Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
file.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_fil_41295953bbcbb6c049bf78baaa48b958e26b4df_d75f6fa5_70893c81-26e0-49bf-b072-f56d5596ff66\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_fil_41295953bbcbb6c049bf78baaa48b958e26b4df_d75f6fa5_aa9297c9-4bb3-4dd6-90b8-f5b8ad05b9a0\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_fil_65e4b14aae1adf98ac97cac7affb5dbf3d4bee80_d75f6fa5_24b3bb7f-f7de-4dd9-aa14-369834d33aef\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER474C.tmp.dmp
|
Mini DuMP crash report, 14 streams, Wed Oct 2 16:46:19 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER476B.tmp.dmp
|
Mini DuMP crash report, 14 streams, Wed Oct 2 16:46:19 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER47CA.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER47FA.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4848.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4888.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER52D5.tmp.dmp
|
Mini DuMP crash report, 14 streams, Wed Oct 2 16:46:22 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5382.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER53A2.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\file.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\file.dll",#1
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\file.dll,Java_com_sun_media_sound_MidiInDeviceProvider_nGetDescription
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",#1
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 6768 -s 356
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 6728 -s 356
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\file.dll,Java_com_sun_media_sound_MidiInDeviceProvider_nGetName
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 6036 -s 528
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\file.dll,Java_com_sun_media_sound_MidiInDeviceProvider_nGetNumDevices
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_media_sound_MidiInDeviceProvider_nGetDescription
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_media_sound_MidiInDeviceProvider_nGetName
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_media_sound_MidiInDeviceProvider_nGetNumDevices
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_media_sound_PortMixer_nOpen
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_media_sound_PortMixer_nGetPortType
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_media_sound_PortMixer_nGetPortName
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_media_sound_PortMixer_nGetPortCount
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_media_sound_PortMixer_nGetControls
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_media_sound_PortMixer_nControlSetIntValue
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_media_sound_PortMixer_nControlSetFloatValue
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_media_sound_PortMixer_nControlGetIntValue
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_media_sound_PortMixer_nControlGetFloatValue
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_media_sound_PortMixer_nClose
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_media_sound_PortMixerProvider_nNewPortMixerInfo
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_media_sound_PortMixerProvider_nGetNumDevices
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_media_sound_Platform_nIsSigned8
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_media_sound_Platform_nIsBigEndian
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_media_sound_Platform_nGetLibraryForFeature
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_media_sound_Platform_nGetExtraLibraries
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_media_sound_MidiOutDevice_nSendShortMessage
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_media_sound_MidiOutDevice_nSendLongMessage
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_media_sound_MidiOutDevice_nOpen
