Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
GipsonyVelo.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\GipsonyVelo.exe.log
|
CSV text
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RegAsm.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF, LF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\GipsonyVelo.exe
|
"C:\Users\user\Desktop\GipsonyVelo.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
185.196.9.26:6302
|
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Text
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/sct
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/sc/dk
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
http://tempuri.org/Entity/Id23ResponseD
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#HexBinary
|
unknown
|
||
|
http://tempuri.org/Entity/Id12Response
|
unknown
|
||
|
http://tempuri.org/
|
unknown
|
||
|
http://tempuri.org/Entity/Id2Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/dk/p_sha1
|
unknown
|
||
|
http://tempuri.org/Entity/Id21Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/2005/02/trust/spnego#GSS_Wrap
|
unknown
|
||
|
http://tempuri.org/Entity/Id9
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID
|
unknown
|
||
|
http://tempuri.org/Entity/Id8
|
unknown
|
||
|
http://tempuri.org/Entity/Id5
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Prepare
|
unknown
|
||
|
http://tempuri.org/Entity/Id4
|
unknown
|
||
|
http://tempuri.org/Entity/Id7
|
unknown
|
||
|
http://tempuri.org/Entity/Id6
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust#BinarySecret
|
unknown
|
||
|
http://tempuri.org/Entity/Id19Response
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-rel-token-profile-1.0.pdf#license
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Aborted
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/TerminateSequence
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/fault
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey
|
unknown
|
||
|
http://tempuri.org/Entity/Id15Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Renew
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/Register
|
unknown
|
||
|
http://tempuri.org/Entity/Id6Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/SymmetricKey
|
unknown
|
||
|
https://api.ip.sb/ip
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/sc
|
unknown
|
||
|
http://tempuri.org/Entity/Id1ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Volatile2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id9Response
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://tempuri.org/Entity/Id20
|
unknown
|
||
|
http://tempuri.org/Entity/Id21
|
unknown
|
||
|
http://tempuri.org/Entity/Id22
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#Kerberosv5APREQSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id23
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/CK/PSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id24
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/Issue
|
unknown
|
||
|
http://tempuri.org/Entity/Id24Response
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
http://tempuri.org/Entity/Id1Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/AckRequested
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/ReadOnly
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Replay
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Durable2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/SymmetricKey
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Completion
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust
|
unknown
|
||
|
http://tempuri.org/Entity/Id10
|
unknown
|
||
|
http://tempuri.org/Entity/Id11
|
unknown
|
||
|
http://tempuri.org/Entity/Id12
|
unknown
|
||
|
http://tempuri.org/Entity/Id16Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContextResponse
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id13
|
unknown
|
||
|
http://tempuri.org/Entity/Id14
|
unknown
|
||
|
http://tempuri.org/Entity/Id15
|
unknown
|
||
|
http://tempuri.org/Entity/Id16
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Nonce
|
unknown
|
||
|
http://tempuri.org/Entity/Id17
