Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Siparis PO# DT-TE-160924R0 _323282-_563028621286 pdf .exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Siparis PO# DT-TE-160924R0 _323282-_563028621286 pdf .exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_abxmg3vo.rcx.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hriddo01.ooj.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jyhh5k2w.b4z.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lzwz3ojc.ikd.psm1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Siparis PO# DT-TE-160924R0 _323282-_563028621286 pdf .exe
|
"C:\Users\user\Desktop\Siparis PO# DT-TE-160924R0 _323282-_563028621286 pdf .exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\Siparis
PO# DT-TE-160924R0 _323282-_563028621286 pdf .exe"
|
|
|
|
C:\Users\user\Desktop\Siparis PO# DT-TE-160924R0 _323282-_563028621286 pdf .exe
|
"C:\Users\user\Desktop\Siparis PO# DT-TE-160924R0 _323282-_563028621286 pdf .exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33
|
188.114.97.3
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://checkip.dyndns.org/
|
193.122.6.168
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33$
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://reallyfreegeoip.org
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
https://reallyfreegeoip.org
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://checkip.dyndns.com
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
There are 25 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
reallyfreegeoip.org
|
188.114.97.3
|
|
|
|
checkip.dyndns.org
|
unknown
|
|
|
|
checkip.dyndns.com
|
193.122.6.168
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.97.3
|
reallyfreegeoip.org
|
European Union
|
|
|
|
193.122.6.168
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Siparis PO# DT-TE-160924R0 _323282-_563028621286 pdf _RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Siparis PO# DT-TE-160924R0 _323282-_563028621286 pdf _RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Siparis PO# DT-TE-160924R0 _323282-_563028621286 pdf _RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Siparis PO# DT-TE-160924R0 _323282-_563028621286 pdf _RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Siparis PO# DT-TE-160924R0 _323282-_563028621286 pdf _RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Siparis PO# DT-TE-160924R0 _323282-_563028621286 pdf _RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Siparis PO# DT-TE-160924R0 _323282-_563028621286 pdf _RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Siparis PO# DT-TE-160924R0 _323282-_563028621286 pdf _RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Siparis PO# DT-TE-160924R0 _323282-_563028621286 pdf _RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Siparis PO# DT-TE-160924R0 _323282-_563028621286 pdf _RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Siparis PO# DT-TE-160924R0 _323282-_563028621286 pdf _RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Siparis PO# DT-TE-160924R0 _323282-_563028621286 pdf _RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Siparis PO# DT-TE-160924R0 _323282-_563028621286 pdf _RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Siparis PO# DT-TE-160924R0 _323282-_563028621286 pdf _RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
4160000
|
trusted library allocation
|
page read and write
|
|
|
|
27D1000
|
trusted library allocation
|
page read and write
|
|
|
|
29A1000
|
trusted library allocation
|
page read and write
|
|
|
|
DFE000
|
stack
|
page read and write
|
||
|
3863000
|
trusted library allocation
|
page read and write
|
||
|
58BB000
|
stack
|
page read and write
|
||
|
56D3000
|
heap
|
page read and write
|
||
|
5AE0000
|
heap
|
page read and write
|
||
|
8F80000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
4CC3000
|
heap
|
page read and write
|
||
|
4C90000
|
trusted library allocation
|
page read and write
|
||
|
79ED000
|
stack
|
page read and write
|
||
|
16CE000
|
stack
|
page read and write
|
||
|
60EE000
|
stack
|
page read and write
|
||
|
5360000
|
trusted library allocation
|
page execute and read and write
|
||
|
567A000
|
trusted library allocation
|
page read and write
|
||
|
7770000
|
trusted library allocation
|
page read and write
|
||
|
5AE4000
|
heap
|
page read and write
|
||
|
D9B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7BCE000
|
stack
|
page read and write
|
||
|
7262000
|
trusted library allocation
|
page read and write
|
||
|
6580000
|
trusted library allocation
|
page execute and read and write
|
||
|
15CE000
|
stack
|
page read and write
|
||
|
7240000
|
trusted library allocation
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
148E000
|
stack
|
page read and write
|
||
|
4CC0000
|
heap
|
page read and write
|
||
|
2F1E000
|
stack
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
