Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
file.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_fil_ccc1499d82c3e9f50af50449f33cd95c7475ef4_d75f6fa5_4a6e13e4-4fef-4bbb-a02c-ad0174be252a\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_fil_ccc1499d82c3e9f50af50449f33cd95c7475ef4_d75f6fa5_5050f8e1-bcce-43f1-99c7-0a844c8f0f94\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERAF9E.tmp.dmp
|
Mini DuMP crash report, 14 streams, Sat Sep 28 23:03:11 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERAFAD.tmp.dmp
|
Mini DuMP crash report, 14 streams, Sat Sep 28 23:03:11 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB06A.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB099.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB0C9.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB0D8.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\file.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\file.dll",#1
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\file.dll,?addCallback@AsyncThread@FMOD@@QEAA?AW4FMOD_RESULT@@P6A?AW43@H@Z@Z
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",#1
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 7556 -s 396
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 7572 -s 404
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\file.dll,?addDSP@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@HPEAVDSP@2@@Z
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\file.dll,?addFadePoint@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@_KM@Z
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",?addCallback@AsyncThread@FMOD@@QEAA?AW4FMOD_RESULT@@P6A?AW43@H@Z@Z
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",?addDSP@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@HPEAVDSP@2@@Z
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",?addFadePoint@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@_KM@Z
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",FMOD_System_Update
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",FMOD_System_UnlockDSP
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",FMOD_System_UnloadPlugin
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",FMOD_System_SetUserData
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",FMOD_System_SetStreamBufferSize
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",FMOD_System_SetSpeakerPosition
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",FMOD_System_SetSoftwareFormat
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",FMOD_System_SetSoftwareChannels
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",FMOD_System_SetReverbProperties
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",FMOD_System_SetPluginPath
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",FMOD_System_SetOutputByPlugin
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",FMOD_System_SetOutput
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",FMOD_System_SetNetworkTimeout
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",FMOD_System_SetNetworkProxy
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",FMOD_System_SetGeometrySettings
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",FMOD_System_SetFileSystem
