Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
j0GOUGjcJD.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\vxPvY9xhrB.bat
|
DOS batch file, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Windows\Cursors\SearchApp.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\winSaves\0VySiddKAXOECI1ul.vbe
|
data
|
dropped
|
|
|
|
C:\winSaves\TGdhCspOsuwHWHVRmOneCNdUUqTS.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\winSaves\fontsavesbroker.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\TGdhCspOsuwHWHVRmOneCNdUUqTS.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\fontsavesbroker.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\4ty73C4Ot0
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Cursors\38384e6a620884
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\winSaves\UEmczQViUsQALT5sK5Im3o.bat
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\winSaves\d8d5508f805aac
|
ASCII text, with very long lines (680), with no line terminators
|
dropped
|
||
|
\Device\Null
|
ASCII text
|
dropped
|
There are 3 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\j0GOUGjcJD.exe
|
"C:\Users\user\Desktop\j0GOUGjcJD.exe"
|
|
|
|
C:\Windows\SysWOW64\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\winSaves\0VySiddKAXOECI1ul.vbe"
|
|
|
|
C:\winSaves\fontsavesbroker.exe
|
"C:\winSaves\fontsavesbroker.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "SearchAppS" /sc MINUTE /mo 13 /tr "'C:\Windows\Cursors\SearchApp.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "SearchApp" /sc ONLOGON /tr "'C:\Windows\Cursors\SearchApp.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "SearchAppS" /sc MINUTE /mo 8 /tr "'C:\Windows\Cursors\SearchApp.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "TGdhCspOsuwHWHVRmOneCNdUUqTST" /sc MINUTE /mo 11 /tr "'C:\winSaves\TGdhCspOsuwHWHVRmOneCNdUUqTS.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "TGdhCspOsuwHWHVRmOneCNdUUqTS" /sc ONLOGON /tr "'C:\winSaves\TGdhCspOsuwHWHVRmOneCNdUUqTS.exe'" /rl
HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "TGdhCspOsuwHWHVRmOneCNdUUqTST" /sc MINUTE /mo 13 /tr "'C:\winSaves\TGdhCspOsuwHWHVRmOneCNdUUqTS.exe'"
/rl HIGHEST /f
|
|
|
|
C:\winSaves\TGdhCspOsuwHWHVRmOneCNdUUqTS.exe
|
C:\winSaves\TGdhCspOsuwHWHVRmOneCNdUUqTS.exe
|
|
|
|
C:\winSaves\TGdhCspOsuwHWHVRmOneCNdUUqTS.exe
|
C:\winSaves\TGdhCspOsuwHWHVRmOneCNdUUqTS.exe
|
|
|
|
C:\winSaves\fontsavesbroker.exe
|
"C:\winSaves\fontsavesbroker.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\winSaves\UEmczQViUsQALT5sK5Im3o.bat" "
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /C "C:\Users\user\AppData\Local\Temp\vxPvY9xhrB.bat"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\w32tm.exe
|
w32tm /stripchart /computer:localhost /period:5 /dataonly /samples:2
|
There are 7 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://ch67763.tw1.ru/@==gbJBzYuFDT
|
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER\SOFTWARE\000559980964f84fb2a50c07dedc03a1aecddec7
|
8eb5ede3783261911661fdf2040ce2ff2b814dc4
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\cmd.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\cmd.exe.ApplicationCompany
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2A65000
|
trusted library allocation
|
page read and write
|
|
|
|
2EC7000
|
trusted library allocation
|
page read and write
|
|
|
|
2E81000
|
trusted library allocation
|
page read and write
|
|
|
|
2D91000
|
trusted library allocation
|
page read and write
|
|
|
|
303E000
|
trusted library allocation
|
page read and write
|
|
|
|
2ED2000
|
trusted library allocation
|
page read and write
|
|
|
|
2FF1000
|
trusted library allocation
|
page read and write
|
|
|
|
2EE3000
|
trusted library allocation
|
page read and write
|
|
|
|
2A98000
|
trusted library allocation
|
page read and write
|
|
|
|
7FFD9B813000
|
trusted library allocation
|
page read and write
|
||
|
336D000
|
heap
|
page read and write
|
||
|
1530000
|
heap
|
page read and write
|
||
|
3399000
|
heap
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B67D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B20D000
|
stack
|
page read and write
|
||
|
FEA000
|
heap
|
page read and write
|
||
|
6D60000
|
heap
|
page read and write
|
||
|
2D80000
|