|
unknown
|
||
|
http://tempuri.org/Entity/Id18
|
unknown
|
||
|
http://tempuri.org/Entity/Id5Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id19
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dns
|
unknown
|
||
|
http://tempuri.org/Entity/Id10Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Renew
|
unknown
|
||
|
http://tempuri.org/Entity/Id8Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/PublicKey
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/SCT
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2006/02/addressingidentity
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/PublicKey
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKeySHA1
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Rollback
|
unknown
|
||
|
http://tempuri.org/Entity/Id3ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id23Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/SCT
|
unknown
|
||
|
http://tempuri.org/D
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.196.9.26
|
unknown
|
Switzerland
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3AB5000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2E04000
|
trusted library allocation
|
page read and write
|
|
|
|
103D000
|
trusted library allocation
|
page execute and read and write
|
||
|
52B0000
|
trusted library allocation
|
page read and write
|
||
|
5570000
|
trusted library allocation
|
page read and write
|
||
|
2FCF000
|
trusted library allocation
|
page read and write
|
||
|
300A000
|
trusted library allocation
|
page read and write
|
||
|
32E7000
|
trusted library allocation
|
page read and write
|
||
|
2F26000
|
trusted library allocation
|
page read and write
|
||
|
DD7000
|
trusted library allocation
|
page execute and read and write
|
||
|
6E48000
|
heap
|
page read and write
|
||
|
719E000
|
stack
|
page read and write
|
||
|
2C7E000
|
stack
|
page read and write
|
||
|
406A000
|
trusted library allocation
|
page read and write
|
||
|
6F90000
|
heap
|
page read and write
|
||
|
3114000
|
trusted library allocation
|
page read and write
|
||
|
57D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
30F0000
|
trusted library allocation
|
page read and write
|
||
|
7EF20000
|
trusted library allocation
|
page execute and read and write
|
||
|
4055000
|
trusted library allocation
|
page read and write
|
||
|
32CF000
|
trusted library allocation
|
page read and write
|
||
|
56A0000
|
trusted library allocation
|
page read and write
|
||
|
52B5000
|
trusted library allocation
|
page read and write
|
||
|
32F4000
|
trusted library allocation
|
page read and write
|
||
|
1046000
|
trusted library allocation
|
page execute and read and write
|
||
|
A5D000
|
stack
|
page read and write
|
||
|
3EF8000
|
trusted library allocation
|
page read and write
|
||
|
6A8E000
|
stack
|
page read and write
|
||
|
4110000
|
trusted library allocation
|
page read and write
|
||
|
3081000
|
trusted library allocation
|
page read and write
|
||
|
40DF000
|
trusted library allocation
|
page read and write
|
||
|
70DA000
|
trusted library allocation
|
page read and write
|
||
|
3F9D000
|
trusted library allocation
|
page read and write
|
||
|
2A88000
|
trusted library allocation
|
page read and write
|
||
|
6CF3000
|
trusted library allocation
|
page read and write
|
||
|
585E000
|
stack
|
page read and write
|
||
|
5EF2000
|
heap
|
page read and write
|
||
|
3304000
|
trusted library allocation
|
page read and write
|
||
|
55A0000
|
trusted library allocation
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
3F30000
|
trusted library allocation
|
page read and write
|
||
|
2FC0000
|
trusted library allocation
|
page read and write
|
||
|
5342000
|
trusted library allocation
|
page read and write
|
||
|
402F000
|
trusted library allocation
|
page read and write
|
||
|
5EE5000
|
heap
|
page read and write
|
||
|
70E0000
|
trusted library allocation
|
page read and write
|
||
|
70C8000
|
trusted library allocation
|
page read and write
|
||
|
559E000
|
trusted library allocation
|
page read and write
|
||
|
71A0000
|
trusted library allocation
|
page read and write
|
||
|
32DC000
|
trusted library allocation
