Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
file.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_nslookup.exe_3c5336c3a91c2d57579c766c54c3ffcf93cb0a8_d8dedb28_c4ffb878-36ea-48a3-949b-383c3d1710f8\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_nslookup.exe_64fbbdcacf35376b87949de1959088ed3364abd_d8dedb28_066a074e-8a60-45db-8770-e67f5e74a0b0\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\383775\Fridge.pif
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
modified
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_bad_module_info_f5b4a6202a53ee73c263cc4c99e711b13cd935ac_85207d7d_5197b056-45af-426f-a652-3994f53f1be0\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER82F2.tmp.dmp
|
Mini DuMP crash report, 15 streams, Sat Sep 28 22:54:26 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER83DD.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER83FD.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9997.tmp.dmp
|
Mini DuMP crash report, 15 streams, Sat Sep 28 22:54:32 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9A63.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9A83.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA522.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA542.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\383775\C
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Depending
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Depression
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Did
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Gathering
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Interface
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Jacket
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Messenger
|
ASCII text, with very long lines (1111), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Messenger.bat (copy)
|
ASCII text, with very long lines (1111), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Populations
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Proposals
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\WERA511.tmp.WERDataCollectionStatus.txt
|
Unicode text, UTF-16, little-endian text, with CRLF, LF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Zip
|
data
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 17 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c move Messenger Messenger.bat & Messenger.bat
|
|
|
|
C:\Windows\SysWOW64\findstr.exe
|
findstr /I "wrsa opssvc"
|
|
|
|
C:\Windows\SysWOW64\findstr.exe
|
findstr /I "avastui avgui bdservicehost nswscsvc sophoshealth"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /c md 383775
|
|
|
|
C:\Windows\SysWOW64\findstr.exe
|
findstr /V "ManufacturedBuyingTouchSecond" Jacket
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /c copy /b ..\Interface + ..\Populations + ..\Gathering + ..\Did + ..\Depression + ..\Depending + ..\Proposals C
|
|
|
|
C:\Users\user\AppData\Local\Temp\383775\Fridge.pif
|
Fridge.pif C
|
|
|
|
C:\Windows\SysWOW64\nslookup.exe
|
C:\Windows\SysWOW64\nslookup.exe
|
|
|
|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\tasklist.exe
|
tasklist
|
||
|
C:\Windows\SysWOW64\tasklist.exe
|
tasklist
|
||
|
C:\Windows\SysWOW64\choice.exe
|
choice /d y /t 5
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 6200 -s 1608
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 6200 -s 1620
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 6200 -s 1608
|
There are 6 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
fragnantbui.shop
|
|
||
|
gutterydhowi.shop
|
|
||
|
offensivedzvju.shop
|
|
||
|
https://gutterydhowi.shop/api
|
172.67.132.32
|
|
|
|
drawzhotdog.shop
|
|
||
|
ghostreedmnu.shop
|
|
||
|
stogeneratmns.shop
|
|
||
|
reinforcenh.shop
|
|
||
|
vozmeatillu.shop
|
|
||
|
http://www.autoitscript.com/autoit3/J
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
https://gutterydhowi.shop/
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
https://www.autoitscript.com/autoit3/
|
unknown
|
||
|
