Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
oneDrive.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\_MEI75162\VCRUNTIME140.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI75162\_bz2.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI75162\_decimal.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI75162\_hashlib.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI75162\_lzma.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI75162\_socket.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI75162\_ssl.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI75162\base_library.zip
|
Zip archive data, at least v2.0 to extract, compression method=store
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI75162\libcrypto-1_1.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI75162\libssl-1_1.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI75162\python310.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI75162\select.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI75162\unicodedata.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\oneDrive.exe
|
"C:\Users\user\Desktop\oneDrive.exe"
|
|
|
|
C:\Users\user\Desktop\oneDrive.exe
|
"C:\Users\user\Desktop\oneDrive.exe"
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c "del C:\Windows\Help\en-us\*.rar"
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c "hostname"
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Rar.exe a -r -v1m -n@C:\Windows\media\check.wav -ta20240929000000
-hpN@991li#S!@# C:\Windows\Help\en-us\87072c.rar C:\users\*.*"
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c "tasklist"
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c "hostname"
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c "C:\ProgramData\Microsoft\Rar.exe a -r -v1m -n@C:\Windows\media\check.wav -ta20240929000000
-hpN@991li#S!@# C:\Windows\Help\en-us\87072D.rar D:\\*.*"
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c "tasklist"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\HOSTNAME.EXE
|
hostname
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\tasklist.exe
|
tasklist
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\HOSTNAME.EXE
|
hostname
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\tasklist.exe
|
tasklist
|
There are 10 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://github.com/python/cpython/blob/3.9/Lib/importlib/_bootstrap_external.py#L679-L688
|
unknown
|
||
|
https://pixeldrain.com/api/file
|
unknown
|
||
|
https://mahler:8092/site-updates.py
|
unknown
|
||
|
http://www.robotstxt.org/norobots-rfc.txt
|
unknown
|
||
|
https://www.python.org/download/releases/2.3/mro/.
|
unknown
|
||
|
https://www.python.org/
|
unknown
|
||
|
https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/reader
|
unknown
|
||
|
https://www.openssl.org/H
|
unknown
|
||
|
http://www.iana.org/time-zones/repository/tz-link.html
|
unknown
|
||
|
https://www.python.org/dev/peps/pep-0205/
|
unknown
|
||
|
http://www.cl.cam.ac.uk/~mgk25/iso-time.html
|
unknown
|
||
|
https://python.org/dev/peps/pep-0263/
|
unknown
|
||
|
https://github.com/tensorflow/datasets/blob/master/tensorflow_datasets/core/utils/resource_utils.py#
|
unknown
|
||
|
https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/abc.py
|
unknown
|
||
|
http://www.phys.uu.nl/~vgent/calendar/isocalendar.htm
|
unknown
|
||
|
http://crl3.digi
|
unknown
|
||
|
