Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
5fnrWlGa3H.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\5fnrWlGa3H.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\UpdateManager\5fnrWlGa3H.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\UpdateManager\5fnrWlGa3H.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Temp\1hhrgjc2.tor
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2tif1pqf.0vs
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie
0xe, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\a3mi0qv1.bas
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\dgbhmv4f.xlt
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\mguezme5.xtc
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\p405dcok.vya
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\srm3hadz.ivn
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wqr5mayt.mmg
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 8
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\zoiygpwj.rc5
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\zvhdt0ay.gqh
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 1
|
modified
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\5fnrWlGa3H.exe
|
"C:\Users\user\Desktop\5fnrWlGa3H.exe"
|
|
|
|
C:\Users\user\Desktop\5fnrWlGa3H.exe
|
C:\Users\user\Desktop\5fnrWlGa3H.exe
|
|
|
|
C:\Users\user\Desktop\5fnrWlGa3H.exe
|
C:\Users\user\Desktop\5fnrWlGa3H.exe
|
|
|
|
C:\Users\user\Desktop\5fnrWlGa3H.exe
|
C:\Users\user\Desktop\5fnrWlGa3H.exe
|
|
|
|
C:\Users\user\AppData\Roaming\UpdateManager\5fnrWlGa3H.exe
|
"C:\Users\user\AppData\Roaming\UpdateManager\5fnrWlGa3H.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\UpdateManager\5fnrWlGa3H.exe
|
C:\Users\user\AppData\Roaming\UpdateManager\5fnrWlGa3H.exe
|
|
|
|
C:\Users\user\AppData\Roaming\UpdateManager\5fnrWlGa3H.exe
|
C:\Users\user\AppData\Roaming\UpdateManager\5fnrWlGa3H.exe
|
|
|
|
C:\Users\user\AppData\Roaming\UpdateManager\5fnrWlGa3H.exe
|
C:\Users\user\AppData\Roaming\UpdateManager\5fnrWlGa3H.exe
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7132 -s 80
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 2200 -s 84
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
87.120.116.119
|
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://go.microsoft.c
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
There are 2 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
15.164.165.52.in-addr.arpa
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
87.120.116.119
|
unknown
|
Bulgaria
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
30F8000
|
trusted library allocation
|
page read and write
|
|
|
|
3387000
|
trusted library allocation
|
page read and write
|
|
|
|
3116000
|
trusted library allocation
|
page read and write
|
|
|
|
3181000
|
trusted library allocation
|
page read and write
|
|
|
|
3107000
|
trusted library allocation
|
page read and write
|
|
|
|
64A0000
|
trusted library section
|
page read and write
|
|
|
|
2E31000
|
trusted library allocation
|
page read and write
|
|
|
|
2F01000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
3146000
|
trusted library allocation
|
page read and write
|
||
|
321E000
|
stack
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
1530000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
1AB0000
|
trusted library allocation
|
page read and write
|
||
|
14D000
|
stack
|
page read and write
|
||
|
1273000
|
trusted library allocation
|
page execute and read and write
|
||
|
65C5000
|
trusted library allocation
|
page read and write
|
||
|
3F01000
|
trusted library allocation
|
page read and write
|
||
|
FFC000
|
stack
|
page read and write
|
||
|
62E2000
|
heap
|
page read and write
|
||
|
3170000
|
heap
|
page read and write
|
||
|
1056000
|
heap
|
page read and write
|
||
|
1466000
|
heap
|
page read and write
|
||
|
CD9000
|
heap
|
page read and write
|
||
|
6C60000
|
trusted library allocation
|
page read and write
|
||
|
52AF000
|
stack
|
page read and write
|
||
|
12BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
