Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
ITC590-Script 2 V1-2024.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\_MEI62802\VCRUNTIME140.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI62802\_bz2.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI62802\_decimal.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI62802\_hashlib.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI62802\_lzma.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI62802\_socket.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI62802\base_library.zip
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI62802\libcrypto-3.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI62802\python312.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI62802\select.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI62802\unicodedata.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
There are 2 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\ITC590-Script 2 V1-2024.exe
|
"C:\Users\user\Desktop\ITC590-Script 2 V1-2024.exe"
|
|
|
|
C:\Users\user\Desktop\ITC590-Script 2 V1-2024.exe
|
"C:\Users\user\Desktop\ITC590-Script 2 V1-2024.exe"
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c reg add "HKCU\Software\TestSoftware" /v TestValue /d "Test Data" /f
|
|
|
|
C:\Windows\System32\reg.exe
|
reg add "HKCU\Software\TestSoftware" /v TestValue /d "Test Data" /f
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c reg add "HKCU\Software\TestSoftware" /v TestValue /d "Modified Data-ITC590 2024" /f
|
|
|
|
C:\Windows\System32\reg.exe
|
reg add "HKCU\Software\TestSoftware" /v TestValue /d "Modified Data-ITC590 2024" /f
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://github.com/python/cpython/blob/3.9/Lib/importlib/_bootstrap_external.py#L679-L688
|
unknown
|
||
|
https://docs.python.org/3/library/importlib.html#importlib.abc.InspectLoader.get_code
|
unknown
|
||
|
https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/reader
|
unknown
|
||
|
https://docs.python.org/3/library/importlib.html#importlib.abc.InspectLoader.get_source
|
unknown
|
||
|
https://www.openssl.org/H
|
unknown
|
||
|
https://docs.python.org/3/library/importlib.html#importlib.abc.Loader.exec_module
|
unknown
|
||
|
https://docs.python.org/3/library/importlib.html#importlib.abc.PathEntryFinder.find_spec
|
unknown
|
||
|
https://peps.python.org/pep-0205/
|
unknown
|
||
|
https://docs.python.org/3/howto/mro.html.
|
unknown
|
||
|
https://docs.python.org/3/library/importlib.html#importlib.abc.InspectLoader.is_package
|
unknown
|
||
|
https://docs.python.org/3/library/importlib.html#importlib.abc.MetaPathFinder.invalidate_caches
|
unknown
|
||
|
https://github.com/tensorflow/datasets/blob/master/tensorflow_datasets/core/utils/resource_utils.py#
|
unknown
|
||
|
https://www.python.org/psf/license/)
|
unknown
|
||
|
https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/abc.py
|
unknown
|
||
|
https://docs.python.org/3/library/importlib.html#importlib.abc.ResourceLoader.get_data
|
unknown
|
||
|
https://docs.python.org/3/library/importlib.html#importlib.abc.Loader.create_module
|
unknown
|
||
|
https://github.com/Unidata/MetPy/blob/a3424de66a44bf3a92b0dcacf4dff82ad7b86712/src/metpy/plots/wx_sy