https://gutterydhowi.shop/apiLD
|
unknown
|
||
|
https://gutterydhowi.shop/t
|
unknown
|
||
|
https://gutterydhowi.shop/api;
|
unknown
|
There are 7 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
gutterydhowi.shop
|
172.67.132.32
|
|
|
|
nrbDrRupdENT.nrbDrRupdENT
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.67.132.32
|
gutterydhowi.shop
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{640d53e8-e3c3-cdcb-9384-00210a455653}\Root\InventoryApplicationFile\nslookup.exe|3eeaeaa523b6285d
|
ProgramId
|
|
|
|
\REGISTRY\A\{640d53e8-e3c3-cdcb-9384-00210a455653}\Root\InventoryApplicationFile\nslookup.exe|3eeaeaa523b6285d
|
FileId
|
|
|
|
\REGISTRY\A\{640d53e8-e3c3-cdcb-9384-00210a455653}\Root\InventoryApplicationFile\nslookup.exe|3eeaeaa523b6285d
|
LowerCaseLongPath
|
|
|
|
\REGISTRY\A\{640d53e8-e3c3-cdcb-9384-00210a455653}\Root\InventoryApplicationFile\nslookup.exe|3eeaeaa523b6285d
|
LongPathHash
|
|
|
|
\REGISTRY\A\{640d53e8-e3c3-cdcb-9384-00210a455653}\Root\InventoryApplicationFile\nslookup.exe|3eeaeaa523b6285d
|
Name
|
|
|
|
\REGISTRY\A\{640d53e8-e3c3-cdcb-9384-00210a455653}\Root\InventoryApplicationFile\nslookup.exe|3eeaeaa523b6285d
|
OriginalFileName
|
|
|
|
\REGISTRY\A\{640d53e8-e3c3-cdcb-9384-00210a455653}\Root\InventoryApplicationFile\nslookup.exe|3eeaeaa523b6285d
|
Publisher
|
|
|
|
\REGISTRY\A\{640d53e8-e3c3-cdcb-9384-00210a455653}\Root\InventoryApplicationFile\nslookup.exe|3eeaeaa523b6285d
|
Version
|
|
|
|
\REGISTRY\A\{640d53e8-e3c3-cdcb-9384-00210a455653}\Root\InventoryApplicationFile\nslookup.exe|3eeaeaa523b6285d
|
BinFileVersion
|
|
|
|
\REGISTRY\A\{640d53e8-e3c3-cdcb-9384-00210a455653}\Root\InventoryApplicationFile\nslookup.exe|3eeaeaa523b6285d
|
BinaryType
|
|
|
|
\REGISTRY\A\{640d53e8-e3c3-cdcb-9384-00210a455653}\Root\InventoryApplicationFile\nslookup.exe|3eeaeaa523b6285d
|
ProductName
|
|
|
|
\REGISTRY\A\{640d53e8-e3c3-cdcb-9384-00210a455653}\Root\InventoryApplicationFile\nslookup.exe|3eeaeaa523b6285d
|
ProductVersion
|
|
|
|
\REGISTRY\A\{640d53e8-e3c3-cdcb-9384-00210a455653}\Root\InventoryApplicationFile\nslookup.exe|3eeaeaa523b6285d
|
LinkDate
|
|
|
|
\REGISTRY\A\{640d53e8-e3c3-cdcb-9384-00210a455653}\Root\InventoryApplicationFile\nslookup.exe|3eeaeaa523b6285d
|
BinProductVersion
|
|
|
|
\REGISTRY\A\{640d53e8-e3c3-cdcb-9384-00210a455653}\Root\InventoryApplicationFile\nslookup.exe|3eeaeaa523b6285d
|
AppxPackageFullName
|
|
|
|
\REGISTRY\A\{640d53e8-e3c3-cdcb-9384-00210a455653}\Root\InventoryApplicationFile\nslookup.exe|3eeaeaa523b6285d
|
AppxPackageRelativeId
|
|
|
|
\REGISTRY\A\{640d53e8-e3c3-cdcb-9384-00210a455653}\Root\InventoryApplicationFile\nslookup.exe|3eeaeaa523b6285d
|
Size
|
|
|
|
\REGISTRY\A\{640d53e8-e3c3-cdcb-9384-00210a455653}\Root\InventoryApplicationFile\nslookup.exe|3eeaeaa523b6285d
|
Language
|
|
|
|
\REGISTRY\A\{640d53e8-e3c3-cdcb-9384-00210a455653}\Root\InventoryApplicationFile\nslookup.exe|3eeaeaa523b6285d
|
IsOsComponent
|
|
|
|
\REGISTRY\A\{640d53e8-e3c3-cdcb-9384-00210a455653}\Root\InventoryApplicationFile\nslookup.exe|3eeaeaa523b6285d
|
Usn
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
|
0018C00B8F8B0D2B
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
ClockTimeSeconds
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
TickCount
|
There are 16 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2C60000
|
unkown
|
page execute and read and write
|
|
|
|
4954000
|
trusted library allocation
|
page read and write
|
||
|
CC6000
|
heap
|
page read and write
|
||
|
29A6000
|
heap
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
48B8000
|
trusted library allocation
|
page read and write
|
||
|
48B1000
|
trusted library allocation
|
page read and write
|
||
|
48B6000
|
trusted library allocation
|
page read and write
|
||
|
36AF000
|
heap
|
page read and write
|
||
|
593000
|
heap
|
page read and write
|
||
|
4973000
|
trusted library allocation
|
page read and write
|
||
|
4374000
|
trusted library allocation
|
page read and write
|
||
|
36A9000
|
heap
|
page read and write