3046000
|
trusted library allocation
|
page read and write
|
||
|
58CA000
|
stack
|
page read and write
|
||
|
5930000
|
trusted library allocation
|
page read and write
|
||
|
12B0000
|
trusted library allocation
|
page read and write
|
||
|
12B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
65B8000
|
trusted library allocation
|
page read and write
|
||
|
611E000
|
unkown
|
page read and write
|
||
|
1440000
|
heap
|
page read and write
|
||
|
190F000
|
stack
|
page read and write
|
||
|
123B000
|
heap
|
page read and write
|
||
|
E54000
|
heap
|
page read and write
|
||
|
4181000
|
trusted library allocation
|
page read and write
|
||
|
2EE1000
|
trusted library allocation
|
page read and write
|
||
|
C9B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1283000
|
trusted library allocation
|
page execute and read and write
|
||
|
C74000
|
trusted library allocation
|
page read and write
|
||
|
2EF0000
|
heap
|
page execute and read and write
|
||
|
124D000
|
stack
|
page read and write
|
||
|
C70000
|
trusted library allocation
|
page read and write
|
||
|
69C0000
|
heap
|
page read and write
|
||
|
5640000
|
heap
|
page read and write
|
||
|
65CF000
|
trusted library allocation
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
6940000
|
trusted library allocation
|
page execute and read and write
|
||
|
601A000
|
stack
|
page read and write
|
||
|
CE6000
|
heap
|
page read and write
|
||
|
113E000
|
stack
|
page read and write
|
||
|
12BE000
|
heap
|
page read and write
|
||
|
5A6E000
|
stack
|
page read and write
|
||
|
30AF000
|
stack
|
page read and write
|
||
|
69D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
10C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3298000
|
trusted library allocation
|
page read and write
|
||
|
2EDD000
|
trusted library allocation
|
page read and write
|
||
|
1147000
|
heap
|
page read and write
|
||
|
1120000
|
trusted library allocation
|
page read and write
|
||
|
1104000
|
trusted library allocation
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
547E000
|
stack
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
10FC000
|
heap
|
page read and write
|
||
|
3C31000
|
trusted library allocation
|
page read and write
|
||
|
3260000
|
heap
|
page execute and read and write
|
||
|
E8E000
|
heap
|
page read and write
|
||
|
1560000
|
trusted library allocation
|
page read and write
|
||
|
B3B000
|
stack
|
page read and write
|
||
|
543E000
|
stack
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
2E3E000
|
stack
|
page read and write
|
||
|
321B000
|
trusted library allocation
|
page read and write
|
||
|
2E2E000
|
stack
|
page read and write
|
||
|
12BD000
|
stack
|
page read and write
|
||
|
15B0000
|
heap
|
page read and write
|
||
|
D85000
|
heap
|
page read and write
|
||
|
1135000
|
trusted library allocation
|
page execute and read and write
|
||
|
54FE000
|
unkown
|
page read and write
|
||
|
D59000
|
stack
|
page read and write
|
||
|
127D000
|
trusted library allocation
|
page execute and read and write
|
||
|
BBC000
|
stack
|
page read and write
|
||
|
4985000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
771E000
|
stack
|
page read and write
|
||
|
649E000
|
stack
|
page read and write
|
||
|
1750000
|
trusted library allocation
|
page read and write
|
||
|
2C7C000
|
stack
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
12FC000
|
heap
|
page read and write
|
||
|
3129000
|
trusted library allocation
|
page read and write
|
||
|
2AF1000
|
trusted library allocation
|
page read and write
|
||
|
1274000
|
trusted library allocation
|
page read and write
|
||
|
7F280000
|
trusted library allocation
|
page execute and read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1138000
|
stack
|
page read and write
|
||
|
6750000
|
trusted library allocation
|
page execute and read and write
|
||
|
11DE000
|
stack
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
1573000
|
trusted library allocation
|
page read and write
|
||
|
1460000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