heap
|
page execute and read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
124D000
|
heap
|
page read and write
|
||
|
2BB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page execute and read and write
|
||
|
548F000
|
stack
|
page read and write
|
||
|
2ED7000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page read and write
|
||
|
1BB38000
|
heap
|
page read and write
|
||
|
7FFD9B66D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B791000
|
trusted library allocation
|
page execute and read and write
|
||
|
26D2A7C8000
|
heap
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
33EF000
|
heap
|
page read and write
|
||
|
1BB66000
|
heap
|
page read and write
|
||
|
3044000
|
heap
|
page read and write
|
||
|
12FE000
|
stack
|
page read and write
|
||
|
B07000
|
heap
|
page read and write
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
1C394000
|
heap
|
page read and write
|
||
|
1BBA9000
|
heap
|
page read and write
|
||
|
7FFD9B746000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B670000
|
trusted library allocation
|
page read and write
|
||
|
1052000
|
heap
|
page read and write
|
||
|
336C000
|
heap
|
page read and write
|
||
|
33FB000
|
heap
|
page read and write
|
||
|
1B6E0000
|
heap
|
page execute and read and write
|
||
|
306B000
|
heap
|
page read and write
|
||
|
12E83000
|
trusted library allocation
|
page read and write
|
||
|
2A40000
|
heap
|
page execute and read and write
|
||
|
7FFD9B6BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
12D91000
|
trusted library allocation
|
page read and write
|
||
|
1305000
|
heap
|
page read and write
|
||
|
1B830000
|
heap
|
page read and write
|
||
|
12E8D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page read and write
|
||
|
2E80000
|
heap
|
page execute and read and write
|
||
|
306C000
|
heap
|
page read and write
|
||
|
7FFD9B68B000
|
trusted library allocation
|
page execute and read and write
|
||
|
3399000
|
heap
|
page read and write
|
||
|
1454000
|
heap
|
page read and write
|
||
|
577E000
|
stack
|
page read and write
|
||
|
304E000
|
heap
|
page read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
7FFD9B746000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B664000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B673000
|
trusted library allocation
|
page read and write
|
||
|
10F8000
|
heap
|
page read and write
|
||
|
D6E000
|
stack
|
page read and write
|
||
|
3052000
|
heap
|
page read and write
|
||
|
1BA3F000
|
stack
|
page read and write
|
||
|
7FFD9B823000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B78A000
|
trusted library allocation
|
page execute and read and write
|
||
|
12D9D000
|
trusted library allocation
|
page read and write
|
||
|
304C000
|
heap
|
page read and write
|
||
|
306A000
|
heap
|
page read and write
|
||
|
DF4000
|
heap
|
page read and write
|
||
|
3021000
|
heap
|
page read and write
|
||
|
7FFD9B663000
|
trusted library allocation
|
page read and write
|
||
|
3028000
|
heap
|
page read and write
|
||
|
2870000
|
heap
|
page read and write
|
||
|
30C6000
|
stack
|
page read and write
|
||
|
33FB000
|
heap
|
page read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
||
|
3087000
|
heap
|
page read and write
|
||
|
599E000
|
stack
|
page read and write
|
||
|
3385000
|
heap
|
page read and write
|
||
|
3060000
|
heap
|
page read and write
|
||
|
33EF000
|
heap
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
33EF000
|
heap
|
page read and write
|
||
|
7FFD9B746000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B67D000
|
trusted library allocation
|
page execute and read and write
|
||
|
514000
|
unkown
|
page read and write
|
||
|
7FFD9B66D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BB11000
|
heap
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
DA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B844000
|
trusted library allocation
|
page read and write
|
||
|
352E000
|
stack
|
page read and write
|
||
|
7FFD9B650000
|
trusted library allocation
|
page read and write
|
||
|
32CE000
|
stack
|
page read and write
|
||
|
2F5B000
|
stack
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
2F04000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B706000
|
trusted library allocation
