000
|
heap
|
page read and write
|
||
|
57A5000
|
heap
|
page read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
4596000
|
trusted library allocation
|
page read and write
|
||
|
15E1000
|
direct allocation
|
page execute and read and write
|
||
|
3322000
|
trusted library allocation
|
page read and write
|
||
|
5749000
|
trusted library allocation
|
page read and write
|
||
|
5A45000
|
heap
|
page read and write
|
||
|
7610000
|
trusted library allocation
|
page read and write
|
||
|
A51E000
|
stack
|
page read and write
|
||
|
5734000
|
trusted library allocation
|
page read and write
|
||
|
32AB000
|
stack
|
page read and write
|
||
|
A13E000
|
stack
|
page read and write
|
||
|
5757000
|
trusted library allocation
|
page read and write
|
||
|
13C0000
|
trusted library allocation
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
1606000
|
heap
|
page read and write
|
||
|
5737000
|
trusted library allocation
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
55F0000
|
heap
|
page read and write
|
||
|
3F99000
|
trusted library allocation
|
page read and write
|
||
|
12BF000
|
stack
|
page read and write
|
||
|
31D8000
|
trusted library allocation
|
page read and write
|
||
|
1337000
|
direct allocation
|
page execute and read and write
|
||
|
118F000
|
stack
|
page read and write
|
||
|
5780000
|
trusted library allocation
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
43B1000
|
trusted library allocation
|
page read and write
|
||
|
5800000
|
heap
|
page read and write
|
||
|
2790000
|
heap
|
page read and write
|
||
|
715E000
|
trusted library allocation
|
page read and write
|
||
|
2F10000
|
trusted library allocation
|
page read and write
|
||
|
1564000
|
trusted library allocation
|
page read and write
|
||
|
2670000
|
heap
|
page read and write
|
||
|
C8DE000
|
stack
|
page read and write
|
||
|
179B000
|
trusted library allocation
|
page execute and read and write
|
||
|
9F0000
|
unkown
|
page readonly
|
||
|
1598000
|
heap
|
page read and write
|
||
|
15B3000
|
heap
|
page read and write
|
||
|
12C0000
|
direct allocation
|
page read and write
|
||
|
1820000
|
heap
|
page read and write
|
||
|
2D60000
|
trusted library allocation
|
page execute and read and write
|
||
|
5C50000
|
heap
|
page read and write
|
||
|
131D000
|
direct allocation
|
page execute and read and write
|
||
|
29BF000
|
stack
|
page read and write
|
||
|
BFE000
|
stack
|
page read and write
|
||
|
9EDF000
|
stack
|
page read and write
|
||
|
23CD000
|
stack
|
page read and write
|
||
|
1786000
|
trusted library allocation
|
page execute and read and write
|
||
|
1356000
|
direct allocation
|
page execute and read and write
|
||
|
555B000
|
stack
|
page read and write
|
||
|
7670000
|
trusted library allocation
|
page execute and read and write
|
||
|
74D0000
|
heap
|
page read and write
|
||
|
1396000
|
trusted library allocation
|
page execute and read and write
|
||
|
13B0000
|
direct allocation
|
page execute and read and write
|
||
|
C9E000
|
stack
|
page read and write
|
||
|
A7BE000
|
stack
|
page read and write
|
||
|
57C0000
|
heap
|
page read and write
|
||
|
32C0000
|
heap
|
page execute and read and write
|
||
|
2ED0000
|
trusted library allocation
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
770F000
|
stack
|
page read and write
|
||
|
13F2000
|
direct allocation
|
page execute and read and write
|
||
|
7820000
|
trusted library allocation
|
page read and write
|
||
|
5804000
|
heap
|
page read and write
|
||
|
5410000
|
heap
|
page read and write
|
||
|
11F0000
|
direct allocation
|
page execute and read and write
|
||
|
1264000
|
trusted library allocation
|
page read and write
|
||
|
FA4000
|
heap
|
page read and write
|
||
|
1330000
|
direct allocation
|
page execute and read and write
|
