Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
699rYWjtp9.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\699rYWjtp9.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\769a6d2f4d6310beb643add84c2c23fd.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\769a6d2f4d6310beb643add84c2c23fd.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\699rYWjtp9.exe
|
"C:\Users\user\Desktop\699rYWjtp9.exe"
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\Desktop\699rYWjtp9.exe" "699rYWjtp9.exe" ENABLE
|
|
|
|
C:\Users\user\Desktop\699rYWjtp9.exe
|
"C:\Users\user\Desktop\699rYWjtp9.exe" ..
|
|
|
|
C:\Users\user\Desktop\699rYWjtp9.exe
|
"C:\Users\user\Desktop\699rYWjtp9.exe" ..
|
|
|
|
C:\Users\user\Desktop\699rYWjtp9.exe
|
"C:\Users\user\Desktop\699rYWjtp9.exe" ..
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
103.253.73.222
|
unknown
|
Thailand
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER
|
di
|
|
|
|
HKEY_CURRENT_USER\Environment
|
SEE_MASK_NOZONECHECKS
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
769a6d2f4d6310beb643add84c2c23fd
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
|
769a6d2f4d6310beb643add84c2c23fd
|
||
|
HKEY_CURRENT_USER\SOFTWARE\769a6d2f4d6310beb643add84c2c23fd
|
[kl]
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4B2000
|
unkown
|
page readonly
|
|
|
|
2941000
|
trusted library allocation
|
page read and write
|
|
|
|
D15000
|
heap
|
page read and write
|
||
|
31E1000
|
trusted library allocation
|
page read and write
|
||
|
BDB000
|
stack
|
page read and write
|
||
|
2B1E000
|
stack
|
page read and write
|
||
|
C73000
|
trusted library allocation
|
page read and write
|
||
|
12BD000
|
stack
|
page read and write
|
||
|
1476000
|
heap
|
page read and write
|
||
|
257F000
|
stack
|
page read and write
|
||
|
ED0000
|
trusted library allocation
|
page read and write
|
||
|
978000
|
heap
|
page read and write
|
||
|
F81000
|
heap
|
page read and write
|
||
|
B94000
|
trusted library allocation
|
page read and write
|
||
|
FDE000
|
heap
|
page read and write
|
||
|
1514000
|
trusted library allocation
|
page read and write
|
||
|
EED000
|
trusted library allocation
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
5560000
|
trusted library allocation
|
page read and write
|
||
|
3C61000
|
trusted library allocation
|
page read and write
|
||
|
5712000
|
heap
|
page read and write
|
||
|
FD2000
|
heap
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
FD7000
|
heap
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
31D0000
|
heap
|
page execute and read and write
|
||
|
127E000
|
unkown
|
page read and write
|
||
|
FAD000
|
heap
|
page read and write
|
||
|
1019000
|
heap
|
page read and write
|
||
|
1033000
|
heap
|
page read and write
|
||
|
5729000
|
heap
|
page read and write
|
||
|
FE3000
|
heap
|
page read and write
|
||
|
EDA000
|
trusted library allocation
|
page read and write
|
||
|
475E000
|
stack
|
page read and write
|
||
|
54B0000
|
heap
|
page read and write
|
||
|
1540000
|
trusted library allocation
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
6020000
|
trusted library allocation
|
page read and write
|
||
|
127E000
|
stack
|
page read and write
|
||
|
C20000
|
heap
|
page execute and read and write
|
||
|
FDA000
|
heap
|
page read and write
|
||
|
FE9000
|
heap
|
page read and write
|
||
|
2A36000
|
trusted library allocation
|
page read and write
|
||
|
EC0000
|
trusted library allocation
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
3B0000
|
heap
|
page read and write
|
||
|
2ADE000
|
stack
|
page read and write
|
||
|
2A95000
|
trusted library allocation
|
page read and write
|
||
|
1035000
|
heap
|
page read and write
|
||
|
FDF000
|
heap
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
FDE000
|
heap
|
page read and write
|
||
|
2A64000
|
trusted library allocation
|
page read and write
|
||
|
1013000
|
heap
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
1420000
|
heap
|
page read and write
|
||
|
119D000
|
stack
|
page read and write
|
||
|
B67000
|
stack
|
page read and write
|
||
|
55EE000
|
stack
|
page read and write
|
||
|
1019000
|
heap
|
page read and write
|
||
|
31B3000
|
trusted library allocation
|
page read and write
|
||
|
E30000
|
heap
