Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
KjFT0qPTo4.vbs
|
ASCII text, with very long lines (65451), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\temp_executable.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\KjFT0qPTo4.vbs"
|
|
|
|
C:\Users\user\AppData\Local\Temp\temp_executable.exe
|
"C:\Users\user\AppData\Local\Temp\temp_executable.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://transfer.adttemp.com.br
|
unknown
|
|
|
|
https://transfer.adttemp.com.br
|
unknown
|
|
|
|
https://transfer.adttemp.com.br/hUkry/sirdeeeeee.txtX~
|
unknown
|
|
|
|
http://transfer.adttemp.com.brX
|
unknown
|
|
|
|
https://transfer.adttemp.com.br/hUkry/sirdeeeeee.txt
|
104.196.109.209
|
||
|
http://crl.pkioverheid.nl/DomOvLatestCRL.crl0
|
unknown
|
||
|
http://crl.entrust.net/server1.crl0
|
unknown
|
||
|
http://ocsp.entrust.net03
|
unknown
|
||
|
http://crl.pkioverheid.nl/DomOrganisatieLatestCRL-G2.crl0
|
unknown
|
||
|
http://www.diginotar.nl/cps/pkioverheid0
|
unknown
|
||
|
http://ocsp.entrust.net0D
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://secure.comodo.com/CPS0
|
unknown
|
||
|
http://crl.entrust.net/2048ca.crl0
|
unknown
|
There are 4 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
transfer.adttemp.com.br
|
104.196.109.209
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.196.109.209
|
transfer.adttemp.com.br
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\temp_executable_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\temp_executable_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\temp_executable_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\temp_executable_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\temp_executable_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\temp_executable_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\temp_executable_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\temp_executable_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\temp_executable_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\temp_executable_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\temp_executable_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\temp_executable_RASMANCS
|
FileDirectory
|
There are 9 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
270000
|
direct allocation
|
page read and write
|
|
|
|
3EDF000
|
heap
|
page read and write
|
||
|
37CD000
|
heap
|
page read and write
|
||
|
3E73000
|
heap
|
page read and write
|
||
|
187000
|
heap
|
page read and write
|
||
|
5D6E000
|
stack
|
page read and write
|
||
|
53F000
|
heap
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
56C000
|
heap
|
page read and write
|
||
|
185000
|
heap
|
page read and write
|
||
|
3C1F000
|
heap
|
page read and write
|
||
|
17C000
|
heap
|
page read and write
|
||
|
3E59000
|
heap
|
page read and write
|
||
|
3815000
|
heap
|
page read and write
|
||
|
184000
|
heap
|
page read and write
|
||
|
460000
|
trusted library allocation
|
page read and write
|
||
|
176000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
3BF6000
|
heap
|
page read and write
|
||
|
3B1B000
|
heap
|
page read and write
|
||
|
52F000
|
heap
|
page read and write
|
||
|
23D7000
|
direct allocation
|
page execute and read and write
|
||
|
179000
|
heap
|
page read and write
|
||
|
3A20000
|
heap
|
page read and write
|
||
|
3B8D000
|
heap
|
page read and write
|
||
