Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
file.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_fil_163b281bc03766b9d229495832e480b11c6631eb_d75f6fa5_1ac289ff-28d1-4d50-907b-2997462c5727\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_fil_163b281bc03766b9d229495832e480b11c6631eb_d75f6fa5_527bf8e3-915d-4f0a-a5f5-0f3120f0c5d6\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_fil_163b281bc03766b9d229495832e480b11c6631eb_d75f6fa5_75b49cbe-11f1-4246-8ee2-53a4fbf46332\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_fil_f365a289cde21bdad085295fbeb3d421d2947397_d75f6fa5_131b5758-8b7a-4ded-a65f-584aa0c3c453\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERCF37.tmp.dmp
|
Mini DuMP crash report, 14 streams, Wed Oct 2 15:19:23 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERCFA5.tmp.dmp
|
Mini DuMP crash report, 14 streams, Wed Oct 2 15:19:23 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD022.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD023.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD072.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD081.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE60B.tmp.dmp
|
Mini DuMP crash report, 14 streams, Wed Oct 2 15:19:28 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE64A.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE66A.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF2DC.tmp.dmp
|
Mini DuMP crash report, 14 streams, Wed Oct 2 15:19:32 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF3F6.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF501.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 8 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\file.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\file.dll",#1
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\file.dll,Java_com_sun_pisces_AbstractSurface_getRGBImpl
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",#1
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 5660 -s 332
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 2356 -s 332
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\file.dll,Java_com_sun_pisces_AbstractSurface_nativeFinalize
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\file.dll,Java_com_sun_pisces_AbstractSurface_setRGBImpl
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 7244 -s 332
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_pisces_AbstractSurface_getRGBImpl
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_pisces_AbstractSurface_nativeFinalize
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_pisces_AbstractSurface_setRGBImpl
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_pisces_Transform6_initialize
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_pisces_PiscesRenderer_setTextureImpl
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_pisces_PiscesRenderer_setRadialGradientImpl
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 7344 -s 324
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_pisces_PiscesRenderer_setLinearGradientImpl
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_pisces_PiscesRenderer_setLCDGammaCorrectionImpl
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_pisces_PiscesRenderer_setCompositeRuleImpl
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_pisces_PiscesRenderer_setColorImpl
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_pisces_PiscesRenderer_setClipImpl
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_pisces_PiscesRenderer_nativeFinalize
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_pisces_PiscesRenderer_initialize
|
There are 14 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://upx.sf.net
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
15.164.165.52.in-addr.arpa
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{a48bc89c-db86-163f-652e-a4fc322f012e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProgramId