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_media_sound_MidiOutDevice_nGetTimeStamp
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_media_sound_MidiOutDevice_nClose
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_media_sound_MidiOutDeviceProvider_nGetVersion
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",Java_com_sun_media_sound_MidiOutDeviceProvider_nGetVendor
|
There are 26 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://upx.sf.net
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
171.39.242.20.in-addr.arpa
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{6749afcd-d028-7303-9689-2cdb3ba20321}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProgramId
|
||
|
\REGISTRY\A\{6749afcd-d028-7303-9689-2cdb3ba20321}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
FileId
|
||
|
\REGISTRY\A\{6749afcd-d028-7303-9689-2cdb3ba20321}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{6749afcd-d028-7303-9689-2cdb3ba20321}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LongPathHash
|
||
|
\REGISTRY\A\{6749afcd-d028-7303-9689-2cdb3ba20321}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Name
|
||
|
\REGISTRY\A\{6749afcd-d028-7303-9689-2cdb3ba20321}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
OriginalFileName
|
||
|
\REGISTRY\A\{6749afcd-d028-7303-9689-2cdb3ba20321}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Publisher
|
||
|
\REGISTRY\A\{6749afcd-d028-7303-9689-2cdb3ba20321}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Version
|
||
|
\REGISTRY\A\{6749afcd-d028-7303-9689-2cdb3ba20321}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinFileVersion
|
||
|
\REGISTRY\A\{6749afcd-d028-7303-9689-2cdb3ba20321}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinaryType
|
||
|
\REGISTRY\A\{6749afcd-d028-7303-9689-2cdb3ba20321}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductName
|
||
|
\REGISTRY\A\{6749afcd-d028-7303-9689-2cdb3ba20321}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductVersion
|
||
|
\REGISTRY\A\{6749afcd-d028-7303-9689-2cdb3ba20321}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LinkDate
|
||
|
\REGISTRY\A\{6749afcd-d028-7303-9689-2cdb3ba20321}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinProductVersion
|
||
|
\REGISTRY\A\{6749afcd-d028-7303-9689-2cdb3ba20321}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{6749afcd-d028-7303-9689-2cdb3ba20321}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{6749afcd-d028-7303-9689-2cdb3ba20321}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Size
|
||
|
\REGISTRY\A\{6749afcd-d028-7303-9689-2cdb3ba20321}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Language
|
||
|
\REGISTRY\A\{6749afcd-d028-7303-9689-2cdb3ba20321}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsOsComponent
|
||
|
\REGISTRY\A\{6749afcd-d028-7303-9689-2cdb3ba20321}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Usn
|
There are 10 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
6AF3C7F000
|
stack
|
page read and write
|
||
|
245B70C0000
|
heap
|
page read and write
|
||
|
258E5400000
|
heap
|
page read and write
|
||
|
312DB6F000
|
stack
|
page read and write
|
||
|
202DD30F000
|
heap
|
page read and write
|
||
|
2B641F00000
|
heap
|
page read and write
|
||
|
180C9B55000
|
heap
|
page read and write
|
||
|
1C31CF08000
|
heap
|
page read and write
|
||
|
245B6FE5000
|
heap
|
page read and write
|
||
|
17E5E458000
|
heap
|
page read and write
|
||
|
7FFE148E1000
|
unkown
|
page execute read
|
||
|
2385D650000
|
heap
|
page read and write
|
||
|
7FFE148E9000
|
unkown
|
page read and write
|
||
|
258E5320000
|
heap
|
page read and write
|
||
|
18BDEF50000
|
heap
|
page read and write
|
||
|
97152FF000
|
stack
|
page read and write
|
||
|
180C9D10000
|
trusted library allocation
|
page read and write
|
||
|
1976C430000
|
heap
|
page read and write
|
||
|
231F4C90000
|
heap
|
page read and write
|
||
|
2B641E70000
|
remote allocation
|
page read and write
|
||
|
7FFE148E9000
|
unkown
|
page read and write