|
27A9000
|
trusted library allocation
|
page read and write
|
||
|
57FD000
|
stack
|
page read and write
|
||
|
3721000
|
heap
|
page read and write
|
||
|
37FD000
|
heap
|
page read and write
|
||
|
4730000
|
heap
|
page read and write
|
||
|
54BE000
|
stack
|
page read and write
|
||
|
2554000
|
direct allocation
|
page execute and read and write
|
||
|
381C000
|
heap
|
page read and write
|
||
|
3BE5000
|
heap
|
page read and write
|
||
|
3B5A000
|
heap
|
page read and write
|
||
|
3808000
|
heap
|
page read and write
|
||
|
3B12000
|
heap
|
page read and write
|
||
|
380E000
|
heap
|
page read and write
|
||
|
3719000
|
trusted library allocation
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
2767000
|
trusted library allocation
|
page read and write
|
||
|
3A21000
|
heap
|
page read and write
|
||
|
381C000
|
heap
|
page read and write
|
||
|
389F000
|
heap
|
page read and write
|
||
|
3B0A000
|
heap
|
page read and write
|
||
|
3AFC000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
17F000
|
heap
|
page read and write
|
||
|
3F26000
|
heap
|
page read and write
|
||
|
173000
|
heap
|
page read and write
|
||
|
587000
|
heap
|
page read and write
|
||
|
12F2000
|
unkown
|
page execute read
|
||
|
275E000
|
trusted library allocation
|
page read and write
|
||
|
3B83000
|
heap
|
page read and write
|
||
|
3E49000
|
heap
|
page read and write
|
||
|
3808000
|
heap
|
page read and write
|
||
|
3BAF000
|
heap
|
page read and write
|
||
|
511E000
|
stack
|
page read and write
|
||
|
17A000
|
heap
|
page read and write
|
||
|
3B74000
|
heap
|
page read and write
|
||
|
3E9A000
|
heap
|
page read and write
|
||
|
3AFE000
|
heap
|
page read and write
|
||
|
777000
|
heap
|
page read and write
|
||
|
2794000
|
trusted library allocation
|
page read and write
|
||
|
3BCD000
|
heap
|
page read and write
|
||
|
292000
|
trusted library allocation
|
page read and write
|
||
|
176000
|
heap
|
page read and write
|
||
|
50AF000
|
stack
|
page read and write
|
||
|
3F21000
|
heap
|
page read and write
|
||
|
4B65000
|
trusted library allocation
|
page read and write
|
||
|
381F000
|
heap
|
page read and write
|
||
|
3800000
|
heap
|
page read and write
|
||
|
2DA000
|
stack
|
page read and write
|
||
|
3EE2000
|
heap
|
page read and write
|
||
|
3B68000
|
heap
|
page read and write
|
||
|
3EDE000
|
heap
|
page read and write
|
||
|
3C1F000
|
heap
|
page read and write
|
||
|
15A000
|
heap
|
page read and write
|
||
|
3EEA000
|
heap
|
page read and write
|
||
|
3B8D000
|
heap
|
page read and write
|
||
|
32D000
|
stack
|
page read and write
|
||
|
3800000
|
heap
|
page read and write
|
||
|
3EE8000
|
heap
|
page read and write
|
||
|
3C0C000
|
heap
|
page read and write
|
||
|
3815000
|
heap
|
page read and write
|
||
|
3B75000
|
heap
|
page read and write
|
||
|
3EB9000
|
heap
|
page read and write
|
||
|
3B71000
|
heap
|
page read and write
|
||
|
173000
|
heap
|
page read and write
|
||
|
380E000
|
heap
|
page read and write
|
||
|
3B90000
|
heap
|
page read and write
|
||
|
17F000
|
heap
|
page read and write
|
||
|
3E3D000
|
heap
|
page read and write
|
||
|
3C0C000
|
heap
|
page read and write
|
||
|
4B68000
|
trusted library allocation
|
page read and write
|
||
|
3ED2000
|
heap
|
page read and write
|
||
|
37CD000
|
heap
|
page read and write
|
||
|
3B19000
|
heap
|
page read and write
|
||
|
22D0000
|
direct allocation
|
page execute and read and write