65A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C14E000
|
stack
|
page read and write
|
||
|
4E3E000
|
stack
|
page read and write
|
||
|
E00000
|
trusted library allocation
|
page execute and read and write
|
||
|
386F000
|
trusted library allocation
|
page read and write
|
||
|
65B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C50000
|
trusted library allocation
|
page read and write
|
||
|
91FE000
|
stack
|
page read and write
|
||
|
2966000
|
trusted library allocation
|
page read and write
|
||
|
12A2000
|
heap
|
page read and write
|
||
|
3071000
|
trusted library allocation
|
page read and write
|
||
|
6592000
|
trusted library allocation
|
page read and write
|
||
|
28DC000
|
trusted library allocation
|
page read and write
|
||
|
56C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
28B5000
|
trusted library allocation
|
page read and write
|
||
|
E10000
|
heap
|
page execute and read and write
|
||
|
B3A000
|
heap
|
page read and write
|
||
|
5A80000
|
heap
|
page read and write
|
||
|
B7F000
|
heap
|
page read and write
|
||
|
BC1D000
|
stack
|
page read and write
|
||
|
58D0000
|
heap
|
page read and write
|
||
|
2981000
|
trusted library allocation
|
page read and write
|
||
|
65C0000
|
trusted library allocation
|
page read and write
|
||
|
2A34000
|
trusted library allocation
|
page read and write
|
||
|
63EE000
|
stack
|
page read and write
|
||
|
B61000
|
heap
|
page read and write
|
||
|
BA1F000
|
stack
|
page read and write
|
||
|
5A4E000
|
stack
|
page read and write
|
||
|
D50000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
10F7000
|
stack
|
page read and write
|
||
|
50D0000
|
heap
|
page execute and read and write
|
||
|
4079000
|
trusted library allocation
|
page read and write
|
||
|
56D0000
|
heap
|
page read and write
|
||
|
BC20000
|
heap
|
page read and write
|
||
|
614F000
|
heap
|
page read and write
|
||
|
5910000
|
trusted library allocation
|
page read and write
|
||
|
26C0000
|
heap
|
page read and write
|
||
|
2E8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EB0000
|
trusted library allocation
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
7740000
|
trusted library allocation
|
page read and write
|
||
|
D39000
|
stack
|
page read and write
|
||
|
28E0000
|
trusted library allocation
|
page read and write
|
||
|
5900000
|
trusted library allocation
|
page execute and read and write
|
||
|
120E000
|
heap
|
page read and write
|
||
|
5590000
|
trusted library allocation
|
page read and write
|
||
|
6660000
|
heap
|
page read and write
|
||
|
77C0000
|
trusted library allocation
|
page read and write
|
||
|
55AE000
|
trusted library allocation
|
page read and write
|
||
|
2930000
|
trusted library allocation
|
page read and write
|
||
|
5680000
|
trusted library allocation
|
page read and write
|
||
|
60F0000
|
heap
|
page read and write
|
||
|
383E000
|
trusted library allocation
|
page read and write
|
||
|
D6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C94000
|
trusted library allocation
|
page read and write
|
||
|
2985000
|
trusted library allocation
|
page read and write
|
||
|
92FE000
|
stack
|
page read and write
|
||
|
5FEE000
|
stack
|
page read and write
|
||
|
8FC3000
|
heap
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
BE1E000
|
stack
|
page read and write
|
||
|
1440000
|
heap
|
page read and write
|
||
|
2A2F000
|
trusted library allocation
|
page read and write
|
||
|
2EB2000
|
trusted library allocation
|
page read and write
|
||
|
4E60000
|
trusted library allocation
|
page read and write
|
||
|
D64000
|
trusted library allocation
|
page read and write
|
||
|
2EBB000
|
trusted library allocation
|
page execute and read and write
|
||
|
E5D000
|
stack
|
page read and write
|
||
|
65D0000
|
trusted library allocation
|
page read and write
|
||
|
294A000
|
trusted library allocation
|
page read and write
|
||
|
796E000
|
stack
|
page read and write
|
||
|
4C6A000
|
trusted library allocation
|
page read and write
|
||
|
5370000
|
trusted library allocation
|
page read and write
|
||
|
292C000
|
trusted library allocation
|
page read and write
|
||
|
D95000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E70000
|
trusted library allocation
|
page read and write
|
||
|
5AA0000
|
heap
|
page read and write
|
||
|
2958000
|
trusted library allocation
|
page read and write
|
||
|
5650000
|
heap
|
page read and write
|
||
|
2993000
|
trusted library allocation
|
page read and write
|
||
|
133E000
|
stack
|
page read and write
|
||
|
5C81000
|
trusted library allocation
|
page read and write
|
||
|
2E83000
|
trusted library allocation
|
page execute and read and write
|
||
|
158E000
|
stack
|
page read and write
|
||
|
12A6000
|
heap
|
page read and write
|
||
|
37D1000
|
trusted library allocation
|
page read and write
|
||
|
6AC0000
|
heap
|
