Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
RFQ Ref. No CRCCRFQHAFJIHDG2-KSU001 REV.01..exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RFQ Ref. No CRCCRFQHAFJIHDG2-KSU001 REV.01..exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0py1rknh.fvk.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2llasbzi.3wh.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pskvzsmn.kjo.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qtqjww2z.i31.psm1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\RFQ Ref. No CRCCRFQHAFJIHDG2-KSU001 REV.01..exe
|
"C:\Users\user\Desktop\RFQ Ref. No CRCCRFQHAFJIHDG2-KSU001 REV.01..exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\RFQ Ref.
No CRCCRFQHAFJIHDG2-KSU001 REV.01..exe"
|
|
|
|
C:\Users\user\Desktop\RFQ Ref. No CRCCRFQHAFJIHDG2-KSU001 REV.01..exe
|
"C:\Users\user\Desktop\RFQ Ref. No CRCCRFQHAFJIHDG2-KSU001 REV.01..exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://reallyfreegeoip.org
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
http://checkip.dyndns.org/
|
193.122.6.168
|
||
|
https://reallyfreegeoip.orgp
|
unknown
|
||
|
http://checkip.dyndns.com
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33
|
188.114.97.3
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33$
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://www.chiark.greenend.org.uk/~sgtatham/putty/0
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
http://reallyfreegeoip.org
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
There are 2 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
reallyfreegeoip.org
|
188.114.97.3
|
|
|
|
checkip.dyndns.org
|
unknown
|
|
|
|
checkip.dyndns.com
|
193.122.6.168
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.97.3
|
reallyfreegeoip.org
|
European Union
|
|
|
|
193.122.6.168
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ Ref_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ Ref_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ Ref_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ Ref_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ Ref_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ Ref_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ Ref_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ Ref_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ Ref_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ Ref_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ Ref_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ Ref_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ Ref_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ Ref_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
3C87000
|
trusted library allocation
|
page read and write
|
|
|
|
2941000
|
trusted library allocation
|
page read and write
|
|
|
|
2B09000
|
trusted library allocation
|
page read and write
|
|
|
|
5B10000
|
heap
|
page read and write
|
||
|
3941000
|
trusted library allocation
|
page read and write
|
||
|
2A87000
|
trusted library allocation
|
page read and write
|
||
|
2FC2000
|
trusted library allocation
|
page read and write
|
||
|
DBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
CEE000
|
stack
|
page read and write
|
||
|
51D0000
|
trusted library allocation
|
page read and write
|
||
|
2A47000
|
trusted library allocation
|
page read and write
|
||
|
2EF3000
|
trusted library allocation
|
page read and write
|
||
|
51AE000
|
stack
|
page read and write
|
||
|
10C0000
|
trusted library allocation
|
page read and write
|
||
|
2A97000
|
trusted library allocation
|
page read and write
|
||
|
3C29000
|
trusted library allocation
|
page read and write
|
||
|
5012000
|
trusted library allocation
|
page read and write
|
||
|
EA2000
|
trusted library allocation
|
page read and write
|
||
|
26DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
27D0000
|
trusted library allocation
|
page read and write
|
||
|
5540000
|
trusted library allocation
|
page read and write
|
||
|
B06000
|
heap
|
page read and write
|
||
|
9E7F000
|
stack
|
page read and write
|
||
|
310D000
|
trusted library allocation
|
page read and write
|
||
|
26CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
E83000
|
trusted library allocation
|
page read and write
|
||
|
648E000
|
stack
|
page read and write
|
||
|
5558000
|
trusted library allocation
|
page read and write