|
||
|
3E49000
|
heap
|
page read and write
|
||
|
CBE000
|
stack
|
page read and write
|
||
|
5BAE000
|
stack
|
page read and write
|
||
|
3EDC000
|
heap
|
page read and write
|
||
|
3C0E000
|
heap
|
page read and write
|
||
|
27B8000
|
trusted library allocation
|
page read and write
|
||
|
483E000
|
stack
|
page read and write
|
||
|
3E45000
|
heap
|
page read and write
|
||
|
524C000
|
stack
|
page read and write
|
||
|
3F26000
|
heap
|
page read and write
|
||
|
23C0000
|
direct allocation
|
page execute and read and write
|
||
|
3B9F000
|
heap
|
page read and write
|
||
|
173000
|
heap
|
page read and write
|
||
|
195000
|
heap
|
page read and write
|
||
|
3EE0000
|
heap
|
page read and write
|
||
|
36000
|
heap
|
page read and write
|
||
|
4EF000
|
heap
|
page read and write
|
||
|
4C4000
|
heap
|
page read and write
|
||
|
17D000
|
heap
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
111000
|
heap
|
page read and write
|
||
|
2711000
|
trusted library allocation
|
page read and write
|
||
|
3B9C000
|
heap
|
page read and write
|
||
|
23E0000
|
direct allocation
|
page execute and read and write
|
||
|
3E49000
|
heap
|
page read and write
|
||
|
3AFC000
|
heap
|
page read and write
|
||
|
1DBB000
|
heap
|
page read and write
|
||
|
3816000
|
heap
|
page read and write
|
||
|
1AD000
|
heap
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
2D0000
|
heap
|
page read and write
|
||
|
5A6F000
|
stack
|
page read and write
|
||
|
340000
|
heap
|
page read and write
|
||
|
3B68000
|
heap
|
page read and write
|
||
|
3B28000
|
heap
|
page read and write
|
||
|
60F0000
|
heap
|
page read and write
|
||
|
381B000
|
heap
|
page read and write
|
||
|
380D000
|
heap
|
page read and write
|
||
|
4BD000
|
heap
|
page read and write
|
||
|
3EE7000
|
heap
|
page read and write
|
||
|
47A000
|
heap
|
page read and write
|
||
|
3BAE000
|
heap
|
page read and write
|
||
|
CC000
|
stack
|
page read and write
|
||
|
183000
|
heap
|
page read and write
|
||
|
264000
|
trusted library allocation
|
page read and write
|
||
|
10C000
|
heap
|
page read and write
|
||
|
2C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3ED3000
|
heap
|
page read and write
|
||
|
3B10000
|
heap
|
page read and write
|
||
|
3ED9000
|
heap
|
page read and write
|
||
|
3E68000
|
heap
|
page read and write
|
||
|
3C1C000
|
heap
|
page read and write
|
||
|
381A000
|
heap
|
page read and write
|
||
|
2E0000
|
trusted library allocation
|
page read and write
|
||
|
186000
|
heap
|
page read and write
|
||
|
15A000
|
heap
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
3807000
|
heap
|
page read and write
|
||
|
3ED2000
|
heap
|
page read and write
|
||
|
3B8D000
|
heap
|
page read and write
|
||
|
3A62000
|
heap
|
page read and write
|
||
|
458000
|
heap
|
page read and write
|
||
|
1AD000
|
heap
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
4B60000
|
trusted library allocation
|
page read and write
|
||
|
5F7F000
|
stack
|
page read and write
|
||
|
3EE4000
|
heap
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
279C000
|
trusted library allocation
|
page read and write
|
||
|
3BE5000
|
heap
|
page read and write
|
||
|
1F6F000
|
stack
|
page read and write
|
||
|
174000
|
heap
|
page read and write
|
||
|
28A000
|
trusted library allocation
|
page execute and read and write
|
||
|
381E000
|
heap
|
page read and write
|
||
|
3F24000
|
heap
|