|
page read and write
|
||
|
416C000
|
trusted library allocation
|
page read and write
|
||
|
5581000
|
trusted library allocation
|
page read and write
|
||
|
3EA6000
|
trusted library allocation
|
page read and write
|
||
|
55C0000
|
trusted library allocation
|
page read and write
|
||
|
2C80000
|
heap
|
page read and write
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
3EF1000
|
trusted library allocation
|
page read and write
|
||
|
2AAE000
|
stack
|
page read and write
|
||
|
AD6000
|
heap
|
page read and write
|
||
|
3102000
|
trusted library allocation
|
page read and write
|
||
|
2D50000
|
trusted library allocation
|
page read and write
|
||
|
4022000
|
trusted library allocation
|
page read and write
|
||
|
32C4000
|
trusted library allocation
|
page read and write
|
||
|
5340000
|
trusted library allocation
|
page read and write
|
||
|
57E0000
|
trusted library allocation
|
page read and write
|
||
|
330F000
|
trusted library allocation
|
page read and write
|
||
|
1080000
|
trusted library allocation
|
page read and write
|
||
|
721E000
|
stack
|
page read and write
|
||
|
417C000
|
trusted library allocation
|
page read and write
|
||
|
1052000
|
trusted library allocation
|
page read and write
|
||
|
5EC7000
|
heap
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
53F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
542B000
|
trusted library allocation
|
page read and write
|
||
|
5313000
|
heap
|
page execute and read and write
|
||
|
FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
30B7000
|
trusted library allocation
|
page read and write
|
||
|
70B9000
|
trusted library allocation
|
page read and write
|
||
|
1000000
|
trusted library allocation
|
page read and write
|
||
|
DA4000
|
trusted library allocation
|
page read and write
|
||
|
AE3000
|
heap
|
page read and write
|
||
|
6D26000
|
trusted library allocation
|
page read and write
|
||
|
31C8000
|
trusted library allocation
|
page read and write
|
||
|
2CF4000
|
trusted library allocation
|
page read and write
|
||
|
5590000
|
trusted library allocation
|
page read and write
|
||
|
958000
|
stack
|
page read and write
|
||
|
540A000
|
trusted library allocation
|
page read and write
|
||
|
2AB3000
|
trusted library allocation
|
page read and write
|
||
|
5330000
|
heap
|
page read and write
|
||
|
6E2E000
|
heap
|
page read and write
|
||
|
28B0000
|
heap
|
page execute and read and write
|
||
|
4088000
|
trusted library allocation
|
page read and write
|
||
|
5EB1000
|
heap
|
page read and write
|
||
|
5431000
|
trusted library allocation
|
page read and write
|
||
|
780E000
|
stack
|
page read and write
|
||
|
3E07000
|
trusted library allocation
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
DB6000
|
trusted library allocation
|
page read and write
|
||
|
5E72000
|
heap
|
page read and write
|
||
|
437000
|
remote allocation
|
page execute and read and write
|
||
|
32B9000
|
trusted library allocation
|
page read and write
|
||
|
2FFD000
|
trusted library allocation
|
page read and write
|
||
|
7260000
|
trusted library allocation
|
page execute and read and write
|
||
|
31E7000
|
trusted library allocation
|
page read and write
|
||
|
B0C000
|
heap
|
page read and write
|
||
|
3FFE000
|
trusted library allocation
|
page read and write
|
||
|
5E16000
|
heap
|
page read and write
|
||
|
3E33000
|
trusted library allocation
|
page read and write
|
||
|
3FE2000
|
trusted library allocation
|
page read and write
|
||
|
6D24000
|
trusted library allocation
|
page read and write
|
||
|
3D71000
|
trusted library allocation
|
page read and write
|
||
|
6DF5000
|
heap
|
page read and write
|
||
|
1040000
|
trusted library allocation
|
page read and write
|
||
|
70D5000
|
trusted library allocation
|
page read and write
|
||
|
3F0A000
|
trusted library allocation
|
page read and write
|
||
|
3202000
|
trusted library allocation
|
page read and write
|
||
|
3109000
|
trusted library allocation
|
page read and write
|
||
|
3FAF000
|
trusted library allocation
|
page read and write
|
||
|
3029000
|
trusted library allocation
|
page read and write
|
||
|
6D90000
|
heap
|