|
unknown
|
||
|
https://peps.python.org/pep-0263/
|
unknown
|
||
|
https://docs.python.org/3/library/importlib.html#importlib.abc.ExecutionLoader.get_filename
|
unknown
|
||
|
https://www.python.org/psf/license/
|
unknown
|
There are 10 hidden URLs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\TestSoftware
|
TestValue
|
||
|
HKEY_CURRENT_USER\SOFTWARE\TestSoftware
|
TestValue
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
23128FF0000
|
heap
|
page read and write
|
||
|
59705DF000
|
stack
|
page read and write
|
||
|
2302FC60000
|
direct allocation
|
page read and write
|
||
|
3E4A47F000
|
stack
|
page read and write
|
||
|
1ACE12AC000
|
heap
|
page read and write
|
||
|
2302DEFE000
|
heap
|
page read and write
|
||
|
22FE6654000
|
heap
|
page read and write
|
||
|
2302F8EC000
|
heap
|
page read and write
|
||
|
2302F988000
|
heap
|
page read and write
|
||
|
2302F98F000
|
heap
|
page read and write
|
||
|
2302FC5C000
|
direct allocation
|
page read and write
|
||
|
2302F98E000
|
heap
|
page read and write
|
||
|
2302F90A000
|
heap
|
page read and write
|
||
|
2302F937000
|
heap
|
page read and write
|
||
|
7FF726E3E000
|
unkown
|
page write copy
|
||
|
2302F8D5000
|
heap
|
page read and write
|
||
|
2302DF14000
|
heap
|
page read and write
|
||
|
88379AC000
|
stack
|
page read and write
|
||
|
2302F9C0000
|
heap
|
page read and write
|
||
|
2302FCAC000
|
direct allocation
|
page read and write
|
||
|
2302FD3A000
|
heap
|
page read and write
|
||
|
2302F953000
|
heap
|
page read and write
|
||
|
2302DF14000
|
heap
|
page read and write
|
||
|
8837CFF000
|
unkown
|
page read and write
|
||
|
2302DF23000
|
heap
|
page read and write
|
||
|
99E85E7000
|
stack
|
page read and write
|
||
|
23128D49000
|
heap
|
page read and write
|
||
|
2302F9AB000
|
heap
|
page read and write
|
||
|
2302F912000
|
heap
|
page read and write
|
||
|
7FF726E00000
|
unkown
|
page readonly
|
||
|
2302F917000
|
heap
|
page read and write
|
||
|
2302F98C000
|
heap
|
page read and write
|
||
|
1F2A7DC000
|
stack
|
page read and write
|
||
|
2302F98C000
|
heap
|
page read and write
|
||
|
2302DEFC000
|
heap
|
page read and write
|
||
|
2302FD64000
|
heap
|
page read and write
|
||
|
2302F98C000
|
heap
|
page read and write
|
||
|
2302FD66000
|
heap
|
page read and write
|
||
|
1AF92A70000
|
heap
|
page read and write
|
||
|
2302F909000
|
heap
|
page read and write
|
||
|
2302FC24000
|
direct allocation
|
page read and write
|
||
|
2302F91C000
|
heap
|
page read and write
|
||
|
2302F967000
|
heap
|
page read and write
|
||
|
2302DF0F000
|
heap
|
page read and write
|
||
|
2302F998000
|
heap
|
page read and write
|
||
|
2302F970000
|
heap
|
page read and write
|
||
|
7C118FB000
|
stack
|
page read and write
|
||
|
7FF726E00000
|
unkown
|
page readonly
|
||
|
2302FCA8000
|
direct allocation
|
page read and write
|
||
|
7FF726E44000
|
unkown
|
page readonly
|
||
|
2302DF13000
|
heap
|
page read and write
|
||
|
2302F931000
|
heap
|
page read and write
|
||
|
2302F990000
|
heap
|
page read and write
|
||
|
2302F92E000
|
heap
|
page read and write
|
||
|
2302F98C000
|
heap
|
page read and write
|
||
|
23128C60000
|
heap
|
page read and write
|
||
|
2302DF02000
|
heap
|