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
1033000
|
heap
|
page read and write
|
||
|
F77000
|
heap
|
page read and write
|
||
|
DEB000
|
stack
|
page read and write
|
||
|
FD9000
|
heap
|
page read and write
|
||
|
FEC000
|
heap
|
page read and write
|
||
|
4AA4000
|
trusted library allocation
|
page read and write
|
||
|
5130000
|
heap
|
page execute and read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
F99000
|
heap
|
page read and write
|
||
|
AA2000
|
trusted library allocation
|
page read and write
|
||
|
E1F000
|
stack
|
page read and write
|
||
|
CEE000
|
stack
|
page read and write
|
||
|
F51000
|
heap
|
page read and write
|
||
|
1524000
|
trusted library allocation
|
page read and write
|
||
|
EFE000
|
stack
|
page read and write
|
||
|
4C80000
|
heap
|
page execute and read and write
|
||
|
523F000
|
stack
|
page read and write
|
||
|
5712000
|
heap
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
A80000
|
trusted library allocation
|
page read and write
|
||
|
56F0000
|
heap
|
page read and write
|
||
|
8F8000
|
stack
|
page read and write
|
||
|
5460000
|
heap
|
page read and write
|
||
|
2830000
|
heap
|
page execute and read and write
|
||
|
985000
|
heap
|
page read and write
|
||
|
4E99000
|
stack
|
page read and write
|
||
|
FE2000
|
heap
|
page read and write
|
||
|
53DE000
|
stack
|
page read and write
|
||
|
1145000
|
heap
|
page read and write
|
||
|
1034000
|
heap
|
page read and write
|
||
|
318E000
|
stack
|
page read and write
|
||
|
31C4000
|
trusted library allocation
|
page read and write
|
||
|
4EB0000
|
trusted library allocation
|
page read and write
|
||
|
4BE0000
|
heap
|
page read and write
|
||
|
53B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
FE6000
|
heap
|
page read and write
|
||
|
5729000
|
heap
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
1033000
|
heap
|
page read and write
|
||
|
5C0D000
|
heap
|
page read and write
|
||
|
EB0000
|
trusted library allocation
|
page read and write
|
||
|
FD8000
|
heap
|
page read and write
|
||
|
C1E000
|
stack
|
page read and write
|
||
|
539E000
|
stack
|
page read and write
|
||
|
A9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
B81000
|
heap
|
page read and write
|
||
|
1033000
|
heap
|
page read and write
|
||
|
5BF5000
|
heap
|
page read and write
|
||
|
EC4000
|
trusted library allocation
|
page read and write
|
||
|
F61000
|
heap
|
page read and write
|
||
|
F99000
|
heap
|
page read and write
|
||
|
1550000
|
heap
|
page read and write
|
||
|
FD8000
|
heap
|
page read and write
|
||
|
AA7000
|
trusted library allocation
|
page execute and read and write
|
||
|
995000
|
heap
|
page read and write
|
||
|
5880000
|
heap
|
page execute and read and write
|
||
|
2810000
|
trusted library allocation
|
page read and write
|
||
|
FE4000
|
heap
|
page read and write
|
||
|
13BE000
|
stack
|
page read and write
|
||
|
572C000
|
heap
|
page read and write
|
||
|
1033000
|
heap
|
page read and write
|
||
|
5BE5000
|
heap
|
page read and write
|
||
|
5BF0000
|
heap
|
page read and write
|
||
|
11B0000
|
trusted library allocation
|
page read and write
|
||
|
535E000
|
stack
|
page read and write
|
||
|
EF3000
|
stack
|
page read and write
|
||
|
F87000
|
heap
|
page read and write
|
||
|
AEE000
|
heap
|
page read and write
|
||
|
7F090000
|
trusted library allocation
|
page execute and read and write
|
||
|
BA4000
|
heap
|
page read and write
|
||
|
57EF000
|
stack
|
page read and write
|
||
|
571E000
|
heap
|
page read and write
|
||
|
AE8000
|
heap
|
page read and write
|
||
|
A73000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F8E000
|
stack
|
page read and write
|
||
|
1680000
|
trusted library allocation
|
page execute and read and write
|
||
|
5BCE000
|
heap
|
page read and write
|
||
|
2A50000
|
heap
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
A74000
|
trusted library allocation
|
page read and write
|
||
|
EFB000
|
stack
|
page read and write
|
||
|
BBD000
|
heap
|
page read and write
|
||
|
3941000
|
trusted library allocation
|
page read and write
|
||
|
136C000
|
heap
|
page read and write
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
EE6000
|
trusted library allocation
|
page read and write
|
||
|
27F9000
|
stack
|
page read and write
|
||
|