57BE000
|
stack
|
page read and write
|
||
|
29FE000
|
stack
|
page read and write
|
||
|
17FE000
|
stack
|
page read and write
|
||
|
100E000
|
stack
|
page read and write
|
||
|
1611000
|
heap
|
page read and write
|
||
|
527E000
|
stack
|
page read and write
|
||
|
3AF1000
|
trusted library allocation
|
page read and write
|
||
|
5920000
|
trusted library allocation
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
5A3E000
|
stack
|
page read and write
|
||
|
42D1000
|
trusted library allocation
|
page read and write
|
||
|
1132000
|
trusted library allocation
|
page read and write
|
||
|
1358000
|
heap
|
page read and write
|
||
|
6760000
|
trusted library allocation
|
page read and write
|
||
|
3032000
|
trusted library allocation
|
page read and write
|
||
|
1045000
|
heap
|
page read and write
|
||
|
3208000
|
trusted library allocation
|
page read and write
|
||
|
574D000
|
stack
|
page read and write
|
||
|
2ACE000
|
stack
|
page read and write
|
||
|
6160000
|
heap
|
page read and write
|
||
|
5160000
|
heap
|
page execute and read and write
|
||
|
1590000
|
trusted library allocation
|
page read and write
|
||
|
A72000
|
unkown
|
page execute and read and write
|
||
|
5470000
|
heap
|
page execute and read and write
|
||
|
586E000
|
stack
|
page read and write
|
||
|
1566000
|
trusted library allocation
|
page execute and read and write
|
||
|
6A27000
|
trusted library allocation
|
page read and write
|
||
|
A70000
|
unkown
|
page readonly
|
||
|
5B3E000
|
stack
|
page read and write
|
||
|
5B7E000
|
stack
|
page read and write
|
||
|
CD3000
|
heap
|
page read and write
|
||
|
607C000
|
stack
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
1206000
|
heap
|
page read and write
|
||
|
582E000
|
stack
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
5B6E000
|
stack
|
page read and write
|
||
|
2D16000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
1524000
|
trusted library allocation
|
page read and write
|
||
|
603E000
|
stack
|
page read and write
|
||
|
175E000
|
stack
|
page read and write
|
||
|
1115000
|
heap
|
page read and write
|
||
|
1098000
|
heap
|
page read and write
|
||
|
1770000
|
trusted library allocation
|
page read and write
|
||
|
FDF000
|
stack
|
page read and write
|
||
|
10FF000
|
stack
|
page read and write
|
||
|
2EB0000
|
heap
|
page execute and read and write
|
||
|
9DAD000
|
stack
|
page read and write
|
||
|
1086000
|
trusted library allocation
|
page execute and read and write
|
||
|
C5C000
|
stack
|
page read and write
|
||
|
5EFE000
|
stack
|
page read and write
|
||
|
11F5000
|
heap
|
page read and write
|
||
|
6FD000
|
stack
|
page read and write
|
||
|
CCE000
|
heap
|
page read and write
|
||
|
2D9E000
|
stack
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
4705000
|
trusted library allocation
|
page read and write
|
||
|
6610000
|
trusted library allocation
|
page read and write
|
||
|
54BE000
|
stack
|
page read and write
|
||
|
CB8000
|
heap
|
page read and write
|
||
|
3212000
|
trusted library allocation
|
page read and write
|
||
|
2EC0000
|
trusted library section
|
page read and write
|
||
|
17AE000
|
stack
|
page read and write
|
||
|
629C000
|
heap
|
page read and write
|
||
|
55F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1100000
|
trusted library allocation
|
page read and write
|
||
|
30C0000
|
trusted library allocation
|
page read and write
|
||
|
EC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
171F000
|
stack
|
page read and write
|
||
|
578F000
|
stack
|
page read and write
|
||
|
3292000
|
trusted library allocation
|
page read and write
|
||
|
58AE000
|
stack
|
page read and write
|
||
|
65A0000
|
trusted library allocation
|
page read and write
|
||
|
65CA000
|
trusted library allocation
|
page read and write
|
||
|
3E91000
|
trusted library allocation
|
page read and write
|
||
|
2C1C000
|
stack
|
page read and write
|
||
|
3134000
|
trusted library allocation
|
page read and write
|
||
|
563E000
|
stack
|
page read and write
|
||
|
3FC000
|
stack
|
page read and write