page read and write
|
||
|
BB5000
|
heap
|
page read and write
|
||
|
614E000
|
stack
|
page read and write
|
||
|
2F24000
|
trusted library allocation
|
page read and write
|
||
|
2FD2000
|
trusted library allocation
|
page read and write
|
||
|
3E0B000
|
trusted library allocation
|
page read and write
|
||
|
3FF4000
|
trusted library allocation
|
page read and write
|
||
|
5620000
|
trusted library allocation
|
page read and write
|
||
|
318F000
|
trusted library allocation
|
page read and write
|
||
|
30D6000
|
trusted library allocation
|
page read and write
|
||
|
3199000
|
trusted library allocation
|
page read and write
|
||
|
6DCE000
|
heap
|
page read and write
|
||
|
3FA8000
|
trusted library allocation
|
page read and write
|
||
|
2FEF000
|
trusted library allocation
|
page read and write
|
||
|
40F1000
|
trusted library allocation
|
page read and write
|
||
|
52E0000
|
trusted library allocation
|
page read and write
|
||
|
2CF0000
|
trusted library allocation
|
page read and write
|
||
|
6DD8000
|
heap
|
page read and write
|
||
|
5595000
|
trusted library allocation
|
page read and write
|
||
|
E3E000
|
stack
|
page read and write
|
||
|
AAE000
|
heap
|
page read and write
|
||
|
F4F000
|
stack
|
page read and write
|
||
|
3E01000
|
trusted library allocation
|
page read and write
|
||
|
6CF0000
|
trusted library allocation
|
page read and write
|
||
|
40A4000
|
trusted library allocation
|
page read and write
|
||
|
71DD000
|
trusted library allocation
|
page read and write
|
||
|
4171000
|
trusted library allocation
|
page read and write
|
||
|
2FBD000
|
trusted library allocation
|
page read and write
|
||
|
31EC000
|
trusted library allocation
|
page read and write
|
||
|
117D000
|
heap
|
page read and write
|
||
|
280E000
|
stack
|
page read and write
|
||
|
2D58000
|
trusted library allocation
|
page read and write
|
||
|
4097000
|
trusted library allocation
|
page read and write
|
||
|
70CA000
|
trusted library allocation
|
page read and write
|
||
|
3035000
|
trusted library allocation
|
page read and write
|
||
|
3F03000
|
trusted library allocation
|
page read and write
|
||
|
1055000
|
trusted library allocation
|
page execute and read and write
|
||
|
1023000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D0E000
|
trusted library allocation
|
page read and write
|
||
|
3159000
|
trusted library allocation
|
page read and write
|
||
|
2CFB000
|
trusted library allocation
|
page read and write
|
||
|
3EC9000
|
trusted library allocation
|
page read and write
|
||
|
3E6E000
|
trusted library allocation
|
page read and write
|
||
|
545A000
|
trusted library allocation
|
page read and write
|
||
|
62F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6DBC000
|
heap
|
page read and write
|
||
|
3E7A000
|
trusted library allocation
|
page read and write
|
||
|
3F1F000
|
trusted library allocation
|
page read and write
|
||
|
3FDC000
|
trusted library allocation
|
page read and write
|
||
|
2CDE000
|
stack
|
page read and write
|
||
|
5E9F000
|
heap
|
page read and write
|
||
|
70F0000
|
trusted library allocation
|
page read and write
|
||
|
5451000
|
trusted library allocation
|
page read and write
|
||
|
2F20000
|
trusted library allocation
|
page read and write
|
||
|
40B2000
|
trusted library allocation
|
page read and write
|
||
|
32A0000
|
trusted library allocation
|
page read and write
|
||
|
3286000
|
trusted library allocation
|
page read and write
|
||
|
31AE000
|
trusted library allocation
|
page read and write
|
||
|
33A1000
|
trusted library allocation
|
page read and write
|
||
|
1020000
|
trusted library allocation
|
page read and write
|
||
|
70B2000
|
trusted library allocation
|
page read and write
|
||
|
3ED7000
|
trusted library allocation
|
page read and write
|
||
|
3F46000
|
trusted library allocation
|
page read and write
|
||
|
4141000
|
trusted library allocation
|
page read and write
|
||
|
3E91000
|
trusted library allocation
|
page read and write
|
||
|
6E0B000
|
heap
|
page read and write
|
||
|
5EA4000
|
heap
|
page read and write
|
||
|
5690000
|
trusted library allocation
|
page execute and read and write
|
||
|
600E000
|
stack
