Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Jeverly.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Jeverly.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RegAsm.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Jeverly.exe
|
"C:\Users\user\Desktop\Jeverly.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
185.196.9.26:6302
|
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Text
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/sct
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/sc/dk
|
unknown
|
||
|
http://tempuri.org/Entity/Id23ResponseD
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#HexBinary
|
unknown
|
||
|
http://tempuri.org/Entity/Id12Response
|
unknown
|
||
|
http://tempuri.org/
|
unknown
|
||
|
http://tempuri.org/Entity/Id2Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/dk/p_sha1
|
unknown
|
||
|
http://tempuri.org/Entity/Id21Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/2005/02/trust/spnego#GSS_Wrap
|
unknown
|
||
|
http://tempuri.org/Entity/Id9
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID
|
unknown
|
||
|
http://tempuri.org/Entity/Id8
|
unknown
|
||
|
http://tempuri.org/Entity/Id5
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Prepare
|
unknown
|
||
|
http://tempuri.org/Entity/Id4
|
unknown
|
||
|
http://tempuri.org/Entity/Id7
|
unknown
|
||
|
http://tempuri.org/Entity/Id6
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust#BinarySecret
|
unknown
|
||
|
http://tempuri.org/Entity/Id19Response
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-rel-token-profile-1.0.pdf#license
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Aborted
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/TerminateSequence
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/fault
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey
|
unknown
|
||
|
http://tempuri.org/Entity/Id15Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Renew
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/Register
|
unknown
|
||
|
http://tempuri.org/Entity/Id6Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/SymmetricKey
|
unknown
|
||
|
https://api.ip.sb/ip
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/sc
|
unknown
|
||
|
http://tempuri.org/Entity/Id1ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Volatile2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id9Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id20
|
unknown
|
||
|
http://tempuri.org/Entity/Id21
|
unknown
|
||
|
http://tempuri.org/Entity/Id22
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#Kerberosv5APREQSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id23
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/CK/PSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id24
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/Issue
|
unknown
|
||
|
http://tempuri.org/Entity/Id24Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id1Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/AckRequested
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/ReadOnly
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Replay
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Durable2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/SymmetricKey
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Completion
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust
|
unknown
|
||
|
http://tempuri.org/Entity/Id10
|
unknown
|
||
|
http://tempuri.org/Entity/Id11
|
unknown
|
||
|
http://tempuri.org/Entity/Id12
|
unknown
|
||
|
http://tempuri.org/Entity/Id16Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContextResponse
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id13
|
unknown
|
||
|
http://tempuri.org/Entity/Id14
|
unknown
|
||
|
http://tempuri.org/Entity/Id15
|
unknown
|
||
|
http://tempuri.org/Entity/Id16
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Nonce
|
unknown
|
||
|
http://tempuri.org/Entity/Id17
|
unknown
|
||
|
http://tempuri.org/Entity/Id18
|
unknown
|
||
|
http://tempuri.org/Entity/Id5Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id19