|
||
|
5C3000
|
heap
|
page read and write
|
||
|
28CC000
|
heap
|
page read and write
|
||
|
5220000
|
heap
|
page read and write
|
||
|
363E000
|
stack
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
42B1000
|
trusted library allocation
|
page read and write
|
||
|
370000
|
heap
|
page read and write
|
||
|
5440000
|
heap
|
page read and write
|
||
|
48B4000
|
trusted library allocation
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
4786000
|
trusted library allocation
|
page read and write
|
||
|
48B7000
|
trusted library allocation
|
page read and write
|
||
|
36AF000
|
heap
|
page read and write
|
||
|
5BA000
|
heap
|
page read and write
|
||
|
5A3000
|
heap
|
page read and write
|
||
|
48B9000
|
trusted library allocation
|
page read and write
|
||
|
4954000
|
trusted library allocation
|
page read and write
|
||
|
2980000
|
heap
|
page read and write
|
||
|
593000
|
heap
|
page read and write
|
||
|
368B000
|
heap
|
page read and write
|
||
|
55E000
|
heap
|
page read and write
|
||
|
496C000
|
trusted library allocation
|
page read and write
|
||
|
376000
|
heap
|
page read and write
|
||
|
369C000
|
heap
|
page read and write
|
||
|
2983000
|
heap
|
page read and write
|
||
|
4983000
|
trusted library allocation
|
page read and write
|
||
|
48BA000
|
trusted library allocation
|
page read and write
|
||
|
49FD000
|
trusted library allocation
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
2B1E000
|
stack
|
page read and write
|
||
|
593000
|
heap
|
page read and write
|
||
|
3680000
|
heap
|
page read and write
|
||
|
369C000
|
heap
|
page read and write
|
||
|
297E000
|
heap
|
page read and write
|
||
|
5F3000
|
heap
|
page read and write
|
||
|
48BC000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
496C000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
368C000
|
stack
|
page read and write
|
||
|
48B4000
|
trusted library allocation
|
page read and write
|
||
|
3570000
|
heap
|
page read and write
|
||
|
2ADF000
|
stack
|
page read and write
|
||
|
44B1000
|
trusted library allocation
|
page read and write
|
||
|
4B1C000
|
unkown
|
page read and write
|
||
|
5A7000
|
heap
|
page read and write
|
||
|
48BB000
|
trusted library allocation
|
page read and write
|
||
|
225E000
|
stack
|
page read and write
|
||
|
367F000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
2E8E000
|
unkown
|
page read and write
|
||
|
364F000
|
stack
|
page read and write
|
||
|
29AC000
|
heap
|
page read and write
|
||
|
4986000
|
trusted library allocation
|
page read and write
|
||
|
369C000
|
heap
|
page read and write
|
||
|
390000
|
heap
|
page read and write
|
||
|
52AF000
|
unkown
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
4955000
|
trusted library allocation
|
page read and write
|
||
|
4959000
|
trusted library allocation
|
page read and write
|
||
|
298B000
|
heap
|
page read and write
|
||
|
48B0000
|
trusted library allocation
|
page read and write
|
||
|
28CE000
|
heap
|
page read and write
|
||
|
5A7000
|
heap
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
3683000
|
heap
|
page read and write
|
||
|
497F000
|
trusted library allocation
|
page read and write
|
||
|
48B8000
|
trusted library allocation
|
page read and write
|
||
|
48B7000
|
trusted library allocation
|
page read and write
|
||
|
5BE000
|
heap
|
page read and write
|
||
|
2E90000
|
unkown
|
page read and write
|
||
|
48B9000
|
trusted library allocation
|
page read and write
|
||
|
88F000
|
stack
|
page read and write
|
||
|
48B8000
|
trusted library allocation
|
page read and write
|
||
|
4981000
|
trusted library allocation
|
page read and write
|
||
|
44B1000
|
trusted library allocation
|
page read and write
|
||
|
4969000
|
trusted library allocation
|
page read and write
|
||
|
2B5F000
|
stack
|
page read and write
|
||
|
4946000
|
trusted library allocation
|
page read and write
|
||
|
AE4000
|
heap
|
page read and write
|
||
|
48BF000
|
trusted library allocation
|
page read and write
|
||
|
48B8000
|
trusted library allocation