|
||
|
\REGISTRY\A\{a48bc89c-db86-163f-652e-a4fc322f012e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
FileId
|
||
|
\REGISTRY\A\{a48bc89c-db86-163f-652e-a4fc322f012e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{a48bc89c-db86-163f-652e-a4fc322f012e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LongPathHash
|
||
|
\REGISTRY\A\{a48bc89c-db86-163f-652e-a4fc322f012e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Name
|
||
|
\REGISTRY\A\{a48bc89c-db86-163f-652e-a4fc322f012e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
OriginalFileName
|
||
|
\REGISTRY\A\{a48bc89c-db86-163f-652e-a4fc322f012e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Publisher
|
||
|
\REGISTRY\A\{a48bc89c-db86-163f-652e-a4fc322f012e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Version
|
||
|
\REGISTRY\A\{a48bc89c-db86-163f-652e-a4fc322f012e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinFileVersion
|
||
|
\REGISTRY\A\{a48bc89c-db86-163f-652e-a4fc322f012e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinaryType
|
||
|
\REGISTRY\A\{a48bc89c-db86-163f-652e-a4fc322f012e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductName
|
||
|
\REGISTRY\A\{a48bc89c-db86-163f-652e-a4fc322f012e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductVersion
|
||
|
\REGISTRY\A\{a48bc89c-db86-163f-652e-a4fc322f012e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LinkDate
|
||
|
\REGISTRY\A\{a48bc89c-db86-163f-652e-a4fc322f012e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinProductVersion
|
||
|
\REGISTRY\A\{a48bc89c-db86-163f-652e-a4fc322f012e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{a48bc89c-db86-163f-652e-a4fc322f012e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{a48bc89c-db86-163f-652e-a4fc322f012e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Size
|
||
|
\REGISTRY\A\{a48bc89c-db86-163f-652e-a4fc322f012e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Language
|
||
|
\REGISTRY\A\{a48bc89c-db86-163f-652e-a4fc322f012e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsOsComponent
|
||
|
\REGISTRY\A\{a48bc89c-db86-163f-652e-a4fc322f012e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Usn
|
There are 10 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
18053048000
|
heap
|
page read and write
|
||
|
24EE7580000
|
heap
|
page read and write
|
||
|
18E09420000
|
heap
|
page read and write
|
||
|
28B296E0000
|
heap
|
page read and write
|
||
|
18E09620000
|
heap
|
page read and write
|
||
|
20A3C7E0000
|
heap
|
page read and write
|
||
|
B542F7F000
|
stack
|
page read and write
|
||
|
20A3C7D0000
|
heap
|
page read and write
|
||
|
18052EB0000
|
heap
|
page read and write
|
||
|
7FFB1CA80000
|
unkown
|
page readonly
|
||
|
24EE8ED0000
|
heap
|
page read and write
|
||
|
1F1A01B0000
|
heap
|
page read and write
|
||
|
2265A775000
|
heap
|
page read and write
|
||
|
167547D9000
|
heap
|
page read and write
|
||
|
2EED9125000
|
heap
|
page read and write
|
||
|
2A8A9AF0000
|
heap
|
page read and write
|
||
|
2A8A9C05000
|
heap
|
page read and write
|
||
|
18053250000
|
remote allocation
|
page read and write
|
||
|
251AF2B5000
|
heap
|
page read and write
|
||
|
28B28025000
|
heap
|
page read and write
|
||
|
18E09400000
|
heap
|
page read and write
|
||
|
7FFB1CA80000
|
unkown
|
page readonly
|
||
|
7FFB1CA7E000
|
unkown
|
page read and write
|
||
|
1A849AA0000
|
heap
|
page read and write
|
||
|
251AEFE0000
|
heap
|
page read and write
|
||
|
7FFB1CA80000
|
unkown
|
page readonly
|
||
|
2265A770000
|
heap
|
page read and write
|
||
|
18E095C0000
|
remote allocation
|
page read and write
|
||
|
18053290000
|
heap
|
page read and write
|
||
|
7FFB1CA7C000
|
unkown
|
page readonly
|
||
|
28B27C20000
|
heap
|
page read and write
|
||
|
147F8820000
|
heap
|
page read and write
|
||
|
F9567EF000
|
stack
|
page read and write
|
||
|
1B678090000
|
heap
|
