Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
PO-78140924.BAT.PDF.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\2348427
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 8
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut31CC.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\definitization
|
ASCII text, with very long lines (57348), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\proximobuccal
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\PO-78140924.BAT.PDF.exe
|
"C:\Users\user\Desktop\PO-78140924.BAT.PDF.exe"
|
|
|
|
C:\Windows\SysWOW64\svchost.exe
|
"C:\Users\user\Desktop\PO-78140924.BAT.PDF.exe"
|
|
|
|
C:\Program Files (x86)\pxTetnvzAqfngzxdJleqlHZcbxcmKnXFSvAiPCvpGdyMKAizQhrXJTABFMLhmSrbNFDH\YKkstfciYBQ.exe
|
"C:\Program Files (x86)\pxTetnvzAqfngzxdJleqlHZcbxcmKnXFSvAiPCvpGdyMKAizQhrXJTABFMLhmSrbNFDH\YKkstfciYBQ.exe"
|
|
|
|
C:\Windows\SysWOW64\mstsc.exe
|
"C:\Windows\SysWOW64\mstsc.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.linkwave.cloud/al6z/
|
3.33.130.190
|
|
|
|
http://www.ultraleap.net/8pln/?vf5pwn=T9/DtY4QstE2hf5N+QbDCp08BY0+/KIvfz5cQjr/yHb6PkgoDrQz8TZtAEENUqwsBaW/Syqgj8DnNvIHzYG9qM2494p5Ur94ranWdRPLWWfdK4ZvNUpqMUToNubzG0SM8g==&lHul=nfQTqL40vDEpIp30
|
217.70.184.50
|
|
|
|
http://www.mfgarage.net/3lu7/?vf5pwn=nzWofdhWpyQTuQkAURoZiOuSpDDcsuZ4SJ26h7kwykQFM8AQx5IfrLSrYivs6QFJHI8FrKvcoPkOi5L1XFRCJcPncARSRGAtt0+HcJ3GcQEnXiNUfFJGdHJ4JUWSbdHV9w==&lHul=nfQTqL40vDEpIp30
|
85.153.138.113
|
|
|
|
http://www.heldhold.xyz/fava/?lHul=nfQTqL40vDEpIp30&vf5pwn=GCDZpLqdSYk7fT5BaAxVCvWfN8QL3LUdfdSMH3wAhEJHSlsoeLITVJbnCwS/lbUV+KMqaRxHJZIr2IJ0lKwQAngPiIKVJBW1l0NVsB5cz1lTXdEnKbnDfocvymGyGvQBrQ==
|
67.223.117.189
|
|
|
|
http://www.b5x7vk.agency/zznj/
|
172.67.165.25
|
|
|
|
http://www.dalong.site/v2c3/
|
172.96.187.60
|
|
|
|
http://www.2bhp.com/a4ar/?vf5pwn=bigEPZ6XMKFUrjbkOOF/tc1QSeZpy4rj9U81Matj+rZ/AUf1cwoUFkvfutX9dfv4h0MjihypUwM2GA6oEMuOCaAaQ3Lxux4SSFbsDgkYjgjAaiC5myZdzdYIguvdh1gvDg==&lHul=nfQTqL40vDEpIp30
|
81.88.63.46
|
|
|
|
http://www.dalong.site/v2c3/?lHul=nfQTqL40vDEpIp30&vf5pwn=4KW7rJi8xQgG5JuhUUy4oHXtvgFnSuEzPrutLC9Z2JC7riozJk19TyUHcpxc9ASY/m5rLPYp2hVK9kL/MGxet5jRO5AJzixTprPi8JCHFDrvphN2mQYrYWI0Ljg/1k5GCA==
|
172.96.187.60
|
|
|
|
http://www.asiapartnars.online/kt2f/?vf5pwn=3qIRfQl/AKdo1myXluGCiikgEIMzjkfYZ4NmxJouZDst8nFYGFmfJjzqUfk6VEmL81v5o0lFZhte5+gDx+sfHO+i2Ne6X81cG7kNzDpu31X3NSjbrBV+9ESn2I73xzu4qQ==&lHul=nfQTqL40vDEpIp30
|
3.33.130.190
|
|
|
|
http://www.asiapartnars.online/kt2f/
|
3.33.130.190
|
|
|
|
http://www.mfgarage.net/3lu7/
|
85.153.138.113
|
|
|
|
http://www.63582.photo/5o7d/
|
103.248.137.209
|
|
|
|
http://www.63582.photo/5o7d/?vf5pwn=zMeRclQqEZ6cHEkv6r3h6rNdPeIv0NfXLXq5VQFXrGMOKBUumeR2nXgC5pr3HgG3QDdipY9Tb1BbXYBiFpGdsHlq0LOSSwDS14egmHnY5/1aPOe4+/4uS5IVfZSCCmkbAw==&lHul=nfQTqL40vDEpIp30
|
103.248.137.209
|
|
|
|
http://www.ultraleap.net/8pln/
|
217.70.184.50
|
|
|
|
http://www.heldhold.xyz/fava/
|
67.223.117.189
|
|
|
|
http://www.mgeducacaopro.online/xamn/
|
3.33.130.190
|
|
|
|
http://www.linkwave.cloud/al6z/?lHul=nfQTqL40vDEpIp30&vf5pwn=VRCNh0NW0GgzXjJ+E9kBcAqzCeGDRYuLK6gi/31OI/HLVz3edLOFPgfBWIIFI1yv4KnHdZ/ByCAdRrOw29Cpu7tsWuW3JQaVwptT6evyL2oGhO/bgF+68v7eWhteCSlc6A==
|
3.33.130.190
|
|
|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://whois.gandi.net/en/results?search=ultraleap.net
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://www.gandi.net/en/domain
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://secure.sahibinden.com/login?return_url=http%3A%2F%2Fwww.mfgarage.net%2F3lu7%2F%3Fvf5pwn%3Dnz
|
unknown
|
||
|
http://www.b5x7vk.agency
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
There are 20 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
webredir.vip.gandi.net
|
217.70.184.50
|
|
|
|
azkwupgf.as66588.com
|
103.248.137.209
|
|
|
|
dalong.site
|
172.96.187.60
|
|
|
|
www.b5x7vk.agency
|
172.67.165.25
|
|
|
|
