Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
W1FREE.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\system.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\system.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Log.tmp
|
Generic INItialization configuration [WIN]
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\system.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Sat Oct 12 09:29:06
2024, mtime=Sat Oct 12 09:29:06 2024, atime=Sat Oct 12 09:29:06 2024, length=68608, window=hide
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\W1FREE.exe
|
"C:\Users\user\Desktop\W1FREE.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /create /f /RL HIGHEST /sc minute /mo 1 /tn "system" /tr "C:\Users\user\AppData\Roaming\system.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\system.exe
|
C:\Users\user\AppData\Roaming\system.exe
|
|
|
|
C:\Users\user\AppData\Roaming\system.exe
|
"C:\Users\user\AppData\Roaming\system.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\system.exe
|
"C:\Users\user\AppData\Roaming\system.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\system.exe
|
C:\Users\user\AppData\Roaming\system.exe
|
|
|
|
C:\Users\user\AppData\Roaming\system.exe
|
|
||
|
C:\Users\user\AppData\Roaming\system.exe
|
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
choose-throw.gl.at.ply.gg
|
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://ip-api.com/line/?fields=hosting
|
208.95.112.1
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ip-api.com
|
208.95.112.1
|
|
|
|
choose-throw.gl.at.ply.gg
|
147.185.221.23
|
|
|
|
206.23.85.13.in-addr.arpa
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
208.95.112.1
|
ip-api.com
|
United States
|
|
|
|
147.185.221.23
|
choose-throw.gl.at.ply.gg
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\W1FREE_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\W1FREE_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\W1FREE_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\W1FREE_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\W1FREE_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\W1FREE_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\W1FREE_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\W1FREE_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\W1FREE_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\W1FREE_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\W1FREE_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\W1FREE_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\W1FREE_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\W1FREE_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
system
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2821000
|
trusted library allocation
|
page read and write
|
|
|
|
582000
|
unkown
|
page readonly
|
|
|
|
7FFD9B6D0000
|
trusted library allocation
|
page read and write
|
||
|
DCE000
|
stack
|
page read and write
|
||
|
E15000
|
heap
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
988000
|
heap
|
page read and write
|
||
|
12DC000
|
heap
|
page read and write
|
||
|
129B000
|
heap
|
page read and write
|
||
|
1B180000
|
heap
|
page execute and read and write
|
||
|
A33000
|
heap
|
page read and write
|
||
|
125B8000
|
trusted library allocation
|
page read and write
|
||
|
72B000
|
heap
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
A43000
|
heap
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
14B0000
|
heap
|
page read and write
|
||
|
1282E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6F0000
|
trusted library allocation
|
page read and write
|
||
|
25C1000
|
trusted library allocation
|
page read and write
|
||
|
1540000
|
heap
|
page read and write
|
||
|
287D000
|
trusted library allocation
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
9E8000
|
heap
|
page read and write
|
||
|
580000
|
unkown
|
page readonly
|
||
|
1BC4E000
|
stack
|
page read and write
|
||
|
25BC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7C6000
|
trusted library allocation
|
page execute and read and write
|
||
|
D8E000
|
stack
|
page read and write
|
||
|
7FFD9B6B4000
|
trusted library allocation
|
page read and write
|
||
|
1BD1F000
|
stack
|
page read and write
|
||
|
1C300000
|
heap
|
page read and write
|
||
|
1BDAD8D0000
|
heap
|
page read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
1331000
|
stack
|
page read and write
|
||
|
2730000
|
heap
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
131A1000
|
trusted library allocation
|
page read and write
|
||
|
1398000
|
heap
|