|
page read and write
|
||
|
14F0000
|
heap
|
page read and write
|
||
|
3052000
|
heap
|
page read and write
|
||
|
538E000
|
stack
|
page read and write
|
||
|
12E81000
|
trusted library allocation
|
page read and write
|
||
|
12FD000
|
heap
|
page read and write
|
||
|
A20000
|
unkown
|
page readonly
|
||
|
7FFD9B791000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B716000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B677000
|
trusted library allocation
|
page read and write
|
||
|
33FB000
|
heap
|
page read and write
|
||
|
33FB000
|
heap
|
page read and write
|
||
|
7FFD9B847000
|
trusted library allocation
|
page read and write
|
||
|
1BBBE000
|
stack
|
page read and write
|
||
|
7FFD9B823000
|
trusted library allocation
|
page read and write
|
||
|
3327000
|
heap
|
page read and write
|
||
|
3064000
|
heap
|
page read and write
|
||
|
1C38B000
|
stack
|
page read and write
|
||
|
3038000
|
trusted library allocation
|
page read and write
|
||
|
3087000
|
heap
|
page read and write
|
||
|
7FFD9B654000
|
trusted library allocation
|
page read and write
|
||
|
3220000
|
heap
|
page read and write
|
||
|
1BAF0000
|
heap
|
page read and write
|
||
|
3320000
|
heap
|
page read and write
|
||
|
2F4E000
|
trusted library allocation
|
page read and write
|
||
|
12EF000
|
stack
|
page read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B78F000
|
trusted library allocation
|
page execute and read and write
|
||
|
320E000
|
stack
|
page read and write
|
||
|
573E000
|
stack
|
page read and write
|
||
|
2860000
|
heap
|
page execute and read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
F51000
|
heap
|
page read and write
|
||
|
7FFD9B65D000
|
trusted library allocation
|
page execute and read and write
|
||
|
33FB000
|
heap
|
page read and write
|
||
|
3053000
|
heap
|
page read and write
|
||
|
3358000
|
heap
|
page read and write
|
||
|
7FFD9B673000
|
trusted library allocation
|
page read and write
|
||
|
30D7000
|
stack
|
page read and write
|
||
|
5234000
|
heap
|
page read and write
|
||
|
786F000
|
stack
|
page read and write
|
||
|
7FFD9B800000
|
trusted library allocation
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
5431000
|
trusted library allocation
|
page read and write
|
||
|
3044000
|
heap
|
page read and write
|
||
|
520E000
|
stack
|
page read and write
|
||
|
1BB68000
|
heap
|
page read and write
|
||
|
5A1E000
|
stack
|
page read and write
|
||
|
1B93F000
|
stack
|
page read and write
|
||
|
3066000
|
heap
|
page read and write
|
||
|
532000
|
unkown
|
page write copy
|
||
|
1BB18000
|
heap
|
page read and write
|
||
|
7FFD9B7FC000
|
trusted library allocation
|
page read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
1B390000
|
heap
|
page read and write
|
||
|
7FFD9B716000
|
trusted library allocation
|
page read and write
|
||
|
A20000
|
unkown
|
page readonly
|
||
|
7FFD9B677000
|
trusted library allocation
|
page read and write
|
||
|
1BF3E000
|
stack
|
page read and write
|
||
|
1BBA1000
|
heap
|
page read and write
|
||
|
7FFD9B68B000
|
trusted library allocation
|
page execute and read and write
|
||
|
4DFE000
|
stack
|
page read and write
|
||
|
50E000
|
unkown
|
page read and write
|
||
|
5D6D000
|
stack
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
1BB74000
|
heap
|
page read and write
|
||
|
7FFD9B803000
|
trusted library allocation
|
page read and write
|
||
|
12A5D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B66D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A51000
|
trusted library allocation
|
page read and write
|
||
|
105E000
|
heap
|
page read and write
|
||
|
7FFD9B710000
|
trusted library allocation
|
page read and write
|
||
|
3000000
|
heap
|
page read and write
|
||
|
3047000
|
heap
|
page read and write
|
||
|
26D2A8D0000
|
heap
|
page read and write
|
||
|
332B000
|
heap
|
page read and write
|
||
|
328E000
|
stack
|
page read and write
|
||
|
3365000
|
heap
|
page read and write
|
||
|
12A51000
|
trusted library allocation
|
page read and write
|
||
|
305C000
|
heap
|
page read and write
|
||
|
2CDE000
|
stack
|
page read and write
|
||
|
4E10000
|
heap
|
page read and write
|
||
|
3031000
|
heap
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
3396000
|
heap