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dns
|
unknown
|
||
|
http://tempuri.org/Entity/Id10Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Renew
|
unknown
|
||
|
http://tempuri.org/Entity/Id8Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/PublicKey
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/SCT
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2006/02/addressingidentity
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/PublicKey
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKeySHA1
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Rollback
|
unknown
|
||
|
http://tempuri.org/Entity/Id3ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id23Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/SCT
|
unknown
|
||
|
http://tempuri.org/D
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/06/addressingex
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/Nonce
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/CreateSequenceResponse
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing/fault
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bg.microsoft.map.fastly.net
|
199.232.210.172
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.196.9.26
|
unknown
|
Switzerland
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2884000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
3985000
|
trusted library allocation
|
page read and write
|
|
|
|
39D0000
|
trusted library allocation
|
page read and write
|
||
|
3B9B000
|
trusted library allocation
|
page read and write
|
||
|
2D59000
|
trusted library allocation
|
page read and write
|
||
|
548E000
|
stack
|
page read and write
|
||
|
232000
|
unkown
|
page readonly
|
||
|
26D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
708D000
|
stack
|
page read and write
|
||
|
517E000
|
trusted library allocation
|
page read and write
|
||
|
4F86000
|
trusted library allocation
|
page read and write
|
||
|
3A7A000
|
trusted library allocation
|
page read and write
|
||
|
6B00000
|
trusted library allocation
|
page read and write
|
||
|
718E000
|
stack
|
page read and write
|
||
|
77E000
|
stack
|
page read and write
|
||
|
6B14000
|
trusted library allocation
|
page read and write
|
||
|
5B72000
|
heap
|
page read and write
|
||
|
51A0000
|
trusted library allocation
|
page read and write
|
||
|
390C000
|
trusted library allocation
|
page read and write
|
||
|
27F1000
|
trusted library allocation
|
page read and write
|
||
|
5400000
|
heap
|
page execute and read and write
|
||
|
29D8000
|
trusted library allocation
|
page read and write
|
||
|
698B000
|
heap
|
page read and write
|
||
|
5B03000
|
heap
|
page read and write
|
||
|
3BC8000
|
trusted library allocation
|
page read and write
|
||
|
3BC1000
|
trusted library allocation
|
page read and write
|
||
|
39B9000
|
trusted library allocation
|
page read and write
|
||
|
4F30000
|
trusted library allocation
|
page read and write
|
||
|
2C56000
|
trusted library allocation
|
page read and write
|
||
|
695F000
|
heap
|
page read and write
|
||
|
5B3C000
|
heap
|
page read and write
|
||
|
4E5D000
|
trusted library allocation
|
page read and write
|
||
|
2D30000
|
trusted library allocation
|
page read and write
|
||
|
391C000
|
trusted library allocation
|
page read and write
|
||
|
3B1B000
|
trusted library allocation
|
page read and write
|
||
|
3960000
|
trusted library allocation
|
page read and write
|
||
|
5B83000
|
heap
|
page read and write
|
||
|
47F8000
|
trusted library allocation
|
page read and write
|
||
|
89C000
|
heap
|
page read and write
|
||
|
6AE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
38D9000
|
trusted library allocation
|
page read and write
|
||
|
B90000
|
trusted library allocation
|
page read and write
|
||
|
4F81000
|
trusted library allocation
|
page read and write
|
||
|
4F23000
|
heap
|
page read and write
|
||
|
437000
|
remote allocation
|
page execute and read and write
|
||
|
86E000
|
stack
|
page read and write
|
||
|
54CE000
|
stack
|
page read and write
|
||
|
2D78000
|
trusted library allocation
|
page read and write