https://github.com/Unidata/MetPy/blob/a3424de66a44bf3a92b0dcacf4dff82ad7b86712/src/metpy/plots/wx_sy
|
unknown
|
There are 7 hidden URLs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
A616EFF000
|
unkown
|
page read and write
|
||
|
2E2B7AC0000
|
heap
|
page read and write
|
||
|
2365D730000
|
heap
|
page read and write
|
||
|
2090D183000
|
heap
|
page read and write
|
||
|
2365F9D9000
|
heap
|
page read and write
|
||
|
2365D738000
|
heap
|
page read and write
|
||
|
2365F911000
|
heap
|
page read and write
|
||
|
28DD6F18000
|
heap
|
page read and write
|
||
|
2A2DEC60000
|
heap
|
page read and write
|
||
|
7FFB23B22000
|
unkown
|
page readonly
|
||
|
2365D78A000
|
heap
|
page read and write
|
||
|
2090D17E000
|
heap
|
page read and write
|
||
|
2365F91A000
|
heap
|
page read and write
|
||
|
FF315FF000
|
unkown
|
page read and write
|
||
|
7FF6869C1000
|
unkown
|
page execute read
|
||
|
26E823B0000
|
heap
|
page read and write
|
||
|
2365D799000
|
heap
|
page read and write
|
||
|
2365D7CA000
|
heap
|
page read and write
|
||
|
2365F952000
|
heap
|
page read and write
|
||
|
1E3D4A90000
|
heap
|
page read and write
|
||
|
21C1A4A0000
|
heap
|
page read and write
|
||
|
2365FB10000
|
heap
|
page read and write
|
||
|
7FF6869EA000
|
unkown
|
page readonly
|
||
|
2365D773000
|
heap
|
page read and write
|
||
|
2365D7ED000
|
heap
|
page read and write
|
||
|
7FF686A0E000
|
unkown
|
page readonly
|
||
|
2365FD44000
|
direct allocation
|
page read and write
|
||
|
2365D7E9000
|
heap
|
page read and write
|
||
|
19EEBA4D000
|
heap
|
page read and write
|
||
|
2365D781000
|
heap
|
page read and write
|
||
|
2365FB67000
|
heap
|
page read and write
|
||
|
19444321000
|
heap
|
page read and write
|
||
|
B6C05EC000
|
stack
|
page read and write
|
||
|
2365F93D000
|
heap
|
page read and write
|
||
|
2365F9D3000
|
heap
|
page read and write
|
||
|
2365F911000
|
heap
|
page read and write
|
||
|
2365D730000
|
heap
|
page read and write
|
||
|
2365D7CC000
|
heap
|
page read and write
|
||
|
2365D7A3000
|
heap
|
page read and write
|
||
|
7FFB0C1F7000
|
unkown
|
page execute and read and write
|
||
|
2365D799000
|
heap
|
page read and write
|
||
|
B6C05EA000
|
stack
|
page read and write
|
||
|
1944430A000
|
heap
|
page read and write
|
||
|
2365D783000
|
heap
|
page read and write
|
||
|
2365FB5C000
|
heap
|
page read and write
|
||
|
2365D772000
|
heap
|
page read and write
|
||
|
7FF6869C1000
|
unkown
|
page execute read
|
||
|
1E3D4AA0000
|
heap
|
page read and write
|
||
|
2365FA9C000
|
direct allocation
|
page read and write
|
||
|
2365D7A3000
|
heap
|
page read and write
|
||
|
26E8239A000
|
heap
|
page read and write
|
||
|
2365FD18000
|
direct allocation
|
page read and write
|
||
|
7FFB23B00000
|
unkown
|
page readonly
|
||
|
2365F971000
|
heap
|
page read and write
|
||
|
2365D78E000
|
heap
|
page read and write
|
||
|
2A2DEE90000
|
heap
|
page read and write
|
||
|
2365D77A000
|
heap
|
page read and write
|
||
|
1A75C590000
|
heap
|
page read and write
|
||
|
F7CA88B000
|
stack
|
page read and write
|
||
|
21C1A450000
|
heap
|
page read and write
|
||
|
7FFB0C237000
|
unkown
|
page read and write
|
||
|
2AE704C5000
|
heap
|
page read and write
|
||
|
7FFB24BD1000
|
unkown
|
page execute read
|
||
|
2365FA02000
|
heap
|
page read and write
|
||
|
F7CA98F000
|
stack
|
page read and write
|
||
|
2AE70119000
|
heap
|
page read and write
|
||
|
28DD6F1C000
|
heap
|
page read and write
|
||
|