|
page read and write
|
||
|
4764000
|
trusted library allocation
|
page read and write
|
||
|
48B4000
|
trusted library allocation
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
48B0000
|
trusted library allocation
|
page read and write
|
||
|
494F000
|
trusted library allocation
|
page read and write
|
||
|
53BF000
|
stack
|
page read and write
|
||
|
36AB000
|
heap
|
page read and write
|
||
|
498E000
|
trusted library allocation
|
page read and write
|
||
|
2C3B000
|
stack
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
E46000
|
unkown
|
page readonly
|
||
|
2CBE000
|
unkown
|
page execute and read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
5BE000
|
heap
|
page read and write
|
||
|
48B4000
|
trusted library allocation
|
page read and write
|
||
|
778000
|
heap
|
page read and write
|
||
|
3440000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
9CF000
|
stack
|
page read and write
|
||
|
257E000
|
stack
|
page read and write
|
||
|
48B6000
|
trusted library allocation
|
page read and write
|
||
|
2CE0000
|
unkown
|
page readonly
|
||
|
4983000
|
trusted library allocation
|
page read and write
|
||
|
5A7000
|
heap
|
page read and write
|
||
|
297F000
|
heap
|
page read and write
|
||
|
2960000
|
heap
|
page read and write
|
||
|
29AE000
|
heap
|
page read and write
|
||
|
2F5D000
|
heap
|
page read and write
|
||
|
53FE000
|
stack
|
page read and write
|
||
|
495C000
|
trusted library allocation
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
AE4000
|
heap
|
page read and write
|
||
|
4969000
|
trusted library allocation
|
page read and write
|
||
|
5BB000
|
heap
|
page read and write
|
||
|
5A3000
|
heap
|
page read and write
|
||
|
4955000
|
trusted library allocation
|
page read and write
|
||
|
4984000
|
trusted library allocation
|
page read and write
|
||
|
4A2D000
|
trusted library allocation
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
48BB000
|
trusted library allocation
|
page read and write
|
||
|
4A1B000
|
trusted library allocation
|
page read and write
|
||
|
36AD000
|
heap
|
page read and write
|
||
|
327C000
|
stack
|
page read and write
|
||
|
48BA000
|
trusted library allocation
|
page read and write
|
||
|
72F000
|
stack
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
4F4000
|
unkown
|
page readonly
|
||
|
35BE000
|
stack
|
page read and write
|
||
|
593000
|
heap
|
page read and write
|
||
|
4EE000
|
stack
|
page read and write
|
||
|
2F3A000
|
heap
|
page read and write
|
||
|
E59000
|
unkown
|
page readonly
|
||
|
3801000
|
heap
|
page read and write
|
||
|
5BE000
|
heap
|
page read and write
|
||
|
42B1000
|
trusted library allocation
|
page read and write
|
||
|
5C6000
|
heap
|
page read and write
|
||
|
48BF000
|
trusted library allocation
|
page read and write
|
||
|
2BE0000
|
heap
|
page read and write
|
||
|
48B7000
|
trusted library allocation
|
page read and write
|
||
|
4A47000
|
trusted library allocation
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
28CD000
|
heap
|
page read and write
|
||
|
369C000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
42B1000
|
trusted library allocation
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
2DC000
|
stack
|
page read and write
|
||
|
2210000
|
heap
|
page read and write
|
||
|
586000
|
heap
|
page read and write
|
||
|
48B7000
|
trusted library allocation
|
page read and write
|
||
|
4F4000
|
unkown
|
page readonly
|
||
|
51EE000
|
unkown
|
page read and write
|
||
|
368C000
|
heap
|
page read and write
|
||
|
2983000
|
heap
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
4959000
|
trusted library allocation
|
page read and write
|
||
|
48BF000
|
trusted library allocation
|
page read and write
|
||
|
48B5000
|
trusted library allocation
|
page read and write
|
||
|
458F000
|
trusted library allocation
|
page read and write
|
||
|
4977000
|
trusted library allocation
|
page read and write
|
||
|
4ADE000
|
unkown
|
page read and write
|
||
|
48B0000
|
trusted library allocation
|