|
page read and write
|
||
|
DF5000
|
heap
|
page read and write
|
||
|
5230000
|
heap
|
page read and write
|
||
|
334E000
|
stack
|
page read and write
|
||
|
30D0000
|
stack
|
page read and write
|
||
|
2F01000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B78A000
|
trusted library allocation
|
page execute and read and write
|
||
|
108F000
|
heap
|
page read and write
|
||
|
7FFD9B673000
|
trusted library allocation
|
page read and write
|
||
|
1287000
|
heap
|
page read and write
|
||
|
3046000
|
heap
|
page read and write
|
||
|
7FFD9B684000
|
trusted library allocation
|
page read and write
|
||
|
4D1000
|
unkown
|
page execute read
|
||
|
3470000
|
heap
|
page read and write
|
||
|
2DC6000
|
stack
|
page read and write
|
||
|
7FFD9B68D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B793000
|
stack
|
page read and write
|
||
|
4D0000
|
unkown
|
page readonly
|
||
|
5880000
|
heap
|
page read and write
|
||
|
3008000
|
heap
|
page read and write
|
||
|
A22000
|
unkown
|
page readonly
|
||
|
7FFD9B80C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B67C000
|
trusted library allocation
|
page read and write
|
||
|
1B64F000
|
stack
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
26D2A9B0000
|
heap
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
1535000
|
heap
|
page read and write
|
||
|
7FFD9B664000
|
trusted library allocation
|
page read and write
|
||
|
3057000
|
heap
|
page read and write
|
||
|
1BCB4000
|
stack
|
page read and write
|
||
|
125C000
|
heap
|
page read and write
|
||
|
3065000
|
heap
|
page read and write
|
||
|
304A000
|
heap
|
page read and write
|
||
|
5590000
|
trusted library allocation
|
page read and write
|
||
|
344E000
|
stack
|
page read and write
|
||
|
33EF000
|
heap
|
page read and write
|
||
|
306C000
|
heap
|
page read and write
|
||
|
304C000
|
heap
|
page read and write
|
||
|
1B8EE000
|
stack
|
page read and write
|
||
|
BF4000
|
heap
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
7FFD9B667000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B720000
|
trusted library allocation
|
page execute and read and write
|
||
|
33EF000
|
heap
|
page read and write
|
||
|
1BB7B000
|
heap
|
page read and write
|
||
|
2D10000
|
heap
|
page read and write
|
||
|
1BDBE000
|
stack
|
page read and write
|
||
|
12A58000
|
trusted library allocation
|
page read and write
|
||
|
335E000
|
heap
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
304F000
|
heap
|
page read and write
|
||
|
7FFD9B6BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
50E000
|
unkown
|
page write copy
|
||
|
1B49F000
|
stack
|
page read and write
|
||
|
1B80F000
|
stack
|
page read and write
|
||
|
1310000
|
trusted library allocation
|
page read and write
|
||
|
3071000
|
heap
|
page read and write
|
||
|
7FFD9B78F000
|
trusted library allocation
|
page execute and read and write
|
||
|
12A53000
|
trusted library allocation
|
page read and write
|
||
|
30E8000
|
stack
|
page read and write
|
||
|
7FFD9B67C000
|
trusted library allocation
|
page read and write
|
||
|
141E000
|
stack
|
page read and write
|
||
|
7FFD9B660000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
||
|
532000
|
unkown
|
page readonly
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
3058000
|
heap
|
page read and write
|
||
|
1B59F000
|
stack
|
page read and write
|
||
|
7FFD9B80E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B67C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B80B000
|
trusted library allocation
|
page read and write
|
||
|
13A5000
|
heap
|
page read and write
|
||
|
102C000
|
heap
|
page read and write
|
||
|
3070000
|
heap
|
page read and write
|
||
|
531000
|
unkown
|
page read and write
|
||
|
544A000
|
trusted library allocation
|
page read and write
|
||
|
12E88000
|
trusted library allocation
|
page read and write
|
||
|
7570000
|
heap
|
page read and write
|
||
|
7FFD9B70C000
|
trusted library allocation
|
page execute and read and write
|
||
|
9E5E8FE000
|
stack
|
page read and write
|
||
|
563E000
|
stack
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
1BB27000
|
heap
|
page read and write
|
||
|
7FFD9B680000
|
trusted library allocation
|
page read and write
|
||
|
12FF1000
|
trusted library allocation