page read and write
|
||
|
1F19FEA0000
|
heap
|
page read and write
|
||
|
7FFB1CA71000
|
unkown
|
page execute read
|
||
|
147F8440000
|
heap
|
page read and write
|
||
|
F9B10FF000
|
stack
|
page read and write
|
||
|
1A849938000
|
heap
|
page read and write
|
||
|
7FFB1CA7E000
|
unkown
|
page read and write
|
||
|
D86507E000
|
stack
|
page read and write
|
||
|
1A849B80000
|
heap
|
page read and write
|
||
|
7FFB1CA70000
|
unkown
|
page readonly
|
||
|
1B6782F5000
|
heap
|
page read and write
|
||
|
58C478C000
|
stack
|
page read and write
|
||
|
FE81EFF000
|
stack
|
page read and write
|
||
|
18E09450000
|
heap
|
page read and write
|
||
|
7FFB1CA71000
|
unkown
|
page execute read
|
||
|
B542E7C000
|
stack
|
page read and write
|
||
|
2265A740000
|
heap
|
page read and write
|
||
|
2EED90F0000
|
heap
|
page read and write
|
||
|
7FFB1CA70000
|
unkown
|
page readonly
|
||
|
7FFB1CA7C000
|
unkown
|
page readonly
|
||
|
28AB46A0000
|
heap
|
page read and write
|
||
|
28B27D7F000
|
heap
|
page read and write
|
||
|
20A3C800000
|
heap
|
page read and write
|
||
|
7FFB1CA7E000
|
unkown
|
page read and write
|
||
|
2265A7F8000
|
heap
|
page read and write
|
||
|
251AF06F000
|
heap
|
page read and write
|
||
|
21EBD540000
|
heap
|
page read and write
|
||
|
28B27D70000
|
heap
|
page read and write
|
||
|
F95676F000
|
stack
|
page read and write
|
||
|
167547E9000
|
heap
|
page read and write
|
||
|
E724F4F000
|
stack
|
page read and write
|
||
|
7FFB1CA7E000
|
unkown
|
page read and write
|
||
|
37CF0AC000
|
stack
|
page read and write
|
||
|
1DC1B350000
|
heap
|
page read and write
|
||
|
37CF1AF000
|
stack
|
page read and write
|
||
|
7FFB1CA71000
|
unkown
|
page execute read
|
||
|
1A8498C0000
|
heap
|
page read and write
|
||
|
167547D0000
|
heap
|
page read and write
|
||
|
147F84B0000
|
heap
|
page read and write
|
||
|
2A8A9928000
|
heap
|
page read and write
|
||
|
68857EF000
|
stack
|
page read and write
|
||
|
2265A7F0000
|
heap
|
page read and write
|
||
|
7FFB1CA71000
|
unkown
|
page execute read
|
||
|
C34787E000
|
stack
|
page read and write
|
||
|
7FFB1CA7E000
|
unkown
|
page read and write
|
||
|
7FFB1CA71000
|
unkown
|
page execute read
|
||
|
3E0F07F000
|
stack
|
page read and write
|
||
|
1B6782F0000
|
heap
|
page read and write
|
||
|
7FFB1CA70000
|
unkown
|
page readonly
|
||
|
7FFB1CA70000
|
unkown
|
page readonly
|
||
|
28B27D20000
|
heap
|
page read and write
|
||
|
688576C000
|
stack
|
page read and write
|
||
|
1DC1B340000
|
remote allocation
|
page read and write
|
||
|
1A8498E0000
|
heap
|
page read and write
|
||
|
1B678098000
|
heap
|
page read and write
|
||
|
B03192E000
|
stack
|
page read and write
|
||
|
21EBD870000
|
heap
|
page read and write
|
||
|
7FFB1CA70000
|
unkown
|
page readonly
|
||
|
28AB48C5000
|
heap
|
page read and write
|
||
|
7FFB1CA70000
|
unkown
|
page readonly
|
||
|
24EE71D0000
|
heap
|
page read and write
|
||
|
28AB61F0000
|
heap
|
page read and write
|
||
|
7FFB1CA80000
|
unkown
|
page readonly
|
||
|
7FFB1CA80000
|
unkown
|
page readonly
|
||
|
24EE7585000
|
heap
|
page read and write
|
||
|
1448FE000
|
stack
|
page read and write
|
||
|
21EBD875000
|
heap
|
page read and write
|
||
|
23DCAC60000
|
heap
|
page read and write
|
||
|
7FFB1CA80000
|
unkown
|
page readonly
|
||
|
2EEDA8D0000
|
remote allocation
|
page read and write
|
||
|
3E0F0FF000
|
stack
|
page read and write
|
||
|
7FFB1CA80000
|
unkown
|
page readonly
|
||
|
1F19FED0000
|
heap
|
page read and write
|
||
|
BB4FB7E000
|
stack
|
page read and write
|
||
|
16754770000
|
heap
|
page read and write
|
||
|
28AB4540000
|
heap
|
page read and write
|
||
|
23DCAE15000
|
heap
|
page read and write
|
||
|
2A8A9C00000
|
heap
|
page read and write
|
||
|
18053240000
|
heap
|
page read and write
|
||
|
C3475CC000
|
stack
|
page read and write
|
||
|
28AB4640000
|
heap
|
page read and write
|
||
|
BB4FBFF000
|
stack
|
page read and write