page read and write
|
||
|
2302DF11000
|
heap
|
page read and write
|
||
|
2302F901000
|
heap
|
page read and write
|
||
|
2302DF2A000
|
heap
|
page read and write
|
||
|
2302DF03000
|
heap
|
page read and write
|
||
|
7FF726E3E000
|
unkown
|
page read and write
|
||
|
2302F9B7000
|
heap
|
page read and write
|
||
|
2302F935000
|
heap
|
page read and write
|
||
|
2302F939000
|
heap
|
page read and write
|
||
|
2302F957000
|
heap
|
page read and write
|
||
|
2302FD65000
|
heap
|
page read and write
|
||
|
2302F98E000
|
heap
|
page read and write
|
||
|
2302F8FC000
|
heap
|
page read and write
|
||
|
2302F9B7000
|
heap
|
page read and write
|
||
|
2302F989000
|
heap
|
page read and write
|
||
|
2302DEDD000
|
heap
|
page read and write
|
||
|
2302DF3A000
|
heap
|
page read and write
|
||
|
2302F9B7000
|
heap
|
page read and write
|
||
|
2302DEDC000
|
heap
|
page read and write
|
||
|
7FF726E00000
|
unkown
|
page readonly
|
||
|
7FF726E01000
|
unkown
|
page execute read
|
||
|
2302F923000
|
heap
|
page read and write
|
||
|
2302F909000
|
heap
|
page read and write
|
||
|
2302DE40000
|
heap
|
page read and write
|
||
|
1AF94340000
|
heap
|
page read and write
|
||
|
2302DEC9000
|
heap
|
page read and write
|
||
|
1B6D32A8000
|
heap
|
page read and write
|
||
|
2302DF00000
|
heap
|
page read and write
|
||
|
2302F97B000
|
heap
|
page read and write
|
||
|
2302F8E6000
|
heap
|
page read and write
|
||
|
7FF726E44000
|
unkown
|
page readonly
|
||
|
2302F994000
|
heap
|
page read and write
|
||
|
2302F8C4000
|
heap
|
page read and write
|
||
|
2302F9AB000
|
heap
|
page read and write
|
||
|
1F2AA7F000
|
stack
|
page read and write
|
||
|
2302F930000
|
heap
|
page read and write
|
||
|
2302F999000
|
heap
|
page read and write
|
||
|
1AF92AC0000
|
heap
|
page read and write
|
||
|
2302F9A6000
|
heap
|
page read and write
|
||
|
7FF726E01000
|
unkown
|
page execute read
|
||
|
2302DEC3000
|
heap
|
page read and write
|
||
|
2302F8EC000
|
heap
|
page read and write
|
||
|
2302DF23000
|
heap
|
page read and write
|
||
|
1AF92AA0000
|
heap
|
page read and write
|
||
|
2302F8EC000
|
heap
|
page read and write
|
||
|
2302DE30000
|
direct allocation
|
page read and write
|
||
|
2302F8D1000
|
heap
|
page read and write
|
||
|
2302F9B7000
|
heap
|
page read and write
|
||
|
2302F984000
|
heap
|
page read and write
|
||
|
2302F990000
|
heap
|
page read and write
|
||
|
2302FD29000
|
heap
|
page read and write
|
||
|
7FF726E3E000
|
unkown
|
page write copy
|
||
|
1AF92ABF000
|
heap
|
page read and write
|
||
|
23128FF4000
|
heap
|
page read and write
|
||
|
2302F9AB000
|
heap
|
page read and write
|
||
|
2302DF21000
|
heap
|
page read and write
|
||
|
2302F937000
|
heap
|
page read and write
|
||
|
2302DF0D000
|
heap
|
page read and write
|
||
|
2302DF21000
|
heap
|
page read and write
|
||
|
2302F939000
|
heap
|
page read and write
|
||
|
2302FB10000
|
direct allocation
|
page read and write
|
||
|
2302F964000
|
heap
|
page read and write
|
||
|
7FF726E44000
|
unkown
|
page readonly
|
||
|
22FE630A000
|
heap
|
page read and write
|
||
|
2302F91A000
|
heap
|
page read and write
|
||
|
1AF92ACC000
|
heap
|
page read and write
|
||
|
2302F984000
|
heap
|
page read and write
|
||
|