|
page read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
2AAC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B666000
|
trusted library allocation
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
7FFD9B823000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B684000
|
trusted library allocation
|
page read and write
|
||
|
3028000
|
heap
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page execute and read and write
|
||
|
3240000
|
heap
|
page read and write
|
||
|
9E5E87E000
|
stack
|
page read and write
|
||
|
3051000
|
heap
|
page read and write
|
||
|
1B89E000
|
stack
|
page read and write
|
||
|
ADD000
|
heap
|
page read and write
|
||
|
104A000
|
heap
|
page read and write
|
||
|
1B57E000
|
stack
|
page read and write
|
||
|
330D000
|
stack
|
page read and write
|
||
|
FA9000
|
heap
|
page read and write
|
||
|
5591000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
5AE0000
|
heap
|
page read and write
|
||
|
1026000
|
heap
|
page read and write
|
||
|
1340000
|
trusted library allocation
|
page read and write
|
||
|
1BB49000
|
heap
|
page read and write
|
||
|
1061000
|
heap
|
page read and write
|
||
|
347A000
|
heap
|
page read and write
|
||
|
7FFD9B710000
|
trusted library allocation
|
page execute and read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
1B9BF000
|
stack
|
page read and write
|
||
|
1B9E4000
|
stack
|
page read and write
|
||
|
7FFD9B811000
|
trusted library allocation
|
page read and write
|
||
|
1BFC0000
|
heap
|
page read and write
|
||
|
7FFD9B653000
|
trusted library allocation
|
page execute and read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
3399000
|
heap
|
page read and write
|
||
|
DD0000
|
trusted library allocation
|
page read and write
|
||
|
3330000
|
heap
|
page read and write
|
||
|
7FFD9B66C000
|
trusted library allocation
|
page read and write
|
||
|
3049000
|
heap
|
page read and write
|
||
|
1BABF000
|
stack
|
page read and write
|
||
|
1BB29000
|
heap
|
page read and write
|
||
|
796C000
|
stack
|
page read and write
|
||
|
7FFD9B652000
|
trusted library allocation
|
page read and write
|
||
|
5580000
|
heap
|
page read and write
|
||
|
1BB34000
|
stack
|
page read and write
|
||
|
2E70000
|
heap
|
page execute and read and write
|
||
|
163F000
|
stack
|
page read and write
|
||
|
533000
|
unkown
|
page readonly
|
||
|
305E000
|
heap
|
page read and write
|
||
|
305F000
|
heap
|
page read and write
|
||
|
1BE3E000
|
stack
|
page read and write
|
||
|
6D63000
|
heap
|
page read and write
|
||
|
3087000
|
heap
|
page read and write
|
||
|
7FF49F190000
|
trusted library allocation
|
page execute and read and write
|
||
|
B09000
|
heap
|
page read and write
|
||
|
2E5B000
|
stack
|
page read and write
|
||
|
5594000
|
heap
|
page read and write
|
||
|
3048000
|
heap
|
page read and write
|
||
|
1BB5E000
|
heap
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
4D90000
|
heap
|
page read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
1245000
|
heap
|
page read and write
|
||
|
3061000
|
heap
|
page read and write
|
||
|
2EDC000
|
trusted library allocation
|
page read and write
|
||
|
589E000
|
stack
|
page read and write
|
||
|
1360000
|
trusted library allocation
|
page read and write
|
||
|
27FE000
|
stack
|
page read and write
|
||
|
1289000
|
heap
|
page read and write
|
||
|
3338000
|
heap
|
page read and write
|
||
|
7FFD9B68D000
|
trusted library allocation
|
page execute and read and write
|
||
|
AF2000
|
unkown
|
page readonly
|
||
|
2D10000
|
trusted library allocation
|
page read and write
|
||
|
3354000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
330E000
|
stack
|
page read and write
|
||
|
26D2A7B0000
|
heap
|
page read and write
|
||
|
7FFD9B663000
|
trusted library allocation
|
page execute and read and write
|
||
|
30F2000
|
stack
|
page read and write
|
||
|
304F000
|
heap
|
page read and write
|
||
|
7FFD9B844000
|
trusted library allocation
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
1ADC0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B663000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
||
|
1B68E000
|
stack
|
page read and write
|
||
|
7FFD9B674000
|
trusted library allocation
|
page read and write
|
||
|
4D0000
|
unkown