|
||
|
18537AF000
|
stack
|
page read and write
|
||
|
73A256E000
|
stack
|
page read and write
|
||
|
21EBD5D8000
|
heap
|
page read and write
|
||
|
147F9F50000
|
remote allocation
|
page read and write
|
||
|
14453C000
|
stack
|
page read and write
|
||
|
251AF067000
|
heap
|
page read and write
|
||
|
7FFB1CA7C000
|
unkown
|
page readonly
|
||
|
7FFB1CA71000
|
unkown
|
page execute read
|
||
|
D864D4C000
|
stack
|
page read and write
|
||
|
2A8A98F0000
|
heap
|
page read and write
|
||
|
7FFB1CA7C000
|
unkown
|
page readonly
|
||
|
147F8410000
|
heap
|
page read and write
|
||
|
23DCABD0000
|
heap
|
page read and write
|
||
|
7FFB1CA70000
|
unkown
|
page readonly
|
||
|
7FFB1CA70000
|
unkown
|
page readonly
|
||
|
7FFB1CA80000
|
unkown
|
page readonly
|
||
|
A6C48FF000
|
stack
|
page read and write
|
||
|
23DCC6A0000
|
heap
|
page read and write
|
||
|
7FFB1CA7E000
|
unkown
|
page read and write
|
||
|
1B6782D0000
|
heap
|
page read and write
|
||
|
7FFB1CA7C000
|
unkown
|
page readonly
|
||
|
1DC1B410000
|
heap
|
page read and write
|
||
|
E724FCE000
|
stack
|
page read and write
|
||
|
FE81E7F000
|
stack
|
page read and write
|
||
|
7FFB1CA7C000
|
unkown
|
page readonly
|
||
|
147F8825000
|
heap
|
page read and write
|
||
|
18053040000
|
heap
|
page read and write
|
||
|
20A3C820000
|
heap
|
page read and write
|
||
|
20A3C828000
|
heap
|
page read and write
|
||
|
24EE7270000
|
heap
|
page read and write
|
||
|
28AB4620000
|
heap
|
page read and write
|
||
|
7FFB1CA71000
|
unkown
|
page execute read
|
||
|
185372E000
|
stack
|
page read and write
|
||
|
7FFB1CA80000
|
unkown
|
page readonly
|
||
|
20A3CA15000
|
heap
|
page read and write
|
||
|
1DC1B280000
|
heap
|
page read and write
|
||
|
B031C7F000
|
stack
|
page read and write
|
||
|
7FFB1CA7C000
|
unkown
|
page readonly
|
||
|
20A3E360000
|
heap
|
page read and write
|
||
|
1DC1B188000
|
heap
|
page read and write
|
||
|
A1F5EFF000
|
stack
|
page read and write
|
||
|
147F84B8000
|
heap
|
page read and write
|
||
|
A6C487F000
|
stack
|
page read and write
|
||
|
7FFB1CA7E000
|
unkown
|
page read and write
|
||
|
7FFB1CA70000
|
unkown
|
page readonly
|
||
|
21EBD5DF000
|
heap
|
page read and write
|
||
|
24EE71C0000
|
heap
|
page read and write
|
||
|
251AF290000
|
heap
|
page read and write
|
||
|
18E09320000
|
heap
|
page read and write
|
||
|
2A8A9B80000
|
remote allocation
|
page read and write
|
||
|
58C4A7F000
|
stack
|
page read and write
|
||
|
1F1A00A0000
|
heap
|
page read and write
|
||
|
21EBEFB0000
|
heap
|
page read and write
|
||
|
1DC1B180000
|
heap
|
page read and write
|
||
|
7FFB1CA7C000
|
unkown
|
page readonly
|
||
|
BB4FAFC000
|
stack
|
page read and write
|
||
|
7FFB1CA70000
|
unkown
|
page readonly
|
||
|
7FFB1CA7C000
|
unkown
|
page readonly
|
||
|
7FFB1CA7C000
|
unkown
|
page readonly
|
||
|
6885A7F000
|
stack
|
page read and write
|
||
|
7FFB1CA71000
|
unkown
|
page execute read
|
||
|
1DC1B0A0000
|
heap
|
page read and write
|
||
|
7FFB1CA7C000
|
unkown
|
page readonly
|
||
|
2265C260000
|
heap
|
page read and write
|
||
|
24EE7278000
|
heap
|
page read and write
|
||
|
167547ED000
|
heap
|
page read and write
|
||
|
7FFB1CA7E000
|
unkown
|
page read and write
|
||
|
1F19FED9000
|
heap
|
page read and write
|
||
|
1DC1B2A0000
|
heap
|
page read and write
|
||
|
251AEF00000
|
heap
|
page read and write
|
||
|
2EED8D80000
|
heap
|
page read and write
|
||
|
7FFB1CA7C000
|
unkown
|
page readonly
|
||
|
D864DCE000
|
stack
|
page read and write
|
||
|
73A24EC000
|
stack
|
page read and write
|
||
|
F9566EC000
|
stack
|
page read and write
|
||
|
7FFB1CA70000
|
unkown
|
page readonly
|
||
|
23DCAE10000
|
heap
|
page read and write
|
||
|
147F8420000
|
heap
|
page read and write
|
||
|
2EED8DA0000
|
heap
|
page read and write
|
||
|
24EE71F0000
|
heap
|
page read and write
|
||
|
147F9FC0000
|
heap
|
page read and write
|
||
|
1A849930000
|
heap