2302DF27000
|
heap
|
page read and write
|
||
|
2302FD88000
|
heap
|
page read and write
|
||
|
2302FC34000
|
direct allocation
|
page read and write
|
||
|
2302FC6C000
|
direct allocation
|
page read and write
|
||
|
2302DF0E000
|
heap
|
page read and write
|
||
|
22FE64F0000
|
heap
|
page read and write
|
||
|
7FF726E3E000
|
unkown
|
page read and write
|
||
|
7FF726E2B000
|
unkown
|
page readonly
|
||
|
1AF92ABF000
|
heap
|
page read and write
|
||
|
2302F938000
|
heap
|
page read and write
|
||
|
2302FD1E000
|
heap
|
page read and write
|
||
|
23128D40000
|
heap
|
page read and write
|
||
|
2302F903000
|
heap
|
page read and write
|
||
|
2302F930000
|
heap
|
page read and write
|
||
|
2302F9CC000
|
heap
|
page read and write
|
||
|
2302DF04000
|
heap
|
page read and write
|
||
|
1ACE1470000
|
heap
|
page read and write
|
||
|
2302DF3E000
|
heap
|
page read and write
|
||
|
1ACE12C7000
|
heap
|
page read and write
|
||
|
2302F937000
|
heap
|
page read and write
|
||
|
2302F927000
|
heap
|
page read and write
|
||
|
2302F9AB000
|
heap
|
page read and write
|
||
|
2302F987000
|
heap
|
page read and write
|
||
|
2302F9B7000
|
heap
|
page read and write
|
||
|
2302F9AB000
|
heap
|
page read and write
|
||
|
2302F988000
|
heap
|
page read and write
|
||
|
1ACE1270000
|
heap
|
page read and write
|
||
|
2302F9AB000
|
heap
|
page read and write
|
||
|
99E89CE000
|
stack
|
page read and write
|
||
|
2302FD10000
|
heap
|
page read and write
|
||
|
2302DF21000
|
heap
|
page read and write
|
||
|
2302F8F8000
|
heap
|
page read and write
|
||
|
2302FD86000
|
heap
|
page read and write
|
||
|
7FF726E42000
|
unkown
|
page read and write
|
||
|
2302FD31000
|
heap
|
page read and write
|
||
|
2302DF1D000
|
heap
|
page read and write
|
||
|
1AF92ABF000
|
heap
|
page read and write
|
||
|
99E85ED000
|
stack
|
page read and write
|
||
|
2302F9A6000
|
heap
|
page read and write
|
||
|
7FF726E01000
|
unkown
|
page execute read
|
||
|
2302F8FE000
|
heap
|
page read and write
|
||
|
2302DEE6000
|
heap
|
page read and write
|
||
|
2302F912000
|
heap
|
page read and write
|
||
|
2302F9B7000
|
heap
|
page read and write
|
||
|
2302F8C0000
|
heap
|
page read and write
|
||
|
1AF94450000
|
heap
|
page read and write
|
||
|
2302F953000
|
heap
|
page read and write
|
||
|
2302F9A6000
|
heap
|
page read and write
|
||
|
2302F8F8000
|
heap
|
page read and write
|
||
|
2302F9AB000
|
heap
|
page read and write
|
||
|
2302F8E2000
|
heap
|
page read and write
|
||
|
2302F9A5000
|
heap
|
page read and write
|
||
|
2302F9AB000
|
heap
|
page read and write
|
||
|
1ACE1260000
|
heap
|
page read and write
|
||
|
8837DFF000
|
stack
|
page read and write
|
||
|
2302F930000
|
heap
|
page read and write
|
||
|
2302F91C000
|
heap
|
page read and write
|
||
|
2302F960000
|
heap
|
page read and write
|
||
|
2302DF37000
|
heap
|
page read and write
|
||
|
2302F92C000
|
heap
|
page read and write
|
||
|
2302FD69000
|
heap
|
page read and write
|
||
|
2302DF2A000
|
heap
|
page read and write
|
||
|
7FF726E00000
|
unkown
|
page readonly
|
||
|
2302DF01000
|
heap
|
page read and write
|
||
|
7FF726E41000
|
unkown
|
page read and write
|
||
|
2302DF38000
|
heap
|
page read and write
|
||
|
2302FD53000
|
heap
|