|
||
|
E9F000
|
heap
|
page read and write
|
||
|
5460000
|
trusted library allocation
|
page read and write
|
||
|
1122000
|
trusted library allocation
|
page read and write
|
||
|
1AA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3163000
|
trusted library allocation
|
page read and write
|
||
|
1590000
|
heap
|
page read and write
|
||
|
175B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1160000
|
trusted library allocation
|
page read and write
|
||
|
5F3E000
|
stack
|
page read and write
|
||
|
617C000
|
stack
|
page read and write
|
||
|
1284000
|
trusted library allocation
|
page read and write
|
||
|
5934000
|
trusted library allocation
|
page read and write
|
||
|
EF9000
|
stack
|
page read and write
|
||
|
5DBE000
|
stack
|
page read and write
|
||
|
2FEA000
|
trusted library allocation
|
page read and write
|
||
|
130D000
|
stack
|
page read and write
|
||
|
1510000
|
trusted library allocation
|
page read and write
|
||
|
129A000
|
heap
|
page read and write
|
||
|
E81000
|
heap
|
page read and write
|
||
|
65A5000
|
trusted library allocation
|
page read and write
|
||
|
2D20000
|
heap
|
page read and write
|
||
|
552F000
|
stack
|
page read and write
|
||
|
157B000
|
trusted library allocation
|
page execute and read and write
|
||
|
101E000
|
stack
|
page read and write
|
||
|
3202000
|
trusted library allocation
|
page read and write
|
||
|
3137000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page execute and read and write
|
||
|
6A31000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
56BE000
|
stack
|
page read and write
|
||
|
2F33000
|
trusted library allocation
|
page read and write
|
||
|
1050000
|
trusted library allocation
|
page read and write
|
||
|
156A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5ADC000
|
stack
|
page read and write
|
||
|
65BF000
|
trusted library allocation
|
page read and write
|
||
|
3EA7000
|
trusted library allocation
|
page read and write
|
||
|
10F0000
|
trusted library allocation
|
page read and write
|
||
|
2A80000
|
trusted library allocation
|
page read and write
|
||
|
1126000
|
trusted library allocation
|
page execute and read and write
|
||
|
109B000
|
trusted library allocation
|
page execute and read and write
|
||
|
66F0000
|
trusted library allocation
|
page read and write
|
||
|
502E000
|
stack
|
page read and write
|
||
|
D0C000
|
heap
|
page read and write
|
||
|
1294000
|
trusted library allocation
|
page read and write
|
||
|
58BE000
|
stack
|
page read and write
|
||
|
E38000
|
heap
|
page read and write
|
||
|
E0E000
|
stack
|
page read and write
|
||
|
59FF000
|
stack
|
page read and write
|
||
|
C6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5110000
|
trusted library allocation
|
page execute and read and write
|
||
|
17FE000
|
stack
|
page read and write
|
||
|
1534000
|
trusted library allocation
|
page read and write
|
||
|
32BF000
|
trusted library allocation
|
page read and write
|
||
|
1120000
|
trusted library allocation
|
page read and write
|
||
|
1097000
|
trusted library allocation
|
page execute and read and write
|
||
|
73A0000
|
trusted library section
|
page read and write
|
||
|
49C2000
|
trusted library allocation
|
page read and write
|
||
|
E30000
|
heap
|
page read and write
|
||
|
5A9D000
|
stack
|
page read and write
|
||
|
174E000
|
stack
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
65A9000
|
trusted library allocation
|
page read and write
|
||
|
A70000
|
unkown
|
page execute and read and write
|
||
|
3E41000
|
trusted library allocation
|
page read and write
|
||
|
C97000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DEE000
|
stack
|
page read and write
|
||
|
6730000
|
trusted library allocation
|
page execute and read and write
|
||
|
146F000
|
stack
|
page read and write
|
||
|
1550000
|
heap
|
page read and write
|
||
|
5CDE000
|
stack
|
page read and write
|
||
|
2CB0000
|
trusted library allocation
|
page read and write
|
||
|
51AE000
|
stack
|
page read and write
|
||
|
639E000
|
stack
|
page read and write
|
||
|