|
page read and write
|
||
|
5E10000
|
heap
|
page read and write
|
||
|
3FF9000
|
trusted library allocation
|
page read and write
|
||
|
5460000
|
trusted library allocation
|
page read and write
|
||
|
559B000
|
trusted library allocation
|
page read and write
|
||
|
3030000
|
trusted library allocation
|
page read and write
|
||
|
409F000
|
trusted library allocation
|
page read and write
|
||
|
57C0000
|
trusted library allocation
|
page read and write
|
||
|
5F0A000
|
heap
|
page read and write
|
||
|
71B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5630000
|
trusted library allocation
|
page read and write
|
||
|
725E000
|
stack
|
page read and write
|
||
|
2FF1000
|
trusted library allocation
|
page read and write
|
||
|
40FB000
|
trusted library allocation
|
page read and write
|
||
|
3F36000
|
trusted library allocation
|
page read and write
|
||
|
3ECB000
|
trusted library allocation
|
page read and write
|
||
|
1057000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E8A000
|
trusted library allocation
|
page read and write
|
||
|
40BE000
|
trusted library allocation
|
page read and write
|
||
|
3AE9000
|
trusted library allocation
|
page read and write
|
||
|
3FCF000
|
trusted library allocation
|
page read and write
|
||
|
2AB1000
|
trusted library allocation
|
page execute and read and write
|
||
|
1197000
|
heap
|
page read and write
|
||
|
754E000
|
stack
|
page read and write
|
||
|
4155000
|
trusted library allocation
|
page read and write
|
||
|
432000
|
remote allocation
|
page execute and read and write
|
||
|
618E000
|
stack
|
page read and write
|
||
|
5E9A000
|
heap
|
page read and write
|
||
|
6DA0000
|
heap
|
page read and write
|
||
|
405F000
|
trusted library allocation
|
page read and write
|
||
|
303A000
|
trusted library allocation
|
page read and write
|
||
|
3F54000
|
trusted library allocation
|
page read and write
|
||
|
6E93000
|
heap
|
page read and write
|
||
|
3E10000
|
trusted library allocation
|
page read and write
|
||
|
3E5D000
|
trusted library allocation
|
page read and write
|
||
|
2D33000
|
heap
|
page read and write
|
||
|
4167000
|
trusted library allocation
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
6BDE000
|
stack
|
page read and write
|
||
|
3FC5000
|
trusted library allocation
|
page read and write
|
||
|
4016000
|
trusted library allocation
|
page read and write
|
||
|
6EBC000
|
heap
|
page read and write
|
||
|
2B60000
|
trusted library allocation
|
page read and write
|
||
|
3FB5000
|
trusted library allocation
|
page read and write
|
||
|
570000
|
unkown
|
page readonly
|
||
|
5408000
|
trusted library allocation
|
page read and write
|
||
|
3D91000
|
trusted library allocation
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
2E76000
|
trusted library allocation
|
page read and write
|
||
|
403C000
|
trusted library allocation
|
page read and write
|
||
|
6DE8000
|
heap
|
page read and write
|
||
|
5610000
|
trusted library allocation
|
page read and write
|
||
|
2FDE000
|
trusted library allocation
|
page read and write
|
||
|
572000
|
unkown
|
page readonly
|
||
|
3E64000
|
trusted library allocation
|
page read and write
|
||
|
348C000
|
trusted library allocation
|
page read and write
|
||
|
3EAE000
|
trusted library allocation
|
page read and write
|
||
|
40EA000
|
trusted library allocation
|
page read and write
|
||
|
3EA0000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
6E4F000
|
heap
|
page read and write
|
||
|
446000
|
remote allocation
|
page execute and read and write
|
||
|
57F0000
|
trusted library allocation
|
page read and write
|
||
|
3017000
|
trusted library allocation
|
page read and write
|
||
|
52C0000
|
trusted library allocation
|
page read and write
|
||
|
2F2A000
|
trusted library allocation
|
page read and write
|
||
|
31BB000
|
trusted library allocation
|
page read and write
|
||
|
407B000
|
trusted library allocation
|
page read and write
|
||
|
3F40000
|
trusted library allocation
|
page read and write
|
||
|
117B000
|
heap
|
page read and write
|
||
|
31A1000
|
trusted library allocation
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
100E000
|
stack
