Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
TRANSFERENCIAS.vbs
|
ASCII text, with very long lines (65486), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\temp_executable.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\temp_executable.exe.log
|
CSV text
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\TRANSFERENCIAS.vbs"
|
|
|
|
C:\Users\user\AppData\Local\Temp\temp_executable.exe
|
"C:\Users\user~1\AppData\Local\Temp\temp_executable.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://transfer.adttemp.com.br
|
unknown
|
|
|
|
http://transfer.adttemp.com.brd
|
unknown
|
|
|
|
https://transfer.adttemp.com.br
|
unknown
|
|
|
|
https://transfer.adttemp.com.br/qbDh2/sirdeeeeee.txt
|
104.196.109.209
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
transfer.adttemp.com.br
|
104.196.109.209
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.196.109.209
|
transfer.adttemp.com.br
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\temp_executable_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\temp_executable_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\temp_executable_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\temp_executable_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\temp_executable_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\temp_executable_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\temp_executable_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\temp_executable_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\temp_executable_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\temp_executable_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\temp_executable_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\temp_executable_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\temp_executable_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\temp_executable_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
FA0000
|
direct allocation
|
page read and write
|
|
|
|
2387E92E000
|
heap
|
page read and write
|
||
|
2387C9CE000
|
heap
|
page read and write
|
||
|
107C000
|
heap
|
page read and write
|
||
|
2387E9DF000
|
heap
|
page read and write
|
||
|
2387EDA5000
|
heap
|
page read and write
|
||
|
2387EB34000
|
heap
|
page read and write
|
||
|
2387ED7D000
|
heap
|
page read and write
|
||
|
2B4E000
|
stack
|
page read and write
|
||
|
2387EB34000
|
heap
|
page read and write
|
||
|
2387E913000
|
heap
|
page read and write
|
||
|
2387E913000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
65C3000
|
heap
|
page read and write
|
||
|
2387C9AE000
|
heap
|
page read and write
|
||
|
2387EA7C000
|
heap
|
page read and write
|
||
|
648E000
|
stack
|
page read and write
|
||
|
2387ED61000
|
heap
|
page read and write
|
||
|
5C2C000
|
stack
|
page read and write
|
||
|
2387EA7B000
|
heap
|
page read and write
|
||
|
2387ED6E000
|
heap
|
page read and write
|
||
|
2387EAA7000
|
heap
|
page read and write
|
||
|
2387F970000
|
heap
|
page read and write
|
||
|
2387C9CE000
|
heap
|
page read and write
|
||
|
2387ED71000
|
heap
|
page read and write
|
||
|
2387ED7C000
|
heap
|
page read and write
|
||
|
2387ED9D000
|
heap
|
page read and write
|
||
|
2387C9A7000