|
||
|
1DFA5690000
|
heap
|
page read and write
|
||
|
7FFE148E1000
|
unkown
|
page execute read
|
||
|
1B660FF000
|
stack
|
page read and write
|
||
|
1E3A42F5000
|
heap
|
page read and write
|
||
|
7FFE148E9000
|
unkown
|
page read and write
|
||
|
180C9DA0000
|
heap
|
page read and write
|
||
|
DD828FF000
|
stack
|
page read and write
|
||
|
F584E7F000
|
stack
|
page read and write
|
||
|
231F4F30000
|
heap
|
page read and write
|
||
|
1DFA58A0000
|
heap
|
page read and write
|
||
|
245B70C0000
|
heap
|
page read and write
|
||
|
29D5C7A0000
|
heap
|
page read and write
|
||
|
7FFE148EA000
|
unkown
|
page readonly
|
||
|
2051AC10000
|
heap
|
page read and write
|
||
|
29D5C810000
|
heap
|
page read and write
|
||
|
7FFE148EA000
|
unkown
|
page readonly
|
||
|
231F4CF4000
|
heap
|
page read and write
|
||
|
245B8E20000
|
trusted library allocation
|
page read and write
|
||
|
2B640490000
|
trusted library allocation
|
page read and write
|
||
|
1E3A43A0000
|
trusted library allocation
|
page read and write
|
||
|
24D26900000
|
heap
|
page read and write
|
||
|
7FFE148EA000
|
unkown
|
page readonly
|
||
|
1F40E350000
|
heap
|
page read and write
|
||
|
186B15C000
|
stack
|
page read and write
|
||
|
2009DA20000
|
heap
|
page read and write
|
||
|
29D5C730000
|
heap
|
page read and write
|
||
|
155C6FB0000
|
heap
|
page read and write
|
||
|
2051C650000
|
remote allocation
|
page read and write
|
||
|
1FD11BF0000
|
heap
|
page read and write
|
||
|
4A9007F000
|
stack
|
page read and write
|
||
|
231F4CFF000
|
heap
|
page read and write
|
||
|
171CCFF000
|
stack
|
page read and write
|
||
|
24D24ED1000
|
heap
|
page read and write
|
||
|
1F40E40E000
|
heap
|
page read and write
|
||
|
7FFE148E1000
|
unkown
|
page execute read
|
||
|
10CD4C10000
|
heap
|
page read and write
|
||
|
205D9615000
|
heap
|
page read and write
|
||
|
15005430000
|
heap
|
page read and write
|
||
|
1FA19800000
|
heap
|
page read and write
|
||
|
7FFE148E0000
|
unkown
|
page readonly
|
||
|
AF9B4FF000
|
stack
|
page read and write
|
||
|
1FD11A80000
|
heap
|
page read and write
|
||
|
24B2E020000
|
heap
|
page read and write
|
||
|
1C31D0D5000
|
heap
|
page read and write
|
||
|
18BDED70000
|
heap
|
page read and write
|
||
|
E4A01CC000
|
stack
|
page read and write
|
||
|
7BCBECC000
|
stack
|
page read and write
|
||
|
7FFE148EA000
|
unkown
|
page readonly
|
||
|
1976C700000
|
remote allocation
|
page read and write
|
||
|
12C67830000
|
heap
|
page read and write
|
||
|
2B640513000
|
heap
|
page read and write
|
||
|
180C9A90000
|
heap
|
page read and write
|
||
|
1FA19AE0000
|
heap
|
page read and write
|
||
|
4A900FF000
|
stack
|
page read and write
|
||
|
12C677F0000
|
heap
|
page read and write
|
||
|
187FE7F000
|
stack
|
page read and write
|
||
|
1AF991C0000
|
heap
|
page read and write
|
||
|
1FD11C10000
|
heap
|
page read and write
|
||
|
1DFA5780000
|
heap
|
page read and write
|
||
|
1976E160000
|
heap
|
page read and write
|
||
|
231F4C98000
|
heap
|
page read and write
|
||
|
312DAEC000
|
stack
|
page read and write
|
||
|
24B2C480000
|
heap
|
page read and write
|
||
|
7FFE148E9000
|
unkown
|
page read and write
|
||
|
1AF99570000
|
heap
|
page read and write
|
||
|
7FFE148EA000
|
unkown
|
page readonly
|
||
|
1C31CEB0000
|
heap
|
page read and write
|
||
|
23E0A890000
|
heap
|
page read and write
|
||
|
7FFE148E1000
|
unkown
|
page execute read
|
||
|
38A87F000
|
stack
|
page read and write
|
||
|
180C9A80000
|
heap
|
page read and write
|
||
|
4DDDFCF000
|
stack
|
page read and write
|
||
|
312DE7F000
|
stack
|
page read and write
|
||
|
7FFE148E0000
|
unkown
|
page readonly
|
||
|
1476BAC000
|
stack
|
page read and write
|
||
|
231F6590000
|
remote allocation
|
page read and write
|
||
|
8B6DE7F000
|
stack
|
page read and write
|
||
|
1AFC7F000
|
stack
|
page read and write
|
||
|
220355C000
|
stack
|
page read and write
|
||
|
E07F16C000
|
stack
|
page read and write
|
||
|
7FFE148E0000
|
unkown
|
page readonly
|
||
|
7FFE148E0000
|
unkown
|
page readonly
