Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
frik.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Chrome.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Windows\System32\drivers\etc\hosts
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Windows\Temp\lhaqmlexwhjs.sys
|
PE32+ executable (native) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1a0uqz2c.ikb.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bt1q2vem.2ih.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lkifkuij.mkj.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vt1sx3ne.rbx.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_2442rqz3.12g.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_gws4peny.bo3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_n0uexf0a.etd.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_rczyricw.nek.psm1
|
ASCII text, with no line terminators
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\frik.exe
|
"C:\Users\user\Desktop\frik.exe"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramData)
-ExclusionExtension '.exe' -Force
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe stop UsoSvc
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe stop WaaSMedicSvc
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe stop wuauserv
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe stop bits
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe stop dosvc
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe delete "Chrome"
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe create "Chrome" binpath= "C:\ProgramData\Chrome.exe" start= "auto"
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe stop eventlog
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe start "Chrome"
|
|
|
|
C:\ProgramData\Chrome.exe
|
C:\ProgramData\Chrome.exe
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramData)
-ExclusionExtension '.exe' -Force
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe stop UsoSvc
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe stop WaaSMedicSvc
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe stop wuauserv
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe stop bits
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe stop dosvc
|
|
|
|
C:\Windows\explorer.exe
|
explorer.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c wusa /uninstall /kb:890830 /quiet /norestart
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wusa.exe
|
wusa /uninstall /kb:890830 /quiet /norestart
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c wusa /uninstall /kb:890830 /quiet /norestart
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wusa.exe
|
wusa /uninstall /kb:890830 /quiet /norestart
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe
|
There are 32 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://pastebin.com/raw/FBXiGyZ9
|
104.20.3.235
|
|
|
|
https://www.kaspersky.ru/downloads/free-virus-removal-tool
|
unknown
|
||
|
https://pastebin.com/raw/FBXiGyZ9Taskmgr.exe
|
unknown
|
||
|
https://pastebin.com/raw/FBXiGyZ9--cinit-stealth-targets=Taskmgr.exe
|
unknown
|
||
|
https://www.drweb.ru/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
pool.hashvault.pro
|
95.179.241.203
|
|
|
|
pastebin.com
|
104.20.3.235
|
|
|
|
s-part-0017.t-0009.t-msedge.net
|
13.107.246.45
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
95.179.241.203
|
pool.hashvault.pro
|
Netherlands
|
|
|
|
104.20.3.235
|
pastebin.com
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MRT
|
DontOfferThroughWUAU
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1C54C118000
|
heap
|
page read and write
|
||
|
172D6E20000
|
unkown
|
page read and write
|
||
|
14000A000
|
unkown
|
page readonly
|
||
|
223B3970000
|
heap
|
page read and write
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
D19000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
207A4840000
|
heap
|
page read and write
|
||
|
1371C4D8000
|
heap
|
page read and write
|
||
|
7FF6122A9000
|
unkown
|
page readonly
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
207A4C00000
|
heap
|
page read and write
|
||
|
7FF611DAE000
|
unkown
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
24B61140000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
223B3890000
|
heap
|
page read and write
|
||
|
1C54C485000
|
heap
|
page read and write
|
||
|
169E000
|
stack
|
page read and write
|
||
|
24F687D0000
|
heap
|
page read and write
|
||
|
5FED57E000
|
stack
|
page read and write
|
||
|
7FF611DAF000
|
unkown
|
page write copy
|
||
|
5400000
|
direct allocation
|
page read and write
|
||
|
1AC51DF0000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1E27E670000
|
heap
|
page read and write
|
||
|
1BFE2C90000
|
heap
|
page read and write
|
||
|
625DBFF000
|
stack
|
page read and write
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1C54C480000
|
heap
|
page read and write
|
||
|
E314F7F000
|
stack
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
1FD29870000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
180B000
|
heap
|
page read and write
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
DCB167F000
|
stack
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
D3FDD7F000
|
stack
|
page read and write
|
||
|
1232CD70000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