|
page read and write
|
||
|
40F6000
|
trusted library allocation
|
page read and write
|
||
|
6420000
|
heap
|
page read and write
|
||
|
B1A000
|
stack
|
page read and write
|
||
|
5680000
|
trusted library allocation
|
page execute and read and write
|
||
|
A75000
|
heap
|
page read and write
|
||
|
5E8C000
|
heap
|
page read and write
|
||
|
3F4E000
|
trusted library allocation
|
page read and write
|
||
|
5470000
|
heap
|
page read and write
|
||
|
6290000
|
trusted library allocation
|
page execute and read and write
|
||
|
5436000
|
trusted library allocation
|
page read and write
|
||
|
604E000
|
stack
|
page read and write
|
||
|
4091000
|
trusted library allocation
|
page read and write
|
||
|
70CF000
|
trusted library allocation
|
page read and write
|
||
|
2B70000
|
heap
|
page read and write
|
||
|
3046000
|
trusted library allocation
|
page read and write
|
||
|
70DF000
|
trusted library allocation
|
page read and write
|
||
|
2FCB000
|
trusted library allocation
|
page read and write
|
||
|
3FEB000
|
trusted library allocation
|
page read and write
|
||
|
29A0000
|
heap
|
page read and write
|
||
|
4074000
|
trusted library allocation
|
page read and write
|
||
|
301E000
|
trusted library allocation
|
page read and write
|
||
|
3E9B000
|
trusted library allocation
|
page read and write
|
||
|
544E000
|
trusted library allocation
|
page read and write
|
||
|
EF7000
|
stack
|
page read and write
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
6EB1000
|
heap
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
4081000
|
trusted library allocation
|
page read and write
|
||
|
404E000
|
trusted library allocation
|
page read and write
|
||
|
30C9000
|
trusted library allocation
|
page read and write
|
||
|
6D20000
|
trusted library allocation
|
page read and write
|
||
|
3F29000
|
trusted library allocation
|
page read and write
|
||
|
31CF000
|
trusted library allocation
|
page read and write
|
||
|
32A7000
|
trusted library allocation
|
page read and write
|
||
|
4BAE000
|
stack
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
1030000
|
trusted library allocation
|
page read and write
|
||
|
40D8000
|
trusted library allocation
|
page read and write
|
||
|
102D000
|
trusted library allocation
|
page execute and read and write
|
||
|
AEC000
|
heap
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
6E1E000
|
heap
|
page read and write
|
||
|
6410000
|
trusted library allocation
|
page read and write
|
||
|
3231000
|
trusted library allocation
|
page read and write
|
||
|
A1D000
|
stack
|
page read and write
|
||
|
311F000
|
trusted library allocation
|
page read and write
|
||
|
33B5000
|
trusted library allocation
|
page read and write
|
||
|
5810000
|
heap
|
page execute and read and write
|
||
|
3FD5000
|
trusted library allocation
|
page read and write
|
||
|
5800000
|
trusted library allocation
|
page execute and read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
3DF3000
|
trusted library allocation
|
page read and write
|
||
|
3388000
|
trusted library allocation
|
page read and write
|
||
|
33AE000
|
trusted library allocation
|
page read and write
|
||
|
5EA9000
|
heap
|
page read and write
|
||
|
55D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6E7A000
|
heap
|
page read and write
|
||
|
2F1A000
|
trusted library allocation
|
page read and write
|
||
|
32EE000
|
trusted library allocation
|
page read and write
|
||
|
5600000
|
trusted library allocation
|
page read and write
|
||
|
D6E000
|
stack
|
page read and write
|
||
|
312A000
|
trusted library allocation
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
3FE6000
|
trusted library allocation
|
page read and write
|
||
|
5400000
|
trusted library allocation
|
page read and write
|
||
|
5442000
|
trusted library allocation
|
page read and write
|
||
|
3FB9000
|
trusted library allocation
|
page read and write
|
||
|
71C0000
|
trusted library allocation
|
page read and write
|
||
|
6DC8000
|
heap
|
page read and write
|
||
|
1090000
|
trusted library allocation
|
page execute and read and write
|
||
|
3AB1000
|
trusted library allocation
|
page read and write
|
||
|
2B5C000
|