2365FA7C000
|
direct allocation
|
page read and write
|
||
|
E7C01DC000
|
stack
|
page read and write
|
||
|
EFF518C000
|
stack
|
page read and write
|
||
|
2365F9D9000
|
heap
|
page read and write
|
||
|
2365F91A000
|
heap
|
page read and write
|
||
|
2365F943000
|
heap
|
page read and write
|
||
|
28DD6F1E000
|
heap
|
page read and write
|
||
|
2365D7EE000
|
heap
|
page read and write
|
||
|
2365F934000
|
heap
|
page read and write
|
||
|
2365F9EF000
|
heap
|
page read and write
|
||
|
5A3AFFF000
|
unkown
|
page read and write
|
||
|
2365F578000
|
direct allocation
|
page read and write
|
||
|
28DD6ED0000
|
heap
|
page read and write
|
||
|
2090D185000
|
heap
|
page read and write
|
||
|
2365FDA0000
|
direct allocation
|
page read and write
|
||
|
2090D17E000
|
heap
|
page read and write
|
||
|
26E823BB000
|
heap
|
page read and write
|
||
|
234D11F0000
|
heap
|
page read and write
|
||
|
12F3FDC000
|
stack
|
page read and write
|
||
|
2090D185000
|
heap
|
page read and write
|
||
|
2365D781000
|
heap
|
page read and write
|
||
|
EFF55FF000
|
stack
|
page read and write
|
||
|
2090D183000
|
heap
|
page read and write
|
||
|
26E823B3000
|
heap
|
page read and write
|
||
|
2090D183000
|
heap
|
page read and write
|
||
|
2365F928000
|
heap
|
page read and write
|
||
|
2365D797000
|
heap
|
page read and write
|
||
|
7FFB23B01000
|
unkown
|
page execute read
|
||
|
28DD70A0000
|
heap
|
page read and write
|
||
|
A616B3D000
|
stack
|
page read and write
|
||
|
2E2B7D60000
|
heap
|
page read and write
|
||
|
2090EB40000
|
heap
|
page read and write
|
||
|
2365D766000
|
heap
|
page read and write
|
||
|
2365D7DC000
|
heap
|
page read and write
|
||
|
234D10B0000
|
heap
|
page read and write
|
||
|
7FF686A0E000
|
unkown
|
page readonly
|
||
|
2365D785000
|
heap
|
page read and write
|
||
|
26E823BB000
|
heap
|
page read and write
|
||
|
7FF6869C1000
|
unkown
|
page execute read
|
||
|
12F42FF000
|
unkown
|
page read and write
|
||
|
2365D7CA000
|
heap
|
page read and write
|
||
|
2365D773000
|
heap
|
page read and write
|
||
|
2365D7CA000
|
heap
|
page read and write
|
||
|
2090D183000
|
heap
|
page read and write
|
||
|
2365FB4A000
|
heap
|
page read and write
|
||
|
F7CAC7E000
|
stack
|
page read and write
|
||
|
2365F91B000
|
heap
|
page read and write
|
||
|
2365F9E9000
|
heap
|
page read and write
|
||
|
234D11F5000
|
heap
|
page read and write
|
||
|
A616FFF000
|
stack
|
page read and write
|
||
|
7FFB0C204000
|
unkown
|
page execute and read and write
|
||
|
2365D7CC000
|
heap
|
page read and write
|
||
|
2365F94A000
|
heap
|
page read and write
|
||
|
1E3D4D95000
|
heap
|
page read and write
|
||
|
26E823AE000
|
heap
|
page read and write
|
||
|
2365F91A000
|
heap
|
page read and write
|
||
|
A6A0AFF000
|
stack
|
page read and write
|
||
|
2365F5A4000
|
direct allocation
|
page read and write
|
||
|
2365FB50000
|
heap
|
page read and write
|
||
|
2365D797000
|
heap
|
page read and write
|
||
|
F05839E000
|
stack
|
page read and write
|
||
|
2090D350000
|
heap
|
page read and write
|
||
|
2365F9C9000
|
heap
|
page read and write
|
||
|
28DD6F29000
|
heap
|
page read and write
|
||
|
2365D768000
|
heap
|
page read and write
|
||
|
2A2DEC70000
|
heap
|
page read and write
|
||
|
1A75C5A0000
|
heap
|
page read and write
|
||
|
2365D781000
|
heap
|
page read and write
|
||
|
2365D791000
|
heap
|
page read and write
|
||
|
BBC277F000
|
stack
|
page read and write
|
||
|
19EEBC30000