|
page readonly
|
||
|
309C000
|
heap
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
7FFD9B7F0000
|
trusted library allocation
|
page read and write
|
||
|
1BEB3000
|
stack
|
page read and write
|
||
|
1C18E000
|
stack
|
page read and write
|
||
|
7FFD9B816000
|
trusted library allocation
|
page read and write
|
||
|
10F6000
|
stack
|
page read and write
|
||
|
7FFD9B710000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B80C000
|
trusted library allocation
|
page read and write
|
||
|
26D2A8B0000
|
heap
|
page read and write
|
||
|
12F7000
|
heap
|
page read and write
|
||
|
12FF3000
|
trusted library allocation
|
page read and write
|
||
|
306C000
|
heap
|
page read and write
|
||
|
3054000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
D46000
|
stack
|
page read and write
|
||
|
1B30F000
|
stack
|
page read and write
|
||
|
3065000
|
heap
|
page read and write
|
||
|
1BD3E000
|
stack
|
page read and write
|
||
|
309C000
|
heap
|
page read and write
|
||
|
362E000
|
stack
|
page read and write
|
||
|
7FFD9B677000
|
trusted library allocation
|
page read and write
|
||
|
776F000
|
stack
|
page read and write
|
||
|
7FFD9B82B000
|
trusted library allocation
|
page read and write
|
||
|
1BB52000
|
heap
|
page read and write
|
||
|
33BE000
|
heap
|
page read and write
|
||
|
30BC000
|
stack
|
page read and write
|
||
|
F71000
|
heap
|
page read and write
|
||
|
F65000
|
heap
|
page read and write
|
||
|
1BB93000
|
heap
|
page read and write
|
||
|
12D98000
|
trusted library allocation
|
page read and write
|
||
|
F75000
|
heap
|
page read and write
|
||
|
7FFD9B80E000
|
trusted library allocation
|
page read and write
|
||
|
5B2E000
|
stack
|
page read and write
|
||
|
1BB3A000
|
heap
|
page read and write
|
||
|
3369000
|
heap
|
page read and write
|
||
|
54A0000
|
heap
|
page read and write
|
||
|
3368000
|
heap
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
304C000
|
heap
|
page read and write
|
||
|
7FFD9B67D000
|
trusted library allocation
|
page execute and read and write
|
||
|
E54000
|
heap
|
page read and write
|
||
|
1C390000
|
heap
|
page read and write
|
||
|
30FA000
|
stack
|
page read and write
|
||
|
2F54000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B71C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
AA9000
|
heap
|
page read and write
|
||
|
3040000
|
heap
|
page read and write
|
||
|
30E3000
|
stack
|
page read and write
|
||
|
1B020000
|
trusted library allocation
|
page read and write
|
||
|
305A000
|
heap
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
2F2C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B827000
|
trusted library allocation
|
page read and write
|
||
|
14AF000
|
stack
|
page read and write
|
||
|
5C2F000
|
stack
|
page read and write
|
||
|
1BC33000
|
stack
|
page read and write
|
||
|
12DA1000
|
trusted library allocation
|
page read and write
|
||
|
26D2A7B9000
|
heap
|
page read and write
|
||
|
5890000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
3065000
|
heap
|
page read and write
|
||
|
2DF9000
|
trusted library allocation
|
page read and write
|
||
|
12FFD000
|
trusted library allocation
|
page read and write
|
||
|
1B700000
|
heap
|
page execute and read and write
|
||
|
26D2A6C0000
|
heap
|
page read and write
|
||
|
7FFD9B662000
|
trusted library allocation
|
page read and write
|
||
|
125E000
|
heap
|
page read and write
|
||
|
26D2A9B4000
|
heap
|
page read and write
|
||
|
123B000
|
heap
|
page read and write
|
||
|
7FFD9B841000
|
trusted library allocation
|
page read and write
|
||
|
1AEB0000
|
trusted library allocation
|
page read and write
|
||
|
2FEE000
|
stack
|
page read and write
|
||
|
108B000
|
heap
|
page read and write
|
||
|
305D000
|
heap
|
page read and write
|
||
|
7FFD9B800000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B660000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B736000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page execute and read and write
|
||
|
B47000
|
heap
|
page read and write
|
||
|
9E5E5DC000
|
stack
|
page read and write
|
||
|
3368000
|
heap
|
page read and write
|
||
|
7FFD9B680000
|
trusted library allocation
|
page read and write
|
||
|
6D63000
|
heap
|
page read and write
|
||
|
3245000
|
heap
|