stack
|
page read and write
|
||
|
333E000
|
trusted library allocation
|
page read and write
|
||
|
2EE1000
|
trusted library allocation
|
page read and write
|
||
|
3EB3000
|
trusted library allocation
|
page read and write
|
||
|
2A7E000
|
stack
|
page read and write
|
||
|
5ED8000
|
heap
|
page read and write
|
||
|
75CE000
|
stack
|
page read and write
|
||
|
31DA000
|
trusted library allocation
|
page read and write
|
||
|
6CDD000
|
stack
|
page read and write
|
||
|
DCA000
|
trusted library allocation
|
page execute and read and write
|
||
|
758F000
|
stack
|
page read and write
|
||
|
4E6C000
|
stack
|
page read and write
|
||
|
6DB2000
|
heap
|
page read and write
|
||
|
3F3D000
|
trusted library allocation
|
page read and write
|
||
|
4134000
|
trusted library allocation
|
page read and write
|
||
|
10A9000
|
heap
|
page read and write
|
||
|
5C0000
|
unkown
|
page readonly
|
||
|
5E12000
|
heap
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
3F96000
|
trusted library allocation
|
page read and write
|
||
|
4043000
|
trusted library allocation
|
page read and write
|
||
|
104A000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F89000
|
trusted library allocation
|
page read and write
|
||
|
DDB000
|
trusted library allocation
|
page execute and read and write
|
||
|
3271000
|
trusted library allocation
|
page read and write
|
||
|
2E9B000
|
trusted library allocation
|
page read and write
|
||
|
6EA0000
|
heap
|
page read and write
|
||
|
6D30000
|
trusted library allocation
|
page read and write
|
||
|
5405000
|
trusted library allocation
|
page read and write
|
||
|
DB0000
|
trusted library allocation
|
page read and write
|
||
|
1076000
|
heap
|
page read and write
|
||
|
AC9000
|
heap
|
page read and write
|
||
|
405A000
|
trusted library allocation
|
page read and write
|
||
|
6E3C000
|
heap
|
page read and write
|
||
|
6E83000
|
heap
|
page read and write
|
||
|
10D4000
|
heap
|
page read and write
|
||
|
2D60000
|
heap
|
page execute and read and write
|
||
|
414E000
|
trusted library allocation
|
page read and write
|
||
|
62DC000
|
stack
|
page read and write
|
||
|
DA3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1050000
|
trusted library allocation
|
page read and write
|
||
|
408B000
|
trusted library allocation
|
page read and write
|
||
|
5EE1000
|
heap
|
page read and write
|
||
|
40CB000
|
trusted library allocation
|
page read and write
|
||
|
2FE7000
|
trusted library allocation
|
page read and write
|
||
|
2D11000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
trusted library allocation
|
page read and write
|
||
|
2D22000
|
trusted library allocation
|
page read and write
|
||
|
3375000
|
trusted library allocation
|
page read and write
|
||
|
6E5B000
|
heap
|
page read and write
|
||
|
3E19000
|
trusted library allocation
|
page read and write
|
||
|
3F0F000
|
trusted library allocation
|
page read and write
|
||
|
105B000
|
trusted library allocation
|
page execute and read and write
|
||
|
6E6A000
|
heap
|
page read and write
|
||
|
6B8C000
|
stack
|
page read and write
|
||
|
2A3F000
|
stack
|
page read and write
|
||
|
3051000
|
trusted library allocation
|
page read and write
|
||
|
85C000
|
stack
|
page read and write
|
||
|
337E000
|
trusted library allocation
|
page read and write
|
||
|
2F05000
|
trusted library allocation
|
page read and write
|
||
|
70B5000
|
trusted library allocation
|
page read and write
|
||
|
2CE0000
|
trusted library allocation
|
page read and write
|
||
|
70B0000
|
trusted library allocation
|
page read and write
|
||
|
70E2000
|
trusted library allocation
|
page read and write
|
||
|
715D000
|
stack
|
page read and write
|
||
|
70E5000
|
trusted library allocation
|
page read and write
|
||
|
3E97000
|
trusted library allocation
|
page read and write
|
||
|
5310000
|
heap
|
page execute and read and write
|
||
|
3497000
|
trusted library allocation
|
page read and write
|
||
|
30C1000
|
trusted library allocation
|
page read and write
|
||
|
4094000
|
trusted library allocation
|
page read and write
|
||
|
3279000
|
trusted library allocation
|
page read and write
|
||
|
2FD6000
|