page read and write
|
||
|
2302F934000
|
heap
|
page read and write
|
||
|
1B6D3470000
|
heap
|
page read and write
|
||
|
2302FCCC000
|
direct allocation
|
page read and write
|
||
|
2302F90C000
|
heap
|
page read and write
|
||
|
3E4A18D000
|
stack
|
page read and write
|
||
|
22FE6650000
|
heap
|
page read and write
|
||
|
2302FD80000
|
heap
|
page read and write
|
||
|
2302DF0F000
|
heap
|
page read and write
|
||
|
2302DF20000
|
heap
|
page read and write
|
||
|
1AF92ABF000
|
heap
|
page read and write
|
||
|
2302DED9000
|
heap
|
page read and write
|
||
|
2302F9A1000
|
heap
|
page read and write
|
||
|
2302F90F000
|
heap
|
page read and write
|
||
|
22FE6656000
|
heap
|
page read and write
|
||
|
1B6D3644000
|
heap
|
page read and write
|
||
|
2302F984000
|
heap
|
page read and write
|
||
|
2302F904000
|
heap
|
page read and write
|
||
|
1B6D3640000
|
heap
|
page read and write
|
||
|
2302FD5C000
|
heap
|
page read and write
|
||
|
2302F8F3000
|
heap
|
page read and write
|
||
|
2302DEFC000
|
heap
|
page read and write
|
||
|
2302FD3B000
|
heap
|
page read and write
|
||
|
2302F984000
|
heap
|
page read and write
|
||
|
2302F917000
|
heap
|
page read and write
|
||
|
2302F912000
|
heap
|
page read and write
|
||
|
2302F954000
|
heap
|
page read and write
|
||
|
2302F953000
|
heap
|
page read and write
|
||
|
2302F90B000
|
heap
|
page read and write
|
||
|
59707CE000
|
stack
|
page read and write
|
||
|
2302FCC4000
|
direct allocation
|
page read and write
|
||
|
22FE62C0000
|
heap
|
page read and write
|
||
|
2302FD70000
|
heap
|
page read and write
|
||
|
2302F8F8000
|
heap
|
page read and write
|
||
|
22FE64D0000
|
heap
|
page read and write
|
||
|
2302F910000
|
heap
|
page read and write
|
||
|
2302DEE3000
|
heap
|
page read and write
|
||
|
2302F938000
|
heap
|
page read and write
|
||
|
2302F930000
|
heap
|
page read and write
|
||
|
2302F90C000
|
heap
|
page read and write
|
||
|
2302F999000
|
heap
|
page read and write
|
||
|
2302F938000
|
heap
|
page read and write
|
||
|
2302F9AB000
|
heap
|
page read and write
|
||
|
1AF92ACF000
|
heap
|
page read and write
|
||
|
1AF92AC0000
|
heap
|
page read and write
|
||
|
2302F9AB000
|
heap
|
page read and write
|
||
|
2302DCE0000
|
heap
|
page read and write
|
||
|
2302F90C000
|
heap
|
page read and write
|
||
|
2302DF2A000
|
heap
|
page read and write
|
||
|
99E87DE000
|
stack
|
page read and write
|
||
|
2302F8DA000
|
heap
|
page read and write
|
||
|
2302F8FC000
|
heap
|
page read and write
|
||
|
2302F988000
|
heap
|
page read and write
|
||
|
2302DEDA000
|
heap
|
page read and write
|
||
|
2302DF08000
|
heap
|
page read and write
|
||
|
2302F9B7000
|
heap
|
page read and write
|
||
|
2302FD8A000
|
heap
|
page read and write
|
||
|
2302F9B7000
|
heap
|
page read and write
|
||
|
2302F991000
|
heap
|
page read and write
|
||
|
2302F954000
|
heap
|
page read and write
|
||
|
2302DF23000
|
heap
|
page read and write
|
||
|
22FE62EC000
|
heap
|
page read and write
|
||
|
2302F8F6000
|
heap
|
page read and write
|
||
|
2302F9C6000
|
heap
|
page read and write
|
||
|
2302F931000
|
heap
|
page read and write
|
||
|
2302F928000
|
heap
|
page read and write
|
||
|
2302FC38000
|
direct allocation
|
page read and write