page read and write
|
||
|
36A9000
|
heap
|
page read and write
|
||
|
496D000
|
trusted library allocation
|
page read and write
|
||
|
494F000
|
trusted library allocation
|
page read and write
|
||
|
48B0000
|
trusted library allocation
|
page read and write
|
||
|
48BA000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
22E0000
|
heap
|
page read and write
|
||
|
D40000
|
trusted library allocation
|
page read and write
|
||
|
48B8000
|
trusted library allocation
|
page read and write
|
||
|
5BE000
|
heap
|
page read and write
|
||
|
4967000
|
trusted library allocation
|
page read and write
|
||
|
48BE000
|
trusted library allocation
|
page read and write
|
||
|
593000
|
heap
|
page read and write
|
||
|
29A7000
|
heap
|
page read and write
|
||
|
367F000
|
heap
|
page read and write
|
||
|
44B1000
|
trusted library allocation
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
36A9000
|
heap
|
page read and write
|
||
|
526E000
|
unkown
|
page read and write
|
||
|
2CD0000
|
unkown
|
page readonly
|
||
|
59F000
|
heap
|
page read and write
|
||
|
4947000
|
trusted library allocation
|
page read and write
|
||
|
48BF000
|
trusted library allocation
|
page read and write
|
||
|
48B6000
|
trusted library allocation
|
page read and write
|
||
|
5A3000
|
heap
|
page read and write
|
||
|
4942000
|
trusted library allocation
|
page read and write
|
||
|
2983000
|
heap
|
page read and write
|
||
|
59F000
|
heap
|
page read and write
|
||
|
46D0000
|
heap
|
page read and write
|
||
|
34BF000
|
stack
|
page read and write
|
||
|
4975000
|
trusted library allocation
|
page read and write
|
||
|
494D000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
unkown
|
page readonly
|
||
|
46F0000
|
heap
|
page read and write
|
||
|
4A4D000
|
trusted library allocation
|
page read and write
|
||
|
498B000
|
trusted library allocation
|
page read and write
|
||
|
35C000
|
stack
|
page read and write
|
||
|
28CB000
|
heap
|
page read and write
|
||
|
48B9000
|
trusted library allocation
|
page read and write
|
||
|
4C1D000
|
unkown
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
42B1000
|
trusted library allocation
|
page read and write
|
||
|
36AD000
|
heap
|
page read and write
|
||
|
4AE000
|
stack
|
page read and write
|
||
|
495E000
|
trusted library allocation
|
page read and write
|
||
|
29A0000
|
heap
|
page read and write
|
||
|
2E20000
|
unkown
|
page read and write
|
||
|
299C000
|
heap
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
5A3000
|
heap
|
page read and write
|
||
|
4973000
|
trusted library allocation
|
page read and write
|
||
|
21EE000
|
stack
|
page read and write
|
||
|
D40000
|
trusted library allocation
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
50AF000
|
unkown
|
page read and write
|
||
|
36AF000
|
heap
|
page read and write
|
||
|
27BE000
|
stack
|
page read and write
|
||
|
36A9000
|
heap
|
page read and write
|
||
|
48B9000
|
trusted library allocation
|
page read and write
|
||
|
22C0000
|
heap
|
page read and write
|
||
|
33D8000
|
heap
|
page read and write
|
||
|
2190000
|
heap
|
page read and write
|
||
|
496E000
|
trusted library allocation
|
page read and write
|
||
|
2F08000
|
heap
|
page read and write
|
||
|
4940000
|
trusted library allocation
|
page read and write
|
||
|
2968000
|
heap
|
page read and write
|
||
|
D91000
|
unkown
|
page execute read
|
||
|
59F000
|
heap
|
page read and write
|
||
|
4FAE000
|
unkown
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
4953000
|
trusted library allocation
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
48B5000
|
trusted library allocation
|
page read and write
|
||
|
59F000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
48BD000
|
trusted library allocation
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
4950000
|
trusted library allocation
|
page read and write
|
||
|
4C20000
|
trusted library allocation
|
page read and write
|
||
|
5A7000
|
heap
|
page read and write
|
||
|
496C000
|
trusted library allocation
|