E9A000
|
heap
|
page read and write
|
||
|
1757000
|
trusted library allocation
|
page execute and read and write
|
||
|
52EE000
|
stack
|
page read and write
|
||
|
31FD000
|
trusted library allocation
|
page read and write
|
||
|
3142000
|
trusted library allocation
|
page read and write
|
||
|
128D000
|
trusted library allocation
|
page execute and read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
1111000
|
heap
|
page read and write
|
||
|
2C90000
|
heap
|
page execute and read and write
|
||
|
1130000
|
trusted library allocation
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
BE5000
|
heap
|
page read and write
|
||
|
1580000
|
heap
|
page read and write
|
||
|
6260000
|
heap
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
329E000
|
trusted library allocation
|
page read and write
|
||
|
30B2000
|
trusted library allocation
|
page read and write
|
||
|
124E000
|
stack
|
page read and write
|
||
|
62A8000
|
heap
|
page read and write
|
||
|
65A2000
|
trusted library allocation
|
page read and write
|
||
|
6C50000
|
trusted library allocation
|
page read and write
|
||
|
540E000
|
stack
|
page read and write
|
||
|
3021000
|
trusted library allocation
|
page read and write
|
||
|
542E000
|
stack
|
page read and write
|
||
|
1090000
|
trusted library allocation
|
page read and write
|
||
|
10DA000
|
heap
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
AF9000
|
stack
|
page read and write
|
||
|
E4F000
|
heap
|
page read and write
|
||
|
71C000
|
stack
|
page read and write
|
||
|
9EAD000
|
stack
|
page read and write
|
||
|
3044000
|
trusted library allocation
|
page read and write
|
||
|
4E38000
|
trusted library allocation
|
page read and write
|
||
|
32C0000
|
heap
|
page read and write
|
||
|
6C70000
|
trusted library allocation
|
page read and write
|
||
|
EAF000
|
stack
|
page read and write
|
||
|
4BEE000
|
stack
|
page read and write
|
||
|
316E000
|
stack
|
page read and write
|
||
|
2CC0000
|
heap
|
page read and write
|
||
|
2CA0000
|
trusted library allocation
|
page read and write
|
||
|
592A000
|
trusted library allocation
|
page read and write
|
||
|
4FCE000
|
stack
|
page read and write
|
||
|
1558000
|
heap
|
page read and write
|
||
|
1110000
|
trusted library allocation
|
page read and write
|
||
|
1250000
|
trusted library allocation
|
page read and write
|
||
|
2EE5000
|
trusted library allocation
|
page read and write
|
||
|
EF8000
|
stack
|
page read and write
|
||
|
12D3000
|
heap
|
page read and write
|
||
|
BFE000
|
stack
|
page read and write
|
||
|
103E000
|
stack
|
page read and write
|
||
|
1523000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DA0000
|
trusted library allocation
|
page read and write
|
||
|
5D6F000
|
stack
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
7590000
|
trusted library allocation
|
page read and write
|
||
|
2D10000
|
trusted library allocation
|
page read and write
|
||
|
1060000
|
trusted library allocation
|
page read and write
|
||
|
2E9E000
|
stack
|
page read and write
|
||
|
10B0000
|
trusted library allocation
|
page read and write
|
||
|
327B000
|
trusted library allocation
|
page read and write
|
||
|
113F000
|
heap
|
page read and write
|
||
|
78BF000
|
stack
|
page read and write
|
||
|
103B000
|
stack
|
page read and write
|
||
|
1063000
|
trusted library allocation
|
page execute and read and write
|
||
|
15DE000
|
stack
|
page read and write
|
||
|
15E0000
|
heap
|
page read and write
|
||
|
6600000
|
trusted library allocation
|
page execute and read and write
|
||
|
1610000
|
heap
|
page read and write
|
||
|
ED0000
|
heap
|
page read and write
|
||
|
A72000
|
unkown
|
page readonly
|
||
|
302A000
|
trusted library allocation
|
page read and write
|
||
|
32A5000
|
trusted library allocation
|
page read and write
|
||
|
5C6E000
|
stack
|
page read and write
|
||
|
1080000
|
trusted library allocation
|
page read and write
|
||
|
4FFE000
|
stack
|
page read and write
|
||
|
4E30000
|
trusted library allocation
|
page read and write
|
||
|
30E0000
|
heap
|