www.heldhold.xyz
|
67.223.117.189
|
|
|
|
www.2bhp.com
|
81.88.63.46
|
|
|
|
linkwave.cloud
|
3.33.130.190
|
|
|
|
asiapartnars.online
|
3.33.130.190
|
|
|
|
mgeducacaopro.online
|
3.33.130.190
|
|
|
|
www.mfgarage.net
|
85.153.138.113
|
|
|
|
www.dalong.site
|
unknown
|
|
|
|
www.useanecdotenow.tech
|
unknown
|
|
|
|
www.ultraleap.net
|
unknown
|
|
|
|
www.linkwave.cloud
|
unknown
|
|
|
|
www.mgeducacaopro.online
|
unknown
|
|
|
|
www.63582.photo
|
unknown
|
|
|
|
www.asiapartnars.online
|
unknown
|
|
There are 7 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
67.223.117.189
|
www.heldhold.xyz
|
United States
|
|
|
|
172.96.187.60
|
dalong.site
|
Canada
|
|
|
|
103.248.137.209
|
azkwupgf.as66588.com
|
Hong Kong
|
|
|
|
172.67.165.25
|
www.b5x7vk.agency
|
United States
|
|
|
|
217.70.184.50
|
webredir.vip.gandi.net
|
France
|
|
|
|
81.88.63.46
|
www.2bhp.com
|
Italy
|
|
|
|
3.33.130.190
|
linkwave.cloud
|
United States
|
|
|
|
85.153.138.113
|
www.mfgarage.net
|
Turkey
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
480000
|
system
|
page execute and read and write
|
|
|
|
D10000
|
trusted library allocation
|
page read and write
|
|
|
|
D60000
|
trusted library allocation
|
page read and write
|
|
|
|
3B20000
|
unclassified section
|
page execute and read and write
|
|
|
|
2360000
|
unkown
|
page execute and read and write
|
|
|
|
400000
|
system
|
page execute and read and write
|
|
|
|
4200000
|
unclassified section
|
page execute and read and write
|
|
|
|
3617000
|
heap
|
page read and write
|
||
|
77E000
|
unkown
|
page readonly
|
||
|
1D7B25C0000
|
system
|
page execute and read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
487E000
|
direct allocation
|
page read and write
|
||
|
4663000
|
direct allocation
|
page read and write
|
||
|
8D8000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
4DC2000
|
system
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
3413000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
764E000
|
stack
|
page read and write
|
||
|
1730000
|
heap
|
page read and write
|
||
|
3CC2000
|
system
|
page read and write
|
||
|
7676000
|
heap
|
page read and write
|
||
|
6435000
|
system
|
page execute and read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
1D7B4200000
|
trusted library allocation
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
461D000
|
direct allocation
|
page execute and read and write
|
||
|
1B0000
|
unkown
|
page readonly
|
||
|
3266C000
|
system
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
713000
|
heap
|
page read and write
|
||
|
2270000
|
unkown
|
page readonly
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
EF0000
|
trusted library allocation
|
page read and write
|
||
|
3402000
|
heap
|
page read and write
|
||
|
4832000
|
direct allocation
|
page execute and read and write
|
||
|
4663000
|
direct allocation
|
page read and write
|
||
|
2270000
|
unkown
|
page readonly
|
||
|
624000
|
heap
|
page read and write
|
||
|
4211000
|
heap
|
page read and write
|
||
|
7678000
|
heap
|
page read and write
|
||
|
3EDC000
|
system
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
DD000
|
unkown
|
page execute and read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
76EB000
|
heap
|
page read and write
|
||
|
630000
|
unkown
|
page readonly
|
||
|
170F000
|
heap
|
page read and write
|
||
|
480D000
|
direct allocation
|
page read and write
|
||
|
4540000
|
direct allocation
|
page read and write
|
||
|
4456000
|
system
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
76E4000
|
heap
|
page read and write
|
||
|
1D7B4010000
|
trusted library allocation
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
487E000
|
direct allocation
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
9D0000
|
unkown
|
page readonly
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
4809000
|
direct allocation
|
page read and write