page read and write
|
||
|
4989000
|
trusted library allocation
|
page read and write
|
||
|
4958000
|
trusted library allocation
|
page read and write
|
||
|
5A7000
|
heap
|
page read and write
|
||
|
5F3000
|
heap
|
page read and write
|
||
|
497B000
|
trusted library allocation
|
page read and write
|
||
|
44B1000
|
trusted library allocation
|
page read and write
|
||
|
49FD000
|
trusted library allocation
|
page read and write
|
||
|
48BD000
|
trusted library allocation
|
page read and write
|
||
|
28BF000
|
stack
|
page read and write
|
||
|
31C000
|
stack
|
page read and write
|
||
|
4A2E000
|
trusted library allocation
|
page read and write
|
||
|
55A000
|
heap
|
page read and write
|
||
|
48B2000
|
trusted library allocation
|
page read and write
|
||
|
D90000
|
unkown
|
page readonly
|
||
|
4A26000
|
trusted library allocation
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
48B3000
|
trusted library allocation
|
page read and write
|
||
|
5C3000
|
heap
|
page read and write
|
||
|
4964000
|
trusted library allocation
|
page read and write
|
||
|
45AB000
|
trusted library allocation
|
page read and write
|
||
|
78E000
|
stack
|
page read and write
|
||
|
4A2C000
|
trusted library allocation
|
page read and write
|
||
|
4C1C000
|
stack
|
page read and write
|
||
|
299F000
|
heap
|
page read and write
|
||
|
59F000
|
heap
|
page read and write
|
||
|
2F4F000
|
heap
|
page read and write
|
||
|
48B0000
|
trusted library allocation
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
494D000
|
trusted library allocation
|
page read and write
|
||
|
3668000
|
heap
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
2370000
|
heap
|
page read and write
|
||
|
49DD000
|
unkown
|
page read and write
|
||
|
48BA000
|
trusted library allocation
|
page read and write
|
||
|
4972000
|
trusted library allocation
|
page read and write
|
||
|
48B9000
|
trusted library allocation
|
page read and write
|
||
|
297F000
|
heap
|
page read and write
|
||
|
40B000
|
unkown
|
page write copy
|
||
|
2B9E000
|
stack
|
page read and write
|
||
|
2F1C000
|
heap
|
page read and write
|
||
|
5C6000
|
heap
|
page read and write
|
||
|
48BB000
|
trusted library allocation
|
page read and write
|
||
|
48B1000
|
trusted library allocation
|
page read and write
|
||
|
E50000
|
unkown
|
page write copy
|
||
|
3801000
|
heap
|
page read and write
|
||
|
2A9E000
|
stack
|
page read and write
|
||
|
28C7000
|
heap
|
page read and write
|
||
|
48B4000
|
trusted library allocation
|
page read and write
|
||
|
593000
|
heap
|
page read and write
|
||
|
4960000
|
trusted library allocation
|
page read and write
|
||
|
48BA000
|
trusted library allocation
|
page read and write
|
||
|
543F000
|
stack
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
4950000
|
trusted library allocation
|
page read and write
|
||
|
1064000
|
heap
|
page read and write
|
||
|
36A8000
|
heap
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
48B1000
|
trusted library allocation
|
page read and write
|
||
|
5A7000
|
heap
|
page read and write
|
||
|
3683000
|
heap
|
page read and write
|
||
|
369C000
|
heap
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
593000
|
heap
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
4946000
|
trusted library allocation
|
page read and write
|
||
|
48BB000
|
trusted library allocation
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
4986000
|
trusted library allocation
|
page read and write
|
||
|
48B6000
|
trusted library allocation
|
page read and write
|
||
|
4A5F000
|
trusted library allocation
|
page read and write
|
||
|
5BE000
|
heap
|
page read and write
|
||
|
22F0000
|
heap
|
page read and write
|
||
|
237B000
|
heap
|
page read and write
|
||
|
354E000
|
stack
|
page read and write
|
||
|
48BF000
|
trusted library allocation
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
4981000
|
trusted library allocation
|
page read and write
|
||
|
497A000
|
trusted library allocation
|
page read and write
|
||
|
34FE000
|
stack
|