|
heap
|
page read and write
|
||
|
2387EDA0000
|
heap
|
page read and write
|
||
|
8E0000
|
unkown
|
page readonly
|
||
|
318D000
|
direct allocation
|
page execute and read and write
|
||
|
2387ED6D000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
2387E831000
|
heap
|
page read and write
|
||
|
2387C9CE000
|
heap
|
page read and write
|
||
|
11CA000
|
heap
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
2387F250000
|
heap
|
page read and write
|
||
|
2387C8FD000
|
heap
|
page read and write
|
||
|
2387E927000
|
heap
|
page read and write
|
||
|
2387ED69000
|
heap
|
page read and write
|
||
|
5150000
|
heap
|
page read and write
|
||
|
2387EDA4000
|
heap
|
page read and write
|
||
|
2387E8CA000
|
heap
|
page read and write
|
||
|
2387EA6B000
|
heap
|
page read and write
|
||
|
644D000
|
stack
|
page read and write
|
||
|
2387EA54000
|
heap
|
page read and write
|
||
|
2387C9CE000
|
heap
|
page read and write
|
||
|
7FFB1E3B6000
|
unkown
|
page readonly
|
||
|
2387C9AE000
|
heap
|
page read and write
|
||
|
2387C9B3000
|
heap
|
page read and write
|
||
|
2387E913000
|
heap
|
page read and write
|
||
|
2387EB34000
|
heap
|
page read and write
|
||
|
2387ED98000
|
heap
|
page read and write
|
||
|
2B71000
|
trusted library allocation
|
page read and write
|
||
|
6E4DEFD000
|
stack
|
page read and write
|
||
|
2CE1000
|
trusted library allocation
|
page read and write
|
||
|
2387ED7E000
|
heap
|
page read and write
|
||
|
2387E8F0000
|
heap
|
page read and write
|
||
|
2387F570000
|
trusted library allocation
|
page read and write
|
||
|
2387EB21000
|
heap
|
page read and write
|
||
|
2387EA7C000
|
heap
|
page read and write
|
||
|
620C000
|
stack
|
page read and write
|
||
|
2387ED8B000
|
heap
|
page read and write
|
||
|
2387ED9E000
|
heap
|
page read and write
|
||
|
2387EA6A000
|
heap
|
page read and write
|
||
|
2387EAFC000
|
heap
|
page read and write
|
||
|
2387C9BE000
|
heap
|
page read and write
|
||
|
2387CC30000
|
heap
|
page read and write
|
||
|
2387EBDB000
|
heap
|
page read and write
|
||
|
2BCC000
|
trusted library allocation
|
page read and write
|
||
|
2EC0000
|
direct allocation
|
page execute and read and write
|
||
|
2C94000
|
trusted library allocation
|
page read and write
|
||
|
2387ED62000
|
heap
|
page read and write
|
||
|
2387EB18000
|
heap
|
page read and write
|
||
|
2387E8D0000
|
heap
|
page read and write
|
||
|
2387E928000
|
heap
|
page read and write
|
||
|
EFC000
|
stack
|
page read and write
|
||
|
13D0000
|
trusted library allocation
|
page read and write
|
||
|
634E000
|
stack
|
page read and write
|
||
|
5F2E000
|
stack
|
page read and write
|
||
|
2387ED98000
|
heap
|
page read and write
|
||
|
5140000
|
heap
|
page execute and read and write
|
||
|
2387EA86000
|
heap
|
page read and write
|
||
|
2387EAFF000
|
heap
|
page read and write
|
||
|
2387EDD5000
|
heap
|
page read and write
|
||
|
2387EDD4000
|
heap
|
page read and write
|
||
|
2387EA73000
|
heap
|
page read and write
|
||
|
2387EDA5000
|
heap
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
2387EA69000
|
heap
|
page read and write
|
||
|
2387ED6D000
|
heap
|
page read and write
|
||
|
2387E918000
|
heap
|
page read and write
|
||
|
2387ED71000
|
heap