|
page read and write
|
||
|
16754730000
|
heap
|
page read and write
|
||
|
2A8A9920000
|
heap
|
page read and write
|
||
|
2EED9120000
|
heap
|
page read and write
|
||
|
E724ECC000
|
stack
|
page read and write
|
||
|
B542EFF000
|
stack
|
page read and write
|
||
|
37CF12E000
|
stack
|
page read and write
|
||
|
18E09458000
|
heap
|
page read and write
|
||
|
1A849B85000
|
heap
|
page read and write
|
||
|
167547DD000
|
heap
|
page read and write
|
||
|
7FFB1CA80000
|
unkown
|
page readonly
|
||
|
20A3CA10000
|
heap
|
page read and write
|
||
|
7FFB1CA7C000
|
unkown
|
page readonly
|
||
|
28B27D78000
|
heap
|
page read and write
|
||
|
2A8A98E0000
|
heap
|
page read and write
|
||
|
28AB48C0000
|
heap
|
page read and write
|
||
|
18E09625000
|
heap
|
page read and write
|
||
|
7FFB1CA7E000
|
unkown
|
page read and write
|
||
|
2EED8F90000
|
heap
|
page read and write
|
||
|
251AF2B0000
|
heap
|
page read and write
|
||
|
2265A730000
|
heap
|
page read and write
|
||
|
23DCABF0000
|
heap
|
page read and write
|
||
|
A1F5BAC000
|
stack
|
page read and write
|
||
|
1DC1B415000
|
heap
|
page read and write
|
||
|
7FFB1CA80000
|
unkown
|
page readonly
|
||
|
3E0EDDC000
|
stack
|
page read and write
|
||
|
7FFB1CA70000
|
unkown
|
page readonly
|
||
|
23DCAAF0000
|
heap
|
page read and write
|
||
|
C3478FE000
|
stack
|
page read and write
|
||
|
7FFB1CA7E000
|
unkown
|
page read and write
|
||
|
18052FB0000
|
heap
|
page read and write
|
||
|
7FFB1CA80000
|
unkown
|
page readonly
|
||
|
B0319AF000
|
stack
|
page read and write
|
||
|
23DCAC67000
|
heap
|
page read and write
|
||
|
58C4AFF000
|
stack
|
page read and write
|
||
|
16754740000
|
heap
|
page read and write
|
||
|
16754B80000
|
heap
|
page read and write
|
||
|
A1F5E7F000
|
stack
|
page read and write
|
||
|
2A8A9BA0000
|
heap
|
page read and write
|
||
|
18053295000
|
heap
|
page read and write
|
||
|
FE81BAC000
|
stack
|
page read and write
|
||
|
B0318AC000
|
stack
|
page read and write
|
||
|
7FFB1CA71000
|
unkown
|
page execute read
|
||
|
A6C45FC000
|
stack
|
page read and write
|
||
|
21EBD520000
|
heap
|
page read and write
|
||
|
20A3E310000
|
remote allocation
|
page read and write
|
||
|
2265A780000
|
heap
|
page read and write
|
||
|
21EBD440000
|
heap
|
page read and write
|
||
|
251AF000000
|
heap
|
page read and write
|
||
|
7FFB1CA80000
|
unkown
|
page readonly
|
||
|
1449FE000
|
stack
|
page read and write
|
||
|
1B678240000
|
remote allocation
|
page read and write
|
||
|
28AB6080000
|
remote allocation
|
page read and write
|
||
|
73A25EF000
|
stack
|
page read and write
|
||
|
1F1A01F0000
|
heap
|
page read and write
|
||
|
18052F90000
|
heap
|
page read and write
|
||
|
7FFB1CA71000
|
unkown
|
page execute read
|
||
|
F9B107C000
|
stack
|
page read and write
|
||
|
1A8497E0000
|
heap
|
page read and write
|
||
|
28B27D00000
|
heap
|
page read and write
|
||
|
1B6781B0000
|
heap
|
page read and write
|
||
|
7FFB1CA7E000
|
unkown
|
page read and write
|
||
|
2EED8DA8000
|
heap
|
page read and write
|
||
|
7FFB1CA7E000
|
unkown
|
page read and write
|
||
|
7FFB1CA71000
|
unkown
|
page execute read
|
||
|
1B677FA0000
|
heap
|
page read and write
|
||
|
18E095F0000
|
heap
|
page read and write
|
||
|
2EED8F70000
|
heap
|
page read and write
|
||
|
21EBD5D0000
|
heap
|
page read and write
|
||
|
7FFB1CA71000
|
unkown
|
page execute read
|
||
|
1B678190000
|
heap
|
page read and write
|
||
|
1F1A01F5000
|
heap
|
page read and write
|
||
|
7FFB1CA71000
|
unkown
|
page execute read
|
||
|
7FFB1CA7E000
|
unkown
|
page read and write
|
||
|
7FFB1CA70000
|
unkown
|
page readonly
|
||
|
28AB46A8000
|
heap
|
page read and write
|
||
|
251AF060000
|
heap
|
page read and write
|
||
|
18536AC000
|
stack
|
page read and write
|
||
|
1F19FE90000
|
heap
|
page read and write
|
||
|
28B28020000
|
heap
|
page read and write
|
There are 266 hidden memdumps, click here to show them.