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",FMOD_System_SetDriver
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",FMOD_System_SetDSPBufferSize
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",FMOD_System_SetCallback
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",FMOD_System_SetAdvancedSettings
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",FMOD_System_Set3DSettings
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",FMOD_System_Set3DRolloffCallback
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",FMOD_System_Set3DNumListeners
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",FMOD_System_Set3DListenerAttributes
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",FMOD_System_Release
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",FMOD_System_RegisterOutput
|
There are 28 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://upx.sf.net
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
15.164.165.52.in-addr.arpa
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{6fe2ce9a-e3ee-617a-7db3-1917426438df}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProgramId
|
||
|
\REGISTRY\A\{6fe2ce9a-e3ee-617a-7db3-1917426438df}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
FileId
|
||
|
\REGISTRY\A\{6fe2ce9a-e3ee-617a-7db3-1917426438df}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{6fe2ce9a-e3ee-617a-7db3-1917426438df}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LongPathHash
|
||
|
\REGISTRY\A\{6fe2ce9a-e3ee-617a-7db3-1917426438df}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Name
|
||
|
\REGISTRY\A\{6fe2ce9a-e3ee-617a-7db3-1917426438df}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
OriginalFileName
|
||
|
\REGISTRY\A\{6fe2ce9a-e3ee-617a-7db3-1917426438df}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Publisher
|
||
|
\REGISTRY\A\{6fe2ce9a-e3ee-617a-7db3-1917426438df}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Version
|
||
|
\REGISTRY\A\{6fe2ce9a-e3ee-617a-7db3-1917426438df}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinFileVersion
|
||
|
\REGISTRY\A\{6fe2ce9a-e3ee-617a-7db3-1917426438df}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinaryType
|
||
|
\REGISTRY\A\{6fe2ce9a-e3ee-617a-7db3-1917426438df}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductName
|
||
|
\REGISTRY\A\{6fe2ce9a-e3ee-617a-7db3-1917426438df}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductVersion
|
||
|
\REGISTRY\A\{6fe2ce9a-e3ee-617a-7db3-1917426438df}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LinkDate
|
||
|
\REGISTRY\A\{6fe2ce9a-e3ee-617a-7db3-1917426438df}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinProductVersion
|
||
|
\REGISTRY\A\{6fe2ce9a-e3ee-617a-7db3-1917426438df}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{6fe2ce9a-e3ee-617a-7db3-1917426438df}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{6fe2ce9a-e3ee-617a-7db3-1917426438df}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Size
|
||
|
\REGISTRY\A\{6fe2ce9a-e3ee-617a-7db3-1917426438df}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Language
|
||
|
\REGISTRY\A\{6fe2ce9a-e3ee-617a-7db3-1917426438df}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsOsComponent
|
||
|
\REGISTRY\A\{6fe2ce9a-e3ee-617a-7db3-1917426438df}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Usn
