Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.Trojan.PackedNET.3065.20099.26130.exe
|
PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_EP144UTC55LADQ1M_566591d2b953a70a81c6aa39397b5bad4c56aed_37c5cacb_1b37c6ba-e108-4c33-a97e-31b9def44dae\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF267.tmp.dmp
|
Mini DuMP crash report, 16 streams, Fri Sep 27 15:37:00 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF3A1.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF3C1.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.Trojan.PackedNET.3065.20099.26130.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.PackedNET.3065.20099.26130.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\installutil.exe"
|
|
|
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 2544 -s 1060
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.ipify.org/
|
172.67.74.152
|
||
|
http://crl.sectigo.com/SectigoPublicTimeStampingRootR46.crl0
|
unknown
|
||
|
https://api.ipify.org
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
http://crt.sectigo.com/SectigoPublicTimeStampingCAR36.crt0#
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
http://mail.fasmacopy.gr
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://crl.sectigo.com/SectigoPublicTimeStampingCAR36.crl0z
|
unknown
|
||
|
http://crt.sectigo.com/SectigoPublicTimeStampingRootR46.p7c0#
|
unknown
|
There are 2 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mail.fasmacopy.gr
|
79.170.44.32
|
|
|
|
api.ipify.org
|
172.67.74.152
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
79.170.44.32
|
mail.fasmacopy.gr
|
United Kingdom
|
|
|
|
172.67.74.152
|
api.ipify.org
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASMANCS
|
FileDirectory
|
||
|
\REGISTRY\A\{3448366b-b704-20a4-b756-c2931955c2ed}\Root\InventoryApplicationFile\securiteinfo.com|b6ed9efea0c62786
|
ProgramId
|
||
|
\REGISTRY\A\{3448366b-b704-20a4-b756-c2931955c2ed}\Root\InventoryApplicationFile\securiteinfo.com|b6ed9efea0c62786
|
FileId
|
||
|
\REGISTRY\A\{3448366b-b704-20a4-b756-c2931955c2ed}\Root\InventoryApplicationFile\securiteinfo.com|b6ed9efea0c62786
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{3448366b-b704-20a4-b756-c2931955c2ed}\Root\InventoryApplicationFile\securiteinfo.com|b6ed9efea0c62786
|
LongPathHash
|
||
|
\REGISTRY\A\{3448366b-b704-20a4-b756-c2931955c2ed}\Root\InventoryApplicationFile\securiteinfo.com|b6ed9efea0c62786
|
Name
|
||
|
\REGISTRY\A\{3448366b-b704-20a4-b756-c2931955c2ed}\Root\InventoryApplicationFile\securiteinfo.com|b6ed9efea0c62786
|
OriginalFileName
|
||
|
\REGISTRY\A\{3448366b-b704-20a4-b756-c2931955c2ed}\Root\InventoryApplicationFile\securiteinfo.com|b6ed9efea0c62786
|
Publisher
|
||
|
\REGISTRY\A\{3448366b-b704-20a4-b756-c2931955c2ed}\Root\InventoryApplicationFile\securiteinfo.com|b6ed9efea0c62786
|
Version
|
||
|
\REGISTRY\A\{3448366b-b704-20a4-b756-c2931955c2ed}\Root\InventoryApplicationFile\securiteinfo.com|b6ed9efea0c62786
|
BinFileVersion
|
||
|
\REGISTRY\A\{3448366b-b704-20a4-b756-c2931955c2ed}\Root\InventoryApplicationFile\securiteinfo.com|b6ed9efea0c62786
|
BinaryType
|
||
|
\REGISTRY\A\{3448366b-b704-20a4-b756-c2931955c2ed}\Root\InventoryApplicationFile\securiteinfo.com|b6ed9efea0c62786
|
ProductName
|
||
|
\REGISTRY\A\{3448366b-b704-20a4-b756-c2931955c2ed}\Root\InventoryApplicationFile\securiteinfo.com|b6ed9efea0c62786
|
ProductVersion
|
||
|
\REGISTRY\A\{3448366b-b704-20a4-b756-c2931955c2ed}\Root\InventoryApplicationFile\securiteinfo.com|b6ed9efea0c62786
|
LinkDate
|
||
|
\REGISTRY\A\{3448366b-b704-20a4-b756-c2931955c2ed}\Root\InventoryApplicationFile\securiteinfo.com|b6ed9efea0c62786
|
BinProductVersion
|
||
|
\REGISTRY\A\{3448366b-b704-20a4-b756-c2931955c2ed}\Root\InventoryApplicationFile\securiteinfo.com|b6ed9efea0c62786
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{3448366b-b704-20a4-b756-c2931955c2ed}\Root\InventoryApplicationFile\securiteinfo.com|b6ed9efea0c62786
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{3448366b-b704-20a4-b756-c2931955c2ed}\Root\InventoryApplicationFile\securiteinfo.com|b6ed9efea0c62786
|
Size
|
||
|
\REGISTRY\A\{3448366b-b704-20a4-b756-c2931955c2ed}\Root\InventoryApplicationFile\securiteinfo.com|b6ed9efea0c62786
|
Language
|
||
|