|
heap
|
page read and write
|
||
|
1A75C5C0000
|
heap
|
page read and write
|
||
|
7FFB24BE1000
|
unkown
|
page readonly
|
||
|
2365FDB4000
|
direct allocation
|
page read and write
|
||
|
2365D773000
|
heap
|
page read and write
|
||
|
62DA0FF000
|
stack
|
page read and write
|
||
|
28DD6F0A000
|
heap
|
page read and write
|
||
|
2365FB66000
|
heap
|
page read and write
|
||
|
1A75C631000
|
heap
|
page read and write
|
||
|
28DD6F1C000
|
heap
|
page read and write
|
||
|
2090D183000
|
heap
|
page read and write
|
||
|
7FF686A00000
|
unkown
|
page read and write
|
||
|
2365FB39000
|
heap
|
page read and write
|
||
|
7FFB24BD0000
|
unkown
|
page readonly
|
||
|
2365D7A3000
|
heap
|
page read and write
|
||
|
2365F9C9000
|
heap
|
page read and write
|
||
|
2365FDA8000
|
direct allocation
|
page read and write
|
||
|
7FF6869EA000
|
unkown
|
page readonly
|
||
|
19EEBA10000
|
heap
|
page read and write
|
||
|
7FF6869C0000
|
unkown
|
page readonly
|
||
|
2365F9C1000
|
heap
|
page read and write
|
||
|
7FFB23B00000
|
unkown
|
page readonly
|
||
|
28DD6ED8000
|
heap
|
page read and write
|
||
|
7FF6869FD000
|
unkown
|
page read and write
|
||
|
7FFB0BDE0000
|
unkown
|
page readonly
|
||
|
2365F915000
|
heap
|
page read and write
|
||
|
28DD6EFB000
|
heap
|
page read and write
|
||
|
2365F932000
|
heap
|
page read and write
|
||
|
2365D75F000
|
heap
|
page read and write
|
||
|
2365D762000
|
heap
|
page read and write
|
||
|
2365D79F000
|
heap
|
page read and write
|
||
|
2365F558000
|
direct allocation
|
page read and write
|
||
|
7FFB23B16000
|
unkown
|
page readonly
|
||
|
28DD6F0A000
|
heap
|
page read and write
|
||
|
2365F935000
|
heap
|
page read and write
|
||
|
2365D751000
|
heap
|
page read and write
|
||
|
2365D7D3000
|
heap
|
page read and write
|
||
|
21C1A480000
|
heap
|
page read and write
|
||
|
2365D785000
|
heap
|
page read and write
|
||
|
7FFB23B25000
|
unkown
|
page readonly
|
||
|
E01D7DF000
|
stack
|
page read and write
|
||
|
2365F9D3000
|
heap
|
page read and write
|
||
|
2365F943000
|
heap
|
page read and write
|
||
|
2365D6F0000
|
heap
|
page read and write
|
||
|
2365D7ED000
|
heap
|
page read and write
|
||
|
2A2DECCB000
|
heap
|
page read and write
|
||
|
28DD6F21000
|
heap
|
page read and write
|
||
|
5A3B0FF000
|
stack
|
page read and write
|
||
|
194442B0000
|
heap
|
page read and write
|
||
|
234D0F80000
|
heap
|
page read and write
|
||
|
2365FD74000
|
direct allocation
|
page read and write
|
||
|
2365FB50000
|
heap
|
page read and write
|
||
|
2AE70110000
|
heap
|
page read and write
|
||
|
28DD6F00000
|
heap
|
page read and write
|
||
|
28DD6F29000
|
heap
|
page read and write
|
||
|
2365FB11000
|
heap
|
page read and write
|
||
|
28DD6EF5000
|
heap
|
page read and write
|
||
|
2365F941000
|
heap
|
page read and write
|
||
|
2090D340000
|
heap
|
page readonly
|
||
|
2365FB66000
|
heap
|
page read and write
|
||
|
7FF686A0C000
|
unkown
|
page read and write
|
||
|
21C1A650000
|
heap
|
page read and write
|
||
|
2365FB66000
|
heap
|
page read and write
|
||
|
2365D768000
|
heap
|
page read and write
|
||
|
2365F9DD000
|
heap
|
page read and write
|
||
|
E7C04FF000
|
stack
|
page read and write
|
||
|
2365D772000
|
heap
|
page read and write
|
||
|
28DD6F00000
|
heap
|
page read and write
|
||
|
2365F93E000
|
heap
|
page read and write
|
||
|
2365F9F8000
|
heap
|
page read and write
|
||
|
21C1A4A0000
|
heap
|
page read and write
|
||
|