|
page read and write
|
||
|
5DEE000
|
stack
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
585E000
|
stack
|
page read and write
|
||
|
2387EAE7000
|
heap
|
page read and write
|
||
|
5F8E000
|
stack
|
page read and write
|
||
|
2387EB34000
|
heap
|
page read and write
|
||
|
2387C9BE000
|
heap
|
page read and write
|
||
|
3171000
|
direct allocation
|
page execute and read and write
|
||
|
3186000
|
direct allocation
|
page execute and read and write
|
||
|
2387ED76000
|
heap
|
page read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
2387E8DB000
|
heap
|
page read and write
|
||
|
2387EDCF000
|
heap
|
page read and write
|
||
|
E85000
|
heap
|
page read and write
|
||
|
FB0000
|
trusted library allocation
|
page read and write
|
||
|
2387E896000
|
heap
|
page read and write
|
||
|
55CE000
|
stack
|
page read and write
|
||
|
2387EA7C000
|
heap
|
page read and write
|
||
|
2387C9BE000
|
heap
|
page read and write
|
||
|
2387EDAA000
|
heap
|
page read and write
|
||
|
2387ED65000
|
heap
|
page read and write
|
||
|
2C0B000
|
trusted library allocation
|
page read and write
|
||
|
2387EA73000
|
heap
|
page read and write
|
||
|
2387E909000
|
heap
|
page read and write
|
||
|
2387C8FE000
|
heap
|
page read and write
|
||
|
11D0000
|
trusted library allocation
|
page read and write
|
||
|
2387C9B0000
|
heap
|
page read and write
|
||
|
FCE000
|
heap
|
page read and write
|
||
|
2387CC35000
|
heap
|
page read and write
|
||
|
2387EDD4000
|
heap
|
page read and write
|
||
|
2BC4000
|
trusted library allocation
|
page read and write
|
||
|
2387C9C7000
|
heap
|
page read and write
|
||
|
2387E916000
|
heap
|
page read and write
|
||
|
595E000
|
stack
|
page read and write
|
||
|
2387C900000
|
heap
|
page read and write
|
||
|
2387EB18000
|
heap
|
page read and write
|
||
|
F9E000
|
stack
|
page read and write
|
||
|
548E000
|
stack
|
page read and write
|
||
|
2387EA6A000
|
heap
|
page read and write
|
||
|
2387ED69000
|
heap
|
page read and write
|
||
|
2387C9B0000
|
heap
|
page read and write
|
||
|
2387EDD2000
|
heap
|
page read and write
|
||
|
2387C9AC000
|
heap
|
page read and write
|
||
|
6E4DAFE000
|
stack
|
page read and write
|
||
|
2387EDCD000
|
heap
|
page read and write
|
||
|
2387ED71000
|
heap
|
page read and write
|
||
|
2387ED9E000
|
heap
|
page read and write
|
||
|
2387C9CE000
|
heap
|
page read and write
|
||
|
11BE000
|
stack
|
page read and write
|
||
|
2387C9AA000
|
heap
|
page read and write
|
||
|
E4E000
|
stack
|
page read and write
|
||
|
6E4D8FE000
|
stack
|
page read and write
|
||
|
2387E92C000
|
heap
|
page read and write
|
||
|
2387C984000
|
heap
|
page read and write
|
||
|
2FED000
|
direct allocation
|
page execute and read and write
|
||
|
2387EDA0000
|
heap
|
page read and write
|
||
|
2387EA57000
|
heap
|
page read and write
|
||
|
2387ED97000
|
heap
|
page read and write
|
||
|
2387EA6B000
|
heap
|
page read and write
|
||
|
5130000
|
trusted library allocation
|
page read and write
|
||
|
2387ED9D000
|
heap
|
page read and write
|
||
|
581F000
|
stack
|
page read and write
|
||
|
2387C975000
|
heap
|
page read and write
|
||
|
6E4DCFF000
|
stack
|
page read and write
|
||
|
3208000
|
direct allocation
|