|
||
|
2968DFE000
|
stack
|
page read and write
|
||
|
3413000
|
heap
|
page read and write
|
||
|
4663000
|
direct allocation
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
3413000
|
heap
|
page read and write
|
||
|
397F000
|
stack
|
page read and write
|
||
|
C4000
|
unkown
|
page execute and read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
1D7B4313000
|
trusted library allocation
|
page read and write
|
||
|
1D7B272C000
|
heap
|
page read and write
|
||
|
400E000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
16F9000
|
heap
|
page read and write
|
||
|
8D8000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
3923000
|
heap
|
page read and write
|
||
|
1D0000
|
unkown
|
page read and write
|
||
|
4D4000
|
heap
|
page read and write
|
||
|
3DD0000
|
heap
|
page read and write
|
||
|
E0000
|
unkown
|
page readonly
|
||
|
7A0000
|
stack
|
page read and write
|
||
|
76C3000
|
heap
|
page read and write
|
||
|
3413000
|
heap
|
page read and write
|
||
|
4F04000
|
unclassified section
|
page read and write
|
||
|
6FC000
|
heap
|
page read and write
|
||
|
D7D000
|
stack
|
page read and write
|
||
|
D0000
|
unkown
|
page readonly
|
||
|
4663000
|
direct allocation
|
page read and write
|
||
|
480D000
|
direct allocation
|
page read and write
|
||
|
1D7B4010000
|
trusted library allocation
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
767E000
|
heap
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
666000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
3ECD000
|
direct allocation
|
page execute and read and write
|
||
|
F6E000
|
stack
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
4809000
|
direct allocation
|
page read and write
|
||
|
E0000
|
unkown
|
page readonly
|
||
|
4809000
|
direct allocation
|
page read and write
|
||
|
77E000
|
unkown
|
page readonly
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
251E000
|
stack
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
383E000
|
stack
|
page read and write
|
||
|
4809000
|
direct allocation
|
page read and write
|
||
|
3642000
|
unkown
|
page execute and read and write
|
||
|
3ED1000
|
direct allocation
|
page execute and read and write
|
||
|
5B94000
|
unclassified section
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
47C1000
|
direct allocation
|
page execute and read and write
|
||
|
226F000
|
stack
|
page read and write
|
||
|
1715000
|
heap
|
page read and write
|
||
|
7F0000
|
unkown
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
1B0000
|
unkown
|
page readonly
|
||
|
3DE8000
|
heap
|
page read and write
|
||
|
495C000
|
unclassified section
|
page read and write
|
||
|
1700000
|
heap
|
page read and write
|
||
|
63B9000
|
system
|
page execute and read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
72A000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
688000
|
heap
|
page read and write
|
||
|
F4D000
|
heap
|
page read and write
|
||
|
3B9E000
|
heap
|
page read and write
|
||
|
3D80000
|
heap
|
page read and write
|
||
|
76CC000
|
heap
|
page read and write
|
||
|
767F000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
755000
|
heap
|
page read and write
|
||
|
3D42000
|
unkown
|
page read and write
|
||
|
4663000
|
direct allocation
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
7754000
|
heap
|
page read and write
|
||
|
3D29000
|
direct allocation
|
page execute and read and write
|
||
|
4AE2000
|
unclassified section
|
page execute and read and write
|
||
|
6310000
|
system
|
page execute and read and write
|
||
|
4D4000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
3AD0000
|
direct allocation
|
page read and write
|
||
|
1D7B2707000
|
heap
|
page read and write
|
||
|
767B000
|
heap
|
page read and write
|
||
|
6F2000
|
heap
|
page read and write
|
||
|
2F4000
|
unkown
|
page read and write
|
||
|
3800000
|
heap
|
page read and write
|
||
|
76E000
|
stack