page read and write
|
||
|
29B0000
|
heap
|
page read and write
|
||
|
497E000
|
trusted library allocation
|
page read and write
|
||
|
299C000
|
heap
|
page read and write
|
||
|
48B0000
|
trusted library allocation
|
page read and write
|
||
|
4967000
|
trusted library allocation
|
page read and write
|
||
|
593000
|
heap
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
4971000
|
trusted library allocation
|
page read and write
|
||
|
49DE000
|
trusted library allocation
|
page read and write
|
||
|
28C7000
|
heap
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
5A3000
|
heap
|
page read and write
|
||
|
5A7000
|
heap
|
page read and write
|
||
|
343E000
|
stack
|
page read and write
|
||
|
2E7B000
|
heap
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
353E000
|
stack
|
page read and write
|
||
|
29AE000
|
heap
|
page read and write
|
||
|
59F000
|
heap
|
page read and write
|
||
|
4A0D000
|
trusted library allocation
|
page read and write
|
||
|
459C000
|
trusted library allocation
|
page read and write
|
||
|
48B0000
|
trusted library allocation
|
page read and write
|
||
|
32BC000
|
stack
|
page read and write
|
||
|
5470000
|
heap
|
page read and write
|
||
|
3470000
|
heap
|
page read and write
|
||
|
498E000
|
trusted library allocation
|
page read and write
|
||
|
3410000
|
heap
|
page read and write
|
||
|
3320000
|
heap
|
page read and write
|
||
|
59F000
|
heap
|
page read and write
|
||
|
5A3000
|
heap
|
page read and write
|
||
|
6EE000
|
stack
|
page read and write
|
||
|
5BE000
|
heap
|
page read and write
|
||
|
2BDF000
|
stack
|
page read and write
|
||
|
2214000
|
heap
|
page read and write
|
||
|
48B5000
|
trusted library allocation
|
page read and write
|
||
|
4986000
|
trusted library allocation
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
538000
|
unkown
|
page readonly
|
||
|
98000
|
stack
|
page read and write
|
||
|
2E40000
|
heap
|
page read and write
|
||
|
48B2000
|
trusted library allocation
|
page read and write
|
||
|
D40000
|
trusted library allocation
|
page read and write
|
||
|
28C6000
|
heap
|
page read and write
|
||
|
498E000
|
trusted library allocation
|
page read and write
|
||
|
E54000
|
unkown
|
page write copy
|
||
|
39C000
|
stack
|
page read and write
|
||
|
28C7000
|
heap
|
page read and write
|
||
|
25BF000
|
stack
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1053000
|
heap
|
page read and write
|
||
|
538000
|
unkown
|
page readonly
|
||
|
3476000
|
heap
|
page read and write
|
||
|
64E000
|
stack
|
page read and write
|
||
|
8CE000
|
stack
|
page read and write
|
||
|
29EB000
|
stack
|
page read and write
|
||
|
48B9000
|
trusted library allocation
|
page read and write
|
||
|
541E000
|
unkown
|
page read and write
|
||
|
48B8000
|
trusted library allocation
|
page read and write
|
||
|
48BA000
|
trusted library allocation
|
page read and write
|
||
|
3683000
|
heap
|
page read and write
|
||
|
4963000
|
trusted library allocation
|
page read and write
|
||
|
4961000
|
trusted library allocation
|
page read and write
|
||
|
3578000
|
heap
|
page read and write
|
||
|
28C4000
|
heap
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
4982000
|
trusted library allocation
|
page read and write
|
||
|
48BC000
|
trusted library allocation
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
2375000
|
heap
|
page read and write
|
||
|
48B2000
|
trusted library allocation
|
page read and write
|
||
|
5A3000
|
heap
|
page read and write
|
||
|
4968000
|
trusted library allocation
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
494D000
|
trusted library allocation
|
page read and write
|
||
|
498A000
|
trusted library allocation
|
page read and write
|
||
|
495C000
|
trusted library allocation
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
3660000
|
heap
|
page read and write
|
||
|
30FF000
|
unkown
|
page read and write
|
||
|
299C000
|
heap
|
page read and write
|
||
|
367F000
|
heap
|
page read and write
|
||
|
531D000
|
unkown
|
page read and write
|