2365F942000
|
heap
|
page read and write
|
||
|
2365FB39000
|
heap
|
page read and write
|
||
|
7FFB0C1FA000
|
unkown
|
page execute and read and write
|
||
|
2365D70D000
|
heap
|
page read and write
|
||
|
2365FA02000
|
heap
|
page read and write
|
||
|
28DD7260000
|
heap
|
page read and write
|
||
|
2E2B79C0000
|
heap
|
page read and write
|
||
|
2365D7EB000
|
heap
|
page read and write
|
||
|
7FFB0C10D000
|
unkown
|
page execute and read and write
|
||
|
F7CAD7F000
|
stack
|
page read and write
|
||
|
2A2DECE0000
|
heap
|
page read and write
|
||
|
7FF6869FD000
|
unkown
|
page write copy
|
||
|
2365F184000
|
heap
|
page read and write
|
||
|
2365F9C9000
|
heap
|
page read and write
|
||
|
2365F9DA000
|
heap
|
page read and write
|
||
|
2365F929000
|
heap
|
page read and write
|
||
|
B6C09CE000
|
stack
|
page read and write
|
||
|
2365D781000
|
heap
|
page read and write
|
||
|
19EEBA40000
|
heap
|
page read and write
|
||
|
21C1A6C5000
|
heap
|
page read and write
|
||
|
2365D7A3000
|
heap
|
page read and write
|
||
|
2365F911000
|
heap
|
page read and write
|
||
|
26E82399000
|
heap
|
page read and write
|
||
|
28DD6F1C000
|
heap
|
page read and write
|
||
|
26E82320000
|
heap
|
page read and write
|
||
|
7FFB23B16000
|
unkown
|
page readonly
|
||
|
2365D7DA000
|
heap
|
page read and write
|
||
|
2365D7E5000
|
heap
|
page read and write
|
||
|
2A2DEC90000
|
heap
|
page read and write
|
||
|
7FFB23B20000
|
unkown
|
page read and write
|
||
|
2365F9B9000
|
heap
|
page read and write
|
||
|
A6A09FF000
|
unkown
|
page read and write
|
||
|
2090D183000
|
heap
|
page read and write
|
||
|
28DD6EC0000
|
heap
|
page read and write
|
||
|
2365D77E000
|
heap
|
page read and write
|
||
|
2AE700B0000
|
heap
|
page read and write
|
||
|
1E3D4D90000
|
heap
|
page read and write
|
||
|
26E823BC000
|
heap
|
page read and write
|
||
|
2365D7C9000
|
heap
|
page read and write
|
||
|
2365FB20000
|
heap
|
page read and write
|
||
|
2365F9EF000
|
heap
|
page read and write
|
||
|
26E823AE000
|
heap
|
page read and write
|
||
|
2090D183000
|
heap
|
page read and write
|
||
|
26E8238D000
|
heap
|
page read and write
|
||
|
19EEBA60000
|
heap
|
page read and write
|
||
|
7FFB0C0A6000
|
unkown
|
page execute and read and write
|
||
|
7FFB0C1BA000
|
unkown
|
page execute and read and write
|
||
|
26E82625000
|
heap
|
page read and write
|
||
|
2365F9B9000
|
heap
|
page read and write
|
||
|
2365F9F0000
|
heap
|
page read and write
|
||
|
2365F180000
|
heap
|
page read and write
|
||
|
7FF6869C0000
|
unkown
|
page readonly
|
||
|
2365D739000
|
heap
|
page read and write
|
||
|
2365F9F0000
|
heap
|
page read and write
|
||
|
2365FB27000
|
heap
|
page read and write
|
||
|
26E82620000
|
heap
|
page read and write
|
||
|
7FF6869C0000
|
unkown
|
page readonly
|
||
|
2365D7EC000
|
heap
|
page read and write
|
||
|
2AE700C0000
|
heap
|
page read and write
|
||
|
19444290000
|
heap
|
page read and write
|
||
|
2365FB11000
|
heap
|
page read and write
|
||
|
7FFB24BE7000
|
unkown
|
page readonly
|
||
|
12F43FF000
|
stack
|
page read and write
|
||
|
B6C0BBF000
|
stack
|
page read and write
|
||
|
2E2B79E0000
|
heap
|
page read and write
|
||
|
26E82367000
|
heap
|
page read and write
|
||
|
28DD6F07000
|
heap
|
page read and write
|
||
|
2365F929000
|
heap
|
page read and write
|
||
|
2365F91B000
|
heap
|
page read and write
|
||
|
2090EB30000
|
heap
|
page read and write
|
||
|
F05867F000
|
stack
|