|
||
|
26D5000
|
trusted library allocation
|
page execute and read and write
|
||
|
E92000
|
trusted library allocation
|
page read and write
|
||
|
64CE000
|
stack
|
page read and write
|
||
|
AAA000
|
heap
|
page read and write
|
||
|
7410000
|
trusted library allocation
|
page read and write
|
||
|
DB0000
|
trusted library allocation
|
page read and write
|
||
|
31A4000
|
trusted library allocation
|
page read and write
|
||
|
2F08000
|
trusted library allocation
|
page read and write
|
||
|
6680000
|
trusted library allocation
|
page read and write
|
||
|
D6F000
|
stack
|
page read and write
|
||
|
25BE000
|
stack
|
page read and write
|
||
|
26D7000
|
trusted library allocation
|
page execute and read and write
|
||
|
39CC000
|
trusted library allocation
|
page read and write
|
||
|
2EDF000
|
trusted library allocation
|
page read and write
|
||
|
27F1000
|
trusted library allocation
|
page read and write
|
||
|
307C000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
3E4D000
|
trusted library allocation
|
page read and write
|
||
|
303E000
|
trusted library allocation
|
page read and write
|
||
|
72BC000
|
heap
|
page read and write
|
||
|
11C0000
|
trusted library allocation
|
page read and write
|
||
|
E73000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FA3000
|
heap
|
page read and write
|
||
|
547E000
|
stack
|
page read and write
|
||
|
B48000
|
heap
|
page read and write
|
||
|
2B72000
|
trusted library allocation
|
page read and write
|
||
|
39C3000
|
trusted library allocation
|
page read and write
|
||
|
2C00000
|
trusted library allocation
|
page read and write
|
||
|
7430000
|
trusted library allocation
|
page read and write
|
||
|
2D13000
|
trusted library allocation
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
314B000
|
trusted library allocation
|
page read and write
|
||
|
714E000
|
stack
|
page read and write
|
||
|
3000000
|
trusted library allocation
|
page read and write
|
||
|
110E000
|
stack
|
page read and write
|
||
|
273E000
|
stack
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
30F8000
|
trusted library allocation
|
page read and write
|
||
|
293E000
|
stack
|
page read and write
|
||
|
6610000
|
trusted library allocation
|
page read and write
|
||
|
31CD000
|
trusted library allocation
|
page read and write
|
||
|
39D8000
|
trusted library allocation
|
page read and write
|
||
|
A8CC000
|
stack
|
page read and write
|
||
|
319E000
|
trusted library allocation
|
page read and write
|
||
|
2F5A000
|
trusted library allocation
|
page read and write
|
||
|
11B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AE9000
|
trusted library allocation
|
page read and write
|
||
|
F3D000
|
heap
|
page read and write
|
||
|
2EB5000
|
trusted library allocation
|
page read and write
|
||
|
F63000
|
heap
|
page read and write
|
||
|
2ACD000
|
trusted library allocation
|
page read and write
|
||
|
2A02000
|
trusted library allocation
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
60AA000
|
heap
|
page read and write
|
||
|
2790000
|
trusted library allocation
|
page read and write
|
||
|
A3CD000
|
stack
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
A3A000
|
stack
|
page read and write
|
||
|
2FEB000
|
trusted library allocation
|
page read and write
|
||
|
74DE000
|
stack
|
page read and write
|
||
|
3DF2000
|
trusted library allocation
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
2BC0000
|
trusted library allocation
|
page read and write
|
||
|
2A04000
|
trusted library allocation
|
page read and write
|
||
|
A610000
|
heap
|
page read and write
|
||
|
AA0F000
|
stack
|
page read and write
|
||
|
7370000
|
trusted library allocation
|
page read and write
|
||
|
4F6B000
|
trusted library allocation
|
page read and write
|
||
|
5550000
|
trusted library allocation
|
page read and write
|
||
|
2AC0000
|
trusted library allocation
|
page read and write
|
||
|
2F1D000
|
trusted library allocation
|
page read and write
|
||
|
5000000
|
heap
|
page read and write
|
||
|
4ADE000
|
stack
|
page read and write
|
||
|
2F31000
|
trusted library allocation
|
page read and write
|
||
|
A07E000
|
stack
|
page read and write
|
||
|
5200000
|
trusted library allocation
|
page execute and read and write
|
||
|
3091000
|
trusted library allocation
|
page read and write
|
||
|
7F270000
|
trusted library allocation
|