|
||
|
2970000
|
heap
|
page execute and read and write
|
||
|
2C37000
|
trusted library allocation
|
page read and write
|
||
|
878000
|
heap
|
page read and write
|
||
|
80B000
|
trusted library allocation
|
page execute and read and write
|
||
|
3B83000
|
trusted library allocation
|
page read and write
|
||
|
2D4C000
|
trusted library allocation
|
page read and write
|
||
|
4E62000
|
trusted library allocation
|
page read and write
|
||
|
700F000
|
stack
|
page read and write
|
||
|
EDF000
|
heap
|
page read and write
|
||
|
2982000
|
trusted library allocation
|
page read and write
|
||
|
2E03000
|
trusted library allocation
|
page read and write
|
||
|
544E000
|
stack
|
page read and write
|
||
|
6C1D000
|
stack
|
page read and write
|
||
|
67D0000
|
heap
|
page read and write
|
||
|
3B04000
|
trusted library allocation
|
page read and write
|
||
|
52C0000
|
trusted library allocation
|
page read and write
|
||
|
6B8A000
|
trusted library allocation
|
page read and write
|
||
|
3ADB000
|
trusted library allocation
|
page read and write
|
||
|
3AAB000
|
trusted library allocation
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
2BD9000
|
trusted library allocation
|
page read and write
|
||
|
6040000
|
trusted library allocation
|
page read and write
|
||
|
388C000
|
trusted library allocation
|
page read and write
|
||
|
2DA7000
|
trusted library allocation
|
page read and write
|
||
|
6B10000
|
trusted library allocation
|
page read and write
|
||
|
3B54000
|
trusted library allocation
|
page read and write
|
||
|
87E000
|
heap
|
page read and write
|
||
|
3883000
|
trusted library allocation
|
page read and write
|
||
|
2A76000
|
trusted library allocation
|
page read and write
|
||
|
2780000
|
heap
|
page read and write
|
||
|
6982000
|
heap
|
page read and write
|
||
|
5B10000
|
heap
|
page read and write
|
||
|
2BD2000
|
trusted library allocation
|
page read and write
|
||
|
C47000
|
trusted library allocation
|
page execute and read and write
|
||
|
3BD3000
|
trusted library allocation
|
page read and write
|
||
|
4E34000
|
trusted library allocation
|
page read and write
|
||
|
7FDB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
446000
|
remote allocation
|
page execute and read and write
|
||
|
3981000
|
trusted library allocation
|
page read and write
|
||
|
3B79000
|
trusted library allocation
|
page read and write
|
||
|
3B74000
|
trusted library allocation
|
page read and write
|
||
|
3A6B000
|
trusted library allocation
|
page read and write
|
||
|
2D97000
|
trusted library allocation
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
3B67000
|
trusted library allocation
|
page read and write
|
||
|
2A5E000
|
trusted library allocation
|
page read and write
|
||
|
2D41000
|
trusted library allocation
|
page read and write
|
||
|
29BC000
|
trusted library allocation
|
page read and write
|
||
|
E0F000
|
stack
|
page read and write
|
||
|
2D82000
|
trusted library allocation
|
page read and write
|
||
|
6B88000
|
trusted library allocation
|
page read and write
|
||
|
388F000
|
trusted library allocation
|
page read and write
|
||
|
2983000
|
trusted library allocation
|
page read and write
|
||
|
3A2B000
|
trusted library allocation
|
page read and write
|
||
|
2CEE000
|
trusted library allocation
|
page read and write
|
||
|
38C7000
|
trusted library allocation
|
page read and write
|
||
|
6B72000
|
trusted library allocation
|
page read and write
|
||
|
39B9000
|
trusted library allocation
|
page read and write
|
||
|
2AC8000
|
trusted library allocation
|
page read and write
|
||
|
C42000
|
trusted library allocation
|
page read and write
|
||
|
5C8F000
|
stack
|
page read and write
|
||
|
5161000
|
trusted library allocation
|
page read and write
|
||
|
3A51000
|
trusted library allocation
|
page read and write
|
||
|
6C70000
|
trusted library allocation
|
page read and write
|
||
|
69E7000
|
heap
|
page read and write
|
||
|
6C90000
|
trusted library allocation
|
page execute and read and write
|
||
|
5175000
|
trusted library allocation
|
page read and write
|
||
|
2D11000
|