page read and write
|
||
|
5ACE000
|
heap
|
page read and write
|
||
|
4071000
|
trusted library allocation
|
page read and write
|
||
|
524C000
|
stack
|
page read and write
|
||
|
5010000
|
heap
|
page read and write
|
||
|
12B1000
|
heap
|
page read and write
|
||
|
58F0000
|
heap
|
page read and write
|
||
|
2A11000
|
trusted library allocation
|
page read and write
|
||
|
55E0000
|
trusted library allocation
|
page read and write
|
||
|
3866000
|
trusted library allocation
|
page read and write
|
||
|
D8A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E80000
|
trusted library allocation
|
page read and write
|
||
|
55B1000
|
trusted library allocation
|
page read and write
|
||
|
302E000
|
stack
|
page read and write
|
||
|
D92000
|
trusted library allocation
|
page read and write
|
||
|
422000
|
remote allocation
|
page execute and read and write
|
||
|
5620000
|
trusted library allocation
|
page read and write
|
||
|
646E000
|
stack
|
page read and write
|
||
|
3060000
|
heap
|
page read and write
|
||
|
792E000
|
stack
|
page read and write
|
||
|
55D0000
|
trusted library allocation
|
page read and write
|
||
|
781E000
|
stack
|
page read and write
|
||
|
C2CD000
|
stack
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
7F560000
|
trusted library allocation
|
page execute and read and write
|
||
|
7640000
|
heap
|
page read and write
|
||
|
2E93000
|
trusted library allocation
|
page read and write
|
||
|
55B6000
|
trusted library allocation
|
page read and write
|
||
|
642F000
|
stack
|
page read and write
|
||
|
2918000
|
trusted library allocation
|
page read and write
|
||
|
9FE000
|
stack
|
page read and write
|
||
|
DD7000
|
heap
|
page read and write
|
||
|
514C000
|
stack
|
page read and write
|
||
|
5672000
|
trusted library allocation
|
page read and write
|
||
|
2EB7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EA6000
|
trusted library allocation
|
page execute and read and write
|
||
|
531E000
|
stack
|
page read and write
|
||
|
3858000
|
trusted library allocation
|
page read and write
|
||
|
917E000
|
stack
|
page read and write
|
||
|
8FCD000
|
heap
|
page read and write
|
||
|
4F10000
|
heap
|
page read and write
|
||
|
559B000
|
trusted library allocation
|
page read and write
|
||
|
C18C000
|
stack
|
page read and write
|
||
|
12E7000
|
heap
|
page read and write
|
||
|
58E0000
|
heap
|
page read and write
|
||
|
2EAA000
|
trusted library allocation
|
page execute and read and write
|
||
|
2924000
|
trusted library allocation
|
page read and write
|
||
|
291C000
|
trusted library allocation
|
page read and write
|
||
|
2E9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7750000
|
trusted library allocation
|
page execute and read and write
|
||
|
55E5000
|
trusted library allocation
|
page read and write
|
||
|
12D7000
|
heap
|
page read and write
|
||
|
6575000
|
trusted library allocation
|
page read and write
|
||
|
3050000
|
trusted library allocation
|
page read and write
|
||
|
3040000
|
trusted library allocation
|
page read and write
|
||
|
62AE000
|
stack
|
page read and write
|
||
|
5078000
|
trusted library allocation
|
page read and write
|
||
|
2F20000
|
heap
|
page execute and read and write
|
||
|
656E000
|
stack
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
D97000
|
trusted library allocation
|
page execute and read and write
|
||
|
5660000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C4D000
|
stack
|
page read and write
|
||
|
D80000
|
trusted library allocation
|
page read and write
|
||
|
5670000
|
trusted library allocation
|
page read and write
|
||
|
657B000
|
trusted library allocation
|
page read and write
|
||
|
2A5B000
|
trusted library allocation
|
page read and write
|
||
|
2A16000
|
trusted library allocation
|
page read and write
|
||
|
2A67000
|
trusted library allocation
|
page read and write
|
||
|
C3CE000
|
stack
|
page read and write
|
||
|
85A000
|
stack
|
page read and write
|
||
|
2E84000
|
trusted library allocation
|
page read and write
|
||
|
4C76000
|
trusted library allocation
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
37F9000
|
trusted library allocation
|
page read and write
|
||
|
4C56000
|
trusted library allocation
|
page read and write
|
||
|
2928000
|
trusted library allocation
|
page read and write
|
||
|
2A38000
|
trusted library allocation
|
page read and write
|
||
|
D82000
|
trusted library allocation
|
page read and write
|
||
|
5A85000
|
heap
|
page read and write
|
||
|
4C82000
|
trusted library allocation
|
page read and write
|
||
|
28CC000
|
trusted library allocation
|
page read and write
|
||
|
77B0000
|
trusted library allocation
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
4C62000
|
trusted library allocation
|
page read and write
|
||
|
2A6D000
|
trusted library allocation
|
page read and write
|
||
|
4C6E000
|