|
page read and write
|
||
|
1A0000
|
unkown
|
page readonly
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
29685FB000
|
stack
|
page read and write
|
||
|
3612000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
487E000
|
direct allocation
|
page read and write
|
||
|
53BA000
|
unclassified section
|
page read and write
|
||
|
2969DFE000
|
stack
|
page read and write
|
||
|
3A00000
|
heap
|
page read and write
|
||
|
6AA000
|
heap
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
66F000
|
stack
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
487E000
|
direct allocation
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
6A5000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
6C5000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
EF0000
|
trusted library allocation
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
387E000
|
stack
|
page read and write
|
||
|
3E5F000
|
unkown
|
page read and write
|
||
|
6AA000
|
heap
|
page read and write
|
||
|
4FC000
|
stack
|
page read and write
|
||
|
1D0000
|
unkown
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
766000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
13FD000
|
stack
|
page read and write
|
||
|
4A70000
|
unclassified section
|
page execute and read and write
|
||
|
5D26000
|
unclassified section
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
3AD0000
|
direct allocation
|
page read and write
|
||
|
3413000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
4663000
|
direct allocation
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
84C000
|
unkown
|
page read and write
|
||
|
766B000
|
heap
|
page read and write
|
||
|
32612000
|
system
|
page read and write
|
||
|
F0000
|
unkown
|
page readonly
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
46E0000
|
direct allocation
|
page read and write
|
||
|
1D7B4401000
|
trusted library allocation
|
page read and write
|
||
|
3F42000
|
direct allocation
|
page execute and read and write
|
||
|
771000
|
unkown
|
page execute read
|
||
|
D61000
|
unkown
|
page readonly
|
||
|
15EE000
|
heap
|
page read and write
|
||
|
1D7B26F0000
|
heap
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
761D000
|
heap
|
page read and write
|
||
|
76E8000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
768A000
|
heap
|
page read and write
|
||
|
43C0000
|
heap
|
page read and write
|
||
|
76D2000
|
heap
|
page read and write
|
||
|
554C000
|
unclassified section
|
page read and write
|
||
|
770000
|
unkown
|
page readonly
|
||
|
1D7B2810000
|
heap
|
page read and write
|
||
|
3413000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
3D2D000
|
direct allocation
|
page execute and read and write
|
||
|
769E000
|
heap
|
page read and write
|
||
|
76E0000
|
heap
|
page read and write
|
||
|
173D000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
46E0000
|
direct allocation
|
page read and write
|
||
|
63C2000
|
system
|
page execute and read and write
|
||
|
718000
|
heap
|
page read and write
|
||
|
76A9000
|
heap
|
page read and write
|
||
|
480D000
|
direct allocation
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
1D7B4321000
|
trusted library allocation
|
page read and write
|
||
|
2BD0000
|
unkown
|
page execute and read and write
|
||
|
3B29000
|
heap
|
page read and write
|
||
|
1D7B270F000
|
heap
|
page read and write
|
||
|
650000
|
unkown
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
77F0000
|
trusted library allocation
|
page read and write
|
||
|
701000
|
heap
|
page read and write
|
||
|
3AD0000
|
direct allocation
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
62E000
|
stack
|
page read and write
|
||
|
3413000
|
heap
|
page read and write
|
||
|
7DE000
|
stack
|
page read and write
|
||
|
1E1000
|
unkown
|
page readonly
|
||
|
76A4000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
3DD4000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