4EFE000
|
stack
|
page read and write
|
||
|
99B000
|
heap
|
page read and write
|
||
|
1547000
|
trusted library allocation
|
page execute and read and write
|
||
|
293E000
|
stack
|
page read and write
|
||
|
27BC000
|
stack
|
page read and write
|
||
|
F99000
|
heap
|
page read and write
|
||
|
582E000
|
stack
|
page read and write
|
||
|
6030000
|
trusted library allocation
|
page execute and read and write
|
||
|
F28000
|
trusted library allocation
|
page read and write
|
||
|
C6E000
|
stack
|
page read and write
|
||
|
FB4000
|
heap
|
page read and write
|
||
|
F9C000
|
heap
|
page read and write
|
||
|
FD8000
|
heap
|
page read and write
|
||
|
F9C000
|
heap
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
BA0000
|
trusted library allocation
|
page read and write
|
||
|
F99000
|
heap
|
page read and write
|
||
|
5C02000
|
heap
|
page read and write
|
||
|
BB1000
|
heap
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
FD2000
|
heap
|
page read and write
|
||
|
FAD000
|
heap
|
page read and write
|
||
|
1019000
|
heap
|
page read and write
|
||
|
FF4000
|
heap
|
page read and write
|
||
|
1513000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B8F000
|
stack
|
page read and write
|
||
|
510E000
|
stack
|
page read and write
|
||
|
FE1000
|
heap
|
page read and write
|
||
|
F8E000
|
heap
|
page read and write
|
||
|
559E000
|
stack
|
page read and write
|
||
|
465E000
|
stack
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
BC7000
|
trusted library allocation
|
page execute and read and write
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
10F7000
|
trusted library allocation
|
page execute and read and write
|
||
|
F54000
|
heap
|
page read and write
|
||
|
F96000
|
heap
|
page read and write
|
||
|
EE8000
|
heap
|
page read and write
|
||
|
4E8E000
|
stack
|
page read and write
|
||
|
FAD000
|
heap
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
598E000
|
stack
|
page read and write
|
||
|
FD6000
|
heap
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
4D8E000
|
stack
|
page read and write
|
||
|
1500000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
960000
|
trusted library allocation
|
page read and write
|
||
|
4F60000
|
heap
|
page read and write
|
||
|
1033000
|
heap
|
page read and write
|
||
|
F61000
|
heap
|
page read and write
|
||
|
F96000
|
heap
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
2E9E000
|
stack
|
page read and write
|
||
|
10A5000
|
heap
|
page read and write
|
||
|
A96000
|
trusted library allocation
|
page execute and read and write
|
||
|
BCB000
|
trusted library allocation
|
page execute and read and write
|
||
|
5524000
|
trusted library allocation
|
page read and write
|
||
|
1520000
|
trusted library allocation
|
page read and write
|
||
|
5640000
|
heap
|
page read and write
|
||
|
103D000
|
heap
|
page read and write
|
||
|
5A8E000
|
stack
|
page read and write
|
||
|
1336000
|
heap
|
page read and write
|
||
|
569F000
|
stack
|
page read and write
|
||
|
F61000
|
heap
|
page read and write
|
||
|
2800000
|
trusted library allocation
|
page read and write
|
||
|
5BE0000
|
heap
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
2C61000
|
trusted library allocation
|
page read and write
|
||
|
EC4000
|
trusted library allocation
|
page read and write
|
||
|
566E000
|
stack
|
page read and write
|
||
|
C70000
|
trusted library allocation
|
page read and write
|
||
|
FD8000
|
heap
|
page read and write
|
||
|
FAD000
|
heap
|
page read and write
|
||
|
31C0000
|
trusted library allocation
|
page read and write
|
||
|
F8D000
|
heap
|
page read and write
|
||
|
103E000
|
heap
|
page read and write
|
||
|
54AB000
|
stack
|
page read and write
|
||
|
F0A000
|
heap
|
page read and write
|
||
|
ED4000
|
trusted library allocation
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
F04000
|
trusted library allocation
|
page read and write
|
||
|
C00000
|
trusted library allocation
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
115E000
|
stack
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
5510000
|
trusted library allocation
|
page read and write
|
||
|
FB4000
|
heap
|
page read and write
|
||
|
4C2E000
|
stack
|
page read and write
|
||
|
545F000
|
stack
|
page read and write
|
||
|
EE1000
|