page read and write
|
||
|
2365F942000
|
heap
|
page read and write
|
||
|
7FF6869FD000
|
unkown
|
page read and write
|
||
|
7FFB0BDE1000
|
unkown
|
page execute and read and write
|
||
|
2090D169000
|
heap
|
page read and write
|
||
|
F7CA90F000
|
stack
|
page read and write
|
||
|
2365F935000
|
heap
|
page read and write
|
||
|
2365F9EF000
|
heap
|
page read and write
|
||
|
2365D7CA000
|
heap
|
page read and write
|
||
|
1E3D4ACA000
|
heap
|
page read and write
|
||
|
28DD70C0000
|
heap
|
page read and write
|
||
|
2365D772000
|
heap
|
page read and write
|
||
|
2365FDAC000
|
direct allocation
|
page read and write
|
||
|
2365F934000
|
heap
|
page read and write
|
||
|
7FF6869C0000
|
unkown
|
page readonly
|
||
|
BBC267C000
|
stack
|
page read and write
|
||
|
2365F6C4000
|
direct allocation
|
page read and write
|
||
|
2365FD84000
|
direct allocation
|
page read and write
|
||
|
2A2DF000000
|
heap
|
page read and write
|
||
|
2365F910000
|
heap
|
page read and write
|
||
|
2090D183000
|
heap
|
page read and write
|
||
|
B6C07DE000
|
stack
|
page read and write
|
||
|
2365FD8C000
|
direct allocation
|
page read and write
|
||
|
2365D760000
|
heap
|
page read and write
|
||
|
7FFB0C1B7000
|
unkown
|
page execute and read and write
|
||
|
2365F93D000
|
heap
|
page read and write
|
||
|
2365F924000
|
heap
|
page read and write
|
||
|
7FFB23B22000
|
unkown
|
page readonly
|
||
|
2365F51C000
|
direct allocation
|
page read and write
|
||
|
2365D786000
|
heap
|
page read and write
|
||
|
2365D772000
|
heap
|
page read and write
|
||
|
7FF686A0C000
|
unkown
|
page read and write
|
||
|
F0586FF000
|
stack
|
page read and write
|
||
|
2365F9DF000
|
heap
|
page read and write
|
||
|
2365F080000
|
heap
|
page read and write
|
||
|
21C1A4A0000
|
heap
|
page read and write
|
||
|
2365D77E000
|
heap
|
page read and write
|
||
|
E7C047F000
|
stack
|
page read and write
|
||
|
2365D787000
|
heap
|
page read and write
|
||
|
7FF6869C1000
|
unkown
|
page execute read
|
||
|
EFF54FE000
|
unkown
|
page read and write
|
||
|
2365D772000
|
heap
|
page read and write
|
||
|
2365FDB0000
|
direct allocation
|
page read and write
|
||
|
26E82387000
|
heap
|
page read and write
|
||
|
2365F960000
|
heap
|
page read and write
|
||
|
2365D7E0000
|
heap
|
page read and write
|
||
|
28DD6F17000
|
heap
|
page read and write
|
||
|
2365FB26000
|
heap
|
page read and write
|
||
|
1E3D4AC0000
|
heap
|
page read and write
|
||
|
F05877E000
|
stack
|
page read and write
|
||
|
2365F4D0000
|
direct allocation
|
page read and write
|
||
|
2365FB3A000
|
heap
|
page read and write
|
||
|
234D0EA0000
|
heap
|
page read and write
|
||
|
2365D7DA000
|
heap
|
page read and write
|
||
|
62D9FFE000
|
unkown
|
page read and write
|
||
|
A6A08FB000
|
stack
|
page read and write
|
||
|
2365D765000
|
heap
|
page read and write
|
||
|
2365D7EE000
|
heap
|
page read and write
|
||
|
1E3D4DA0000
|
heap
|
page read and write
|
||
|
2090D160000
|
heap
|
page read and write
|
||
|
28DD6EF5000
|
heap
|
page read and write
|
||
|
2365D7EE000
|
heap
|
page read and write
|
||
|
E01D5EC000
|
stack
|
page read and write
|
||
|
26E82360000
|
heap
|
page read and write
|
||
|
26E823AE000
|
heap
|
page read and write
|
||
|
2365D76B000
|
heap
|
page read and write
|
||
|
21C1A4A0000
|
heap
|
page read and write
|
||
|
28DD6F29000
|
heap
|
page read and write
|
||
|
2365FD10000
|
direct allocation
|
page read and write
|
||
|