page execute and read and write
|
||
|
1390000
|
trusted library allocation
|
page read and write
|
||
|
2387C9CA000
|
heap
|
page read and write
|
||
|
2387ED71000
|
heap
|
page read and write
|
||
|
2387E912000
|
heap
|
page read and write
|
||
|
2387EDAA000
|
heap
|
page read and write
|
||
|
2387F270000
|
heap
|
page read and write
|
||
|
2387EA7C000
|
heap
|
page read and write
|
||
|
2387E909000
|
heap
|
page read and write
|
||
|
2387EB18000
|
heap
|
page read and write
|
||
|
2387EDD0000
|
heap
|
page read and write
|
||
|
2387EA54000
|
heap
|
page read and write
|
||
|
2387EA88000
|
heap
|
page read and write
|
||
|
2387ED67000
|
heap
|
page read and write
|
||
|
2387C9C2000
|
heap
|
page read and write
|
||
|
2387EA7C000
|
heap
|
page read and write
|
||
|
2387C9B0000
|
heap
|
page read and write
|
||
|
11C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2387EDD3000
|
heap
|
page read and write
|
||
|
2387EDA0000
|
heap
|
page read and write
|
||
|
2387F420000
|
heap
|
page read and write
|
||
|
6E4DBFE000
|
stack
|
page read and write
|
||
|
2387EA8A000
|
heap
|
page read and write
|
||
|
2387EA5A000
|
heap
|
page read and write
|
||
|
2387C9B0000
|
heap
|
page read and write
|
||
|
2387EDD4000
|
heap
|
page read and write
|
||
|
13E0000
|
trusted library allocation
|
page read and write
|
||
|
2387C984000
|
heap
|
page read and write
|
||
|
2387EA8A000
|
heap
|
page read and write
|
||
|
2387C9C8000
|
heap
|
page read and write
|
||
|
2387E732000
|
heap
|
page read and write
|
||
|
7FFB1E3C5000
|
unkown
|
page readonly
|
||
|
139B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BFA000
|
trusted library allocation
|
page read and write
|
||
|
2387EA73000
|
heap
|
page read and write
|
||
|
2387EDA7000
|
heap
|
page read and write
|
||
|
50DE000
|
stack
|
page read and write
|
||
|
2387EDA1000
|
heap
|
page read and write
|
||
|
2387EA53000
|
heap
|
page read and write
|
||
|
558E000
|
stack
|
page read and write
|
||
|
2387EDA0000
|
heap
|
page read and write
|
||
|
56CF000
|
stack
|
page read and write
|
||
|
2387E898000
|
heap
|
page read and write
|
||
|
2387EA7E000
|
heap
|
page read and write
|
||
|
2387C9C7000
|
heap
|
page read and write
|
||
|
2387EA6B000
|
heap
|
page read and write
|
||
|
2387E8EF000
|
heap
|
page read and write
|
||
|
511D000
|
stack
|
page read and write
|
||
|
1071000
|
heap
|
page read and write
|
||
|
2387EB3B000
|
heap
|
page read and write
|
||
|
2387E7AC000
|
heap
|
page read and write
|
||
|
2387EA7B000
|
heap
|
page read and write
|
||
|
6E4D6F9000
|
stack
|
page read and write
|
||
|
2387EB18000
|
heap
|
page read and write
|
||
|
FF4000
|
heap
|
page read and write
|
||
|
2387E8D2000
|
heap
|
page read and write
|
||
|
2387EA54000
|
heap
|
page read and write
|
||
|
2387C8A0000
|
heap
|
page read and write
|
||
|
2387EA91000
|
heap
|
page read and write
|
||
|
BBC000
|
stack
|
page read and write
|
||
|
2387EAFC000
|
heap
|
page read and write
|
||
|
2387E7A4000
|
heap
|
page read and write
|
||
|
2387C9CE000
|
heap
|
page read and write
|
||
|
2387C9CE000
|
heap
|
page read and write
|
||
|
5CEE000
|
stack
|
page read and write
|
||
|
2387EB3E000
|
heap
|
page read and write
|
||
|
608D000
|
stack
|
page read and write
|