20CF000
|
stack
|
page read and write
|
||
|
11E0000
|
direct allocation
|
page execute read
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
7FF743547000
|
unkown
|
page read and write
|
||
|
6800000
|
direct allocation
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1DFF7CA0000
|
heap
|
page read and write
|
||
|
1858000
|
heap
|
page read and write
|
||
|
1371C4DF000
|
heap
|
page read and write
|
||
|
1AC51A48000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
172D6E15000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
7D53A7F000
|
stack
|
page read and write
|
||
|
24B61040000
|
heap
|
page read and write
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
181B000
|
heap
|
page read and write
|
||
|
7D537DE000
|
stack
|
page read and write
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
172D6DB0000
|
heap
|
page read and write
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
4A00000
|
direct allocation
|
page read and write
|
||
|
1FD29840000
|
heap
|
page read and write
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
1DFF7950000
|
unkown
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
7FF74304B000
|
unkown
|
page readonly
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
1E03ED30000
|
heap
|
page read and write
|
||
|
223FDDB0000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
223B3C80000
|
heap
|
page read and write
|
||
|
1E27E590000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
24F687D5000
|
heap
|
page read and write
|
||
|
223B3C85000
|
heap
|
page read and write
|
||
|
20E0000
|
direct allocation
|
page execute and read and write
|
||
|
1E27E6D0000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
D15000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
2692EFE8000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
24B61120000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
12800000
|
trusted library allocation
|
page read and write
|
||
|
CF3000
|
heap
|
page read and write
|
||
|
E314E7E000
|
stack
|
page read and write
|
||
|
1210000
|
heap
|
page readonly
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1E03ED20000
|
heap
|
page read and write
|
||
|
1371C4A0000
|
heap
|
page read and write
|
||
|
1FD29C80000
|
heap
|
page read and write
|
||
|
223FDD80000
|
heap
|
page read and write
|
||
|
27D09BB8000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
24F68500000
|
heap
|
page read and write
|
||
|
7FF7432D0000
|
unkown
|
page write copy
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
24F68638000
|
heap
|
page read and write
|
||
|
5E00000
|
direct allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
7FF611DAE000
|
unkown
|
page write copy
|
||
|
140001000
|
unkown
|
page execute read
|
||
|
D76000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
A40DD7F000
|
stack
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1BFE3045000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1C54C090000
|
heap
|
page read and write
|
||
|
8135C7E000
|
stack
|
page read and write
|
||
|
26C2CF8F000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
A40DC7F000
|
stack
|
page read and write
|
||
|
207A4870000
|
heap
|
page read and write
|
||
|
1AC51DF5000
|
heap
|
page read and write
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
30570FE000
|
stack
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
3FC22ED000
|
stack
|
page read and write
|
||
|
24B61208000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
7FF74354C000
|
unkown
|
page readonly
|
||
|
1371C340000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1245000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
207A4850000
|
heap
|
page read and write
|
||
|
24F68630000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
27D09BB0000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1E03ED50000
|
heap
|
page read and write
|
||
|
3600000
|
direct allocation
|
page read and write
|
||
|
25E68560000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
3FC23FE000
|
stack
|
page read and write
|
||
|
24B611C5000
|
heap
|
page read and write
|
||
|
26C2D225000
|
heap
|
page read and write
|
||
|
77B66FE000
|
stack
|
page read and write
|
||
|
26C2CDB0000
|
heap
|
page read and write
|
||
|
7D5375C000
|
stack
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
77B639D000
|
stack
|
page read and write
|
||
|
C89000
|
heap
|
page read and write
|
||
|
2010000
|
direct allocation
|
page execute and read and write
|
||
|
140007000
|
unkown
|
page readonly
|
||
|
7FF743549000
|
unkown
|
page readonly
|
||
|
1C54C060000
|
heap
|
page read and write
|
||
|
26C2CF80000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
24B611C0000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
282037E000
|
stack
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1BFE2D40000
|
heap
|
page read and write
|
||
|
2692EFE0000
|
heap
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
1812000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
DCB147D000
|
stack
|
page read and write
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
191F000
|
stack
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
2692EEC0000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1371C4A5000
|
heap
|
page read and write
|
||
|