trusted library allocation
|
page read and write
|
||
|
B3F000
|
stack
|
page read and write
|
||
|
4F50000
|
trusted library allocation
|
page read and write
|
||
|
7D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
AF7000
|
stack
|
page read and write
|
||
|
603E000
|
stack
|
page read and write
|
||
|
2ABC000
|
trusted library allocation
|
page read and write
|
||
|
3B61000
|
trusted library allocation
|
page read and write
|
||
|
5240000
|
trusted library allocation
|
page read and write
|
||
|
6B06000
|
trusted library allocation
|
page read and write
|
||
|
4E51000
|
trusted library allocation
|
page read and write
|
||
|
3B5A000
|
trusted library allocation
|
page read and write
|
||
|
68F0000
|
heap
|
page read and write
|
||
|
3946000
|
trusted library allocation
|
page read and write
|
||
|
2D04000
|
trusted library allocation
|
page read and write
|
||
|
C0E000
|
stack
|
page read and write
|
||
|
4E95000
|
trusted library allocation
|
page read and write
|
||
|
C10000
|
trusted library allocation
|
page read and write
|
||
|
2C0B000
|
trusted library allocation
|
page read and write
|
||
|
2978000
|
trusted library allocation
|
page read and write
|
||
|
3BE0000
|
trusted library allocation
|
page read and write
|
||
|
C4B000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F40000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B1C000
|
heap
|
page read and write
|
||
|
3924000
|
trusted library allocation
|
page read and write
|
||
|
6F8000
|
stack
|
page read and write
|
||
|
2D37000
|
trusted library allocation
|
page read and write
|
||
|
69B6000
|
heap
|
page read and write
|
||
|
5B15000
|
heap
|
page read and write
|
||
|
2C2A000
|
trusted library allocation
|
page read and write
|
||
|
C2A000
|
trusted library allocation
|
page execute and read and write
|
||
|
C22000
|
trusted library allocation
|
page read and write
|
||
|
3BB4000
|
trusted library allocation
|
page read and write
|
||
|
E0B000
|
heap
|
page read and write
|
||
|
68E0000
|
heap
|
page read and write
|
||
|
7F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CE5000
|
trusted library allocation
|
page read and write
|
||
|
6C60000
|
trusted library allocation
|
page read and write
|
||
|
3A41000
|
trusted library allocation
|
page read and write
|
||
|
3A62000
|
trusted library allocation
|
page read and write
|
||
|
2E0C000
|
trusted library allocation
|
page read and write
|
||
|
2CAD000
|
trusted library allocation
|
page read and write
|
||
|
5A94000
|
heap
|
page read and write
|
||
|
6B9F000
|
trusted library allocation
|
page read and write
|
||
|
EB9000
|
heap
|
page read and write
|
||
|
B80000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FC0000
|
trusted library allocation
|
page read and write
|
||
|
38BA000
|
trusted library allocation
|
page read and write
|
||
|
6BA0000
|
trusted library allocation
|
page read and write
|
||
|
6906000
|
heap
|
page read and write
|
||
|
3A35000
|
trusted library allocation
|
page read and write
|
||
|
69AC000
|
heap
|
page read and write
|
||
|
38AD000
|
trusted library allocation
|
page read and write
|
||
|
27EE000
|
stack
|
page read and write
|
||
|
5FEC000
|
stack
|
page read and write
|
||
|
3892000
|
trusted library allocation
|
page read and write
|
||
|
288E000
|
stack
|
page read and write
|
||
|
5180000
|
trusted library allocation
|
page read and write
|
||
|
6080000
|
trusted library allocation
|
page read and write
|
||
|
29C7000
|
trusted library allocation
|
page read and write
|
||
|
2C67000
|
trusted library allocation
|
page read and write
|
||
|
3AE6000
|
trusted library allocation
|
page read and write
|
||
|
73E000
|
stack
|
page read and write
|
||
|
39CA000
|
trusted library allocation
|
page read and write
|
||
|
7D4000
|
trusted library allocation
|
page read and write
|
||
|
38CE000
|
trusted library allocation
|
page read and write
|
||
|
C26000
|
trusted library allocation
|
page execute and read and write
|
||
|
52E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6BA2000
|
trusted library allocation
|
page read and write
|
||
|
4F20000
|
heap
|