||
|
4962000
|
trusted library allocation
|
page read and write
|
||
|
497F000
|
trusted library allocation
|
page read and write
|
||
|
4673000
|
trusted library allocation
|
page read and write
|
||
|
45A8000
|
trusted library allocation
|
page read and write
|
||
|
49E3000
|
trusted library allocation
|
page read and write
|
||
|
48BD000
|
trusted library allocation
|
page read and write
|
||
|
41F000
|
unkown
|
page read and write
|
||
|
44B1000
|
trusted library allocation
|
page read and write
|
||
|
299C000
|
heap
|
page read and write
|
||
|
48B3000
|
trusted library allocation
|
page read and write
|
||
|
2E1E000
|
unkown
|
page read and write
|
||
|
48B7000
|
trusted library allocation
|
page read and write
|
||
|
2CF0000
|
unkown
|
page readonly
|
||
|
5A3000
|
heap
|
page read and write
|
||
|
369C000
|
heap
|
page read and write
|
||
|
48B3000
|
trusted library allocation
|
page read and write
|
||
|
36A9000
|
heap
|
page read and write
|
||
|
4958000
|
trusted library allocation
|
page read and write
|
||
|
48B7000
|
trusted library allocation
|
page read and write
|
||
|
48B8000
|
trusted library allocation
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
5A3000
|
heap
|
page read and write
|
||
|
5A7000
|
heap
|
page read and write
|
||
|
2BE7000
|
heap
|
page read and write
|
||
|
28CA000
|
heap
|
page read and write
|
||
|
48B2000
|
trusted library allocation
|
page read and write
|
||
|
44B1000
|
trusted library allocation
|
page read and write
|
||
|
59F000
|
heap
|
page read and write
|
||
|
29AB000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
745000
|
heap
|
page read and write
|
||
|
2F2E000
|
heap
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
5A3000
|
heap
|
page read and write
|
||
|
297F000
|
heap
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
29AA000
|
heap
|
page read and write
|
||
|
4958000
|
trusted library allocation
|
page read and write
|
||
|
497F000
|
trusted library allocation
|
page read and write
|
||
|
31FE000
|
unkown
|
page read and write
|
||
|
495E000
|
trusted library allocation
|
page read and write
|
||
|
49DD000
|
trusted library allocation
|
page read and write
|
||
|
4940000
|
trusted library allocation
|
page read and write
|
||
|
4951000
|
trusted library allocation
|
page read and write
|
||
|
498E000
|
trusted library allocation
|
page read and write
|
||
|
5A7000
|
heap
|
page read and write
|
||
|
28CA000
|
heap
|
page read and write
|
||
|
68F000
|
stack
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
299C000
|
heap
|
page read and write
|
||
|
4962000
|
trusted library allocation
|
page read and write
|
||
|
59F000
|
heap
|
page read and write
|
||
|
5A7000
|
heap
|
page read and write
|
||
|
2F43000
|
heap
|
page read and write
|
||
|
4690000
|
trusted library allocation
|
page read and write
|
||
|
4973000
|
trusted library allocation
|
page read and write
|
||
|
48B5000
|
trusted library allocation
|
page read and write
|
||
|
40B000
|
unkown
|
page read and write
|
||
|
48B5000
|
trusted library allocation
|
page read and write
|
||
|
48BE000
|
trusted library allocation
|
page read and write
|
||
|
48B0000
|
trusted library allocation
|
page read and write
|
||
|
461000
|
unkown
|
page read and write
|
||
|
48B0000
|
trusted library allocation
|
page read and write
|
||
|
35FF000
|
stack
|
page read and write
|
||
|
497E000
|
trusted library allocation
|
page read and write
|
||
|
50ED000
|
unkown
|
page read and write
|
||
|
496C000
|
trusted library allocation
|
page read and write
|
||
|
2E45000
|
heap
|
page read and write
|
||
|
299C000
|
heap
|
page read and write
|
||
|
4A3E000
|
trusted library allocation
|
page read and write
|
||
|
48B5000
|
trusted library allocation
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
4958000
|
trusted library allocation
|
page read and write
|
||
|
2E31000
|
unkown
|
page readonly
|
||
|
48BD000
|
trusted library allocation
|
page read and write
|
There are 486 hidden memdumps, click here to show them.