1815000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
161C000
|
stack
|
page read and write
|
||
|
1805000
|
heap
|
page read and write
|
||
|
81359DC000
|
stack
|
page read and write
|
||
|
159E000
|
stack
|
page read and write
|
||
|
1862000
|
heap
|
page read and write
|
||
|
E731E7C000
|
stack
|
page read and write
|
||
|
1232CD40000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1232CD50000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
C7B000
|
stack
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
625DC7E000
|
unkown
|
page readonly
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
17A0000
|
heap
|
page read and write
|
||
|
282027C000
|
stack
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
223FE135000
|
heap
|
page read and write
|
||
|
2692F185000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
17F9000
|
heap
|
page read and write
|
||
|
1C54C070000
|
heap
|
page read and write
|
||
|
77B67FE000
|
stack
|
page read and write
|
||
|
1371C4D0000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
D3FDE7F000
|
stack
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
E314B4D000
|
stack
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1E27E690000
|
heap
|
page read and write
|
||
|
7FF74304E000
|
unkown
|
page write copy
|
||
|
2200000
|
direct allocation
|
page read and write
|
||
|
1DFF7940000
|
unkown
|
page read and write
|
||
|
2C00000
|
direct allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
140000000
|
unkown
|
page read and write
|
||
|
1A1E000
|
stack
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
223B39E8000
|
heap
|
page read and write
|
||
|
1AC51990000
|
heap
|
page read and write
|
||
|
25E68350000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
5A29DD000
|
stack
|
page read and write
|
||
|
7FF74354C000
|
unkown
|
page readonly
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
1864000
|
heap
|
page read and write
|
||
|
1FD29C85000
|
heap
|
page read and write
|
||
|
26C2CE90000
|
heap
|
page read and write
|
||
|
D6E000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1E03EDB0000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
223FDD60000
|
heap
|
page read and write
|
||
|
694CF5C000
|
stack
|
page read and write
|
||
|
D76000
|
heap
|
page read and write
|
||
|
D5B000
|
heap
|
page read and write
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
625DAFE000
|
stack
|
page read and write
|
||
|
23A335C000
|
stack
|
page read and write
|
||
|
172D6DE0000
|
unkown
|
page read and write
|
||
|
1DFF7CA5000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
26C2CEB0000
|
heap
|
page read and write
|
||
|
7E311DD000
|
stack
|
page read and write
|
||
|
282047E000
|
stack
|
page read and write
|
||
|
7E315FE000
|
stack
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1E27E8D0000
|
heap
|
page read and write
|
||
|
7FF611DA1000
|
unkown
|
page execute read
|
||
|
1371C420000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
7FF743041000
|
unkown
|
page execute read
|
||
|
7FF611DAB000
|
unkown
|
page readonly
|
||
|
7D53AFF000
|
stack
|
page read and write
|
||
|
24F685E0000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
12800000
|
trusted library allocation
|
page read and write
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
186E000
|
heap
|
page read and write
|
||
|
9926EEC000
|
stack
|
page read and write
|
||
|
207A4C10000
|
unkown
|
page read and write
|
||
|
223B3990000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
694D27F000
|
stack
|
page read and write
|
||
|
2692EFC0000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1BFE2D48000
|
heap
|
page read and write
|
||
|
1AC519C0000
|
heap
|
page read and write
|
||
|
17E8000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
694D37F000
|
stack
|
page read and write
|
||
|
E731F7E000
|
stack
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
26C2D220000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
2E6A2FF000
|
stack
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1BFE3040000
|
heap
|
page read and write
|
||
|
186C000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1371C440000
|
heap
|
page read and write
|
||
|
1BFE2CB0000
|
heap
|
page read and write
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
172D6BE0000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
1DFF7920000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1AC519A0000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
2692EFA0000
|
heap
|
page read and write
|
||
|
2E69F5D000
|
stack
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
1232CC60000
|
heap
|
page read and write
|
||
|
1816000
|
heap
|
page read and write
|
||
|
27D09EC5000
|
heap
|
page read and write
|
||
|
181E000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
223FDD50000
|
heap
|
page read and write
|
||
|
1880000
|
heap
|
page read and write
|
||
|
3FC22FE000
|
stack
|
page read and write
|
||
|
17E0000
|
heap
|
page read and write
|
||
|
25E68460000
|
heap
|
page read and write
|
||
|
12800000
|
trusted library allocation
|
page read and write
|
||
|
2E69F6D000
|
stack
|
page read and write
|
||
|
20F0000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
4000000
|
direct allocation
|
page read and write
|
||
|
207A4C05000
|
heap
|
page read and write
|
||
|
7FF611DAB000
|
unkown
|