|
||
|
2385D670000
|
heap
|
page read and write
|
||
|
E07F47F000
|
stack
|
page read and write
|
||
|
155C5655000
|
heap
|
page read and write
|
||
|
4DDE2FE000
|
stack
|
page read and write
|
||
|
971527C000
|
stack
|
page read and write
|
||
|
258E5420000
|
heap
|
page read and write
|
||
|
1976C530000
|
heap
|
page read and write
|
||
|
7FFE148EA000
|
unkown
|
page readonly
|
||
|
24B2C4B0000
|
heap
|
page read and write
|
||
|
7FFE148E1000
|
unkown
|
page execute read
|
||
|
2B640514000
|
heap
|
page read and write
|
||
|
245B70C0000
|
heap
|
page read and write
|
||
|
10CD48E0000
|
heap
|
page read and write
|
||
|
180C9B60000
|
heap
|
page read and write
|
||
|
1FA198F0000
|
heap
|
page read and write
|
||
|
401E87E000
|
stack
|
page read and write
|
||
|
1DFA5880000
|
heap
|
page read and write
|
||
|
202DD305000
|
heap
|
page read and write
|
||
|
18BDEBE0000
|
heap
|
page read and write
|
||
|
7FFE148E6000
|
unkown
|
page readonly
|
||
|
7BCBFCF000
|
stack
|
page read and write
|
||
|
2009DA10000
|
heap
|
page read and write
|
||
|
7FFE148E9000
|
unkown
|
page read and write
|
||
|
4C69D8F000
|
stack
|
page read and write
|
||
|
1476E7F000
|
stack
|
page read and write
|
||
|
4C69D0F000
|
stack
|
page read and write
|
||
|
24B2C550000
|
heap
|
page read and write
|
||
|
245B6FA0000
|
heap
|
page read and write
|
||
|
24B2C490000
|
heap
|
page read and write
|
||
|
7FFE148E1000
|
unkown
|
page execute read
|
||
|
2385D6E0000
|
heap
|
page read and write
|
||
|
2A255FF000
|
stack
|
page read and write
|
||
|
24B2C558000
|
heap
|
page read and write
|
||
|
180C9DA5000
|
heap
|
page read and write
|
||
|
1F97DCC0000
|
heap
|
page read and write
|
||
|
2A254FE000
|
stack
|
page read and write
|
||
|
DD8287F000
|
stack
|
page read and write
|
||
|
18BDEE80000
|
remote allocation
|
page read and write
|
||
|
38A51E000
|
stack
|
page read and write
|
||
|
7FFE148E1000
|
unkown
|
page execute read
|
||
|
205D9390000
|
heap
|
page read and write
|
||
|
7FFE148E0000
|
unkown
|
page readonly
|
||
|
155C53D0000
|
heap
|
page read and write
|
||
|
1A6CB4E000
|
stack
|
page read and write
|
||
|
1AFCFF000
|
stack
|
page read and write
|
||
|
2051AC80000
|
heap
|
page read and write
|
||
|
7FFE148E6000
|
unkown
|
page readonly
|
||
|
1DFA5A90000
|
heap
|
page read and write
|
||
|
7FFE148E1000
|
unkown
|
page execute read
|
||
|
2009DCB0000
|
remote allocation
|
page read and write
|
||
|
12C67710000
|
heap
|
page read and write
|
||
|
AD69A7F000
|
stack
|
page read and write
|
||
|
2B6403F0000
|
heap
|
page read and write
|
||
|
245B6FE0000
|
heap
|
page read and write
|
||
|
186B4FF000
|
stack
|
page read and write
|
||
|
23E08E20000
|
heap
|
page read and write
|
||
|
29D5C7AF000
|
heap
|
page read and write
|
||
|
29D5CAC5000
|
heap
|
page read and write
|
||
|
24D25035000
|
heap
|
page read and write
|
||
|
205D9398000
|
heap
|
page read and write
|
||
|
1B6607F000
|
stack
|
page read and write
|
||
|
7FFE148E6000
|
unkown
|
page readonly
|
||
|
1E3A42F5000
|
heap
|
page read and write
|
||
|
12C678D8000
|
heap
|
page read and write
|
||
|
7FFE148E9000
|
unkown
|
page read and write
|
||
|
231F4BF0000
|
heap
|
page read and write
|
||
|
29D5CAB0000
|
trusted library allocation
|
page read and write
|
||
|
DD824CC000
|
stack
|
page read and write
|
||
|
1E3A41F0000
|
heap
|
page read and write
|
||
|
4DDE27F000
|
stack
|
page read and write
|
||
|
1C31D070000
|
remote allocation
|
page read and write
|
||
|
205D9370000
|
heap
|
page read and write
|
||
|
155C5650000
|
heap
|
page read and write
|
||
|
AD6979F000
|
stack
|
page read and write
|
||
|
7BCBF4E000
|
stack
|
page read and write
|
||
|
7FFE148EA000
|
unkown
|
page readonly
|
||
|
E4A057F000
|
stack
|
page read and write
|
||
|
10CD48F0000
|
heap
|
page read and write
|
||
|
F584A8C000
|
stack
|
page read and write
|
||
|
17E5E450000
|
heap
|
page read and write
|
||
|
171CDFF000
|
stack
|
page read and write
|
||
|
231F4C10000
|
heap
|
page read and write
|
||
|
245B70B8000
|
heap
|