||
|
2387ED97000
|
heap
|
page read and write
|
||
|
2387EDD2000
|
heap
|
page read and write
|
||
|
2387E8F0000
|
heap
|
page read and write
|
||
|
2387E9DD000
|
heap
|
page read and write
|
||
|
305E000
|
direct allocation
|
page execute and read and write
|
||
|
2387C984000
|
heap
|
page read and write
|
||
|
2A4E000
|
stack
|
page read and write
|
||
|
8D0000
|
unkown
|
page readonly
|
||
|
5160000
|
heap
|
page read and write
|
||
|
2387C9AE000
|
heap
|
page read and write
|
||
|
2387EDA4000
|
heap
|
page read and write
|
||
|
65A0000
|
heap
|
page read and write
|
||
|
2BF3000
|
trusted library allocation
|
page read and write
|
||
|
2387E941000
|
heap
|
page read and write
|
||
|
13C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2387EA64000
|
heap
|
page read and write
|
||
|
2387EB3E000
|
heap
|
page read and write
|
||
|
7FFB1E3A1000
|
unkown
|
page execute read
|
||
|
11CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
E0E000
|
stack
|
page read and write
|
||
|
2387C9B5000
|
heap
|
page read and write
|
||
|
2387C9B3000
|
heap
|
page read and write
|
||
|
2387EA75000
|
heap
|
page read and write
|
||
|
2387EA8C000
|
heap
|
page read and write
|
||
|
2387C9C7000
|
heap
|
page read and write
|
||
|
2387C9BC000
|
heap
|
page read and write
|
||
|
2387E913000
|
heap
|
page read and write
|
||
|
2387EA63000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
1002000
|
heap
|
page read and write
|
||
|
2387EA6A000
|
heap
|
page read and write
|
||
|
2387EA7B000
|
heap
|
page read and write
|
||
|
2387EA7C000
|
heap
|
page read and write
|
||
|
8D2000
|
unkown
|
page readonly
|
||
|
7FFB1E3C0000
|
unkown
|
page read and write
|
||
|
2387C9CB000
|
heap
|
page read and write
|
||
|
2387ED83000
|
heap
|
page read and write
|
||
|
2BC9000
|
trusted library allocation
|
page read and write
|
||
|
2387EACE000
|
heap
|
page read and write
|
||
|
2387C9C6000
|
heap
|
page read and write
|
||
|
2387C9BA000
|
heap
|
page read and write
|
||
|
2387EA8C000
|
heap
|
page read and write
|
||
|
2387EB35000
|
heap
|
page read and write
|
||
|
7FFB1E3A0000
|
unkown
|
page readonly
|
||
|
4D4D000
|
stack
|
page read and write
|
||
|
11E2000
|
trusted library allocation
|
page read and write
|
||
|
2387EA63000
|
heap
|
page read and write
|
||
|
2387EA8A000
|
heap
|
page read and write
|
||
|
11C4000
|
trusted library allocation
|
page read and write
|
||
|
2387C9BE000
|
heap
|
page read and write
|
||
|
2387EDA5000
|
heap
|
page read and write
|
||
|
2387E8EF000
|
heap
|
page read and write
|
||
|
F8E000
|
stack
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
2387EB34000
|
heap
|
page read and write
|
||
|
2387C9BD000
|
heap
|
page read and write
|
||
|
2387C9BA000
|
heap
|
page read and write
|
||
|
2387E927000
|
heap
|
page read and write
|
||
|
2387ED64000
|
heap
|
page read and write
|
||
|
2387E92E000
|
heap
|
page read and write
|
||
|
2387E912000
|
heap
|
page read and write
|
||
|
2387EB3E000
|
heap
|
page read and write
|
||
|
2387ED61000
|
heap
|
page read and write
|
||
|
2B60000
|
heap
|
page read and write
|
||
|
1397000
|
trusted library allocation
|
page execute and read and write
|
||
|
65C0000
|
heap
|
page read and write
|
||
|
2387EB41000
|