2365D733000
|
heap
|
page read and write
|
||
|
2365FB74000
|
heap
|
page read and write
|
||
|
E01D9CF000
|
stack
|
page read and write
|
||
|
2365D785000
|
heap
|
page read and write
|
||
|
2365D750000
|
heap
|
page read and write
|
||
|
2090D190000
|
heap
|
page read and write
|
||
|
2365FB62000
|
heap
|
page read and write
|
||
|
2365F940000
|
heap
|
page read and write
|
||
|
28DD6F05000
|
heap
|
page read and write
|
||
|
2365D768000
|
heap
|
page read and write
|
||
|
7FFB23B20000
|
unkown
|
page read and write
|
||
|
7FF6869EA000
|
unkown
|
page readonly
|
||
|
26E82330000
|
heap
|
page read and write
|
||
|
2365F6A8000
|
direct allocation
|
page read and write
|
||
|
2365FAA8000
|
direct allocation
|
page read and write
|
||
|
2365FB25000
|
heap
|
page read and write
|
||
|
2365F94E000
|
heap
|
page read and write
|
||
|
194444D0000
|
heap
|
page read and write
|
||
|
2365F919000
|
heap
|
page read and write
|
||
|
2365F9D3000
|
heap
|
page read and write
|
||
|
21C1A6D0000
|
heap
|
page read and write
|
||
|
2365F9D9000
|
heap
|
page read and write
|
||
|
2090D183000
|
heap
|
page read and write
|
||
|
1A75C920000
|
heap
|
page read and write
|
||
|
19EEBA00000
|
heap
|
page read and write
|
||
|
2365FB20000
|
heap
|
page read and write
|
||
|
2365F9D3000
|
heap
|
page read and write
|
||
|
2365FD98000
|
direct allocation
|
page read and write
|
||
|
E01D5E1000
|
stack
|
page read and write
|
||
|
2365D79F000
|
heap
|
page read and write
|
||
|
2365F93E000
|
heap
|
page read and write
|
||
|
2365F9D9000
|
heap
|
page read and write
|
||
|
2365F9C9000
|
heap
|
page read and write
|
||
|
19EEBDD0000
|
heap
|
page read and write
|
||
|
2365F9CD000
|
heap
|
page read and write
|
||
|
2365FAC8000
|
direct allocation
|
page read and write
|
||
|
2365FD94000
|
direct allocation
|
page read and write
|
||
|
2365F574000
|
direct allocation
|
page read and write
|
||
|
2090D183000
|
heap
|
page read and write
|
||
|
2090D17E000
|
heap
|
page read and write
|
||
|
2090D183000
|
heap
|
page read and write
|
||
|
1A75C61D000
|
heap
|
page read and write
|
||
|
234D0FB0000
|
heap
|
page read and write
|
||
|
7FFB23B25000
|
unkown
|
page readonly
|
||
|
7FFB24BE6000
|
unkown
|
page read and write
|
||
|
2365F95F000
|
heap
|
page read and write
|
||
|
26E823BB000
|
heap
|
page read and write
|
||
|
28DD6F29000
|
heap
|
page read and write
|
||
|
2A2DECCD000
|
heap
|
page read and write
|
||
|
F7CACFE000
|
stack
|
page read and write
|
||
|
2365D799000
|
heap
|
page read and write
|
||
|
1A75C7E0000
|
heap
|
page read and write
|
||
|
26E82530000
|
heap
|
page read and write
|
||
|
2365D79B000
|
heap
|
page read and write
|
||
|
F05831E000
|
stack
|
page read and write
|
||
|
2365FB6A000
|
heap
|
page read and write
|
||
|
21C1A48A000
|
heap
|
page read and write
|
||
|
2365FB39000
|
heap
|
page read and write
|
||
|
2365F9EF000
|
heap
|
page read and write
|
||
|
28DD6F0A000
|
heap
|
page read and write
|
||
|
B6C05E3000
|
stack
|
page read and write
|
||
|
2090D190000
|
heap
|
page read and write
|
||
|
7FF686A0E000
|
unkown
|
page readonly
|
||
|
28DD7265000
|
heap
|
page read and write
|
||
|
2365D7E8000
|
heap
|
page read and write
|
||
|
2365F5D0000
|
direct allocation
|
page read and write
|
||
|
2AE704C0000
|
heap
|
page read and write
|
||
|
2365D7A3000
|
heap
|
page read and write
|
||
|
2365D8C0000
|
heap
|
page read and write
|
||
|
FF314FD000
|
stack
|
page read and write