page read and write
|
||
|
C40FFFC000
|
stack
|
page read and write
|
||
|
7FFE148E0000
|
unkown
|
page readonly
|
||
|
C4102FE000
|
stack
|
page read and write
|
||
|
6AF3CFE000
|
stack
|
page read and write
|
||
|
2B6404A8000
|
heap
|
page read and write
|
||
|
12C67835000
|
heap
|
page read and write
|
||
|
7FFE148E1000
|
unkown
|
page execute read
|
||
|
23E08DF0000
|
heap
|
page read and write
|
||
|
DD8254F000
|
stack
|
page read and write
|
||
|
5DD2D9C000
|
stack
|
page read and write
|
||
|
1C31CDD0000
|
heap
|
page read and write
|
||
|
2B640450000
|
heap
|
page read and write
|
||
|
12C678D0000
|
heap
|
page read and write
|
||
|
1DFA7180000
|
heap
|
page read and write
|
||
|
2051AF25000
|
heap
|
page read and write
|
||
|
2051AB10000
|
heap
|
page read and write
|
||
|
7FFE148EA000
|
unkown
|
page readonly
|
||
|
8B6DEFF000
|
stack
|
page read and write
|
||
|
180C9B55000
|
heap
|
page read and write
|
||
|
1FD11880000
|
heap
|
page read and write
|
||
|
180C9B61000
|
heap
|
page read and write
|
||
|
7FFE148E9000
|
unkown
|
page read and write
|
||
|
24D24ED2000
|
heap
|
page read and write
|
||
|
7FFE148E6000
|
unkown
|
page readonly
|
||
|
FF79D6F000
|
stack
|
page read and write
|
||
|
7FFE148E0000
|
unkown
|
page readonly
|
||
|
1F40E3F0000
|
heap
|
page read and write
|
||
|
7FFE148E6000
|
unkown
|
page readonly
|
||
|
1F97F810000
|
heap
|
page read and write
|
||
|
24D24E68000
|
heap
|
page read and write
|
||
|
202DD2A0000
|
heap
|
page read and write
|
||
|
1976C5F0000
|
heap
|
page read and write
|
||
|
187FAAC000
|
stack
|
page read and write
|
||
|
2B64050A000
|
heap
|
page read and write
|
||
|
245B7040000
|
heap
|
page read and write
|
||
|
202DD205000
|
heap
|
page read and write
|
||
|
1AF99140000
|
heap
|
page read and write
|
||
|
18BDECC0000
|
heap
|
page read and write
|
||
|
10CD4B90000
|
remote allocation
|
page read and write
|
||
|
1F97DDF8000
|
heap
|
page read and write
|
||
|
29D5C804000
|
heap
|
page read and write
|
||
|
4A8FD3C000
|
stack
|
page read and write
|
||
|
7FFE148E0000
|
unkown
|
page readonly
|
||
|
1E3A4110000
|
heap
|
page read and write
|
||
|
1DFA5788000
|
heap
|
page read and write
|
||
|
245B7058000
|
heap
|
page read and write
|
||
|
10CD4AE0000
|
heap
|
page read and write
|
||
|
29D5C7A8000
|
heap
|
page read and write
|
||
|
1FD11C15000
|
heap
|
page read and write
|
||
|
1E3A42FF000
|
heap
|
page read and write
|
||
|
312DBEE000
|
stack
|
page read and write
|
||
|
7FFE148E0000
|
unkown
|
page readonly
|
||
|
186B47F000
|
stack
|
page read and write
|
||
|
258E5218000
|
heap
|
page read and write
|
||
|
1F97DFC0000
|
heap
|
page read and write
|
||
|
2B640455000
|
heap
|
page read and write
|
||
|
171CC7C000
|
stack
|
page read and write
|
||
|
8B6DBAC000
|
stack
|
page read and write
|
||
|
1FD11960000
|
heap
|
page read and write
|
||
|
2051ABF0000
|
heap
|
page read and write
|
||
|
7FFE148E0000
|
unkown
|
page readonly
|
||
|
7FFE148EA000
|
unkown
|
page readonly
|
||
|
82B708C000
|
stack
|
page read and write
|
||
|
1E3A43D0000
|
heap
|
page read and write
|
||
|
7FFE148E1000
|
unkown
|
page execute read
|
||
|
245B70C1000
|
heap
|
page read and write
|
||
|
245B70C0000
|
heap
|
page read and write
|
||
|
2B6402F0000
|
heap
|
page read and write
|
||
|
7FFE148EA000
|
unkown
|
page readonly
|
||
|
5DD317F000
|
stack
|
page read and write
|
||
|
15003AA5000
|
heap
|
page read and write
|
||
|
4DDDF4C000
|
stack
|
page read and write
|
||
|
18BDECE0000
|
heap
|
page read and write
|
||
|
7FFE148EA000
|
unkown
|
page readonly
|
||
|
145E54E8000
|
heap
|
page read and write
|
||
|
205D9520000
|
heap
|
page read and write
|
||
|
1FD11A60000
|
heap
|
page read and write
|
||
|
7FFE148E9000
|
unkown
|
page read and write
|
||
|
7FFE148E9000
|
unkown
|
page read and write
|
||
|
7FFE148E9000
|
unkown
|
page read and write
|
||
|
23E08DE0000
|
heap
|
page read and write
|
||
|
145E54E0000
|
heap
|
page read and write
|
||
|
202DD30F000
|
heap
|
page read and write
|
||
|
1E3A44A5000
|
heap
|