||
|
284E000
|
stack
|
page read and write
|
||
|
42D9000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
17C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3500000
|
heap
|
page read and write
|
||
|
5730000
|
trusted library allocation
|
page read and write
|
||
|
7765000
|
heap
|
page read and write
|
||
|
14BD000
|
direct allocation
|
page execute and read and write
|
||
|
12EA000
|
direct allocation
|
page read and write
|
||
|
3110000
|
heap
|
page read and write
|
||
|
6FB2000
|
trusted library allocation
|
page read and write
|
||
|
5810000
|
heap
|
page read and write
|
||
|
7F440000
|
trusted library allocation
|
page execute and read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
2EF1000
|
trusted library allocation
|
page read and write
|
||
|
156D000
|
trusted library allocation
|
page execute and read and write
|
||
|
14CE000
|
stack
|
page read and write
|
||
|
D40E000
|
stack
|
page read and write
|
||
|
5747000
|
trusted library allocation
|
page read and write
|
||
|
AA1E000
|
stack
|
page read and write
|
||
|
1538000
|
direct allocation
|
page execute and read and write
|
||
|
AC9C000
|
stack
|
page read and write
|
||
|
7F9F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3385000
|
trusted library allocation
|
page read and write
|
||
|
ADDF000
|
stack
|
page read and write
|
||
|
2ECC000
|
stack
|
page read and write
|
||
|
4486000
|
trusted library allocation
|
page read and write
|
||
|
2F35000
|
trusted library allocation
|
page read and write
|
||
|
303A000
|
stack
|
page read and write
|
||
|
74DD000
|
heap
|
page read and write
|
||
|
74EF000
|
heap
|
page read and write
|
||
|
1273000
|
trusted library allocation
|
page read and write
|
||
|
192F000
|
stack
|
page read and write
|
||
|
D28F000
|
stack
|
page read and write
|
||
|
B3D000
|
stack
|
page read and write
|
||
|
452E000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
heap
|
page read and write
|
||
|
5A50000
|
heap
|
page execute and read and write
|
||
|
75D0000
|
trusted library allocation
|
page read and write
|
||
|
3047000
|
trusted library allocation
|
page read and write
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
278E000
|
unkown
|
page read and write
|
||
|
E4E000
|
stack
|
page read and write
|
||
|
5740000
|
trusted library allocation
|
page read and write
|
||
|
7740000
|
heap
|
page read and write
|
||
|
1392000
|
trusted library allocation
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
5850000
|
trusted library allocation
|
page read and write
|
||
|
1797000
|
trusted library allocation
|
page execute and read and write
|
||
|
7BCF000
|
stack
|
page read and write
|
||
|
58C0000
|
trusted library section
|
page readonly
|
||
|
1792000
|
trusted library allocation
|
page read and write
|
||
|
5A40000
|
heap
|
page read and write
|
||
|
97D000
|
stack
|
page read and write
|
||
|
126D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7390000
|
heap
|
page read and write
|
||
|
EF7000
|
stack
|
page read and write
|
||
|
74CF000
|
stack
|
page read and write
|
||
|
2D80000
|
heap
|
page read and write
|
||
|
17D0000
|
heap
|
page read and write
|
||
|
17B0000
|
trusted library allocation
|
page read and write
|
||
|
263A000
|
stack
|
page read and write
|
||
|
1018000
|
heap
|
page read and write
|
||
|
1773000
|
trusted library allocation
|
page read and write
|
||
|
5C60000
|
heap
|
page read and write
|
||
|
A660000
|
heap
|
page read and write
|
||
|
177D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5744000
|
trusted library allocation
|
page read and write
|
||
|
5774000
|
trusted library allocation
|
page read and write
|
||
|
5C4D000
|
stack
|
page read and write
|
||
|
1459000
|
direct allocation
|
page execute and read and write
|
||
|
7720000
|
heap
|