|
There are 10 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1C8BE748000
|
heap
|
page read and write
|
||
|
20657E7C000
|
heap
|
page read and write
|
||
|
18A58860000
|
heap
|
page read and write
|
||
|
21C49780000
|
heap
|
page read and write
|
||
|
216115E0000
|
heap
|
page read and write
|
||
|
251D48C0000
|
heap
|
page read and write
|
||
|
1D991A88000
|
heap
|
page read and write
|
||
|
2385D630000
|
heap
|
page read and write
|
||
|
D2369CF000
|
stack
|
page read and write
|
||
|
FA6A5BC000
|
stack
|
page read and write
|
||
|
7D4895C000
|
stack
|
page read and write
|
||
|
274D1B70000
|
heap
|
page read and write
|
||
|
2909E7F5000
|
heap
|
page read and write
|
||
|
D44807F000
|
stack
|
page read and write
|
||
|
1513EC40000
|
heap
|
page read and write
|
||
|
296323D0000
|
heap
|
page read and write
|
||
|
2AB651A1000
|
heap
|
page read and write
|
||
|
1DDD2F20000
|
heap
|
page read and write
|
||
|
268E9B10000
|
heap
|
page read and write
|
||
|
D1106FE000
|
stack
|
page read and write
|
||
|
20657F80000
|
heap
|
page read and write
|
||
|
D5110AC000
|
stack
|
page read and write
|
||
|
21C49950000
|
heap
|
page read and write
|
||
|
17DDA635000
|
heap
|
page read and write
|
||
|
26854D60000
|
heap
|
page read and write
|
||
|
2385D340000
|
heap
|
page read and write
|
||
|
7975EEC000
|
stack
|
page read and write
|
||
|
AEF447D000
|
stack
|
page read and write
|
||
|
274D1CE8000
|
heap
|
page read and write
|
||
|
268E9A10000
|
heap
|
page read and write
|
||
|
26584CA0000
|
heap
|
page read and write
|
||
|
24C1EC70000
|
heap
|
page read and write
|
||
|
777038F000
|
stack
|
page read and write
|
||
|
89DE88C000
|
stack
|
page read and write
|
||
|
DAC94FC000
|
stack
|
page read and write
|
||
|
1DD8D110000
|
heap
|
page read and write
|
||
|
17DDA420000
|
heap
|
page read and write
|
||
|
21514310000
|
heap
|
page read and write
|
||
|
7D48C7F000
|
stack
|
page read and write
|
||
|
1D7D1BD0000
|
heap
|
page read and write
|
||
|
7FFDFB6B1000
|
unkown
|
page execute read
|
||
|
26148980000
|
heap
|
page read and write
|
||
|
209FB220000
|
heap
|
page read and write
|
||
|
FA6A87F000
|
stack
|
page read and write
|
||
|
262F9DA8000
|
heap
|
page read and write
|
||
|
BE6BEF000
|
stack
|
page read and write
|
||
|
209FAF88000
|
heap
|
page read and write
|
||
|
1D7D03F0000
|
heap
|
page read and write
|
||
|
23AD91B0000
|
heap
|
page read and write
|
||
|
8B0327E000
|
stack
|
page read and write
|
||
|
D447DFC000
|
stack
|
page read and write
|
||
|
7FFDFB6B0000
|
unkown
|
page readonly
|
||
|
16AC6FF000
|
stack
|
page read and write
|
||
|
24E558A0000
|
heap
|
page read and write
|
||
|
21C49750000
|
heap
|
page read and write
|
||
|
1C8BEA80000
|
heap
|
page read and write
|
||
|
18A58660000
|
heap
|
page read and write
|
||
|
268E9AF0000
|
heap
|
page read and write
|
||
|
216116C0000
|
heap
|
page read and write
|
||
|
18A58670000
|
heap
|
page read and write
|
||
|
9AA42FF000
|
stack
|
page read and write
|
||
|
268E9ED5000
|
heap
|
page read and write
|
||
|
96E20FF000
|
stack
|
page read and write
|
||
|
274D1C70000
|
heap
|
page read and write
|
||
|
2385D3D8000
|
heap
|
page read and write
|
||
|
262F9DA0000
|
heap
|
page read and write
|
||
|
E7D647C000