page read and write
|
||
|
401E8FF000
|
stack
|
page read and write
|
||
|
4C69C8C000
|
stack
|
page read and write
|
||
|
82B718E000
|
stack
|
page read and write
|
||
|
18BDEF55000
|
heap
|
page read and write
|
||
|
17E5E400000
|
heap
|
page read and write
|
||
|
202DD1E0000
|
heap
|
page read and write
|
||
|
155C5458000
|
heap
|
page read and write
|
||
|
7FFE148E0000
|
unkown
|
page readonly
|
||
|
23E08FF0000
|
heap
|
page read and write
|
||
|
7FFE148E0000
|
unkown
|
page readonly
|
||
|
7FFE148E9000
|
unkown
|
page read and write
|
||
|
231F6630000
|
heap
|
page read and write
|
||
|
1AF9FF000
|
stack
|
page read and write
|
||
|
180C9B60000
|
heap
|
page read and write
|
||
|
29D5C809000
|
heap
|
page read and write
|
||
|
7FFE148EA000
|
unkown
|
page readonly
|
||
|
1FA19720000
|
heap
|
page read and write
|
||
|
1F40E370000
|
heap
|
page read and write
|
||
|
AF9B1CC000
|
stack
|
page read and write
|
||
|
1F97DDC0000
|
heap
|
page read and write
|
||
|
1476EFE000
|
stack
|
page read and write
|
||
|
1FA198F8000
|
heap
|
page read and write
|
||
|
7FFE148EA000
|
unkown
|
page readonly
|
||
|
2B6403D0000
|
heap
|
page read and write
|
||
|
7FFE148E6000
|
unkown
|
page readonly
|
||
|
2385D758000
|
heap
|
page read and write
|
||
|
231F4CFF000
|
heap
|
page read and write
|
||
|
971537E000
|
stack
|
page read and write
|
||
|
1E3A42FF000
|
heap
|
page read and write
|
||
|
17E5E320000
|
heap
|
page read and write
|
||
|
7FFE148E1000
|
unkown
|
page execute read
|
||
|
82B747F000
|
stack
|
page read and write
|
||
|
7FFE148EA000
|
unkown
|
page readonly
|
||
|
7FFE148E6000
|
unkown
|
page readonly
|
||
|
18BE08B0000
|
heap
|
page read and write
|
||
|
1FD11968000
|
heap
|
page read and write
|
||
|
202DD210000
|
heap
|
page read and write
|
||
|
23E09060000
|
heap
|
page read and write
|
||
|
1FA198D0000
|
remote allocation
|
page read and write
|
||
|
1AF99150000
|
heap
|
page read and write
|
||
|
4A8FDBF000
|
stack
|
page read and write
|
||
|
2009DA40000
|
heap
|
page read and write
|
||
|
2385D955000
|
heap
|
page read and write
|
||
|
7FFE148E6000
|
unkown
|
page readonly
|
||
|
FF79DEF000
|
stack
|
page read and write
|
||
|
7FFE148E9000
|
unkown
|
page read and write
|
||
|
2009DAE8000
|
heap
|
page read and write
|
||
|
AD6971C000
|
stack
|
page read and write
|
||
|
1FA19AE5000
|
heap
|
page read and write
|
||
|
38A59F000
|
stack
|
page read and write
|
||
|
7FFE148E9000
|
unkown
|
page read and write
|
||
|
82B710F000
|
stack
|
page read and write
|
||
|
180C9AF8000
|
heap
|
page read and write
|
||
|
231F6550000
|
trusted library allocation
|
page read and write
|
||
|
1FD133D0000
|
remote allocation
|
page read and write
|
||
|
1F97DDF0000
|
heap
|
page read and write
|
||
|
180C9B60000
|
heap
|
page read and write
|
||
|
17E5E420000
|
heap
|
page read and write
|
||
|
1976C5C0000
|
trusted library allocation
|
page read and write
|
||
|
1E3A4298000
|
heap
|
page read and write
|
||
|
1AF99575000
|
heap
|
page read and write
|
||
|
1F40FE20000
|
heap
|
page read and write
|
||
|
7FFE148EA000
|
unkown
|
page readonly
|
||
|
1C31D080000
|
heap
|
page read and write
|
||
|
2B640513000
|
heap
|
page read and write
|
||
|
155C5450000
|
heap
|
page read and write
|
||
|
5DD30FE000
|
stack
|
page read and write
|
||
|
205D9610000
|
heap
|
page read and write
|
||
|
24D24E60000
|
heap
|
page read and write
|
||
|
205D9510000
|
remote allocation
|
page read and write
|
||
|
1E3A4210000
|
heap
|
page read and write
|
||
|
23D437E000
|
stack
|
page read and write
|
||
|
17E5E615000
|
heap
|
page read and write
|
||
|
1976C5F8000
|
heap
|
page read and write
|
||
|
24D24CC0000
|
heap
|
page read and write
|
||
|
245B7050000
|
heap
|
page read and write
|
||
|
7FFE148E1000
|
unkown
|
page execute read
|
||
|
FF7A07F000
|
stack
|
page read and write
|
||
|
245B6F80000
|
heap
|
page read and write
|
||
|
2009DD30000
|
heap
|
page read and write
|
||
|
23E09065000
|
heap
|
page read and write
|
||
|
150036E0000
|
heap
|
page read and write
|
||
|