page execute and read and write
|
||
|
2D13000
|
trusted library allocation
|
page read and write
|
||
|
2A7E000
|
stack
|
page read and write
|
||
|
1800000
|
heap
|
page read and write
|
||
|
14AE000
|
stack
|
page read and write
|
||
|
6A21000
|
trusted library allocation
|
page read and write
|
||
|
2AD0000
|
heap
|
page read and write
|
||
|
31E8000
|
trusted library allocation
|
page read and write
|
||
|
1100000
|
trusted library allocation
|
page read and write
|
||
|
4FE000
|
stack
|
page read and write
|
||
|
6970000
|
trusted library allocation
|
page read and write
|
||
|
C2E000
|
stack
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
30C3000
|
trusted library allocation
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
6710000
|
trusted library allocation
|
page execute and read and write
|
||
|
1280000
|
trusted library allocation
|
page read and write
|
||
|
2CE0000
|
trusted library allocation
|
page read and write
|
||
|
5940000
|
trusted library allocation
|
page read and write
|
||
|
112A000
|
trusted library allocation
|
page execute and read and write
|
||
|
55FC000
|
stack
|
page read and write
|
||
|
5942000
|
trusted library allocation
|
page read and write
|
||
|
30BF000
|
trusted library allocation
|
page read and write
|
||
|
2EEA000
|
trusted library allocation
|
page read and write
|
||
|
312E000
|
stack
|
page read and write
|
||
|
5720000
|
heap
|
page execute and read and write
|
||
|
53EE000
|
stack
|
page read and write
|
||
|
2C20000
|
heap
|
page execute and read and write
|
||
|
136E000
|
stack
|
page read and write
|
||
|
1574000
|
heap
|
page read and write
|
||
|
313C000
|
trusted library allocation
|
page read and write
|
||
|
2BDE000
|
stack
|
page read and write
|
||
|
10FC000
|
stack
|
page read and write
|
||
|
5940000
|
heap
|
page execute and read and write
|
||
|
A92000
|
unkown
|
page execute and read and write
|
||
|
55E0000
|
trusted library allocation
|
page read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
5945000
|
trusted library allocation
|
page read and write
|
||
|
156E000
|
stack
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
99BE000
|
stack
|
page read and write
|
||
|
329A000
|
trusted library allocation
|
page read and write
|
||
|
3284000
|
trusted library allocation
|
page read and write
|
||
|
6296000
|
heap
|
page read and write
|
||
|
3140000
|
trusted library allocation
|
page read and write
|
||
|
1588000
|
heap
|
page read and write
|
||
|
7980000
|
trusted library allocation
|
page read and write
|
||
|
30B0000
|
trusted library allocation
|
page read and write
|
||
|
155E000
|
stack
|
page read and write
|
||
|
1169000
|
heap
|
page read and write
|
||
|
5130000
|
heap
|
page read and write
|
||
|
512E000
|
stack
|
page read and write
|
||
|
129E000
|
heap
|
page read and write
|
||
|
110D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5F1C000
|
stack
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
2C31000
|
trusted library allocation
|
page read and write
|
||
|
1064000
|
trusted library allocation
|
page read and write
|
||
|
32AF000
|
trusted library allocation
|
page read and write
|
||
|
15EC000
|
heap
|
page read and write
|
||
|
1800000
|
heap
|
page read and write
|
||
|
1577000
|
trusted library allocation
|
page execute and read and write
|
||
|
6740000
|
trusted library allocation
|
page read and write
|
||
|
5C7E000
|
stack
|
page read and write
|
||
|
2C3E000
|
stack
|
page read and write
|
||
|
12F9000
|
stack
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
5150000
|
trusted library allocation
|
page read and write
|
||
|
40E000
|
remote allocation
|
page execute and read and write
|
||
|
3088000
|
trusted library allocation
|
page read and write
|
||
|
65D0000
|
trusted library allocation
|
page read and write
|
||
|
7CAE000
|
stack
|
page read and write
|
||
|
5CBE000
|
stack
|
page read and write
|
||
|
56FE000
|
stack
|
page read and write
|
||
|
3224000
|
trusted library allocation
|
page read and write
|
||
|
9ABE000
|
stack
|
page read and write
|
||
|
591E000