trusted library allocation
|
page read and write
|
||
|
A6B000
|
stack
|
page read and write
|
||
|
A8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1369000
|
heap
|
page read and write
|
||
|
4EB4000
|
trusted library allocation
|
page read and write
|
||
|
41E1000
|
trusted library allocation
|
page read and write
|
||
|
B24000
|
heap
|
page read and write
|
||
|
2A40000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
C86000
|
trusted library allocation
|
page read and write
|
||
|
F89000
|
heap
|
page read and write
|
||
|
FE4000
|
heap
|
page read and write
|
||
|
103E000
|
heap
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
FEF000
|
heap
|
page read and write
|
||
|
4A3E000
|
stack
|
page read and write
|
||
|
FAF000
|
heap
|
page read and write
|
||
|
2A20000
|
trusted library allocation
|
page read and write
|
||
|
1033000
|
heap
|
page read and write
|
||
|
FE4000
|
heap
|
page read and write
|
||
|
80D000
|
stack
|
page read and write
|
||
|
1323000
|
heap
|
page read and write
|
||
|
4ED0000
|
heap
|
page read and write
|
||
|
F88000
|
heap
|
page read and write
|
||
|
4EB7000
|
trusted library allocation
|
page read and write
|
||
|
10F0000
|
trusted library allocation
|
page read and write
|
||
|
4E5C000
|
stack
|
page read and write
|
||
|
16B0000
|
heap
|
page read and write
|
||
|
F98000
|
heap
|
page read and write
|
||
|
4EA0000
|
trusted library allocation
|
page read and write
|
||
|
10DF000
|
stack
|
page read and write
|
||
|
2B50000
|
heap
|
page execute and read and write
|
||
|
E7F000
|
stack
|
page read and write
|
||
|
1019000
|
heap
|
page read and write
|
||
|
FD7000
|
heap
|
page read and write
|
||
|
5460000
|
heap
|
page execute and read and write
|
||
|
F53000
|
heap
|
page read and write
|
||
|
5290000
|
heap
|
page read and write
|
||
|
A90000
|
trusted library allocation
|
page read and write
|
||
|
1308000
|
heap
|
page read and write
|
||
|
EEE000
|
stack
|
page read and write
|
||
|
165F000
|
stack
|
page read and write
|
||
|
F89000
|
heap
|
page read and write
|
||
|
BF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
FB4000
|
heap
|
page read and write
|
||
|
A7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5BC0000
|
heap
|
page read and write
|
||
|
549000
|
stack
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
4C6E000
|
stack
|
page read and write
|
||
|
1329000
|
heap
|
page read and write
|
||
|
572A000
|
heap
|
page read and write
|
||
|
855000
|
heap
|
page read and write
|
||
|
A60000
|
trusted library allocation
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
A70000
|
trusted library allocation
|
page read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
F9B000
|
heap
|
page read and write
|
||
|
F96000
|
heap
|
page read and write
|
||
|
4FCE000
|
stack
|
page read and write
|
||
|
F88000
|
heap
|
page read and write
|
||
|
BC7000
|
heap
|
page read and write
|
||
|
10F7000
|
stack
|
page read and write
|
||
|
2C5E000
|
stack
|
page read and write
|
||
|
4F63000
|
heap
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
FEC000
|
heap
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
C60000
|
trusted library allocation
|
page read and write
|
||
|
FDE000
|
heap
|
page read and write
|
||
|
527E000
|
stack
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
AD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
562E000
|
stack
|
page read and write
|
||
|
FEF000
|
heap
|
page read and write
|
||
|
F1D000
|
heap
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
84E000
|
stack
|
page read and write
|
||
|
1019000
|
heap
|
page read and write
|
||
|
2F9E000
|
stack
|
page read and write
|
||
|
572B000
|
heap
|
page read and write
|
||
|
FE4000
|
heap
|
page read and write
|
||
|
F89000
|
heap
|
page read and write
|
||
|
154B000
|
trusted library allocation
|
page execute and read and write
|
||
|
F9B000
|
heap
|
page read and write
|
||
|
C5C000
|
stack
|
page read and write
|
||
|
BA4000
|
trusted library allocation
|
page read and write
|
||
|
2A30000
|
trusted library allocation
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
FD1000
|
heap
|
page read and write
|
||
|
108D000
|
unkown
|
page read and write
|
||
|
CA0000
|
trusted library allocation
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