72F000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
9D0000
|
unkown
|
page readonly
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
D61000
|
unkown
|
page readonly
|
||
|
29695FE000
|
stack
|
page read and write
|
||
|
145000
|
unkown
|
page execute and write copy
|
||
|
6A6000
|
heap
|
page read and write
|
||
|
190000
|
unkown
|
page readonly
|
||
|
19B000
|
unkown
|
page write copy
|
||
|
3E64000
|
unkown
|
page read and write
|
||
|
1673000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
3C02000
|
system
|
page read and write
|
||
|
16E9000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
3EAA000
|
heap
|
page read and write
|
||
|
1D7B2733000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
771000
|
unkown
|
page execute read
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
3600000
|
heap
|
page read and write
|
||
|
6E1000
|
heap
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
7659000
|
heap
|
page read and write
|
||
|
706000
|
heap
|
page read and write
|
||
|
1450000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
42C3000
|
heap
|
page read and write
|
||
|
4540000
|
direct allocation
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
EF0000
|
trusted library allocation
|
page read and write
|
||
|
7300000
|
heap
|
page read and write
|
||
|
1458000
|
heap
|
page read and write
|
||
|
6A1000
|
heap
|
page read and write
|
||
|
32552000
|
system
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
3282C000
|
system
|
page read and write
|
||
|
13DB000
|
stack
|
page read and write
|
||
|
3413000
|
heap
|
page read and write
|
||
|
3605000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
1D7B4303000
|
trusted library allocation
|
page read and write
|
||
|
3C02000
|
unkown
|
page read and write
|
||
|
19A000
|
unkown
|
page execute and write copy
|
||
|
4B1C000
|
unclassified section
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
32E0000
|
heap
|
page read and write
|
||
|
D0000
|
unkown
|
page readonly
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
3A7F000
|
stack
|
page read and write
|
||
|
4540000
|
direct allocation
|
page read and write
|
||
|
480D000
|
direct allocation
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
69F000
|
heap
|
page read and write
|
||
|
7751000
|
heap
|
page read and write
|
||
|
16AE000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
75C000
|
heap
|
page read and write
|
||
|
63D2000
|
system
|
page execute and read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
50E6000
|
system
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
46E0000
|
direct allocation
|
page read and write
|
||
|
DBE000
|
stack
|
page read and write
|
||
|
63DE000
|
system
|
page execute and read and write
|
||
|
44F0000
|
direct allocation
|
page execute and read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
71D000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
487E000
|
direct allocation
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
F20000
|
trusted library allocation
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
1F0000
|
unkown
|
page read and write
|
||
|
6AA000
|
heap
|
page read and write
|
||
|
194000
|
unkown
|
page execute and read and write
|
||
|
46E0000
|
direct allocation
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
6A5000
|
heap
|
page read and write
|
||
|
4FC000
|
stack
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
490C000
|
system
|
page read and write
|
||
|
DB0000
|
trusted library allocation
|
page read and write
|
||
|
713000
|
heap
|
page read and write
|
||
|
6FC000
|
heap
|
page read and write
|
||
|
1D7B3FF0000
|
heap
|
page read and write
|
||
|
1D1D000
|
stack
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
143E000
|
stack
|
page read and write
|
||
|
1D7B44AD000
|
trusted library allocation
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