|
stack
|
page read and write
|
||
|
7A552CC000
|
stack
|
page read and write
|
||
|
18A58840000
|
heap
|
page read and write
|
||
|
296323F8000
|
heap
|
page read and write
|
||
|
1C311EF0000
|
heap
|
page read and write
|
||
|
7FFDFB7E0000
|
unkown
|
page readonly
|
||
|
251D2DB0000
|
heap
|
page read and write
|
||
|
23AD9390000
|
heap
|
page read and write
|
||
|
1C8BE920000
|
heap
|
page read and write
|
||
|
26148BF0000
|
heap
|
page read and write
|
||
|
251D2FF0000
|
heap
|
page read and write
|
||
|
262F9D70000
|
heap
|
page read and write
|
||
|
209FAF80000
|
heap
|
page read and write
|
||
|
7FFDFB88C000
|
unkown
|
page read and write
|
||
|
261488F0000
|
heap
|
page read and write
|
||
|
209FB225000
|
heap
|
page read and write
|
||
|
BE6AEC000
|
stack
|
page read and write
|
||
|
7FFDFB887000
|
unkown
|
page read and write
|
||
|
7FFDFB83A000
|
unkown
|
page write copy
|
||
|
20BCB490000
|
heap
|
page read and write
|
||
|
1C8C0320000
|
heap
|
page read and write
|
||
|
23ADAE80000
|
heap
|
page read and write
|
||
|
274D1F00000
|
heap
|
page read and write
|
||
|
18A58678000
|
heap
|
page read and write
|
||
|
24E53FD5000
|
heap
|
page read and write
|
||
|
21513FE0000
|
heap
|
page read and write
|
||
|
1EF159C0000
|
heap
|
page read and write
|
||
|
7FFDFB887000
|
unkown
|
page read and write
|
||
|
9AA427C000
|
stack
|
page read and write
|
||
|
2AB65485000
|
heap
|
page read and write
|
||
|
1513EC30000
|
heap
|
page read and write
|
||
|
216131F0000
|
heap
|
page read and write
|
||
|
21C499B0000
|
heap
|
page read and write
|
||
|
CC8832C000
|
stack
|
page read and write
|
||
|
7FFDFB83A000
|
unkown
|
page write copy
|
||
|
2385D370000
|
heap
|
page read and write
|
||
|
268532B0000
|
heap
|
page read and write
|
||
|
20BCB390000
|
heap
|
page read and write
|
||
|
21514315000
|
heap
|
page read and write
|
||
|
274D1CE0000
|
heap
|
page read and write
|
||
|
262F9D80000
|
heap
|
page read and write
|
||
|
3760BFF000
|
stack
|
page read and write
|
||
|
1C311DF0000
|
heap
|
page read and write
|
||
|
24C1D2F0000
|
heap
|
page read and write
|
||
|
7A5534F000
|
stack
|
page read and write
|
||
|
17DDA610000
|
heap
|
page read and write
|
||
|
1DDD2AB0000
|
heap
|
page read and write
|
||
|
2909E7D0000
|
heap
|
page read and write
|
||
|
248AE860000
|
heap
|
page read and write
|
||
|
1513EC88000
|
heap
|
page read and write
|
||
|
26148BF5000
|
heap
|
page read and write
|
||
|
1D7D0270000
|
heap
|
page read and write
|
||
|
1C8BE740000
|
heap
|
page read and write
|
||
|
1A3FA370000
|
heap
|
page read and write
|
||
|
70D3A7F000
|
stack
|
page read and write
|
||
|
1C3137B0000
|
heap
|
page read and write
|
||
|
77B594C000
|
stack
|
page read and write
|
||
|
24E53DC0000
|
heap
|
page read and write
|
||
|
23AD9510000
|
heap
|
page read and write
|
||
|
1DDD2F25000
|
heap
|
page read and write
|
||
|
1A3F89F8000
|
heap
|
page read and write
|
||
|
21C49788000
|
heap
|
page read and write
|
||
|
7FFDFB88C000
|
unkown
|
page read and write
|
||
|
A63447F000
|
stack
|
page read and write
|
||
|
251D2FF5000
|
heap
|
page read and write
|
||
|
1513EC60000
|
heap
|
page read and write
|
||
|
8F6D73C000
|
stack
|
page read and write
|
||
|
A6341FC000
|
stack
|
page read and write
|
||
|
1F70A7F000
|
stack
|