page read and write
|
||
|
8B2000
|
heap
|
page read and write
|
||
|
389A000
|
trusted library allocation
|
page read and write
|
||
|
5D8F000
|
stack
|
page read and write
|
||
|
29CE000
|
trusted library allocation
|
page read and write
|
||
|
6085000
|
trusted library allocation
|
page read and write
|
||
|
6935000
|
heap
|
page read and write
|
||
|
2BDD000
|
trusted library allocation
|
page read and write
|
||
|
2C7E000
|
trusted library allocation
|
page read and write
|
||
|
2B0E000
|
trusted library allocation
|
page read and write
|
||
|
4F55000
|
trusted library allocation
|
page read and write
|
||
|
3AB8000
|
trusted library allocation
|
page read and write
|
||
|
7E4000
|
trusted library allocation
|
page read and write
|
||
|
2C1C000
|
trusted library allocation
|
page read and write
|
||
|
6B75000
|
trusted library allocation
|
page read and write
|
||
|
2E22000
|
trusted library allocation
|
page read and write
|
||
|
6070000
|
heap
|
page read and write
|
||
|
4EC0000
|
trusted library allocation
|
page read and write
|
||
|
2AB1000
|
trusted library allocation
|
page read and write
|
||
|
7D0000
|
trusted library allocation
|
page read and write
|
||
|
3B7F000
|
trusted library allocation
|
page read and write
|
||
|
4E30000
|
trusted library allocation
|
page read and write
|
||
|
5270000
|
trusted library allocation
|
page execute and read and write
|
||
|
3876000
|
trusted library allocation
|
page read and write
|
||
|
5AF2000
|
heap
|
page read and write
|
||
|
68D0000
|
heap
|
page read and write
|
||
|
3BDA000
|
trusted library allocation
|
page read and write
|
||
|
3A31000
|
trusted library allocation
|
page read and write
|
||
|
3ABF000
|
trusted library allocation
|
page read and write
|
||
|
3B0E000
|
trusted library allocation
|
page read and write
|
||
|
4E88000
|
trusted library allocation
|
page read and write
|
||
|
26E0000
|
heap
|
page read and write
|
||
|
6991000
|
heap
|
page read and write
|
||
|
3916000
|
trusted library allocation
|
page read and write
|
||
|
7E6000
|
heap
|
page read and write
|
||
|
39AC000
|
trusted library allocation
|
page read and write
|
||
|
38F5000
|
trusted library allocation
|
page read and write
|
||
|
3974000
|
trusted library allocation
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
7F4000
|
trusted library allocation
|
page read and write
|
||
|
39BC000
|
trusted library allocation
|
page read and write
|
||
|
C65000
|
heap
|
page read and write
|
||
|
2C4B000
|
trusted library allocation
|
page read and write
|
||
|
4F10000
|
heap
|
page execute and read and write
|
||
|
4F7B000
|
trusted library allocation
|
page read and write
|
||
|
5170000
|
trusted library allocation
|
page read and write
|
||
|
2AA7000
|
trusted library allocation
|
page read and write
|
||
|
3ACA000
|
trusted library allocation
|
page read and write
|
||
|
29D3000
|
trusted library allocation
|
page read and write
|
||
|
5B64000
|
heap
|
page read and write
|
||
|
498C000
|
stack
|
page read and write
|
||
|
29EF000
|
trusted library allocation
|
page read and write
|
||
|
3A67000
|
trusted library allocation
|
page read and write
|
||
|
C20000
|
trusted library allocation
|
page read and write
|
||
|
299D000
|
trusted library allocation
|
page read and write
|
||
|
2DA1000
|
trusted library allocation
|
page read and write
|
||
|
2AA0000
|
trusted library allocation
|
page read and write
|
||
|
2C72000
|
trusted library allocation
|
page read and write
|
||
|
399B000
|
trusted library allocation
|
page read and write
|
||
|
3AF5000
|
trusted library allocation
|
page read and write
|
||
|
392A000
|
trusted library allocation
|
page read and write
|
||
|
3BA7000
|
trusted library allocation
|
page read and write
|
||
|
7B0000
|
trusted library allocation
|
page read and write
|
||
|
517B000
|
trusted library allocation
|
page read and write
|
||
|
3A24000
|
trusted library allocation
|
page read and write
|
||
|
3A5E000
|
trusted library allocation
|
page read and write
|
||
|
C36000
|
heap
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
5B7E000
|
heap
|
page read and write