|
||
|
2302FD6B000
|
heap
|
page read and write
|
||
|
7FF726E01000
|
unkown
|
page execute read
|
||
|
2302F999000
|
heap
|
page read and write
|
||
|
2302F8D9000
|
heap
|
page read and write
|
||
|
1AF92ABF000
|
heap
|
page read and write
|
||
|
2302F96B000
|
heap
|
page read and write
|
||
|
1ACE1265000
|
heap
|
page read and write
|
||
|
2302F9B7000
|
heap
|
page read and write
|
||
|
22FE62EF000
|
heap
|
page read and write
|
||
|
2302DF23000
|
heap
|
page read and write
|
||
|
7C119FF000
|
unkown
|
page read and write
|
||
|
2302F98F000
|
heap
|
page read and write
|
||
|
2302F967000
|
heap
|
page read and write
|
||
|
2302DEC6000
|
heap
|
page read and write
|
||
|
2302F923000
|
heap
|
page read and write
|
||
|
2302F8FD000
|
heap
|
page read and write
|
||
|
2302DEFD000
|
heap
|
page read and write
|
||
|
2302F7A4000
|
direct allocation
|
page read and write
|
||
|
2302FD15000
|
heap
|
page read and write
|
||
|
2302DDF0000
|
heap
|
page read and write
|
||
|
2302F98F000
|
heap
|
page read and write
|
||
|
1ACE1490000
|
heap
|
page read and write
|
||
|
2302F76C000
|
direct allocation
|
page read and write
|
||
|
2302F984000
|
heap
|
page read and write
|
||
|
22FE64B0000
|
heap
|
page read and write
|
||
|
59703E3000
|
stack
|
page read and write
|
||
|
2302FD69000
|
heap
|
page read and write
|
||
|
1ACE1264000
|
heap
|
page read and write
|
||
|
1B6D3490000
|
heap
|
page read and write
|
||
|
2302FD8A000
|
heap
|
page read and write
|
||
|
2302F988000
|
heap
|
page read and write
|
||
|
1F2AAFF000
|
stack
|
page read and write
|
||
|
2302FBE8000
|
direct allocation
|
page read and write
|
||
|
2302F8D9000
|
heap
|
page read and write
|
||
|
2302DEF7000
|
heap
|
page read and write
|
||
|
23128B80000
|
heap
|
page read and write
|
||
|
2302F920000
|
heap
|
page read and write
|
||
|
3E4A4FF000
|
stack
|
page read and write
|
||
|
2302F92D000
|
heap
|
page read and write
|
||
|
2302F93A000
|
heap
|
page read and write
|
||
|
2302F954000
|
heap
|
page read and write
|
||
|
1AF92ABF000
|
heap
|
page read and write
|
||
|
2302DED2000
|
heap
|
page read and write
|
||
|
2302FCD0000
|
direct allocation
|
page read and write
|
||
|
2302F9A2000
|
heap
|
page read and write
|
||
|
2302F97A000
|
heap
|
page read and write
|
||
|
2302F937000
|
heap
|
page read and write
|
||
|
2302F8D0000
|
heap
|
page read and write
|
||
|
1AF92AC0000
|
heap
|
page read and write
|
||
|
22FE6307000
|
heap
|
page read and write
|
||
|
1AF92AA8000
|
heap
|
page read and write
|
||
|
2302F91F000
|
heap
|
page read and write
|
||
|
2302F9B7000
|
heap
|
page read and write
|
||
|
2302F907000
|
heap
|
page read and write
|
||
|
2302F99E000
|
heap
|
page read and write
|
||
|
22FE62E0000
|
heap
|
page read and write
|
||
|
2302F953000
|
heap
|
page read and write
|
||
|
2302F90E000
|
heap
|
page read and write
|
||
|
2302DF06000
|
heap
|
page read and write
|
||
|
2302F90D000
|
heap
|
page read and write
|
||
|
2302F9C6000
|
heap
|
page read and write
|
||
|
2302F8F8000
|
heap
|
page read and write
|
||
|
2302F953000
|
heap
|
page read and write
|
||
|
1ACE12AF000
|
heap
|
page read and write
|
||
|
2302DF0F000
|
heap
|
page read and write
|
||
|
2302F9AB000
|
heap
|
page read and write