2009DAE0000
|
heap
|
page read and write
|
||
|
245B70B5000
|
heap
|
page read and write
|
||
|
202DD200000
|
heap
|
page read and write
|
||
|
15003AA0000
|
heap
|
page read and write
|
||
|
E07F1EF000
|
stack
|
page read and write
|
||
|
24D24DA0000
|
heap
|
page read and write
|
||
|
29D5C810000
|
heap
|
page read and write
|
||
|
1976C7D0000
|
heap
|
page read and write
|
||
|
7FFE148EA000
|
unkown
|
page readonly
|
||
|
202DD2A8000
|
heap
|
page read and write
|
||
|
23D3FEC000
|
stack
|
page read and write
|
||
|
7FFE148E9000
|
unkown
|
page read and write
|
||
|
231F4B10000
|
heap
|
page read and write
|
||
|
97153FF000
|
stack
|
page read and write
|
||
|
1476F7F000
|
stack
|
page read and write
|
||
|
12C67810000
|
heap
|
page read and write
|
||
|
15003820000
|
heap
|
page read and write
|
||
|
258E5500000
|
heap
|
page read and write
|
||
|
258E5210000
|
heap
|
page read and write
|
||
|
145E55E0000
|
heap
|
page read and write
|
||
|
22038FF000
|
stack
|
page read and write
|
||
|
1A6CE7E000
|
stack
|
page read and write
|
||
|
7FFE148E9000
|
unkown
|
page read and write
|
||
|
145E57A5000
|
heap
|
page read and write
|
||
|
245B6EA0000
|
heap
|
page read and write
|
||
|
24D24DC0000
|
heap
|
page read and write
|
||
|
155C6E10000
|
remote allocation
|
page read and write
|
||
|
205D9270000
|
heap
|
page read and write
|
||
|
24D24EC6000
|
heap
|
page read and write
|
||
|
220387F000
|
stack
|
page read and write
|
||
|
7FFE148E6000
|
unkown
|
page readonly
|
||
|
5DD307F000
|
stack
|
page read and write
|
||
|
1AF9AD80000
|
heap
|
page read and write
|
||
|
8B6DF7F000
|
stack
|
page read and write
|
||
|
150037E0000
|
heap
|
page read and write
|
||
|
7FFE148E1000
|
unkown
|
page execute read
|
||
|
1976C65E000
|
heap
|
page read and write
|
||
|
202DD305000
|
heap
|
page read and write
|
||
|
145E56B0000
|
heap
|
page read and write
|
||
|
145E57A0000
|
heap
|
page read and write
|
||
|
17E5FF70000
|
heap
|
page read and write
|
||
|
7FFE148EA000
|
unkown
|
page readonly
|
||
|
DD825CE000
|
stack
|
page read and write
|
||
|
2A2547C000
|
stack
|
page read and write
|
||
|
7FFE148E1000
|
unkown
|
page execute read
|
||
|
7FFE148E9000
|
unkown
|
page read and write
|
||
|
29D5C760000
|
heap
|
page read and write
|
||
|
180CB680000
|
heap
|
page read and write
|
||
|
401E5FF000
|
stack
|
page read and write
|
||
|
F584B8E000
|
stack
|
page read and write
|
||
|
1976C65E000
|
heap
|
page read and write
|
||
|
38A49C000
|
stack
|
page read and write
|
||
|
186B1DF000
|
stack
|
page read and write
|
||
|
E07F4FE000
|
stack
|
page read and write
|
||
|
1FA198A0000
|
heap
|
page read and write
|
||
|
24D24EC6000
|
heap
|
page read and write
|
||
|
7FFE148E9000
|
unkown
|
page read and write
|
||
|
C41037F000
|
stack
|
page read and write
|
||
|
245B70B5000
|
heap
|
page read and write
|
||
|
1C31CED0000
|
heap
|
page read and write
|
||
|
24D24EC9000
|
heap
|
page read and write
|
||
|
E4A047F000
|
stack
|
page read and write
|
||
|
2051AC88000
|
heap
|
page read and write
|
||
|
7FFE148E6000
|
unkown
|
page readonly
|
||
|
7FFE148E0000
|
unkown
|
page readonly
|
||
|
2B640506000
|
heap
|
page read and write
|
||
|
7FFE148E0000
|
unkown
|
page readonly
|
||
|
12C69250000
|
heap
|
page read and write
|
||
|
7FFE148E6000
|
unkown
|
page readonly
|
||
|
17E5E610000
|
heap
|
page read and write
|
||
|
7FFE148E0000
|
unkown
|
page readonly
|
||
|
1E3A44A0000
|
heap
|
page read and write
|
||
|
2009DDC5000
|
heap
|
page read and write
|
||
|
29D5C810000
|
heap
|
page read and write
|
||
|
1C31CF00000
|
heap
|
page read and write
|
||
|
187FBAF000
|
stack
|
page read and write
|
||
|
2009DDC0000
|
heap
|
page read and write
|
||
|
29D5CAC0000
|
heap
|
page read and write
|
||
|
1F40E340000
|
heap
|
page read and write
|
||
|
10CD4918000
|
heap
|
page read and write
|
||
|
1AF99170000
|
heap
|
page read and write
|
||
|
10CD4910000
|
heap
|
page read and write
|
||
|
202DD100000
|
heap
|
page read and write
|
||
|
1C31D0D0000
|
heap
|
page read and write