|
||
|
7970000
|
heap
|
page read and write
|
||
|
2AAC000
|
trusted library allocation
|
page read and write
|
||
|
7E0000
|
trusted library allocation
|
page read and write
|
||
|
2610000
|
trusted library allocation
|
page read and write
|
||
|
4F13000
|
heap
|
page execute and read and write
|
||
|
38E5000
|
trusted library allocation
|
page read and write
|
||
|
3DE000
|
stack
|
page read and write
|
||
|
2A1D000
|
trusted library allocation
|
page read and write
|
||
|
2D25000
|
trusted library allocation
|
page read and write
|
||
|
5260000
|
trusted library allocation
|
page read and write
|
||
|
5250000
|
trusted library allocation
|
page read and write
|
||
|
2912000
|
trusted library allocation
|
page read and write
|
||
|
C1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
E44000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
2B31000
|
trusted library allocation
|
page read and write
|
||
|
3833000
|
trusted library allocation
|
page read and write
|
||
|
4FA1000
|
trusted library allocation
|
page read and write
|
||
|
4F32000
|
trusted library allocation
|
page read and write
|
||
|
3BF0000
|
trusted library allocation
|
page read and write
|
||
|
5B6F000
|
heap
|
page read and write
|
||
|
4F9E000
|
trusted library allocation
|
page read and write
|
||
|
68F8000
|
heap
|
page read and write
|
||
|
2A8E000
|
trusted library allocation
|
page read and write
|
||
|
7F0000
|
trusted library allocation
|
page read and write
|
||
|
704E000
|
stack
|
page read and write
|
||
|
69C8000
|
heap
|
page read and write
|
||
|
5E8E000
|
stack
|
page read and write
|
||
|
6050000
|
heap
|
page read and write
|
||
|
2D80000
|
trusted library allocation
|
page read and write
|
||
|
3955000
|
trusted library allocation
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
4F92000
|
trusted library allocation
|
page read and write
|
||
|
6B95000
|
trusted library allocation
|
page read and write
|
||
|
5EE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C44000
|
trusted library allocation
|
page read and write
|
||
|
39B2000
|
trusted library allocation
|
page read and write
|
||
|
7E6000
|
trusted library allocation
|
page read and write
|
||
|
3913000
|
trusted library allocation
|
page read and write
|
||
|
51B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
EEA000
|
heap
|
page read and write
|
||
|
29E3000
|
trusted library allocation
|
page read and write
|
||
|
39C8000
|
trusted library allocation
|
page read and write
|
||
|
8A5000
|
heap
|
page read and write
|
||
|
3A0C000
|
trusted library allocation
|
page read and write
|
||
|
2BD6000
|
trusted library allocation
|
page read and write
|
||
|
2D6F000
|
trusted library allocation
|
page read and write
|
||
|
2BC7000
|
trusted library allocation
|
page read and write
|
||
|
2E16000
|
trusted library allocation
|
page read and write
|
||
|
39C2000
|
trusted library allocation
|
page read and write
|
||
|
3A70000
|
trusted library allocation
|
page read and write
|
||
|
C45000
|
trusted library allocation
|
page execute and read and write
|
||
|
EBE000
|
heap
|
page read and write
|
||
|
4FB0000
|
trusted library allocation
|
page read and write
|
||
|
EDC000
|
heap
|
page read and write
|
||
|
2B7A000
|
trusted library allocation
|
page read and write
|
||
|
4EA0000
|
trusted library allocation
|
page read and write
|
||
|
4D0E000
|
stack
|
page read and write
|
||
|
E37000
|
heap
|
page read and write
|
||
|
2A66000
|
trusted library allocation
|
page read and write
|
||
|
39E4000
|
trusted library allocation
|
page read and write
|
||
|
5B42000
|
heap
|
page read and write
|
||
|
694D000
|
heap
|
page read and write
|
||
|
6C5E000
|
stack
|
page read and write
|
||
|
3B70000
|
trusted library allocation
|
page read and write
|
||
|
5B8B000
|
heap
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
6B79000
|
trusted library allocation
|
page read and write
|
||
|
3A4B000
|
trusted library allocation
|
page read and write
|
||
|
6968000
|
heap
|
page read and write
|
||
|
380000
|
heap
|
page read and write
|
||
|
68E8000
|
heap
|
page read and write