trusted library allocation
|
page read and write
|
||
|
6577000
|
trusted library allocation
|
page read and write
|
||
|
7C0D000
|
stack
|
page read and write
|
||
|
D0E000
|
stack
|
page read and write
|
||
|
6630000
|
trusted library allocation
|
page read and write
|
||
|
C28C000
|
stack
|
page read and write
|
||
|
6599000
|
trusted library allocation
|
page read and write
|
||
|
2EA2000
|
trusted library allocation
|
page read and write
|
||
|
C12000
|
unkown
|
page readonly
|
||
|
2A26000
|
trusted library allocation
|
page read and write
|
||
|
626F000
|
stack
|
page read and write
|
||
|
2ED0000
|
trusted library allocation
|
page read and write
|
||
|
1242000
|
heap
|
page read and write
|
||
|
6143000
|
heap
|
page read and write
|
||
|
C04E000
|
stack
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
28CA000
|
trusted library allocation
|
page read and write
|
||
|
77A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
289D000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
D63000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A1C000
|
trusted library allocation
|
page read and write
|
||
|
77D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
28D8000
|
trusted library allocation
|
page read and write
|
||
|
5940000
|
heap
|
page execute and read and write
|
||
|
66B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
63AE000
|
stack
|
page read and write
|
||
|
6570000
|
trusted library allocation
|
page read and write
|
||
|
289A000
|
trusted library allocation
|
page read and write
|
||
|
1227000
|
heap
|
page read and write
|
||
|
4C71000
|
trusted library allocation
|
page read and write
|
||
|
293D000
|
trusted library allocation
|
page read and write
|
||
|
55F0000
|
trusted library allocation
|
page read and write
|
||
|
7790000
|
trusted library allocation
|
page read and write
|
||
|
C10000
|
unkown
|
page readonly
|
||
|
8FB8000
|
heap
|
page read and write
|
||
|
8FF8000
|
heap
|
page read and write
|
||
|
3030000
|
trusted library allocation
|
page execute and read and write
|
||
|
2920000
|
trusted library allocation
|
page read and write
|
||
|
DF6000
|
heap
|
page read and write
|
||
|
129F000
|
heap
|
page read and write
|
||
|
7780000
|
trusted library allocation
|
page read and write
|
||
|
622E000
|
stack
|
page read and write
|
||
|
2914000
|
trusted library allocation
|
page read and write
|
||
|
D60000
|
trusted library allocation
|
page read and write
|
||
|
7760000
|
trusted library allocation
|
page execute and read and write
|
||
|
55BD000
|
trusted library allocation
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
48CE000
|
stack
|
page read and write
|
||
|
4DCF000
|
stack
|
page read and write
|
||
|
BFA000
|
heap
|
page read and write
|
||
|
2A62000
|
trusted library allocation
|
page read and write
|
||
|
28D4000
|
trusted library allocation
|
page read and write
|
||
|
D70000
|
trusted library allocation
|
page read and write
|
||
|
5A90000
|
heap
|
page read and write
|
||
|
4C7D000
|
trusted library allocation
|
page read and write
|
||
|
7ACE000
|
stack
|
page read and write
|
||
|
143E000
|
stack
|
page read and write
|
||
|
764E000
|
heap
|
page read and write
|
||
|
4C5E000
|
trusted library allocation
|
page read and write
|
||
|
56B0000
|
trusted library allocation
|
page read and write
|
||
|
4CA0000
|
trusted library allocation
|
page read and write
|
||
|
BF1E000
|
stack
|
page read and write
|
||
|
91BD000
|
stack
|
page read and write
|
||
|
D7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
58C0000
|
trusted library section
|
page readonly
|
||
|
B18000
|
heap
|
page read and write
|
||
|
1234000
|
heap
|
page read and write
|
||
|
27CE000
|
stack
|
page read and write
|
||
|
A16000
|
heap
|
page read and write
|
||
|
4C5B000
|
trusted library allocation
|
page read and write
|
||
|
5A60000
|
trusted library section
|
page read and write
|
||
|
D86000
|
trusted library allocation
|
page execute and read and write
|
||
|
957000
|
stack
|
page read and write
|
||
|
6590000
|
trusted library allocation
|
page read and write
|
||
|
12A9000
|
heap
|
page read and write
|
||
|
2E90000
|
trusted library allocation
|
page read and write
|
||
|
537D000
|
trusted library allocation
|
page read and write
|
||
|
BB1F000
|
stack
|
page read and write
|
||
|
7A20000
|
trusted library section
|
page read and write
|
||
|
B46000
|
heap
|
page read and write
|
||
|
26B0000
|
trusted library allocation
|
page read and write
|
||
|
56A0000
|
trusted library allocation
|
page read and write
|
||
|
337D000
|
trusted library allocation
|
page read and write
|
||
|
411B000
|
trusted library allocation
|
page read and write
|
||
|
2EA0000
|
trusted library allocation
|
page read and write
|
||
|
77B5000
|
trusted library allocation
|
page read and write
|
There are 283 hidden memdumps, click here to show them.