heap
|
page read and write
|
||
|
2387EA6B000
|
heap
|
page read and write
|
||
|
2387EDC8000
|
heap
|
page read and write
|
||
|
2387EA5F000
|
heap
|
page read and write
|
||
|
2387C9B5000
|
heap
|
page read and write
|
||
|
2387EDCD000
|
heap
|
page read and write
|
||
|
2387ED70000
|
heap
|
page read and write
|
||
|
61CE000
|
stack
|
page read and write
|
||
|
2387E738000
|
heap
|
page read and write
|
||
|
2387EDA6000
|
heap
|
page read and write
|
||
|
2387EDA1000
|
heap
|
page read and write
|
||
|
2387ED6E000
|
heap
|
page read and write
|
||
|
2387C9CE000
|
heap
|
page read and write
|
||
|
2387ED97000
|
heap
|
page read and write
|
||
|
2387F300000
|
heap
|
page read and write
|
||
|
599E000
|
stack
|
page read and write
|
||
|
2387C9BE000
|
heap
|
page read and write
|
||
|
2387ED71000
|
heap
|
page read and write
|
||
|
2387E8EF000
|
heap
|
page read and write
|
||
|
2387EAA7000
|
heap
|
page read and write
|
||
|
2387E772000
|
heap
|
page read and write
|
||
|
2387C9BE000
|
heap
|
page read and write
|
||
|
2387C8FC000
|
heap
|
page read and write
|
||
|
2387EA86000
|
heap
|
page read and write
|
||
|
2387C9AE000
|
heap
|
page read and write
|
||
|
2387ED63000
|
heap
|
page read and write
|
||
|
2387ED66000
|
heap
|
page read and write
|
||
|
2387ED74000
|
heap
|
page read and write
|
||
|
2387EA96000
|
heap
|
page read and write
|
||
|
2387C9CA000
|
heap
|
page read and write
|
||
|
2387ED9B000
|
heap
|
page read and write
|
||
|
2387ED9B000
|
heap
|
page read and write
|
||
|
2387EA8C000
|
heap
|
page read and write
|
||
|
2387C9CE000
|
heap
|
page read and write
|
||
|
2387C8B0000
|
heap
|
page read and write
|
||
|
2387EDA0000
|
heap
|
page read and write
|
||
|
2387E940000
|
heap
|
page read and write
|
||
|
2387E730000
|
heap
|
page read and write
|
||
|
2387C9C6000
|
heap
|
page read and write
|
||
|
2387E8F0000
|
heap
|
page read and write
|
||
|
2387E909000
|
heap
|
page read and write
|
||
|
2387EDD0000
|
heap
|
page read and write
|
||
|
2BD2000
|
trusted library allocation
|
page read and write
|
||
|
5A9E000
|
stack
|
page read and write
|
||
|
2387EB40000
|
heap
|
page read and write
|
||
|
2387ED62000
|
heap
|
page read and write
|
||
|
2387EA73000
|
heap
|
page read and write
|
||
|
2387F1D0000
|
heap
|
page read and write
|
||
|
2387C9AB000
|
heap
|
page read and write
|
||
|
2B50000
|
heap
|
page execute and read and write
|
||
|
2387C9C7000
|
heap
|
page read and write
|
||
|
2387ED63000
|
heap
|
page read and write
|
||
|
2387C9A9000
|
heap
|
page read and write
|
||
|
11E0000
|
trusted library allocation
|
page read and write
|
||
|
2387EDAA000
|
heap
|
page read and write
|
||
|
2387EDD2000
|
heap
|
page read and write
|
||
|
2387ED83000
|
heap
|
page read and write
|
||
|
2387ED95000
|
heap
|
page read and write
|
||
|
2387C9BA000
|
heap
|
page read and write
|
||
|
11C0000
|
trusted library allocation
|
page read and write
|
||
|
2387EB3E000
|
heap
|
page read and write
|
||
|
2BC1000
|
trusted library allocation
|
page read and write
|
||
|
2387EAFC000
|
heap
|
page read and write
|
||
|
2BE6000
|
trusted library allocation
|
page read and write
|
||
|
2387F340000
|
heap
|
page read and write
|
||
|
2387C984000
|
heap
|