page read and write
|
||
|
1306000
|
unkown
|
page readonly
|
||
|
3B7F000
|
heap
|
page read and write
|
||
|
3B92000
|
heap
|
page read and write
|
||
|
37FF000
|
heap
|
page read and write
|
||
|
3E70000
|
heap
|
page read and write
|
||
|
12F0000
|
unkown
|
page readonly
|
||
|
24DF000
|
stack
|
page read and write
|
||
|
3BA0000
|
heap
|
page read and write
|
||
|
182000
|
heap
|
page read and write
|
||
|
37CD000
|
heap
|
page read and write
|
||
|
5E7D000
|
stack
|
page read and write
|
||
|
3E9F000
|
heap
|
page read and write
|
||
|
22E0000
|
direct allocation
|
page execute and read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
3B7F000
|
heap
|
page read and write
|
||
|
180000
|
heap
|
page read and write
|
||
|
3B82000
|
heap
|
page read and write
|
||
|
3818000
|
heap
|
page read and write
|
||
|
3B87000
|
heap
|
page read and write
|
||
|
1304000
|
unkown
|
page write copy
|
||
|
3B90000
|
heap
|
page read and write
|
||
|
3ED0000
|
heap
|
page read and write
|
||
|
3C1B000
|
heap
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
330000
|
heap
|
page read and write
|
||
|
27C6000
|
trusted library allocation
|
page read and write
|
||
|
4B62000
|
trusted library allocation
|
page read and write
|
||
|
E2E000
|
stack
|
page read and write
|
||
|
456000
|
heap
|
page read and write
|
||
|
3B85000
|
heap
|
page read and write
|
||
|
4B64000
|
trusted library allocation
|
page read and write
|
||
|
2551000
|
direct allocation
|
page execute and read and write
|
||
|
2834000
|
trusted library allocation
|
page read and write
|
||
|
3BAF000
|
heap
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
3C1C000
|
heap
|
page read and write
|
||
|
3B72000
|
heap
|
page read and write
|
||
|
3E41000
|
heap
|
page read and write
|
||
|
3ED3000
|
heap
|
page read and write
|
||
|
3C1D000
|
heap
|
page read and write
|
||
|
3B8E000
|
heap
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
3B99000
|
heap
|
page read and write
|
||
|
173000
|
heap
|
page read and write
|
||
|
176000
|
heap
|
page read and write
|
||
|
3BCD000
|
heap
|
page read and write
|
||
|
45E0000
|
heap
|
page read and write
|
||
|
150000
|
trusted library allocation
|
page read and write
|
||
|
4B63000
|
trusted library allocation
|
page read and write
|
||
|
37FD000
|
heap
|
page read and write
|
||
|
380E000
|
heap
|
page read and write
|
||
|
381E000
|
heap
|
page read and write
|
||
|
3818000
|
heap
|
page read and write
|
||
|
3B81000
|
heap
|
page read and write
|
||
|
4BD000
|
heap
|
page read and write
|
||
|
3ED3000
|
heap
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
17A000
|
heap
|
page read and write
|
||
|
181000
|
heap
|
page read and write
|
||
|
3B82000
|
heap
|
page read and write
|
||
|
60EC000
|
stack
|
page read and write
|
||
|
381F000
|
heap
|
page read and write
|
||
|
4870000
|
heap
|
page read and write
|
||
|
3EB6000
|
heap
|
page read and write
|
||
|
12CC000
|
stack
|
page read and write
|
||
|
3B8D000
|
heap
|
page read and write
|
||
|
117000
|
heap
|
page read and write
|
||
|
3E31000
|
heap
|
page read and write
|
||
|
173000
|
heap
|
page read and write
|
||
|
1AD000
|
heap
|
page read and write
|
||
|
3EE3000
|
heap
|
page read and write
|
||
|
55BE000
|
stack
|
page read and write
|
||
|
3E3E000
|
heap
|
page read and write
|
||
|
410000
|
heap
|
page read and write
|
||
|
504F000
|
stack
|
page read and write
|
||
|
11C0000