page read and write
|
||
|
1DD8D130000
|
heap
|
page read and write
|
||
|
9447AAC000
|
stack
|
page read and write
|
||
|
2AB65480000
|
heap
|
page read and write
|
||
|
226A9788000
|
heap
|
page read and write
|
||
|
226A9720000
|
heap
|
page read and write
|
||
|
2385D3D0000
|
heap
|
page read and write
|
||
|
70D37EC000
|
stack
|
page read and write
|
||
|
268531B0000
|
heap
|
page read and write
|
||
|
251D2F90000
|
heap
|
page read and write
|
||
|
7FFDFB83A000
|
unkown
|
page write copy
|
||
|
1A3F8810000
|
heap
|
page read and write
|
||
|
1513EFC5000
|
heap
|
page read and write
|
||
|
17DDA410000
|
heap
|
page read and write
|
||
|
B1EDD7F000
|
stack
|
page read and write
|
||
|
E7D64FF000
|
stack
|
page read and write
|
||
|
1A3F8910000
|
heap
|
page read and write
|
||
|
B1EDCFE000
|
stack
|
page read and write
|
||
|
7FFDFB88F000
|
unkown
|
page readonly
|
||
|
1EF159FE000
|
heap
|
page read and write
|
||
|
26584930000
|
heap
|
page read and write
|
||
|
24C1D335000
|
heap
|
page read and write
|
||
|
89DE98F000
|
stack
|
page read and write
|
||
|
21C497A1000
|
heap
|
page read and write
|
||
|
21513EE0000
|
heap
|
page read and write
|
||
|
1C311CD8000
|
heap
|
page read and write
|
||
|
21611770000
|
heap
|
page read and write
|
||
|
96E1DCC000
|
stack
|
page read and write
|
||
|
24C1D0E0000
|
heap
|
page read and write
|
||
|
2AB65188000
|
heap
|
page read and write
|
||
|
1D9919C0000
|
heap
|
page read and write
|
||
|
209FAF00000
|
heap
|
page read and write
|
||
|
2385D600000
|
heap
|
page read and write
|
||
|
4063F7F000
|
stack
|
page read and write
|
||
|
20C24A60000
|
heap
|
page read and write
|
||
|
26584950000
|
heap
|
page read and write
|
||
|
7FFDFB84A000
|
unkown
|
page write copy
|
||
|
1D7D0170000
|
heap
|
page read and write
|
||
|
2385D350000
|
heap
|
page read and write
|
||
|
1D991A80000
|
heap
|
page read and write
|
||
|
226A9700000
|
heap
|
page read and write
|
||
|
20BCB4E0000
|
heap
|
page read and write
|
||
|
1C8BEA85000
|
heap
|
page read and write
|
||
|
BB8397E000
|
stack
|
page read and write
|
||
|
261489D8000
|
heap
|
page read and write
|
||
|
248AE960000
|
heap
|
page read and write
|
||
|
4063E7C000
|
stack
|
page read and write
|
||
|
7FFDFB848000
|
unkown
|
page read and write
|
||
|
7FFDFB88F000
|
unkown
|
page readonly
|
||
|
15140940000
|
heap
|
page read and write
|
||
|
70D3AFF000
|
stack
|
page read and write
|
||
|
226A9A35000
|
heap
|
page read and write
|
||
|
248AE980000
|
heap
|
page read and write
|
||
|
2AB66AE0000
|
heap
|
page read and write
|
||
|
262F9FB5000
|
heap
|
page read and write
|
||
|
DAC95FF000
|
stack
|
page read and write
|
||
|
A6344FF000
|
stack
|
page read and write
|
||
|
16AC67D000
|
stack
|
page read and write
|
||
|
D236C7F000
|
stack
|
page read and write
|
||
|
1EF15A10000
|
heap
|
page read and write
|
||
|
20C24B50000
|
heap
|
page read and write
|
||
|
296323F0000
|
heap
|
page read and write
|
||
|
1DDD4610000
|
heap
|
page read and write
|
||
|
7D489DF000
|
stack
|
page read and write
|
||
|
7FFDFB88F000
|
unkown
|
page readonly
|
||
|
26584CA5000
|
heap
|
page read and write
|
||
|
248AEBB0000
|
heap
|
page read and write
|
||
|
21515A60000
|
heap
|
page read and write
|
||
|
8B02FDD000
|
stack
|
page read and write
|
||