trusted library allocation
|
page read and write
|
||
|
33C0000
|
trusted library allocation
|
page read and write
|
||
|
3F59000
|
trusted library allocation
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
2FC3000
|
trusted library allocation
|
page read and write
|
||
|
4099000
|
trusted library allocation
|
page read and write
|
||
|
3D7F000
|
trusted library allocation
|
page read and write
|
||
|
32F9000
|
trusted library allocation
|
page read and write
|
||
|
3DFA000
|
trusted library allocation
|
page read and write
|
||
|
2D16000
|
trusted library allocation
|
page read and write
|
||
|
AA9000
|
heap
|
page read and write
|
||
|
4160000
|
trusted library allocation
|
page read and write
|
||
|
5EFB000
|
heap
|
page read and write
|
||
|
3293000
|
trusted library allocation
|
page read and write
|
||
|
3F14000
|
trusted library allocation
|
page read and write
|
||
|
31F7000
|
trusted library allocation
|
page read and write
|
||
|
3EA4000
|
trusted library allocation
|
page read and write
|
||
|
5420000
|
trusted library allocation
|
page read and write
|
||
|
63FC000
|
stack
|
page read and write
|
||
|
116B000
|
heap
|
page read and write
|
||
|
3FF1000
|
trusted library allocation
|
page read and write
|
||
|
628E000
|
stack
|
page read and write
|
||
|
770D000
|
stack
|
page read and write
|
||
|
5EAB000
|
heap
|
page read and write
|
||
|
3FEF000
|
trusted library allocation
|
page read and write
|
||
|
6DA5000
|
heap
|
page read and write
|
||
|
3EE4000
|
trusted library allocation
|
page read and write
|
||
|
6D9A000
|
heap
|
page read and write
|
||
|
3E14000
|
trusted library allocation
|
page read and write
|
||
|
3E84000
|
trusted library allocation
|
page read and write
|
||
|
3EA9000
|
trusted library allocation
|
page read and write
|
||
|
5EB8000
|
heap
|
page read and write
|
||
|
32BF000
|
trusted library allocation
|
page read and write
|
||
|
52AF000
|
stack
|
page read and write
|
||
|
6E29000
|
heap
|
page read and write
|
||
|
1042000
|
trusted library allocation
|
page read and write
|
||
|
DB4000
|
trusted library allocation
|
page read and write
|
||
|
3F70000
|
trusted library allocation
|
page read and write
|
||
|
3DB3000
|
trusted library allocation
|
page read and write
|
||
|
76CE000
|
stack
|
page read and write
|
||
|
1010000
|
trusted library allocation
|
page read and write
|
||
|
1024000
|
trusted library allocation
|
page read and write
|
||
|
2D1D000
|
trusted library allocation
|
page read and write
|
||
|
3DAB000
|
trusted library allocation
|
page read and write
|
||
|
3E16000
|
trusted library allocation
|
page read and write
|
||
|
3394000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
2D40000
|
trusted library allocation
|
page read and write
|
||
|
32B2000
|
trusted library allocation
|
page read and write
|
||
|
3D9A000
|
trusted library allocation
|
page read and write
|
||
|
310F000
|
trusted library allocation
|
page read and write
|
||
|
4128000
|
trusted library allocation
|
page read and write
|
||
|
3267000
|
trusted library allocation
|
page read and write
|
||
|
30E3000
|
trusted library allocation
|
page read and write
|
||
|
31E1000
|
trusted library allocation
|
page read and write
|
||
|
4107000
|
trusted library allocation
|
page read and write
|
||
|
3E69000
|
trusted library allocation
|
page read and write
|
||
|
2D30000
|
heap
|
page read and write
|
||
|
6EDF000
|
heap
|
page read and write
|
||
|
3E1E000
|
trusted library allocation
|
page read and write
|
||
|
3F4C000
|
trusted library allocation
|
page read and write
|
||
|
71D0000
|
trusted library allocation
|
page read and write
|
||
|
3F49000
|
trusted library allocation
|
page read and write
|
||
|
6D34000
|
trusted library allocation
|
page read and write
|
||
|
3F7C000
|
trusted library allocation
|
page read and write
|
||
|
5EEB000
|
heap
|
page read and write
|
||
|
ACE000
|
heap
|
page read and write
|
||
|
30F7000
|
trusted library allocation
|
page read and write
|
||
|
6CE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F1E000
|
trusted library allocation
|
page read and write
|
There are 464 hidden memdumps, click here to show them.