page read and write
|
||
|
2387C9CE000
|
heap
|
page read and write
|
||
|
6E4D7FE000
|
stack
|
page read and write
|
||
|
2387E830000
|
heap
|
page read and write
|
||
|
2387E8EF000
|
heap
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
2387EDAA000
|
heap
|
page read and write
|
||
|
2387EA92000
|
heap
|
page read and write
|
||
|
2387ED9D000
|
heap
|
page read and write
|
||
|
2387E927000
|
heap
|
page read and write
|
||
|
1392000
|
trusted library allocation
|
page read and write
|
||
|
2387C9AE000
|
heap
|
page read and write
|
||
|
2387ED62000
|
heap
|
page read and write
|
||
|
571E000
|
stack
|
page read and write
|
||
|
2387E7AC000
|
heap
|
page read and write
|
||
|
2387EA53000
|
heap
|
page read and write
|
||
|
2387CAA0000
|
heap
|
page read and write
|
||
|
2C57000
|
trusted library allocation
|
page read and write
|
||
|
2387ED98000
|
heap
|
page read and write
|
||
|
13B0000
|
trusted library allocation
|
page read and write
|
||
|
2BEA000
|
trusted library allocation
|
page read and write
|
||
|
2387C9CB000
|
heap
|
page read and write
|
||
|
FCB000
|
heap
|
page read and write
|
||
|
2387F260000
|
heap
|
page read and write
|
||
|
2387E8EF000
|
heap
|
page read and write
|
||
|
5B2D000
|
stack
|
page read and write
|
||
|
2387EA8D000
|
heap
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
2387E898000
|
heap
|
page read and write
|
||
|
6590000
|
heap
|
page read and write
|
||
|
2387EA56000
|
heap
|
page read and write
|
||
|
2387E92C000
|
heap
|
page read and write
|
||
|
2387EA86000
|
heap
|
page read and write
|
||
|
2387EA8A000
|
heap
|
page read and write
|
||
|
2387C9B2000
|
heap
|
page read and write
|
||
|
2BBF000
|
trusted library allocation
|
page read and write
|
||
|
3B71000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2387EA59000
|
heap
|
page read and write
|
||
|
2C19000
|
trusted library allocation
|
page read and write
|
||
|
6E4DDFE000
|
stack
|
page read and write
|
||
|
2387EA8D000
|
heap
|
page read and write
|
||
|
97C000
|
stack
|
page read and write
|
||
|
2C1D000
|
trusted library allocation
|
page read and write
|
||
|
3B79000
|
trusted library allocation
|
page read and write
|
||
|
2FE9000
|
direct allocation
|
page execute and read and write
|
||
|
2387E928000
|
heap
|
page read and write
|
||
|
2387C9C8000
|
heap
|
page read and write
|
||
|
8E2000
|
unkown
|
page readonly
|
||
|
108B000
|
heap
|
page read and write
|
||
|
2387E8EF000
|
heap
|
page read and write
|
||
|
2387EA63000
|
heap
|
page read and write
|
||
|
2387CB00000
|
heap
|
page read and write
|
||
|
2387C907000
|
heap
|
page read and write
|
||
|
2387E90E000
|
heap
|
page read and write
|
||
|
2387C9BE000
|
heap
|
page read and write
|
||
|
11EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
FDF000
|
heap
|
page read and write
|
||
|
2B60000
|
heap
|
page read and write
|
||
|
2387EA8D000
|
heap
|
page read and write
|
||
|
2387EAE8000
|
heap
|
page read and write
|
||
|
2387C90F000
|
heap
|
page read and write
|
||
|
2387C9C8000
|
heap
|
page read and write
|
||
|
2387EDD4000
|
heap
|
page read and write
|
||
|
2387E90E000
|
heap
|
page read and write
|
||
|
2387E92E000
|
heap
|
page read and write
|
||
|
2387E732000
|
heap
|
page read and write