|
||
|
2302FC10000
|
direct allocation
|
page read and write
|
||
|
2302F920000
|
heap
|
page read and write
|
||
|
2302F953000
|
heap
|
page read and write
|
||
|
2302FBF0000
|
direct allocation
|
page read and write
|
||
|
2302DEFC000
|
heap
|
page read and write
|
||
|
2302FBC0000
|
direct allocation
|
page read and write
|
||
|
2302F931000
|
heap
|
page read and write
|
||
|
2302F9B7000
|
heap
|
page read and write
|
||
|
2302F912000
|
heap
|
page read and write
|
||
|
1AF94520000
|
heap
|
page read and write
|
||
|
2302F912000
|
heap
|
page read and write
|
||
|
2302F988000
|
heap
|
page read and write
|
||
|
2302F930000
|
heap
|
page read and write
|
||
|
2302F900000
|
heap
|
page read and write
|
||
|
7C11AFF000
|
stack
|
page read and write
|
||
|
2302F988000
|
heap
|
page read and write
|
||
|
7FF726E2B000
|
unkown
|
page readonly
|
||
|
1B6D32A0000
|
heap
|
page read and write
|
||
|
2302DF23000
|
heap
|
page read and write
|
||
|
2302F953000
|
heap
|
page read and write
|
||
|
2302F98F000
|
heap
|
page read and write
|
||
|
2302F912000
|
heap
|
page read and write
|
||
|
2302F988000
|
heap
|
page read and write
|
||
|
2302F91A000
|
heap
|
page read and write
|
||
|
2302F6E0000
|
direct allocation
|
page read and write
|
||
|
2302F939000
|
heap
|
page read and write
|
||
|
2302F957000
|
heap
|
page read and write
|
||
|
2302DF2A000
|
heap
|
page read and write
|
||
|
1ACE1250000
|
heap
|
page read and write
|
||
|
2302F8FD000
|
heap
|
page read and write
|
||
|
1ACE12A0000
|
heap
|
page read and write
|
||
|
2302F967000
|
heap
|
page read and write
|
||
|
2302FBF4000
|
direct allocation
|
page read and write
|
||
|
1ACE12C9000
|
heap
|
page read and write
|
||
|
2302F92C000
|
heap
|
page read and write
|
||
|
1AF92ABF000
|
heap
|
page read and write
|
||
|
7FF726E44000
|
unkown
|
page readonly
|
||
|
22FE6655000
|
heap
|
page read and write
|
||
|
2302F984000
|
heap
|
page read and write
|
||
|
1AF92ABF000
|
heap
|
page read and write
|
||
|
2302FD86000
|
heap
|
page read and write
|
||
|
2302F75C000
|
direct allocation
|
page read and write
|
||
|
2302F936000
|
heap
|
page read and write
|
||
|
7FF726E2B000
|
unkown
|
page readonly
|
||
|
2302FC94000
|
direct allocation
|
page read and write
|
||
|
2302F984000
|
heap
|
page read and write
|
||
|
2302DF38000
|
heap
|
page read and write
|
||
|
2302DEC5000
|
heap
|
page read and write
|
||
|
2302DDC0000
|
heap
|
page read and write
|
||
|
7FF726E2B000
|
unkown
|
page readonly
|
||
|
23128C80000
|
heap
|
page read and write
|
||
|
2302F918000
|
heap
|
page read and write
|
||
|
2302DE5D000
|
heap
|
page read and write
|
||
|
2302F990000
|
heap
|
page read and write
|
||
|
1B6D3290000
|
heap
|
page read and write
|
||
|
2302F91A000
|
heap
|
page read and write
|
||
|
2302FCB4000
|
direct allocation
|
page read and write
|
||
|
2302DF26000
|
heap
|
page read and write
|
||
|
1AF92990000
|
heap
|
page read and write
|
||
|
2302DEFB000
|
heap
|
page read and write
|
||
|
2302F8EE000
|
heap
|
page read and write
|
||
|
2302F988000
|
heap
|
page read and write
|
||
|
2302DEF8000
|
heap
|
page read and write
|
||
|
2302F98F000
|
heap
|
page read and write
|
There are 376 hidden memdumps, click here to show them.