|
stack
|
page read and write
|
||
|
328C000
|
trusted library allocation
|
page read and write
|
||
|
10DE000
|
stack
|
page read and write
|
||
|
1290000
|
trusted library allocation
|
page read and write
|
||
|
1284000
|
trusted library allocation
|
page read and write
|
||
|
C50000
|
trusted library allocation
|
page read and write
|
||
|
1205000
|
heap
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
1065000
|
heap
|
page read and write
|
||
|
A92000
|
unkown
|
page readonly
|
||
|
3E31000
|
trusted library allocation
|
page read and write
|
||
|
113B000
|
trusted library allocation
|
page execute and read and write
|
||
|
10DE000
|
heap
|
page read and write
|
||
|
14EE000
|
stack
|
page read and write
|
||
|
1137000
|
trusted library allocation
|
page execute and read and write
|
||
|
57CD000
|
stack
|
page read and write
|
||
|
5ED8000
|
stack
|
page read and write
|
||
|
65BA000
|
trusted library allocation
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
5BD9000
|
stack
|
page read and write
|
||
|
E5A000
|
heap
|
page read and write
|
||
|
1260000
|
trusted library allocation
|
page read and write
|
||
|
58FE000
|
stack
|
page read and write
|
||
|
120E000
|
stack
|
page read and write
|
||
|
2E40000
|
heap
|
page read and write
|
||
|
17BE000
|
stack
|
page read and write
|
||
|
6A2B000
|
trusted library allocation
|
page read and write
|
||
|
3244000
|
trusted library allocation
|
page read and write
|
||
|
6A39000
|
trusted library allocation
|
page read and write
|
||
|
1AD0000
|
heap
|
page read and write
|
||
|
6A35000
|
trusted library allocation
|
page read and write
|
||
|
32B0000
|
heap
|
page read and write
|
||
|
1AC0000
|
trusted library allocation
|
page read and write
|
||
|
5DDE000
|
stack
|
page read and write
|
||
|
C64000
|
trusted library allocation
|
page read and write
|
||
|
E67000
|
heap
|
page read and write
|
||
|
2A3E000
|
stack
|
page read and write
|
||
|
2F57000
|
trusted library allocation
|
page read and write
|
||
|
2EE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
111D000
|
trusted library allocation
|
page execute and read and write
|
||
|
661B000
|
trusted library allocation
|
page read and write
|
||
|
577E000
|
stack
|
page read and write
|
||
|
1A0000
|
heap
|
page read and write
|
||
|
1290000
|
heap
|
page read and write
|
||
|
1760000
|
trusted library allocation
|
page read and write
|
||
|
2AE0000
|
heap
|
page execute and read and write
|
||
|
546E000
|
stack
|
page read and write
|
||
|
1074000
|
trusted library allocation
|
page read and write
|
||
|
C63000
|
trusted library allocation
|
page execute and read and write
|
||
|
54BE000
|
unkown
|
page read and write
|
||
|
127F000
|
stack
|
page read and write
|
||
|
2EA0000
|
trusted library allocation
|
page read and write
|
||
|
5DFE000
|
stack
|
page read and write
|
||
|
2C80000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A80000
|
heap
|
page execute and read and write
|
||
|
69A0000
|
trusted library allocation
|
page read and write
|
||
|
3220000
|
trusted library allocation
|
page read and write
|
||
|
1B00000
|
heap
|
page read and write
|
||
|
7CE000
|
stack
|
page read and write
|
||
|
1600000
|
trusted library allocation
|
page execute and read and write
|
||
|
120F000
|
heap
|
page read and write
|
||
|
6720000
|
trusted library allocation
|
page read and write
|
||
|
106D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
6700000
|
trusted library allocation
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
4DCE000
|
stack
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
5120000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1104000
|
heap
|
page read and write
|
||
|
567E000
|
stack
|
page read and write
|
||
|
1103000
|
trusted library allocation
|
page execute and read and write
|
||
|
15B8000
|
heap
|
page read and write
|
||
|
108A000
|
trusted library allocation
|
page execute and read and write
|
||
|
69B0000
|
trusted library allocation
|
page read and write
|
There are 480 hidden memdumps, click here to show them.