|
268E9BF0000
|
heap
|
page read and write
|
||
|
1D7D03F5000
|
heap
|
page read and write
|
||
|
1DD8D030000
|
heap
|
page read and write
|
||
|
1D9918A0000
|
heap
|
page read and write
|
||
|
23AD93B0000
|
heap
|
page read and write
|
||
|
262F9F70000
|
heap
|
page read and write
|
||
|
18A5A380000
|
heap
|
page read and write
|
||
|
1D991A50000
|
heap
|
page read and write
|
||
|
7FFDFB887000
|
unkown
|
page read and write
|
||
|
20BCB4E8000
|
heap
|
page read and write
|
||
|
777030F000
|
stack
|
page read and write
|
||
|
216116E5000
|
heap
|
page read and write
|
||
|
296325C0000
|
heap
|
page read and write
|
||
|
23AD9290000
|
heap
|
page read and write
|
||
|
2AB652A0000
|
heap
|
page read and write
|
||
|
1C311BF0000
|
heap
|
page read and write
|
||
|
D23694C000
|
stack
|
page read and write
|
||
|
7FFDFB887000
|
unkown
|
page read and write
|
||
|
7FFDFB848000
|
unkown
|
page read and write
|
||
|
17DDA448000
|
heap
|
page read and write
|
||
|
B1EDC7C000
|
stack
|
page read and write
|
||
|
24E53DA0000
|
heap
|
page read and write
|
||
|
50039DE000
|
stack
|
page read and write
|
||
|
7FFDFB88C000
|
unkown
|
page read and write
|
||
|
20C24888000
|
heap
|
page read and write
|
||
|
CC883AF000
|
stack
|
page read and write
|
||
|
265849F8000
|
heap
|
page read and write
|
||
|
29634020000
|
heap
|
page read and write
|
||
|
262FB7A0000
|
heap
|
page read and write
|
||
|
2909E6F0000
|
heap
|
page read and write
|
||
|
261488D0000
|
heap
|
page read and write
|
||
|
24C1D141000
|
heap
|
page read and write
|
||
|
251D2E90000
|
heap
|
page read and write
|
||
|
7FFDFB88F000
|
unkown
|
page readonly
|
||
|
7FFDFB7E0000
|
unkown
|
page readonly
|
||
|
23AD9297000
|
heap
|
page read and write
|
||
|
D11067C000
|
stack
|
page read and write
|
||
|
1C311DD0000
|
heap
|
page read and write
|
||
|
21611778000
|
heap
|
page read and write
|
||
|
BB838FE000
|
stack
|
page read and write
|
||
|
20BCB740000
|
heap
|
page read and write
|
||
|
209FAF20000
|
heap
|
page read and write
|
||
|
F7DDC7C000
|
stack
|
page read and write
|
||
|
296326B0000
|
heap
|
page read and write
|
||
|
262F9FB0000
|
heap
|
page read and write
|
||
|
1F7076C000
|
stack
|
page read and write
|
||
|
251D2E98000
|
heap
|
page read and write
|
||
|
248AE940000
|
heap
|
page read and write
|
||
|
21C4B210000
|
heap
|
page read and write
|
||
|
274D3890000
|
heap
|
page read and write
|
||
|
BB8387C000
|
stack
|
page read and write
|
||
|
20C264E0000
|
heap
|
page read and write
|
||
|
226AB1E0000
|
heap
|
page read and write
|
||
|
26586580000
|
heap
|
page read and write
|
||
|
2AB65180000
|
heap
|
page read and write
|
||
|
17DDA630000
|
heap
|
page read and write
|
||
|
7FFDFB6B1000
|
unkown
|
page execute read
|
||
|
23AD929E000
|
heap
|
page read and write
|
||
|
21513FC0000
|
heap
|
page read and write
|
||
|
4063EFF000
|
stack
|
page read and write
|
||
|
3760B7C000
|
stack
|
page read and write
|
||
|
637193C000
|
stack
|
page read and write
|
||
|
1DDD2BB0000
|
heap
|
page read and write
|
||
|
D51112E000
|
stack
|
page read and write
|
||
|
20C24B55000
|
heap
|
page read and write
|
||
|
21C49740000
|
heap
|
page read and write
|
||
|
2385D635000
|
heap
|
page read and write
|
||
|
1DDD2C78000
|
heap
|
page read and write
|
||
|
20657E4A000