page read and write
|
||
|
2B11000
|
trusted library allocation
|
page read and write
|
||
|
1AECD000
|
stack
|
page read and write
|
||
|
2F95000
|
heap
|
page read and write
|
||
|
3044000
|
heap
|
page read and write
|
||
|
7FFD9B71C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7678000
|
heap
|
page read and write
|
||
|
7FFD9B684000
|
trusted library allocation
|
page read and write
|
||
|
1BAE3000
|
stack
|
page read and write
|
||
|
52A0000
|
heap
|
page read and write
|
||
|
12FF8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B816000
|
trusted library allocation
|
page read and write
|
||
|
F3C000
|
heap
|
page read and write
|
||
|
3368000
|
heap
|
page read and write
|
||
|
335F000
|
heap
|
page read and write
|
||
|
7FFD9B720000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B7EF000
|
stack
|
page read and write
|
||
|
7FFD9B664000
|
trusted library allocation
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
306C000
|
heap
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
306A000
|
heap
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page read and write
|
||
|
14B0000
|
trusted library allocation
|
page read and write
|
||
|
3368000
|
heap
|
page read and write
|
||
|
F5E000
|
stack
|
page read and write
|
||
|
587E000
|
stack
|
page read and write
|
||
|
2DE3000
|
trusted library allocation
|
page read and write
|
||
|
3041000
|
heap
|
page read and write
|
||
|
ADB000
|
heap
|
page read and write
|
||
|
3045000
|
heap
|
page read and write
|
||
|
7FFD9B67B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B700000
|
trusted library allocation
|
page read and write
|
||
|
309C000
|
heap
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
534F000
|
stack
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page execute and read and write
|
||
|
1380000
|
heap
|
page execute and read and write
|
||
|
7FFD9B66D000
|
trusted library allocation
|
page execute and read and write
|
||
|
503000
|
unkown
|
page readonly
|
||
|
5A5B000
|
stack
|
page read and write
|
||
|
F5D000
|
heap
|
page read and write
|
||
|
1BB1D000
|
heap
|
page read and write
|
||
|
D80000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
7FFD9B850000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page read and write
|
||
|
1AA80000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
5C6C000
|
stack
|
page read and write
|
||
|
304F000
|
heap
|
page read and write
|
||
|
5592000
|
heap
|
page read and write
|
||
|
1BBC6000
|
heap
|
page read and write
|
||
|
EF6000
|
stack
|
page read and write
|
||
|
140F000
|
stack
|
page read and write
|
||
|
3066000
|
heap
|
page read and write
|
||
|
1450000
|
heap
|
page read and write
|
||
|
3070000
|
heap
|
page read and write
|
||
|
7FFD9B716000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B80A000
|
trusted library allocation
|
page read and write
|
||
|
3358000
|
heap
|
page read and write
|
||
|
33F1000
|
heap
|
page read and write
|
||
|
7FFD9B800000
|
trusted library allocation
|
page read and write
|
||
|
503000
|
unkown
|
page readonly
|
||
|
11FE000
|
stack
|
page read and write
|
||
|
7FFD9B6BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B663000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D70000
|
trusted library allocation
|
page read and write
|
||
|
304E000
|
trusted library allocation
|
page read and write
|
||
|
1BB81000
|
heap
|
page read and write
|
||
|
7D6000
|
stack
|
page read and write
|
||
|
1228000
|
heap
|
page read and write
|
||
|
3210000
|
heap
|
page readonly
|
||
|
F20000
|
trusted library allocation
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
7FFD9B67D000
|
trusted library allocation
|
page execute and read and write
|
||
|
59DE000
|
stack
|
page read and write
|
||
|
1B2FD000
|
stack
|
page read and write
|
||
|
1C28E000
|
stack
|
page read and write
|
||
|
1BFBE000
|
stack
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
7FFD9B80C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B860000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page read and write
|
||
|
1B69B000
|
stack
|
page read and write
|
||
|
4D1000
|
unkown
|
page execute read
|
||
|
B80000
|
heap
|
page read and write
|
There are 528 hidden memdumps, click here to show them.