page execute and read and write
|
||
|
751E000
|
stack
|
page read and write
|
||
|
27EE000
|
trusted library allocation
|
page read and write
|
||
|
7B7000
|
stack
|
page read and write
|
||
|
2BFC000
|
stack
|
page read and write
|
||
|
A37F000
|
stack
|
page read and write
|
||
|
3D96000
|
trusted library allocation
|
page read and write
|
||
|
F01000
|
heap
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
2A3B000
|
trusted library allocation
|
page read and write
|
||
|
11D7000
|
heap
|
page read and write
|
||
|
A17D000
|
stack
|
page read and write
|
||
|
2AA5000
|
trusted library allocation
|
page read and write
|
||
|
30E3000
|
trusted library allocation
|
page read and write
|
||
|
2F46000
|
trusted library allocation
|
page read and write
|
||
|
73A0000
|
trusted library section
|
page read and write
|
||
|
2E11000
|
trusted library allocation
|
page read and write
|
||
|
2A43000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
4FB0000
|
heap
|
page read and write
|
||
|
E8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A83000
|
trusted library allocation
|
page read and write
|
||
|
7250000
|
trusted library section
|
page read and write
|
||
|
603C000
|
heap
|
page read and write
|
||
|
6C10000
|
heap
|
page read and write
|
||
|
DB4000
|
trusted library allocation
|
page read and write
|
||
|
65D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3067000
|
trusted library allocation
|
page read and write
|
||
|
2BBE000
|
trusted library allocation
|
page read and write
|
||
|
65E0000
|
trusted library allocation
|
page read and write
|
||
|
27FD000
|
trusted library allocation
|
page read and write
|
||
|
2FD6000
|
trusted library allocation
|
page read and write
|
||
|
E7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
31D4000
|
trusted library allocation
|
page read and write
|
||
|
E9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
B6E000
|
heap
|
page read and write
|
||
|
6620000
|
trusted library allocation
|
page read and write
|
||
|
31D9000
|
trusted library allocation
|
page read and write
|
||
|
F42000
|
heap
|
page read and write
|
||
|
4E7E000
|
stack
|
page read and write
|
||
|
AB6000
|
heap
|
page read and write
|
||
|
2A7F000
|
trusted library allocation
|
page read and write
|
||
|
ECE000
|
heap
|
page read and write
|
||
|
D10000
|
trusted library allocation
|
page read and write
|
||
|
555B000
|
trusted library allocation
|
page read and write
|
||
|
5490000
|
heap
|
page read and write
|
||
|
4FA3000
|
heap
|
page read and write
|
||
|
5556000
|
trusted library allocation
|
page read and write
|
||
|
5B20000
|
heap
|
page read and write
|
||
|
4F8D000
|
trusted library allocation
|
page read and write
|
||
|
27DE000
|
trusted library allocation
|
page read and write
|
||
|
2A7E000
|
stack
|
page read and write
|
||
|
722000
|
unkown
|
page readonly
|
||
|
2A93000
|
trusted library allocation
|
page read and write
|
||
|
26C6000
|
trusted library allocation
|
page execute and read and write
|
||
|
27A4000
|
trusted library allocation
|
page read and write
|
||
|
52DB000
|
stack
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
5530000
|
trusted library allocation
|
page execute and read and write
|
||
|
3160000
|
trusted library allocation
|
page read and write
|
||
|
E96000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B82000
|
trusted library allocation
|
page read and write
|
||
|
640F000
|
stack
|
page read and write
|
||
|
65EF000
|
trusted library allocation
|
page read and write
|
||
|
3122000
|
trusted library allocation
|
page read and write
|
||
|
749E000
|
stack
|
page read and write
|
||
|
75CE000
|
stack
|
page read and write
|
||
|
30CF000
|
trusted library allocation
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
2AA0000
|
trusted library allocation
|
page read and write
|
||
|
3053000
|
trusted library allocation
|
page read and write
|
||
|
2EA1000
|
trusted library allocation
|
page read and write
|
||
|
2AB0000
|
heap
|
page read and write
|
||
|
6018000
|
heap
|
page read and write
|
||
|
624E000
|
stack
|
page read and write
|
||
|
3189000
|
trusted library allocation
|
page read and write
|
||
|
65F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A90000
|
trusted library allocation
|
page read and write
|
||
|
E74000
|
trusted library allocation
|
page read and write
|
||
|
30A5000