\REGISTRY\A\{3448366b-b704-20a4-b756-c2931955c2ed}\Root\InventoryApplicationFile\securiteinfo.com|b6ed9efea0c62786
|
Usn
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
|
0018000DDABBE6B3
|
There are 28 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
309B000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
16BB0D09000
|
trusted library allocation
|
page read and write
|
|
|
|
16BA085E000
|
trusted library allocation
|
page read and write
|
|
|
|
67EE000
|
stack
|
page read and write
|
||
|
16B9E89B000
|
heap
|
page read and write
|
||
|
6E0E000
|
stack
|
page read and write
|
||
|
4337000
|
trusted library allocation
|
page read and write
|
||
|
6652000
|
heap
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
5600000
|
heap
|
page read and write
|
||
|
6B20000
|
trusted library allocation
|
page read and write
|
||
|
59EE000
|
stack
|
page read and write
|
||
|
3089000
|
trusted library allocation
|
page read and write
|
||
|
6FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
72F0000
|
trusted library allocation
|
page read and write
|
||
|
40D7000
|
trusted library allocation
|
page read and write
|
||
|
3492000
|
trusted library allocation
|
page read and write
|
||
|
41F7000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34740000
|
trusted library allocation
|
page read and write
|
||
|
A06C000
|
stack
|
page read and write
|
||
|
16BA04F0000
|
heap
|
page read and write
|
||
|
7FFD34584000
|
trusted library allocation
|
page read and write
|
||
|
16BA0501000
|
trusted library allocation
|
page read and write
|
||
|
16B9ECB0000
|
heap
|
page execute and read and write
|
||
|
A14C000
|
heap
|
page read and write
|
||
|
6C0C000
|
stack
|
page read and write
|
||
|
16BB8C50000
|
heap
|
page read and write
|
||
|
692E000
|
stack
|
page read and write
|
||
|
1226000
|
heap
|
page read and write
|
||
|
6A8E000
|
stack
|
page read and write
|
||
|
7FFD3458B000
|
trusted library allocation
|
page execute and read and write
|
||
|
9F6C000
|
stack
|
page read and write
|
||
|
7FFD34714000
|
trusted library allocation
|
page read and write
|
||
|
3274000
|
trusted library allocation
|
page read and write
|
||
|
639A000
|
heap
|
page read and write
|
||
|
5596000
|
trusted library allocation
|
page read and write
|
||
|
126C000
|
heap
|
page read and write
|
||
|
C5CE000
|
trusted library allocation
|
page read and write
|
||
|
558E000
|
trusted library allocation
|
page read and write
|
||
|
128A000
|
heap
|
page read and write
|
||
|
16BB8BC0000
|
trusted library section
|
page read and write
|
||
|
A113000
|
heap
|
page read and write
|
||
|
6C10000
|
trusted library allocation
|
page execute and read and write
|
||
|
9E2C000
|
stack
|
page read and write
|
||
|
6695000
|
heap
|
page read and write
|
||
|
7FFD34750000
|
trusted library allocation
|
page execute and read and write
|
||
|
12E9000
|
heap
|
page read and write
|
||
|
5B6B000
|
stack
|
page read and write
|
||
|
16CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34616000
|
trusted library allocation
|
page read and write
|
||
|
16BB1C86000
|
trusted library allocation
|
page read and write
|
||
|
35BB000
|
trusted library allocation
|
page read and write
|
||
|
32E5000
|
trusted library allocation
|
page read and write
|
||
|
6C20000
|
trusted library allocation
|
page read and write
|
||
|
6FD0000
|
heap
|
page read and write
|
||
|
3590000
|
trusted library allocation
|
page read and write
|
||
|
7FDA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
31E1000
|
trusted library allocation
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
16BB8530000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34760000
|
trusted library allocation
|
page read and write
|
||
|
16B9E860000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3457D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1694000
|
trusted library allocation
|
page read and write
|
||
|
65B0000
|
heap
|
page read and write
|
||
|
16BB0FF1000
|
trusted library allocation
|
page read and write
|
||
|
16C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
16BB107F000
|
trusted library allocation
|
page read and write
|
||
|
16A0000
|
trusted library allocation
|
page read and write
|
||
|
6BCE000
|
stack
|
page read and write
|
||
|
16B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