|
||
|
2E2B7BC0000
|
heap
|
page read and write
|
||
|
2365FDA4000
|
direct allocation
|
page read and write
|
||
|
2365D717000
|
heap
|
page read and write
|
||
|
2365D780000
|
heap
|
page read and write
|
||
|
2E2B7D65000
|
heap
|
page read and write
|
||
|
2365D791000
|
heap
|
page read and write
|
||
|
2365FA10000
|
direct allocation
|
page read and write
|
||
|
21C1A6C0000
|
heap
|
page read and write
|
||
|
7FFB0C0E8000
|
unkown
|
page execute and read and write
|
||
|
2365FD9C000
|
direct allocation
|
page read and write
|
||
|
19444270000
|
heap
|
page read and write
|
||
|
2365D733000
|
heap
|
page read and write
|
||
|
21C1A460000
|
heap
|
page read and write
|
||
|
2365D7DA000
|
heap
|
page read and write
|
||
|
234D0FB9000
|
heap
|
page read and write
|
||
|
2090D260000
|
heap
|
page read and write
|
||
|
2365D6D0000
|
heap
|
page readonly
|
||
|
2365F9BD000
|
heap
|
page read and write
|
||
|
F05829B000
|
stack
|
page read and write
|
||
|
2365D769000
|
heap
|
page read and write
|
||
|
2365D781000
|
heap
|
page read and write
|
||
|
28DD6EF6000
|
heap
|
page read and write
|
||
|
2E2B78E0000
|
heap
|
page read and write
|
||
|
2365D7E9000
|
heap
|
page read and write
|
||
|
2365D783000
|
heap
|
page read and write
|
||
|
2090D183000
|
heap
|
page read and write
|
||
|
2365F94C000
|
heap
|
page read and write
|
||
|
2365D6C0000
|
heap
|
page read and write
|
||
|
2E2B7ACA000
|
heap
|
page read and write
|
||
|
1E3D4C90000
|
heap
|
page read and write
|
||
|
2365D7DC000
|
heap
|
page read and write
|
||
|
2A2DECC0000
|
heap
|
page read and write
|
||
|
2365F9B9000
|
heap
|
page read and write
|
||
|
7FFB0C230000
|
unkown
|
page execute and read and write
|
||
|
2365F538000
|
direct allocation
|
page read and write
|
||
|
2365F919000
|
heap
|
page read and write
|
||
|
7FFB0C235000
|
unkown
|
page execute and write copy
|
||
|
19444300000
|
heap
|
page read and write
|
||
|
2365D773000
|
heap
|
page read and write
|
||
|
7FFB23B01000
|
unkown
|
page execute read
|
||
|
2365F9B9000
|
heap
|
page read and write
|
||
|
2365F94E000
|
heap
|
page read and write
|
||
|
19444260000
|
heap
|
page read and write
|
||
|
7FF6869FD000
|
unkown
|
page write copy
|
||
|
62D9EFC000
|
stack
|
page read and write
|
||
|
1A75C610000
|
heap
|
page read and write
|
||
|
2365D75C000
|
heap
|
page read and write
|
||
|
2365D7ED000
|
heap
|
page read and write
|
||
|
2365F9EF000
|
heap
|
page read and write
|
||
|
2365D773000
|
heap
|
page read and write
|
||
|
1A75C61B000
|
heap
|
page read and write
|
||
|
5A3AEFD000
|
stack
|
page read and write
|
||
|
2365D78A000
|
heap
|
page read and write
|
||
|
7FF686A0E000
|
unkown
|
page readonly
|
||
|
28DD6F1C000
|
heap
|
page read and write
|
||
|
19EEBA4B000
|
heap
|
page read and write
|
||
|
7FF6869EA000
|
unkown
|
page readonly
|
||
|
2365FB5E000
|
heap
|
page read and write
|
||
|
2365FD80000
|
direct allocation
|
page read and write
|
||
|
FF316FF000
|
stack
|
page read and write
|
||
|
2AE700E0000
|
heap
|
page read and write
|
||
|
2090D185000
|
heap
|
page read and write
|
||
|
2090D183000
|
heap
|
page read and write
|
||
|
19EEBC10000
|
heap
|
page read and write
|
||
|
2365FABC000
|
direct allocation
|
page read and write
|
||
|
2365F947000
|
heap
|
page read and write
|
||
|
BBC26FF000
|
stack
|
page read and write
|
||
|
2365D7A3000
|
heap
|
page read and write
|
There are 475 hidden memdumps, click here to show them.