page readonly
|
||
|
1DFF7840000
|
heap
|
page read and write
|
||
|
1F0F000
|
stack
|
page read and write
|
||
|
625D7FC000
|
stack
|
page read and write
|
||
|
5A2DFE000
|
stack
|
page read and write
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
1232CDF8000
|
heap
|
page read and write
|
||
|
179E000
|
stack
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
26C2CF88000
|
heap
|
page read and write
|
||
|
1BFE2C80000
|
heap
|
page read and write
|
||
|
8600000
|
direct allocation
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
223FDDB8000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
140009000
|
unkown
|
page read and write
|
||
|
12800000
|
trusted library allocation
|
page read and write
|
||
|
25E685C0000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
7FF6122AC000
|
unkown
|
page readonly
|
||
|
A40D96D000
|
stack
|
page read and write
|
||
|
1838000
|
heap
|
page read and write
|
||
|
27D09EC0000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1E27E8D5000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
223FE130000
|
heap
|
page read and write
|
||
|
CC5000
|
heap
|
page read and write
|
||
|
1232CDF0000
|
heap
|
page read and write
|
||
|
DCB157E000
|
stack
|
page read and write
|
||
|
24F68600000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1FD298D8000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
7FF743041000
|
unkown
|
page execute read
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
5FED47C000
|
stack
|
page read and write
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
7E314FF000
|
stack
|
page read and write
|
||
|
104E000
|
stack
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
9926FEF000
|
stack
|
page read and write
|
||
|
1866000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
7FF6122A7000
|
unkown
|
page read and write
|
||
|
25E68358000
|
heap
|
page read and write
|
||
|
1DFF7CB0000
|
unkown
|
page read and write
|
||
|
3056DBC000
|
stack
|
page read and write
|
||
|
5A2CFF000
|
stack
|
page read and write
|
||
|
1B1E000
|
stack
|
page read and write
|
||
|
172D6BE9000
|
heap
|
page read and write
|
||
|
7FF611DA0000
|
unkown
|
page readonly
|
||
|
7200000
|
direct allocation
|
page read and write
|
||
|
1868000
|
heap
|
page read and write
|
||
|
1C54C110000
|
heap
|
page read and write
|
||
|
7FF743549000
|
unkown
|
page readonly
|
||
|
2692F180000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
25E69E90000
|
heap
|
page read and write
|
||
|
1DFF7A00000
|
heap
|
page read and write
|
||
|
F4E000
|
stack
|
page read and write
|
||
|
5FED67E000
|
stack
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1E03ED90000
|
heap
|
page read and write
|
||
|
27D09B90000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1AC51A40000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1850000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
E73207F000
|
stack
|
page read and write
|
||
|
27D09B60000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
172D6E10000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1E03EDB8000
|
heap
|
page read and write
|
||
|
20D0000
|
direct allocation
|
page execute and read and write
|
||
|
223B39E0000
|
heap
|
page read and write
|
||
|
1860000
|
heap
|
page read and write
|
||
|
1E27E6D8000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
186A000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1801000
|
heap
|
page read and write
|
||
|
172D6DD0000
|
unkown
|
page read and write
|
||
|
171E000
|
stack
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
25E68540000
|
heap
|
page read and write
|
||
|
17EA000
|
heap
|
page read and write
|
||
|
24B61200000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
7FF743040000
|
unkown
|
page readonly
|
||
|
200F000
|
stack
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
1848000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1FD29850000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
30571FE000
|
stack
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
7FF6122AC000
|
unkown
|
page readonly
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
7FF74304E000
|
unkown
|
page read and write
|
||
|
7C00000
|
direct allocation
|
page read and write
|
||
|
7FF743040000
|
unkown
|
page readonly
|
||
|
7FF6122A9000
|
unkown
|
page readonly
|
||
|
7FF611DA0000
|
unkown
|
page readonly
|
||
|
8135CFE000
|
stack
|
page read and write
|
||
|
7FF611DA1000
|
unkown
|
page execute read
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
27D09B70000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1DFF7940000
|
unkown
|
page read and write
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
1232CD45000
|
heap
|
page read and write
|
||
|
25E685C5000
|
heap
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1FD298D0000
|
heap
|
page read and write
|
||
|
7FF74304B000
|
unkown
|
page readonly
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
12800000
|
trusted library allocation
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
172D6BC0000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
D3FDC7D000
|
stack
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
1E03ED95000
|
heap
|
page read and write
|
||
|
1DFF7940000
|
unkown
|
page read and write
|
There are 495 hidden memdumps, click here to show them.