308B000
|
trusted library allocation
|
page read and write
|
||
|
5B80000
|
trusted library allocation
|
page read and write
|
||
|
16B9E937000
|
heap
|
page read and write
|
||
|
153B000
|
stack
|
page read and write
|
||
|
7FFD34572000
|
trusted library allocation
|
page read and write
|
||
|
6AA0000
|
trusted library allocation
|
page read and write
|
||
|
16C5000
|
trusted library allocation
|
page execute and read and write
|
||
|
578E000
|
stack
|
page read and write
|
||
|
66AD000
|
heap
|
page read and write
|
||
|
16BB0501000
|
trusted library allocation
|
page read and write
|
||
|
4277000
|
trusted library allocation
|
page read and write
|
||
|
65C1000
|
heap
|
page read and write
|
||
|
3F6F2FE000
|
stack
|
page read and write
|
||
|
6AB0000
|
trusted library allocation
|
page read and write
|
||
|
3225000
|
trusted library allocation
|
page read and write
|
||
|
16B9E939000
|
heap
|
page read and write
|
||
|
55A2000
|
trusted library allocation
|
page read and write
|
||
|
6AA8000
|
trusted library allocation
|
page read and write
|
||
|
16F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F6F3FE000
|
stack
|
page read and write
|
||
|
1707000
|
heap
|
page read and write
|
||
|
63DC000
|
stack
|
page read and write
|
||
|
16B9E610000
|
unkown
|
page readonly
|
||
|
16B9E8DC000
|
heap
|
page read and write
|
||
|
A189000
|
heap
|
page read and write
|
||
|
7FFD34719000
|
trusted library allocation
|
page read and write
|
||
|
A167000
|
heap
|
page read and write
|
||
|
57A0000
|
heap
|
page execute and read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
13FC000
|
stack
|
page read and write
|
||
|
A183000
|
heap
|
page read and write
|
||
|
16B9ECE0000
|
heap
|
page read and write
|
||
|
5620000
|
heap
|
page read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
7FFD34710000
|
trusted library allocation
|
page read and write
|
||
|
6B0D000
|
stack
|
page read and write
|
||
|
522D000
|
stack
|
page read and write
|
||
|
7FFD34620000
|
trusted library allocation
|
page execute and read and write
|
||
|
557B000
|
trusted library allocation
|
page read and write
|
||
|
16B9E7B0000
|
heap
|
page read and write
|
||
|
34B6000
|
trusted library allocation
|
page read and write
|
||
|
2EEE000
|
stack
|
page read and write
|
||
|
7FFD34680000
|
trusted library allocation
|
page execute and read and write
|
||
|
1700000
|
heap
|
page read and write
|
||
|
6E8B000
|
stack
|
page read and write
|
||
|
A118000
|
heap
|
page read and write
|
||
|
7FFD34570000
|
trusted library allocation
|
page read and write
|
||
|
33BB000
|
trusted library allocation
|
page read and write
|
||
|
16BB1540000
|
trusted library allocation
|
page read and write
|
||
|
55C0000
|
trusted library allocation
|
page read and write
|
||
|
C5C9000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
C5EC000
|
trusted library allocation
|
page read and write
|
||
|
66A4000
|
heap
|
page read and write
|
||
|
16B9EC60000
|
heap
|
page execute and read and write
|
||
|
663C000
|
heap
|
page read and write
|
||
|
7FFD34580000
|
trusted library allocation
|
page read and write
|
||
|
698E000
|
stack
|
page read and write
|
||
|
6FB0000
|
trusted library allocation
|
page read and write
|
||
|
3F6ECF3000
|
stack
|
page read and write
|
||
|
A131000
|
heap
|
page read and write
|
||
|
42B7000
|
trusted library allocation
|
page read and write
|
||
|
4377000
|
trusted library allocation
|
page read and write
|
||
|
16C2000
|
trusted library allocation
|
page read and write
|
||
|
169D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F6F1FD000
|
stack
|
page read and write
|
||
|
6370000
|
trusted library allocation
|
page read and write
|
||
|
41B7000
|
trusted library allocation
|
page read and write
|
||
|
11D5000
|
heap
|
page read and write
|
||
|
1680000
|
trusted library allocation
|
page read and write
|
||
|
3051000
|
trusted library allocation
|
page read and write
|
||
|
5604000
|
heap
|
page read and write
|
||
|
C5D8000
|
trusted library allocation
|
page read and write
|
||
|
3020000
|
trusted library allocation
|
page read and write
|
||
|
636D000
|
stack
|
page read and write
|
||
|
6659000
|
heap
|
page read and write
|
||
|
40B7000
|
trusted library allocation
|