|
trusted library allocation
|
page read and write
|
||
|
2E0E000
|
trusted library allocation
|
page read and write
|
||
|
F03000
|
heap
|
page read and write
|
||
|
26C0000
|
trusted library allocation
|
page read and write
|
||
|
5010000
|
trusted library allocation
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
2AFB000
|
trusted library allocation
|
page read and write
|
||
|
7419000
|
trusted library allocation
|
page read and write
|
||
|
EA7000
|
trusted library allocation
|
page execute and read and write
|
||
|
E70000
|
trusted library allocation
|
page read and write
|
||
|
A88000
|
heap
|
page read and write
|
||
|
2780000
|
trusted library allocation
|
page execute and read and write
|
||
|
DCD000
|
trusted library allocation
|
page execute and read and write
|
||
|
5370000
|
heap
|
page read and write
|
||
|
54D5000
|
heap
|
page read and write
|
||
|
26D2000
|
trusted library allocation
|
page read and write
|
||
|
4F81000
|
trusted library allocation
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
3175000
|
trusted library allocation
|
page read and write
|
||
|
5480000
|
heap
|
page read and write
|
||
|
30BA000
|
trusted library allocation
|
page read and write
|
||
|
2E78000
|
trusted library allocation
|
page read and write
|
||
|
755E000
|
stack
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
2A32000
|
trusted library allocation
|
page read and write
|
||
|
31D1000
|
trusted library allocation
|
page read and write
|
||
|
2BC5000
|
trusted library allocation
|
page read and write
|
||
|
E2E000
|
stack
|
page read and write
|
||
|
B37000
|
stack
|
page read and write
|
||
|
2B90000
|
trusted library allocation
|
page read and write
|
||
|
26C2000
|
trusted library allocation
|
page read and write
|
||
|
2FAD000
|
trusted library allocation
|
page read and write
|
||
|
9F7F000
|
stack
|
page read and write
|
||
|
7420000
|
trusted library allocation
|
page read and write
|
||
|
630E000
|
stack
|
page read and write
|
||
|
5030000
|
trusted library allocation
|
page read and write
|
||
|
277E000
|
stack
|
page read and write
|
||
|
27F6000
|
trusted library allocation
|
page read and write
|
||
|
65E3000
|
trusted library allocation
|
page read and write
|
||
|
554E000
|
trusted library allocation
|
page read and write
|
||
|
77FE000
|
stack
|
page read and write
|
||
|
2E25000
|
trusted library allocation
|
page read and write
|
||
|
7270000
|
heap
|
page read and write
|
||
|
A6E000
|
stack
|
page read and write
|
||
|
728D000
|
heap
|
page read and write
|
||
|
2B6E000
|
trusted library allocation
|
page read and write
|
||
|
27EA000
|
trusted library allocation
|
page read and write
|
||
|
2C79000
|
trusted library allocation
|
page read and write
|
||
|
39A7000
|
trusted library allocation
|
page read and write
|
||
|
27A0000
|
trusted library allocation
|
page read and write
|
||
|
62CE000
|
stack
|
page read and write
|
||
|
26BE000
|
stack
|
page read and write
|
||
|
2A8B000
|
trusted library allocation
|
page read and write
|
||
|
A19A000
|
heap
|
page read and write
|
||
|
2A3F000
|
trusted library allocation
|
page read and write
|
||
|
2830000
|
heap
|
page read and write
|
||
|
A60E000
|
stack
|
page read and write
|
||
|
4F64000
|
trusted library allocation
|
page read and write
|
||
|
2AA5000
|
trusted library allocation
|
page read and write
|
||
|
2820000
|
trusted library allocation
|
page read and write
|
||
|
EAB000
|
trusted library allocation
|
page execute and read and write
|
||
|
6058000
|
heap
|
page read and write
|
||
|
2A80000
|
trusted library allocation
|
page read and write
|
||
|
52E0000
|
trusted library section
|
page readonly
|
||
|
DC0000
|
trusted library allocation
|
page read and write
|
||
|
2F6F000
|
trusted library allocation
|
page read and write
|
||
|
6690000
|
heap
|
page read and write
|
||
|
3C49000
|
trusted library allocation
|
page read and write
|
||
|
6010000
|
heap
|
page read and write
|
||
|
ECB000
|
heap
|
page read and write
|
||
|
A90D000
|
stack
|
page read and write
|
||
|
2B8C000
|
trusted library allocation
|
page read and write
|
||
|
2ECA000
|
trusted library allocation
|
page read and write
|
||
|
A180000
|
heap
|
page read and write
|
||
|
2A8F000
|
trusted library allocation
|
page read and write
|
||
|
1118000
|
trusted library allocation
|
page read and write
|
||