page read and write
|
||
|
14A1000
|
direct allocation
|
page execute and read and write
|
||
|
C61E000
|
stack
|
page read and write
|
||
|
D3CC000
|
stack
|
page read and write
|
||
|
9D50000
|
trusted library section
|
page read and write
|
||
|
A55D000
|
stack
|
page read and write
|
||
|
D18E000
|
stack
|
page read and write
|
||
|
2F40000
|
trusted library allocation
|
page read and write
|
||
|
AF1E000
|
stack
|
page read and write
|
||
|
CB20000
|
heap
|
page read and write
|
||
|
AE1D000
|
stack
|
page read and write
|
||
|
CFC000
|
stack
|
page read and write
|
||
|
A2DE000
|
stack
|
page read and write
|
||
|
C9DE000
|
stack
|
page read and write
|
||
|
1563000
|
trusted library allocation
|
page execute and read and write
|
||
|
59F0000
|
heap
|
page read and write
|
||
|
56FE000
|
stack
|
page read and write
|
||
|
C7DE000
|
stack
|
page read and write
|
||
|
150E000
|
stack
|
page read and write
|
||
|
2DDD000
|
stack
|
page read and write
|
||
|
1780000
|
trusted library allocation
|
page read and write
|
||
|
58C4000
|
trusted library section
|
page readonly
|
||
|
280F000
|
unkown
|
page read and write
|
||
|
31CE000
|
stack
|
page read and write
|
||
|
5823000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
D97000
|
heap
|
page read and write
|
||
|
5340000
|
heap
|
page execute and read and write
|
||
|
123A000
|
stack
|
page read and write
|
||
|
450E000
|
trusted library allocation
|
page read and write
|
||
|
73CE000
|
stack
|
page read and write
|
||
|
41EE000
|
trusted library allocation
|
page read and write
|
||
|
7A80000
|
trusted library allocation
|
page read and write
|
||
|
15F6000
|
direct allocation
|
page execute and read and write
|
||
|
F3E000
|
stack
|
page read and write
|
||
|
B3A000
|
stack
|
page read and write
|
||
|
32B0000
|
trusted library allocation
|
page read and write
|
||
|
D130000
|
heap
|
page read and write
|
||
|
2EDB000
|
trusted library allocation
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
57C9000
|
heap
|
page read and write
|
||
|
9F2000
|
unkown
|
page readonly
|
||
|
2F60000
|
trusted library allocation
|
page read and write
|
||
|
43F7000
|
trusted library allocation
|
page read and write
|
||
|
1337000
|
stack
|
page read and write
|
||
|
1790000
|
trusted library allocation
|
page read and write
|
||
|
31AB000
|
heap
|
page read and write
|
||
|
42D000
|
remote allocation
|
page execute and read and write
|
||
|
4572000
|
trusted library allocation
|
page read and write
|
||
|
5310000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F91000
|
trusted library allocation
|
page read and write
|
||
|
1590000
|
heap
|
page read and write
|
||
|
5840000
|
trusted library allocation
|
page execute and read and write
|
||
|
CD9E000
|
stack
|
page read and write
|
||
|
1263000
|
trusted library allocation
|
page execute and read and write
|
||
|
ACDD000
|
stack
|
page read and write
|
||
|
751D000
|
heap
|
page read and write
|
||
|
2EF6000
|
trusted library allocation
|
page read and write
|
||
|
C5DE000
|
stack
|
page read and write
|
||
|
157E000
|
heap
|
page read and write
|
||
|
782B000
|
trusted library allocation
|
page read and write
|
||
|
D2CC000
|
stack
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
108F000
|
stack
|
page read and write
|
||
|
2DCC000
|
stack
|
page read and write
|
||
|
772F000
|
heap
|
page read and write
|
||
|
13A7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F80000
|
heap
|
page execute and read and write
|
||
|
CD5E000
|
stack
|
page read and write
|
||
|
A0AF000
|
trusted library allocation
|
page read and write
|
||
|
A0A5000
|
trusted library allocation
|
page read and write
|
||
|
7665000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
There are 354 hidden memdumps, click here to show them.