|
||
|
260E000
|
stack
|
page read and write
|
||
|
392F000
|
trusted library allocation
|
page read and write
|
||
|
2D8B000
|
trusted library allocation
|
page read and write
|
||
|
5290000
|
trusted library allocation
|
page read and write
|
||
|
280000
|
unkown
|
page readonly
|
||
|
4E3B000
|
trusted library allocation
|
page read and write
|
||
|
2C2C000
|
trusted library allocation
|
page read and write
|
||
|
3B2E000
|
trusted library allocation
|
page read and write
|
||
|
3906000
|
trusted library allocation
|
page read and write
|
||
|
6CEE000
|
stack
|
page read and write
|
||
|
3B76000
|
trusted library allocation
|
page read and write
|
||
|
2C14000
|
trusted library allocation
|
page read and write
|
||
|
2BBE000
|
trusted library allocation
|
page read and write
|
||
|
26B0000
|
heap
|
page read and write
|
||
|
6CA0000
|
trusted library allocation
|
page read and write
|
||
|
68D3000
|
heap
|
page read and write
|
||
|
397F000
|
trusted library allocation
|
page read and write
|
||
|
54D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5280000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C5D000
|
trusted library allocation
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
3AD6000
|
trusted library allocation
|
page read and write
|
||
|
6BA5000
|
trusted library allocation
|
page read and write
|
||
|
3A92000
|
trusted library allocation
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
52B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
26AC000
|
stack
|
page read and write
|
||
|
2E2F000
|
trusted library allocation
|
page read and write
|
||
|
3AD1000
|
trusted library allocation
|
page read and write
|
||
|
6C80000
|
trusted library allocation
|
page execute and read and write
|
||
|
6947000
|
heap
|
page read and write
|
||
|
4E56000
|
trusted library allocation
|
page read and write
|
||
|
3A75000
|
trusted library allocation
|
page read and write
|
||
|
5A98000
|
heap
|
page read and write
|
||
|
230000
|
unkown
|
page readonly
|
||
|
29B5000
|
trusted library allocation
|
page read and write
|
||
|
26AE000
|
stack
|
page read and write
|
||
|
6973000
|
heap
|
page read and write
|
||
|
CCE000
|
stack
|
page read and write
|
||
|
6A40000
|
heap
|
page read and write
|
||
|
38EA000
|
trusted library allocation
|
page read and write
|
||
|
266E000
|
stack
|
page read and write
|
||
|
39C5000
|
trusted library allocation
|
page read and write
|
||
|
2A55000
|
trusted library allocation
|
page read and write
|
||
|
4F58000
|
trusted library allocation
|
page read and write
|
||
|
8B5000
|
heap
|
page read and write
|
||
|
B7E000
|
stack
|
page read and write
|
||
|
3886000
|
trusted library allocation
|
page read and write
|
||
|
2CF6000
|
trusted library allocation
|
page read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
51C0000
|
trusted library allocation
|
page read and write
|
||
|
299B000
|
trusted library allocation
|
page read and write
|
||
|
386F000
|
trusted library allocation
|
page read and write
|
||
|
391F000
|
trusted library allocation
|
page read and write
|
||
|
398B000
|
trusted library allocation
|
page read and write
|
||
|
3AF0000
|
trusted library allocation
|
page read and write
|
||
|
38E0000
|
trusted library allocation
|
page read and write
|
||
|
3B3A000
|
trusted library allocation
|
page read and write
|
||
|
696D000
|
heap
|
page read and write
|
||
|
2D3C000
|
trusted library allocation
|
page read and write
|
||
|
29A8000
|
trusted library allocation
|
page read and write
|
||
|
2E43000
|
trusted library allocation
|
page read and write
|
||
|
4FAA000
|
trusted library allocation
|
page read and write
|
||
|
3986000
|
trusted library allocation
|
page read and write
|
||
|
4F70000
|
trusted library allocation
|
page read and write
|
||
|
6BB0000
|
trusted library allocation
|
page read and write
|
||
|
4E80000
|
trusted library allocation
|
page read and write
|
||
|
298D000
|
trusted library allocation
|
page read and write
|
||
|
6B04000
|
trusted library allocation
|
page read and write
|
||
|
3A6D000
|
trusted library allocation
|