|
heap
|
page read and write
|
||
|
7975FEF000
|
stack
|
page read and write
|
||
|
24C1D0F0000
|
heap
|
page read and write
|
||
|
1D9919B5000
|
heap
|
page read and write
|
||
|
274D1F05000
|
heap
|
page read and write
|
||
|
20C24880000
|
heap
|
page read and write
|
||
|
20657D20000
|
heap
|
page read and write
|
||
|
26853378000
|
heap
|
page read and write
|
||
|
777028C000
|
stack
|
page read and write
|
||
|
24E53FD0000
|
heap
|
page read and write
|
||
|
251D2FB0000
|
heap
|
page read and write
|
||
|
24C1D128000
|
heap
|
page read and write
|
||
|
DAC957F000
|
stack
|
page read and write
|
||
|
77B59CF000
|
stack
|
page read and write
|
||
|
1EF159F8000
|
heap
|
page read and write
|
||
|
1DDD2B90000
|
heap
|
page read and write
|
||
|
26853310000
|
heap
|
page read and write
|
||
|
1A3F88F0000
|
heap
|
page read and write
|
||
|
1D7D0250000
|
heap
|
page read and write
|
||
|
1D7D0370000
|
heap
|
page read and write
|
||
|
20BCB630000
|
heap
|
page read and write
|
||
|
7975F6F000
|
stack
|
page read and write
|
||
|
1D7D0278000
|
heap
|
page read and write
|
||
|
7FFDFB7E0000
|
unkown
|
page readonly
|
||
|
7A553CF000
|
stack
|
page read and write
|
||
|
7FFDFB848000
|
unkown
|
page read and write
|
||
|
B57899C000
|
stack
|
page read and write
|
||
|
D11077F000
|
stack
|
page read and write
|
||
|
500395D000
|
stack
|
page read and write
|
||
|
248AE988000
|
heap
|
page read and write
|
||
|
1EF15D65000
|
heap
|
page read and write
|
||
|
9447B2F000
|
stack
|
page read and write
|
||
|
2AB65280000
|
heap
|
page read and write
|
||
|
7BEF15C000
|
stack
|
page read and write
|
||
|
209FAEF0000
|
heap
|
page read and write
|
||
|
96E207F000
|
stack
|
page read and write
|
||
|
20BCB470000
|
heap
|
page read and write
|
||
|
7FFDFB88C000
|
unkown
|
page read and write
|
||
|
8B02F5C000
|
stack
|
page read and write
|
||
|
1C8BE940000
|
heap
|
page read and write
|
||
|
226A9780000
|
heap
|
page read and write
|
||
|
BE6B6F000
|
stack
|
page read and write
|
||
|
2909E800000
|
heap
|
page read and write
|
||
|
216116F0000
|
heap
|
page read and write
|
||
|
1DD8D158000
|
heap
|
page read and write
|
||
|
23AD9515000
|
heap
|
page read and write
|
||
|
21514048000
|
heap
|
page read and write
|
||
|
7FFDFB7E0000
|
unkown
|
page readonly
|
||
|
1C311CD0000
|
heap
|
page read and write
|
||
|
24E53D90000
|
heap
|
page read and write
|
||
|
1DD8EAE0000
|
heap
|
page read and write
|
||
|
261489F1000
|
heap
|
page read and write
|
||
|
24C1D120000
|
heap
|
page read and write
|
||
|
248B0540000
|
heap
|
page read and write
|
||
|
296325E0000
|
heap
|
page read and write
|
||
|
268E9ED0000
|
heap
|
page read and write
|
||
|
F7DDCFF000
|
stack
|
page read and write
|
||
|
50038DC000
|
stack
|
page read and write
|
||
|
216116E0000
|
heap
|
page read and write
|
||
|
20C24A80000
|
heap
|
page read and write
|
||
|
7FFDFB6B0000
|
unkown
|
page readonly
|
||
|
20BCB745000
|
heap
|
page read and write
|
||
|
20657F30000
|
heap
|
page read and write
|
||
|
1A3F89F0000
|
heap
|
page read and write
|
||
|
2909E5E0000
|
heap
|
page read and write
|
||
|
2909E7F0000
|
heap
|
page read and write
|
||
|
16AC38C000
|
stack
|
page read and write
|
||
|
226A9620000
|
heap
|
page read and write
|
||
|
1D9919B0000
|
heap
|