page read and write
|
||
|
7FF4ABC20000
|
trusted library allocation
|
page execute and read and write
|
||
|
319E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34646000
|
trusted library allocation
|
page execute and read and write
|
||
|
16B9EC70000
|
heap
|
page read and write
|
||
|
A12D000
|
heap
|
page read and write
|
||
|
32B9000
|
trusted library allocation
|
page read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
5AEE000
|
stack
|
page read and write
|
||
|
354B000
|
trusted library allocation
|
page read and write
|
||
|
16B9E8DA000
|
heap
|
page read and write
|
||
|
C5D3000
|
trusted library allocation
|
page read and write
|
||
|
6390000
|
heap
|
page read and write
|
||
|
34FC000
|
trusted library allocation
|
page read and write
|
||
|
12C4000
|
heap
|
page read and write
|
||
|
4237000
|
trusted library allocation
|
page read and write
|
||
|
512C000
|
stack
|
page read and write
|
||
|
A0FC000
|
heap
|
page read and write
|
||
|
16B9E612000
|
unkown
|
page readonly
|
||
|
3F6F4FF000
|
stack
|
page read and write
|
||
|
6660000
|
heap
|
page read and write
|
||
|
42F7000
|
trusted library allocation
|
page read and write
|
||
|
6AC0000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
heap
|
page read and write
|
||
|
41D7000
|
trusted library allocation
|
page read and write
|
||
|
C5DD000
|
trusted library allocation
|
page read and write
|
||
|
16AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
33E3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34720000
|
trusted library allocation
|
page read and write
|
||
|
3309000
|
trusted library allocation
|
page read and write
|
||
|
143C000
|
unkown
|
page read and write
|
||
|
3F6EEFE000
|
stack
|
page read and write
|
||
|
6636000
|
heap
|
page read and write
|
||
|
3F6EFFE000
|
stack
|
page read and write
|
||
|
A0F0000
|
heap
|
page read and write
|
||
|
16B9EC20000
|
trusted library allocation
|
page read and write
|
||
|
4177000
|
trusted library allocation
|
page read and write
|
||
|
6E4E000
|
stack
|
page read and write
|
||
|
7FFD3473E000
|
trusted library allocation
|
page read and write
|
||
|
1693000
|
trusted library allocation
|
page execute and read and write
|
||
|
A122000
|
heap
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
16B9E8B3000
|
heap
|
page read and write
|
||
|
3040000
|
heap
|
page execute and read and write
|
||
|
2EF0000
|
heap
|
page read and write
|
||
|
3467000
|
trusted library allocation
|
page read and write
|
||
|
6B30000
|
trusted library allocation
|
page execute and read and write
|
||
|
4397000
|
trusted library allocation
|
page read and write
|
||
|
4197000
|
trusted library allocation
|
page read and write
|
||
|
4257000
|
trusted library allocation
|
page read and write
|
||
|
16BA0545000
|
trusted library allocation
|
page read and write
|
||
|
66ED000
|
stack
|
page read and write
|
||
|
72E0000
|
heap
|
page read and write
|
||
|
4051000
|
trusted library allocation
|
page read and write
|
||
|
3030000
|
trusted library allocation
|
page read and write
|
||
|
7FFD345BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B70000
|
heap
|
page read and write
|
||
|
6670000
|
heap
|
page read and write
|
||
|
3097000
|
trusted library allocation
|
page read and write
|
||
|
16B9E6D0000
|
heap
|
page read and write
|
||
|
16B9EB05000
|
heap
|
page read and write
|
||
|
6B16000
|
trusted library allocation
|
page read and write
|
||
|
668C000
|
heap
|
page read and write
|
||
|
7FFD3461C000
|
trusted library allocation
|
page execute and read and write
|
||
|
6B10000
|
trusted library allocation
|
page read and write
|
||
|
4297000
|
trusted library allocation
|
page read and write
|
||
|
2F10000
|
heap
|
page read and write
|
||
|
33DF000
|
trusted library allocation
|
page read and write
|
||
|
3F6F0FC000
|
stack
|
page read and write
|
||
|
A1A3000
|
heap
|
page read and write
|
||
|
4317000
|
trusted library allocation
|
page read and write
|
||
|
1234000
|
heap
|
page read and write
|
||
|
4117000
|
trusted library allocation
|
page read and write
|
||
|
574C000
|
stack
|
page read and write
|
||
|
105A000
|
stack
|
page read and write
|
||
|
C5E2000
|
trusted library allocation
|
page read and write
|
||
|
6F8C000
|
stack
|
page read and write
|
||