10000
|
unkown
|
page readonly
|
||
|
DAF000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
1D7B271C000
|
heap
|
page read and write
|
||
|
7D7E000
|
stack
|
page read and write
|
||
|
4809000
|
direct allocation
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
3400000
|
heap
|
page read and write
|
||
|
701000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
770000
|
unkown
|
page readonly
|
||
|
3619000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
2C42000
|
unkown
|
page execute and read and write
|
||
|
3413000
|
heap
|
page read and write
|
||
|
1D7B41A0000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
487E000
|
direct allocation
|
page read and write
|
||
|
60E000
|
stack
|
page read and write
|
||
|
4001000
|
heap
|
page read and write
|
||
|
5096000
|
unclassified section
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
3413000
|
heap
|
page read and write
|
||
|
1D7B265B000
|
system
|
page execute and read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
7663000
|
heap
|
page read and write
|
||
|
63E1000
|
system
|
page execute and read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
7671000
|
heap
|
page read and write
|
||
|
32C0000
|
heap
|
page read and write
|
||
|
45E8000
|
system
|
page read and write
|
||
|
47BD000
|
direct allocation
|
page execute and read and write
|
||
|
CC9000
|
stack
|
page read and write
|
||
|
13CE000
|
stack
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
E50000
|
trusted library allocation
|
page execute and read and write
|
||
|
15A000
|
stack
|
page read and write
|
||
|
3B2D000
|
heap
|
page read and write
|
||
|
5A02000
|
unclassified section
|
page read and write
|
||
|
60E000
|
stack
|
page read and write
|
||
|
32C14000
|
system
|
page read and write
|
||
|
15A000
|
stack
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
76F000
|
stack
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
42C4000
|
system
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
468E000
|
direct allocation
|
page execute and read and write
|
||
|
190000
|
unkown
|
page readonly
|
||
|
4540000
|
direct allocation
|
page read and write
|
||
|
D22000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
654C000
|
unkown
|
page read and write
|
||
|
5228000
|
unclassified section
|
page read and write
|
||
|
F0000
|
unkown
|
page readonly
|
||
|
7622000
|
heap
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
54E2000
|
unclassified section
|
page execute and read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
3413000
|
heap
|
page read and write
|
||
|
480D000
|
direct allocation
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
723000
|
heap
|
page read and write
|
||
|
4214000
|
heap
|
page read and write
|
||
|
3701000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
3413000
|
heap
|
page read and write
|
||
|
4902000
|
unclassified section
|
page read and write
|
||
|
4210000
|
direct allocation
|
page read and write
|
||
|
76DC000
|
heap
|
page read and write
|
||
|
10000
|
unkown
|
page readonly
|
||
|
76D7000
|
heap
|
page read and write
|
||
|
211F000
|
stack
|
page read and write
|
||
|
6ED000
|
heap
|
page read and write
|
||
|
1D7B4300000
|
trusted library allocation
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
13BF000
|
stack
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
3413000
|
heap
|
page read and write
|
||
|
4D4000
|
heap
|
page read and write
|
||
|
BFF000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
650000
|
unkown
|
page read and write
|
||
|
3617000
|
heap
|
page read and write
|
||
|
787000
|
unkown
|
page readonly
|
||
|
480D000
|
direct allocation
|
page read and write
|
||
|
787000
|
unkown
|
page readonly
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
1E1000
|
unkown
|
page readonly
|
||
|
6BB000
|
heap
|
page read and write
|
||
|
15D4000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