F8B000
|
heap
|
page read and write
|
||
|
FDE000
|
heap
|
page read and write
|
||
|
F8B000
|
heap
|
page read and write
|
||
|
E7E000
|
stack
|
page read and write
|
||
|
3190000
|
trusted library allocation
|
page read and write
|
||
|
FD4000
|
heap
|
page read and write
|
||
|
33B000
|
stack
|
page read and write
|
||
|
5110000
|
heap
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
ECE000
|
trusted library allocation
|
page read and write
|
||
|
AC0000
|
trusted library allocation
|
page read and write
|
||
|
F98000
|
heap
|
page read and write
|
||
|
F8B000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
5460000
|
heap
|
page read and write
|
||
|
1110000
|
trusted library allocation
|
page read and write
|
||
|
F9C000
|
heap
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
FEC000
|
heap
|
page read and write
|
||
|
FAE000
|
heap
|
page read and write
|
||
|
2820000
|
trusted library allocation
|
page execute and read and write
|
||
|
5DBB000
|
stack
|
page read and write
|
||
|
1036000
|
heap
|
page read and write
|
||
|
FED000
|
heap
|
page read and write
|
||
|
10FB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1670000
|
trusted library allocation
|
page read and write
|
||
|
FD1000
|
heap
|
page read and write
|
||
|
4B0000
|
unkown
|
page readonly
|
||
|
1160000
|
heap
|
page read and write
|
||
|
3D0000
|
heap
|
page read and write
|
||
|
FDE000
|
heap
|
page read and write
|
||
|
EB0000
|
trusted library allocation
|
page read and write
|
||
|
12BE000
|
stack
|
page read and write
|
||
|
FE7000
|
heap
|
page read and write
|
||
|
5555000
|
trusted library allocation
|
page read and write
|
||
|
4D5E000
|
stack
|
page read and write
|
||
|
F4B000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
31B0000
|
trusted library allocation
|
page read and write
|
||
|
2581000
|
trusted library allocation
|
page read and write
|
||
|
FD1000
|
heap
|
page read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
F87000
|
heap
|
page read and write
|
||
|
31C6000
|
trusted library allocation
|
page read and write
|
||
|
F7A000
|
heap
|
page read and write
|
||
|
B6E000
|
stack
|
page read and write
|
||
|
1690000
|
heap
|
page read and write
|
||
|
1510000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
FE4000
|
heap
|
page read and write
|
||
|
ED2000
|
trusted library allocation
|
page read and write
|
||
|
1033000
|
heap
|
page read and write
|
||
|
2FDE000
|
stack
|
page read and write
|
||
|
BC3000
|
heap
|
page read and write
|
||
|
FAD000
|
heap
|
page read and write
|
||
|
EDE000
|
trusted library allocation
|
page read and write
|
||
|
95E000
|
stack
|
page read and write
|
||
|
AAB000
|
trusted library allocation
|
page execute and read and write
|
||
|
B8A000
|
heap
|
page read and write
|
||
|
EC3000
|
trusted library allocation
|
page execute and read and write
|
||
|
14FF000
|
stack
|
page read and write
|
||
|
B93000
|
trusted library allocation
|
page execute and read and write
|
||
|
9A8000
|
heap
|
page read and write
|
||
|
1019000
|
heap
|
page read and write
|
||
|
C80000
|
trusted library allocation
|
page read and write
|
||
|
F99000
|
heap
|
page read and write
|
||
|
1019000
|
heap
|
page read and write
|
||
|
55AE000
|
stack
|
page read and write
|
||
|
4AD5000
|
trusted library allocation
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
ECB000
|
trusted library allocation
|
page read and write
|
||
|
5729000
|
heap
|
page read and write
|
||
|
F03000
|
heap
|
page read and write
|
||
|
A83000
|
trusted library allocation
|
page read and write
|
||
|
FB4000
|
heap
|
page read and write
|
||
|
4B1E000
|
stack
|
page read and write
|
||
|
3581000
|
trusted library allocation
|
page read and write
|
||
|
556E000
|
stack
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
11A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
FE7000
|
heap
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
572D000
|
heap
|
page read and write
|
||
|
50CE000
|
stack
|
page read and write
|
||
|
C84000
|
trusted library allocation
|
page read and write
|
||
|
2770000
|
trusted library allocation
|
page read and write
|
||
|
6F7000
|
stack
|
page read and write
|
There are 415 hidden memdumps, click here to show them.