|
557E000
|
trusted library allocation
|
page read and write
|
||
|
16B9E87C000
|
heap
|
page read and write
|
||
|
16BB0507000
|
trusted library allocation
|
page read and write
|
||
|
16B9ECE5000
|
heap
|
page read and write
|
||
|
C5E7000
|
trusted library allocation
|
page read and write
|
||
|
9F2C000
|
stack
|
page read and write
|
||
|
16E0000
|
trusted library allocation
|
page read and write
|
||
|
314E000
|
trusted library allocation
|
page read and write
|
||
|
40F7000
|
trusted library allocation
|
page read and write
|
||
|
682E000
|
stack
|
page read and write
|
||
|
16B2000
|
trusted library allocation
|
page read and write
|
||
|
16B9EB00000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
11F8000
|
heap
|
page read and write
|
||
|
16C0000
|
trusted library allocation
|
page read and write
|
||
|
5BA0000
|
trusted library allocation
|
page read and write
|
||
|
59AE000
|
stack
|
page read and write
|
||
|
8200000
|
heap
|
page read and write
|
||
|
3527000
|
trusted library allocation
|
page read and write
|
||
|
16B9E965000
|
heap
|
page read and write
|
||
|
4137000
|
trusted library allocation
|
page read and write
|
||
|
16B9E7D0000
|
heap
|
page read and write
|
||
|
1158000
|
stack
|
page read and write
|
||
|
3082000
|
trusted library allocation
|
page read and write
|
||
|
5582000
|
trusted library allocation
|
page read and write
|
||
|
16B9E870000
|
heap
|
page read and write
|
||
|
7FFD34562000
|
trusted library allocation
|
page read and write
|
||
|
167B000
|
stack
|
page read and write
|
||
|
559D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34610000
|
trusted library allocation
|
page read and write
|
||
|
4079000
|
trusted library allocation
|
page read and write
|
||
|
4357000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34564000
|
trusted library allocation
|
page read and write
|
||
|
301F000
|
stack
|
page read and write
|
||
|
3107000
|
trusted library allocation
|
page read and write
|
||
|
4217000
|
trusted library allocation
|
page read and write
|
||
|
72BD000
|
stack
|
page read and write
|
||
|
1228000
|
heap
|
page read and write
|
||
|
42D7000
|
trusted library allocation
|
page read and write
|
||
|
C5BF000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34563000
|
trusted library allocation
|
page execute and read and write
|
||
|
7CF0000
|
trusted library allocation
|
page read and write
|
||
|
5570000
|
trusted library allocation
|
page read and write
|
||
|
16BB18E3000
|
trusted library allocation
|
page read and write
|
||
|
3109000
|
trusted library allocation
|
page read and write
|
||
|
5058000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34730000
|
trusted library allocation
|
page read and write
|
||
|
5BB0000
|
heap
|
page read and write
|
||
|
7FFD3458D000
|
trusted library allocation
|
page execute and read and write
|
||
|
16BA04F9000
|
heap
|
page read and write
|
||
|
7FFD34700000
|
trusted library allocation
|
page read and write
|
||
|
C5C4000
|
trusted library allocation
|
page read and write
|
||
|
6AC7000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34560000
|
trusted library allocation
|
page read and write
|
||
|
16B9E8E2000
|
heap
|
page read and write
|
||
|
16B9E8B0000
|
heap
|
page read and write
|
||
|
16B9E7F0000
|
heap
|
page read and write
|
||
|
6DCC000
|
stack
|
page read and write
|
||
|
16B9EC23000
|
trusted library allocation
|
page read and write
|
||
|
16BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F6EDFE000
|
stack
|
page read and write
|
||
|
1577000
|
heap
|
page read and write
|
||
|
6ABD000
|
trusted library allocation
|
page read and write
|
||
|
5610000
|
heap
|
page read and write
|
||
|
4157000
|
trusted library allocation
|
page read and write
|
||
|
338F000
|
trusted library allocation
|
page read and write
|
||
|
81F0000
|
heap
|
page read and write
|
||
|
A159000
|
heap
|
page read and write
|
||
|
7FFD3456D000
|
trusted library allocation
|
page execute and read and write
|
||
|
58AC000
|
stack
|
page read and write
|
||
|
5591000
|
trusted library allocation
|
page read and write
|
||
|
16B9E840000
|
trusted library allocation
|
page read and write
|
||
|
A1F4000
|
heap
|
page read and write
|
There are 288 hidden memdumps, click here to show them.