|
DB3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CCB000
|
trusted library allocation
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
51E0000
|
heap
|
page execute and read and write
|
||
|
26D0000
|
trusted library allocation
|
page read and write
|
||
|
27DB000
|
trusted library allocation
|
page read and write
|
||
|
5B3E000
|
heap
|
page read and write
|
||
|
2CC7000
|
trusted library allocation
|
page read and write
|
||
|
5220000
|
heap
|
page execute and read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
3969000
|
trusted library allocation
|
page read and write
|
||
|
7380000
|
trusted library allocation
|
page read and write
|
||
|
2E8C000
|
trusted library allocation
|
page read and write
|
||
|
4F7E000
|
trusted library allocation
|
page read and write
|
||
|
614E000
|
stack
|
page read and write
|
||
|
644E000
|
stack
|
page read and write
|
||
|
2C21000
|
trusted library allocation
|
page read and write
|
||
|
EEB000
|
heap
|
page read and write
|
||
|
7390000
|
trusted library allocation
|
page read and write
|
||
|
4F86000
|
trusted library allocation
|
page read and write
|
||
|
66C0000
|
heap
|
page read and write
|
||
|
6012000
|
heap
|
page read and write
|
||
|
724E000
|
stack
|
page read and write
|
||
|
2B95000
|
trusted library allocation
|
page read and write
|
||
|
2AB2000
|
trusted library allocation
|
page read and write
|
||
|
A4CE000
|
stack
|
page read and write
|
||
|
F7E000
|
heap
|
page read and write
|
||
|
65CF000
|
stack
|
page read and write
|
||
|
10BE000
|
stack
|
page read and write
|
||
|
2AED000
|
trusted library allocation
|
page read and write
|
||
|
31D7000
|
trusted library allocation
|
page read and write
|
||
|
EF8000
|
heap
|
page read and write
|
||
|
4FC0000
|
trusted library allocation
|
page read and write
|
||
|
3136000
|
trusted library allocation
|
page read and write
|
||
|
27B0000
|
trusted library allocation
|
page read and write
|
||
|
3014000
|
trusted library allocation
|
page read and write
|
||
|
6BA000
|
stack
|
page read and write
|
||
|
A7CC000
|
stack
|
page read and write
|
||
|
2D15000
|
trusted library allocation
|
page read and write
|
||
|
2BCB000
|
trusted library allocation
|
page read and write
|
||
|
2802000
|
trusted library allocation
|
page read and write
|
||
|
4FA0000
|
heap
|
page read and write
|
||
|
65EA000
|
trusted library allocation
|
page read and write
|
||
|
A50E000
|
stack
|
page read and write
|
||
|
2A1D000
|
trusted library allocation
|
page read and write
|
||
|
2C10000
|
heap
|
page execute and read and write
|
||
|
3C21000
|
trusted library allocation
|
page read and write
|
||
|
2E4E000
|
trusted library allocation
|
page read and write
|
||
|
7450000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FA0000
|
heap
|
page read and write
|
||
|
3029000
|
trusted library allocation
|
page read and write
|
||
|
2F84000
|
trusted library allocation
|
page read and write
|
||
|
27D6000
|
trusted library allocation
|
page read and write
|
||
|
2E63000
|
trusted library allocation
|
page read and write
|
||
|
760E000
|
stack
|
page read and write
|
||
|
2F98000
|
trusted library allocation
|
page read and write
|
||
|
2A7B000
|
trusted library allocation
|
page read and write
|
||
|
E6E000
|
stack
|
page read and write
|
||
|
2BB8000
|
trusted library allocation
|
page read and write
|
||
|
720000
|
unkown
|
page readonly
|
||
|
6710000
|
trusted library allocation
|
page execute and read and write
|
||
|
7375000
|
trusted library allocation
|
page read and write
|
||
|
7299000
|
heap
|
page read and write
|
||
|
27C0000
|
heap
|
page execute and read and write
|
||
|
54D0000
|
heap
|
page read and write
|
||
|
E80000
|
trusted library allocation
|
page read and write
|
||
|
6D32000
|
trusted library allocation
|
page read and write
|
||
|
2E3A000
|
trusted library allocation
|
page read and write
|
||
|
4F60000
|
trusted library allocation
|
page read and write
|
||
|
628D000
|
stack
|
page read and write
|
||
|
2AFB000
|
stack
|
page read and write
|
||
|
6600000
|
trusted library allocation
|
page execute and read and write
|
||
|
31B8000
|
trusted library allocation
|
page read and write
|
||
|
7A6000
|
unkown
|
page readonly
|
||
|
5020000
|
trusted library allocation
|
page execute and read and write
|
There are 328 hidden memdumps, click here to show them.