page read and write
|
||
|
2E4E000
|
trusted library allocation
|
page read and write
|
||
|
3894000
|
trusted library allocation
|
page read and write
|
||
|
5B28000
|
heap
|
page read and write
|
||
|
5A9E000
|
heap
|
page read and write
|
||
|
390000
|
heap
|
page read and write
|
||
|
5B54000
|
heap
|
page read and write
|
||
|
3BE4000
|
trusted library allocation
|
page read and write
|
||
|
31C000
|
stack
|
page read and write
|
||
|
70A000
|
stack
|
page read and write
|
||
|
2A81000
|
trusted library allocation
|
page read and write
|
||
|
2D9C000
|
trusted library allocation
|
page read and write
|
||
|
2A74000
|
trusted library allocation
|
page read and write
|
||
|
4E10000
|
trusted library allocation
|
page read and write
|
||
|
3B3F000
|
trusted library allocation
|
page read and write
|
||
|
2BC4000
|
trusted library allocation
|
page read and write
|
||
|
3A58000
|
trusted library allocation
|
page read and write
|
||
|
4E4E000
|
trusted library allocation
|
page read and write
|
||
|
2CF8000
|
trusted library allocation
|
page read and write
|
||
|
4F00000
|
heap
|
page read and write
|
||
|
39A5000
|
trusted library allocation
|
page read and write
|
||
|
51D0000
|
heap
|
page read and write
|
||
|
3B6B000
|
trusted library allocation
|
page read and write
|
||
|
5190000
|
trusted library allocation
|
page read and write
|
||
|
432000
|
remote allocation
|
page execute and read and write
|
||
|
37FF000
|
trusted library allocation
|
page read and write
|
||
|
6C7C000
|
trusted library allocation
|
page read and write
|
||
|
7FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
67CC000
|
stack
|
page read and write
|
||
|
3B23000
|
trusted library allocation
|
page read and write
|
||
|
68D6000
|
heap
|
page read and write
|
||
|
6D2E000
|
stack
|
page read and write
|
||
|
3B01000
|
trusted library allocation
|
page read and write
|
||
|
6B8F000
|
trusted library allocation
|
page read and write
|
||
|
2D1E000
|
trusted library allocation
|
page read and write
|
||
|
52D0000
|
trusted library allocation
|
page read and write
|
||
|
2A95000
|
trusted library allocation
|
page read and write
|
||
|
6921000
|
heap
|
page read and write
|
||
|
5B30000
|
heap
|
page read and write
|
||
|
3A9E000
|
trusted library allocation
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
4E0E000
|
stack
|
page read and write
|
||
|
692E000
|
heap
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
6B9A000
|
trusted library allocation
|
page read and write
|
||
|
38FF000
|
trusted library allocation
|
page read and write
|
||
|
2C62000
|
trusted library allocation
|
page read and write
|
||
|
52A0000
|
trusted library allocation
|
page read and write
|
||
|
7C5000
|
heap
|
page read and write
|
||
|
3B34000
|
trusted library allocation
|
page read and write
|
||
|
396D000
|
trusted library allocation
|
page read and write
|
||
|
3922000
|
trusted library allocation
|
page read and write
|
||
|
2620000
|
heap
|
page execute and read and write
|
||
|
2941000
|
trusted library allocation
|
page read and write
|
||
|
38A1000
|
trusted library allocation
|
page read and write
|
||
|
C40000
|
trusted library allocation
|
page read and write
|
||
|
5B21000
|
heap
|
page read and write
|
||
|
37F1000
|
trusted library allocation
|
page read and write
|
||
|
4F5A000
|
trusted library allocation
|
page read and write
|
||
|
3811000
|
trusted library allocation
|
page read and write
|
||
|
2E3C000
|
trusted library allocation
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
5ECC000
|
stack
|
page read and write
|
||
|
387C000
|
trusted library allocation
|
page read and write
|
||
|
4E70000
|
trusted library allocation
|
page read and write
|
||
|
2BCF000
|
trusted library allocation
|
page read and write
|
||
|
4E90000
|
trusted library allocation
|
page read and write
|
||
|
2981000
|
trusted library allocation
|
page execute and read and write
|
||
|
6B70000
|
trusted library allocation
|
page read and write
|
||
|
4E20000
|
trusted library allocation
|
page read and write
|
There are 456 hidden memdumps, click here to show them.