page read and write
|
||
|
1C8BE840000
|
heap
|
page read and write
|
||
|
8F6D7BF000
|
stack
|
page read and write
|
||
|
7FFDFB6B1000
|
unkown
|
page execute read
|
||
|
7FFDFB848000
|
unkown
|
page read and write
|
||
|
1C311EF5000
|
heap
|
page read and write
|
||
|
1D991980000
|
heap
|
page read and write
|
||
|
7FFDFB6B0000
|
unkown
|
page readonly
|
||
|
1EF15BC0000
|
heap
|
page read and write
|
||
|
7FFDFB84A000
|
unkown
|
page write copy
|
||
|
2909E5E8000
|
heap
|
page read and write
|
||
|
20657E2D000
|
heap
|
page read and write
|
||
|
7FFDFB84A000
|
unkown
|
page write copy
|
||
|
17DDA440000
|
heap
|
page read and write
|
||
|
1EF159D0000
|
heap
|
page read and write
|
||
|
20657E64000
|
heap
|
page read and write
|
||
|
7FFDFB6B1000
|
unkown
|
page execute read
|
||
|
1513ECA0000
|
heap
|
page read and write
|
||
|
1EF159F0000
|
heap
|
page read and write
|
||
|
18A589E0000
|
heap
|
page read and write
|
||
|
20657E00000
|
heap
|
page read and write
|
||
|
D5111AF000
|
stack
|
page read and write
|
||
|
AEF418C000
|
stack
|
page read and write
|
||
|
265849F0000
|
heap
|
page read and write
|
||
|
26853290000
|
heap
|
page read and write
|
||
|
268EB640000
|
heap
|
page read and write
|
||
|
26584920000
|
heap
|
page read and write
|
||
|
7FFDFB83A000
|
unkown
|
page write copy
|
||
|
209FCB00000
|
heap
|
page read and write
|
||
|
1513EC80000
|
heap
|
page read and write
|
||
|
26853370000
|
heap
|
page read and write
|
||
|
2AB650A0000
|
heap
|
page read and write
|
||
|
FA6A8FF000
|
stack
|
page read and write
|
||
|
268E9BF8000
|
heap
|
page read and write
|
||
|
261487F0000
|
heap
|
page read and write
|
||
|
1A3F8CA5000
|
heap
|
page read and write
|
||
|
7FFDFB6B0000
|
unkown
|
page readonly
|
||
|
89DE90F000
|
stack
|
page read and write
|
||
|
1EF176B0000
|
heap
|
page read and write
|
||
|
24E53DC8000
|
heap
|
page read and write
|
||
|
21C499B5000
|
heap
|
page read and write
|
||
|
1A3F8CA0000
|
heap
|
page read and write
|
||
|
1EF15D60000
|
heap
|
page read and write
|
||
|
18A589E5000
|
heap
|
page read and write
|
||
|
20657E20000
|
heap
|
page read and write
|
||
|
296326B5000
|
heap
|
page read and write
|
||
|
248AEBB5000
|
heap
|
page read and write
|
||
|
261489D0000
|
heap
|
page read and write
|
||
|
AEF44FF000
|
stack
|
page read and write
|
||
|
290A0150000
|
heap
|
page read and write
|
||
|
1F707EF000
|
stack
|
page read and write
|
||
|
24E53F90000
|
heap
|
page read and write
|
||
|
7FFDFB84A000
|
unkown
|
page write copy
|
||
|
77B5C7F000
|
stack
|
page read and write
|
||
|
1DD8D2C5000
|
heap
|
page read and write
|
||
|
24C1D330000
|
heap
|
page read and write
|
||
|
274D1C50000
|
heap
|
page read and write
|
||
|
226A9A30000
|
heap
|
page read and write
|
||
|
26853315000
|
heap
|
page read and write
|
||
|
1DDD2C70000
|
heap
|
page read and write
|
||
|
20C24980000
|
heap
|
page read and write
|
||
|
1513EFC0000
|
heap
|
page read and write
|
||
|
1DD8D150000
|
heap
|
page read and write
|
||
|
F7DDD7F000
|
stack
|
page read and write
|
||
|
1DD8D2C0000
|
heap
|
page read and write
|
||
|
7BEF1DF000
|
stack
|
page read and write
|
||
|
17DDBFE0000
|
heap
|
page read and write
|
||
|
21514040000
|
heap
|
page read and write
|
There are 397 hidden memdumps, click here to show them.