|
||
|
658E000
|
stack
|
page read and write
|
||
|
2387E8D5000
|
heap
|
page read and write
|
||
|
2387EA55000
|
heap
|
page read and write
|
||
|
2387EA6A000
|
heap
|
page read and write
|
||
|
2387E731000
|
heap
|
page read and write
|
||
|
2CB7000
|
trusted library allocation
|
page read and write
|
||
|
2387EA55000
|
heap
|
page read and write
|
||
|
7FFB1E3C2000
|
unkown
|
page readonly
|
||
|
2387EDD2000
|
heap
|
page read and write
|
||
|
2387E92E000
|
heap
|
page read and write
|
||
|
11E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2387E8FE000
|
heap
|
page read and write
|
||
|
2387EA88000
|
heap
|
page read and write
|
||
|
4C4C000
|
stack
|
page read and write
|
||
|
2387C900000
|
heap
|
page read and write
|
||
|
2387EA54000
|
heap
|
page read and write
|
||
|
2387C9B0000
|
heap
|
page read and write
|
||
|
2387E764000
|
heap
|
page read and write
|
||
|
2387E929000
|
heap
|
page read and write
|
||
|
2387E927000
|
heap
|
page read and write
|
||
|
2387ED9A000
|
heap
|
page read and write
|
||
|
2387C907000
|
heap
|
page read and write
|
||
|
2387C9C3000
|
heap
|
page read and write
|
||
|
2387E912000
|
heap
|
page read and write
|
||
|
2387EA6A000
|
heap
|
page read and write
|
||
|
2387EDCC000
|
heap
|
page read and write
|
||
|
2387ED70000
|
heap
|
page read and write
|
||
|
60CE000
|
stack
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
2387C9C6000
|
heap
|
page read and write
|
||
|
2387E909000
|
heap
|
page read and write
|
||
|
2387EDAA000
|
heap
|
page read and write
|
||
|
2387EA8C000
|
heap
|
page read and write
|
||
|
2387EA8B000
|
heap
|
page read and write
|
||
|
2387E927000
|
heap
|
page read and write
|
||
|
2387ED84000
|
heap
|
page read and write
|
||
|
104E000
|
heap
|
page read and write
|
||
|
2387ED97000
|
heap
|
page read and write
|
||
|
2387EDD0000
|
heap
|
page read and write
|
||
|
2387EDA4000
|
heap
|
page read and write
|
||
|
2387EAA7000
|
heap
|
page read and write
|
||
|
2387C9AC000
|
heap
|
page read and write
|
||
|
2387EA92000
|
heap
|
page read and write
|
||
|
630C000
|
stack
|
page read and write
|
||
|
2387E8EF000
|
heap
|
page read and write
|
||
|
2387C975000
|
heap
|
page read and write
|
||
|
2387ED6F000
|
heap
|
page read and write
|
||
|
2387C9B0000
|
heap
|
page read and write
|
||
|
2D5F000
|
stack
|
page read and write
|
||
|
2BD5000
|
trusted library allocation
|
page read and write
|
||
|
2387EB3E000
|
heap
|
page read and write
|
||
|
2387E913000
|
heap
|
page read and write
|
||
|
6E4E0FB000
|
stack
|
page read and write
|
||
|
2387EA7B000
|
heap
|
page read and write
|
||
|
2387C907000
|
heap
|
page read and write
|
||
|
2387C8D0000
|
heap
|
page read and write
|
||
|
2387EA5C000
|
heap
|
page read and write
|
||
|
2387E739000
|
heap
|
page read and write
|
||
|
2387EA62000
|
heap
|
page read and write
|
||
|
5E2E000
|
stack
|
page read and write
|
||
|
2387EA59000
|
heap
|
page read and write
|
||
|
2387EA58000
|
heap
|
page read and write
|
||
|
2387E9DD000
|
heap
|
page read and write
|
||
|
CF9000
|
stack
|
page read and write
|
||
|
2387E909000
|
heap
|
page read and write
|
||
|
2387EAEB000
|
heap
|
page read and write
|
There are 481 hidden memdumps, click here to show them.