|
heap
|
page execute and read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
3B7B000
|
heap
|
page read and write
|
||
|
45C000
|
heap
|
page read and write
|
||
|
3E48000
|
heap
|
page read and write
|
||
|
389E000
|
heap
|
page read and write
|
||
|
3BA8000
|
heap
|
page read and write
|
||
|
3E37000
|
heap
|
page read and write
|
||
|
263000
|
trusted library allocation
|
page execute and read and write
|
||
|
476B000
|
heap
|
page read and write
|
||
|
12C000
|
stack
|
page read and write
|
||
|
181000
|
heap
|
page read and write
|
||
|
4734000
|
heap
|
page read and write
|
||
|
187000
|
heap
|
page read and write
|
||
|
3B9B000
|
heap
|
page read and write
|
||
|
3B83000
|
heap
|
page read and write
|
||
|
4B61000
|
trusted library allocation
|
page read and write
|
||
|
3808000
|
heap
|
page read and write
|
||
|
577F000
|
stack
|
page read and write
|
||
|
24D000
|
stack
|
page read and write
|
||
|
3F26000
|
heap
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
297000
|
trusted library allocation
|
page execute and read and write
|
||
|
3BB1000
|
heap
|
page read and write
|
||
|
3B74000
|
heap
|
page read and write
|
||
|
3C1F000
|
heap
|
page read and write
|
||
|
4F1E000
|
stack
|
page read and write
|
||
|
3C1B000
|
heap
|
page read and write
|
||
|
380E000
|
heap
|
page read and write
|
||
|
108000
|
heap
|
page read and write
|
||
|
184000
|
heap
|
page read and write
|
||
|
3808000
|
heap
|
page read and write
|
||
|
287000
|
trusted library allocation
|
page execute and read and write
|
||
|
37FD000
|
heap
|
page read and write
|
||
|
3B8D000
|
heap
|
page read and write
|
||
|
3B90000
|
heap
|
page read and write
|
||
|
2440000
|
direct allocation
|
page execute and read and write
|
||
|
414000
|
heap
|
page read and write
|
||
|
45CE000
|
stack
|
page read and write
|
||
|
3BAF000
|
heap
|
page read and write
|
||
|
3BE2000
|
heap
|
page read and write
|
||
|
1AD000
|
heap
|
page read and write
|
||
|
3EE8000
|
heap
|
page read and write
|
||
|
3BF6000
|
heap
|
page read and write
|
||
|
2769000
|
trusted library allocation
|
page read and write
|
||
|
3ED3000
|
heap
|
page read and write
|
||
|
2777000
|
trusted library allocation
|
page read and write
|
||
|
A20000
|
heap
|
page execute and read and write
|
||
|
554000
|
heap
|
page read and write
|
||
|
3808000
|
heap
|
page read and write
|
||
|
3BAE000
|
heap
|
page read and write
|
||
|
3E30000
|
heap
|
page read and write
|
||
|
2790000
|
trusted library allocation
|
page read and write
|
||
|
3BA8000
|
heap
|
page read and write
|
||
|
3B76000
|
heap
|
page read and write
|
||
|
9FE000
|
stack
|
page read and write
|
||
|
3656000
|
heap
|
page read and write
|
||
|
3B71000
|
heap
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
99E000
|
stack
|
page read and write
|
||
|
5B20000
|
heap
|
page read and write
|
||
|
3B90000
|
heap
|
page read and write
|
||
|
3BCE000
|
heap
|
page read and write
|
||
|
3819000
|
heap
|
page read and write
|
||
|
3B9E000
|
heap
|
page read and write
|
||
|
380D000
|
heap
|
page read and write
|
||
|
B7000
|
heap
|
page read and write
|
||
|
27BC000
|
trusted library allocation
|
page read and write
|
||
|
537000
|
heap
|
page read and write
|
||
|
282000
|
trusted library allocation
|
page read and write
|
||
|
B0000
|
heap
|
page read and write
|
||
|
183000
|
heap
|
page read and write
|
||
|
547F000
|
stack
|