1D7B44BE000
|
trusted library allocation
|
page read and write
|
||
|
11000
|
unkown
|
page execute and read and write
|
||
|
6A1000
|
heap
|
page read and write
|
||
|
4619000
|
direct allocation
|
page execute and read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
737000
|
heap
|
page read and write
|
||
|
4540000
|
direct allocation
|
page read and write
|
||
|
7666000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
CE000
|
unkown
|
page execute and read and write
|
||
|
7E0000
|
unkown
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
329B000
|
stack
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
296A5FE000
|
stack
|
page read and write
|
||
|
624000
|
heap
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
6AA000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
1D7B2659000
|
system
|
page execute and read and write
|
||
|
1D7B44C4000
|
trusted library allocation
|
page read and write
|
||
|
1710000
|
heap
|
page read and write
|
||
|
46E0000
|
direct allocation
|
page read and write
|
||
|
1740000
|
heap
|
page read and write
|
||
|
325C000
|
stack
|
page read and write
|
||
|
6E1000
|
heap
|
page read and write
|
||
|
706000
|
heap
|
page read and write
|
||
|
3D9E000
|
direct allocation
|
page execute and read and write
|
||
|
3D1C000
|
system
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
1D7B44CE000
|
trusted library allocation
|
page read and write
|
||
|
785000
|
unkown
|
page read and write
|
||
|
1D7B4010000
|
trusted library allocation
|
page read and write
|
||
|
3310000
|
heap
|
page read and write
|
||
|
478000
|
stack
|
page read and write
|
||
|
1D7B430E000
|
trusted library allocation
|
page read and write
|
||
|
3800000
|
direct allocation
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
477A000
|
system
|
page read and write
|
||
|
1D7B2730000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
3A80000
|
direct allocation
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
1711000
|
heap
|
page read and write
|
||
|
1A0000
|
unkown
|
page readonly
|
||
|
4842000
|
unclassified section
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
630000
|
unkown
|
page readonly
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
4809000
|
direct allocation
|
page read and write
|
||
|
1690000
|
heap
|
page read and write
|
||
|
1D7B2733000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
69F000
|
heap
|
page read and write
|
||
|
6AA000
|
heap
|
page read and write
|
||
|
7390000
|
trusted library allocation
|
page read and write
|
||
|
7500000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
1F0000
|
unkown
|
page read and write
|
||
|
46E0000
|
direct allocation
|
page read and write
|
||
|
4F54000
|
system
|
page read and write
|
||
|
15DF000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
26B0000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
1D7B2700000
|
heap
|
page read and write
|
||
|
CF0000
|
trusted library allocation
|
page read and write
|
||
|
3DE3000
|
heap
|
page read and write
|
||
|
16C9000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
7DBF000
|
stack
|
page read and write
|
||
|
EDC000
|
heap
|
page read and write
|
||
|
ED8000
|
heap
|
page read and write
|
||
|
3C00000
|
direct allocation
|
page execute and read and write
|
||
|
8EF000
|
heap
|
page read and write
|
||
|
3413000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
19B000
|
unkown
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
4540000
|
direct allocation
|
page read and write
|
||
|
6AA000
|
heap
|
page read and write
|
||
|
3413000
|
heap
|
page read and write
|
||
|
3413000
|
heap
|
page read and write
|
||
|
43B000
|
stack
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
3605000
|
heap
|
page read and write
|
||
|
785000
|
unkown
|
page read and write
|
There are 571 hidden memdumps, click here to show them.