|
||
|
187FB2F000
|
stack
|
page read and write
|
||
|
1F97DFC5000
|
heap
|
page read and write
|
||
|
7FFE148E6000
|
unkown
|
page readonly
|
||
|
1F97DDA0000
|
heap
|
page read and write
|
||
|
7FFE148E1000
|
unkown
|
page execute read
|
||
|
2A2557F000
|
stack
|
page read and write
|
||
|
202DED30000
|
heap
|
page read and write
|
||
|
12C678C0000
|
remote allocation
|
page read and write
|
||
|
7FFE148E6000
|
unkown
|
page readonly
|
||
|
18BDED78000
|
heap
|
page read and write
|
||
|
150037C0000
|
heap
|
page read and write
|
||
|
24B2C515000
|
heap
|
page read and write
|
||
|
2051AF20000
|
heap
|
page read and write
|
||
|
180C9B60000
|
heap
|
page read and write
|
||
|
10CD4C15000
|
heap
|
page read and write
|
||
|
22035DF000
|
stack
|
page read and write
|
||
|
7FFE148EA000
|
unkown
|
page readonly
|
||
|
10CD4B70000
|
heap
|
page read and write
|
||
|
1F40E400000
|
heap
|
page read and write
|
||
|
2385D570000
|
heap
|
page read and write
|
||
|
7FFE148E6000
|
unkown
|
page readonly
|
||
|
245B705F000
|
heap
|
page read and write
|
||
|
1B65DDC000
|
stack
|
page read and write
|
||
|
7FFE148E0000
|
unkown
|
page readonly
|
||
|
1976C510000
|
heap
|
page read and write
|
||
|
1F40E408000
|
heap
|
page read and write
|
||
|
145E5600000
|
heap
|
page read and write
|
||
|
155C53B0000
|
heap
|
page read and write
|
||
|
145E53F0000
|
heap
|
page read and write
|
||
|
7FFE148E1000
|
unkown
|
page execute read
|
||
|
2385D750000
|
heap
|
page read and write
|
||
|
24D25030000
|
heap
|
page read and write
|
||
|
155C52D0000
|
heap
|
page read and write
|
||
|
24D24E50000
|
trusted library allocation
|
page read and write
|
||
|
15003828000
|
heap
|
page read and write
|
||
|
258E5560000
|
heap
|
page read and write
|
||
|
180C9AB0000
|
heap
|
page read and write
|
||
|
AF9B57F000
|
stack
|
page read and write
|
||
|
24D24ED1000
|
heap
|
page read and write
|
||
|
7FFE148E0000
|
unkown
|
page readonly
|
||
|
1FA19820000
|
heap
|
page read and write
|
||
|
FF79CEC000
|
stack
|
page read and write
|
||
|
202DF080000
|
trusted library allocation
|
page read and write
|
||
|
1F97DDFE000
|
heap
|
page read and write
|
||
|
258E5565000
|
heap
|
page read and write
|
||
|
1F40E3F5000
|
heap
|
page read and write
|
||
|
23E08E28000
|
heap
|
page read and write
|
||
|
1E3A4290000
|
heap
|
page read and write
|
||
|
401E57C000
|
stack
|
page read and write
|
||
|
7FFE148E0000
|
unkown
|
page readonly
|
||
|
24B2C510000
|
heap
|
page read and write
|
||
|
7FFE148E6000
|
unkown
|
page readonly
|
||
|
24D24ED1000
|
heap
|
page read and write
|
||
|
7FFE148E6000
|
unkown
|
page readonly
|
||
|
7FFE148E6000
|
unkown
|
page readonly
|
||
|
1DFA5A95000
|
heap
|
page read and write
|
||
|
1AF991C8000
|
heap
|
page read and write
|
||
|
1AF97C000
|
stack
|
page read and write
|
||
|
1A6CACC000
|
stack
|
page read and write
|
||
|
29D5E410000
|
heap
|
page read and write
|
||
|
2B64050A000
|
heap
|
page read and write
|
||
|
C41027E000
|
stack
|
page read and write
|
||
|
205D9350000
|
heap
|
page read and write
|
||
|
29D5C740000
|
heap
|
page read and write
|
||
|
7FFE148E6000
|
unkown
|
page readonly
|
||
|
180C9AF0000
|
heap
|
page read and write
|
||
|
2B6404A0000
|
heap
|
page read and write
|
||
|
1976C653000
|
heap
|
page read and write
|
||
|
231F4F35000
|
heap
|
page read and write
|
||
|
E4A04FE000
|
stack
|
page read and write
|
||
|
7FFE148E1000
|
unkown
|
page execute read
|
||
|
1A6CBCF000
|
stack
|
page read and write
|
||
|
1976C7D5000
|
heap
|
page read and write
|
||
|
2051C6C0000
|
heap
|
page read and write
|
||
|
2385D950000
|
heap
|
page read and write
|
||
|
F584B0E000
|
stack
|
page read and write
|
||
|
4C6A07F000
|
stack
|
page read and write
|
||
|
AF9B47F000
|
stack
|
page read and write
|
||
|
2B640513000
|
heap
|
page read and write
|
||
|
24D24ED1000
|
heap
|
page read and write
|
||
|
7FFE148E1000
|
unkown
|
page execute read
|
||
|
6AF39DC000
|
stack
|
page read and write
|
There are 508 hidden memdumps, click here to show them.