page read and write
|
||
|
3EEC000
|
heap
|
page read and write
|
||
|
479000
|
heap
|
page read and write
|
||
|
3B71000
|
heap
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
3B78000
|
heap
|
page read and write
|
||
|
25D0000
|
direct allocation
|
page execute and read and write
|
||
|
4410000
|
heap
|
page read and write
|
||
|
76E000
|
stack
|
page read and write
|
||
|
45E000
|
heap
|
page read and write
|
||
|
D2D000
|
stack
|
page read and write
|
||
|
4A7000
|
heap
|
page read and write
|
||
|
4B67000
|
trusted library allocation
|
page read and write
|
||
|
4AE0000
|
heap
|
page read and write
|
||
|
380E000
|
heap
|
page read and write
|
||
|
26D000
|
trusted library allocation
|
page execute and read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
4B66000
|
trusted library allocation
|
page read and write
|
||
|
FA000
|
heap
|
page read and write
|
||
|
380E000
|
heap
|
page read and write
|
||
|
3BF6000
|
heap
|
page read and write
|
||
|
3620000
|
heap
|
page read and write
|
||
|
3B71000
|
heap
|
page read and write
|
||
|
3800000
|
heap
|
page read and write
|
||
|
173000
|
heap
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
5AAE000
|
stack
|
page read and write
|
||
|
123E000
|
stack
|
page read and write
|
||
|
3711000
|
trusted library allocation
|
page read and write
|
||
|
3E2D000
|
stack
|
page read and write
|
||
|
190000
|
heap
|
page read and write
|
||
|
17F000
|
heap
|
page read and write
|
||
|
259000
|
stack
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
567000
|
heap
|
page read and write
|
||
|
42F0000
|
heap
|
page read and write
|
||
|
4DE0000
|
heap
|
page read and write
|
||
|
3821000
|
heap
|
page read and write
|
||
|
3B8D000
|
heap
|
page read and write
|
||
|
1D85000
|
heap
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
4E3000
|
heap
|
page read and write
|
||
|
3820000
|
heap
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
3B85000
|
heap
|
page read and write
|
||
|
3816000
|
heap
|
page read and write
|
||
|
3B80000
|
heap
|
page read and write
|
||
|
3ED3000
|
heap
|
page read and write
|
||
|
3B98000
|
heap
|
page read and write
|
||
|
3B9A000
|
heap
|
page read and write
|
||
|
FF000
|
heap
|
page read and write
|
||
|
37CC000
|
heap
|
page read and write
|
||
|
3F24000
|
heap
|
page read and write
|
||
|
181000
|
heap
|
page read and write
|
||
|
3815000
|
heap
|
page read and write
|
||
|
3E3A000
|
heap
|
page read and write
|
||
|
3E4C000
|
heap
|
page read and write
|
||
|
496F000
|
stack
|
page read and write
|
||
|
3927000
|
heap
|
page read and write
|
||
|
37FF000
|
heap
|
page read and write
|
||
|
260000
|
trusted library allocation
|
page read and write
|
||
|
3AFF000
|
heap
|
page read and write
|
||
|
2D5000
|
stack
|
page read and write
|
||
|
565E000
|
stack
|
page read and write
|
||
|
4CB0000
|
heap
|
page read and write
|
||
|
3E3E000
|
heap
|
page read and write
|
||
|
2460000
|
direct allocation
|
page execute and read and write
|
||
|
278A000
|
trusted library allocation
|
page read and write
|
||
|
111000
|
heap
|
page read and write
|
||
|
23D0000
|
direct allocation
|
page execute and read and write
|
||
|
597000
|
heap
|
page read and write
|
||
|
3815000
|
heap
|
page read and write
|
||
|
3B1E000
|
heap
|
page read and write
|
||
|
592E000
|
stack
|
page read and write
|
||
|
3ED9000
|
heap
|
page read and write
|
||
|
2761000
|
trusted library allocation
|
page read and write
|
||
|
17B000
|
heap
|
page read and write
|
||
|
184000
|
heap
|
page read and write
|
||
|
3BCD000
|
heap
|
page read and write
|
||
|
12F0000
|
unkown
|
page readonly
|
||
|
3EE1000
|
heap
|
page read and write
|
||
|
3EED000
|
heap
|
page read and write
|
||
|
3C0C000
|
heap
|
page read and write
|
||
|
29B000
|
trusted library allocation
|
page execute and read and write
|
||
|
27BE000
|
trusted library allocation
|
page read and write
|
||
|
3E49000
|
heap
|
page read and write
|
||
|
3E31000
|
heap
|
page read and write
|
||
|
381C000
|
heap
|
page read and write
|
||
|
3BE5000
|
heap
|
page read and write
|
||
|
3B5C000
|
heap
|
page read and write
|
||
|
186000
|
heap
|
page read and write
|
||
|
C5F000
|
stack
|
page read and write
|
||
|
3C1E000
|
heap
|
page read and write
|
||
|
3B9E000
|
heap
|
page read and write
|
||
|
5F7E000
|
stack
|
page read and write | page guard
|
||
|
17C000
|
heap
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
3BF6000
|
heap
|
page read and write
|
||
|
176000
|
heap
|
page read and write
|
||
|
178000
|
heap
|
page read and write
|
||
|
3B93000
|
heap
|
page read and write
|
||
|
3ED5000
|
heap
|
page read and write
|
||
|
3EC8000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
3B9A000
|
heap
|
page read and write
|
||
|
270000
|
trusted library allocation
|
page read and write
|
||
|
3B8C000
|
heap
|
page read and write
|
||
|
3804000
|
heap
|
page read and write
|
||
|
17C000
|
heap
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
508E000
|
stack
|
page read and write
|
||
|
4CCD000
|
heap
|
page read and write
|
||
|
114000
|
heap
|
page read and write
|
||
|
4CAE000
|
stack
|
page read and write
|
||
|
EE000
|
heap
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
3819000
|
heap
|
page read and write
|
||
|
538E000
|
stack
|
page read and write
|
||
|
3B83000
|
heap
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
4670000
|
heap
|
page read and write
|
||
|
37CD000
|
heap
|
page read and write
|
||
|
3BE5000
|
heap
|
page read and write
|
||
|
23D4000
|
direct allocation
|
page execute and read and write
|
||
|
3B31000
|
heap
|
page read and write
|
||
|
3BF7000
|
heap
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
12F2000
|
unkown
|
page execute read
|
||
|
389E000
|
heap
|
page read and write
|
||
|
3EE7000
|
heap
|
page read and write
|
||
|
261E000
|
stack
|
page read and write
|
||
|
3EE7000
|
heap
|
page read and write
|
||
|
3E39000
|
heap
|
page read and write
|
||
|
276F000
|
trusted library allocation
|
page read and write
|
||
|
2557000
|
direct allocation
|
page execute and read and write
|
||
|
1D80000
|
heap
|
page read and write
|
||
|
3C90000
|
heap
|
page read and write
|
||
|
1AD000
|
heap
|
page read and write
|
||
|
380E000
|
heap
|
page read and write
|
||
|
3ED9000
|
heap
|
page read and write
|
||
|
3E49000
|
heap
|
page read and write
|
||
|
3BA2000
|
heap
|
page read and write
|
||
|
28B9000
|
trusted library allocation
|
page read and write
|
||
|
3B8D000
|
heap
|
page read and write
|
||
|
3AFD000
|
heap
|
page read and write
|
||
|
3F4000
|
heap
|
page read and write
|
||
|
3720000
|
heap
|
page read and write
|
||
|
3B0F000
|
heap
|
page read and write
|
||
|
2772000
|
trusted library allocation
|
page read and write
|
||
|
111000
|
heap
|
page read and write
|
There are 468 hidden memdumps, click here to show them.