page read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
7FFD9B6D4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B852000
|
trusted library allocation
|
page read and write
|
||
|
BA0000
|
trusted library allocation
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
7FFD9B6C4000
|
trusted library allocation
|
page read and write
|
||
|
262E000
|
stack
|
page read and write
|
||
|
1131000
|
stack
|
page read and write
|
||
|
25AE000
|
stack
|
page read and write
|
||
|
26A1000
|
trusted library allocation
|
page read and write
|
||
|
1B727000
|
heap
|
page read and write
|
||
|
7FFD9B7B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
31AF000
|
trusted library allocation
|
page read and write
|
||
|
2971000
|
trusted library allocation
|
page read and write
|
||
|
25B1000
|
trusted library allocation
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
9AF000
|
heap
|
page read and write
|
||
|
1230000
|
heap
|
page execute and read and write
|
||
|
1BFD5000
|
stack
|
page read and write
|
||
|
9BA000
|
heap
|
page read and write
|
||
|
B7F000
|
stack
|
page read and write
|
||
|
1BDAD5E0000
|
heap
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
DD0000
|
unkown
|
page readonly
|
||
|
1490000
|
heap
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
CBD000
|
stack
|
page read and write
|
||
|
96D000
|
heap
|
page read and write
|
||
|
7FFD9B6CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1576000
|
heap
|
page read and write
|
||
|
2680000
|
heap
|
page read and write
|
||
|
594000
|
unkown
|
page readonly
|
||
|
1518000
|
heap
|
page read and write
|
||
|
302C000
|
trusted library allocation
|
page read and write
|
||
|
1B27E000
|
stack
|
page read and write
|
||
|
7FFD9B6E3000
|
trusted library allocation
|
page read and write
|
||
|
15E2000
|
heap
|
page read and write
|
||
|
6D9000
|
heap
|
page read and write
|
||
|
1C6AE000
|
stack
|
page read and write
|
||
|
1304000
|
heap
|
page read and write
|
||
|
93F000
|
stack
|
page read and write
|
||
|
2710000
|
heap
|
page execute and read and write
|
||
|
31B1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1ABAB000
|
heap
|
page read and write
|
||
|
7FFD9B6E0000
|
trusted library allocation
|
page read and write
|
||
|
1B1F0000
|
heap
|
page execute and read and write
|
||
|
1B10E000
|
stack
|
page read and write
|
||
|
1B28E000
|
stack
|
page read and write
|
||
|
99B000
|
heap
|
page read and write
|
||
|
1BDAD628000
|
heap
|
page read and write
|
||
|
7FFD9B872000
|
trusted library allocation
|
page read and write
|
||
|
1C0DA000
|
stack
|
page read and write
|
||
|
7FFD9B7D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
314E000
|
stack
|
page read and write
|
||
|
2680000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B17E000
|
stack
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page read and write
|
||
|
1BAAC000
|
stack
|
page read and write
|
||
|
1535000
|
heap
|
page read and write
|
||
|
1BE1E000
|
stack
|
page read and write
|
||
|
A3C000
|
heap
|
page read and write
|
||
|
946000
|
heap
|
page read and write
|
||
|
1B76E000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
940000
|
trusted library allocation
|
page read and write
|
||
|
1B670000
|
heap
|
page read and write
|
||
|
1341000
|
heap
|
page read and write
|
||
|
1312000
|
heap
|
page read and write
|
||
|
7FFD9B862000
|
trusted library allocation
|
page read and write
|
||
|
1C310000
|
heap
|
page read and write
|
||
|
94C000
|
heap
|
page read and write
|
||
|
1735000
|
heap
|
page read and write
|
||
|
12968000
|
trusted library allocation
|
page read and write
|
||
|
98FD929000
|
stack
|
page read and write
|
||
|
9C0000
|
trusted library allocation
|
page read and write
|
||
|
12963000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6E4000
|
trusted library allocation
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
7FFD9B760000
|
trusted library allocation
|
page read and write
|
||
|
26B0000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
7FFD9B6D4000
|
trusted library allocation
|
page read and write
|
||
|
9A0000
|
trusted library allocation
|
page read and write
|
||
|
A1B000
|
heap
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
2691000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B36E000
|
stack
|
page read and write
|
||
|
7FFD9B70C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BBAF000
|
stack
|
page read and write
|
||
|
A28000
|
heap
|
page read and write
|
||
|
1745000
|
heap
|
page read and write
|
||
|
296C000
|
trusted library allocation
|
page read and write
|
||
|
12961000
|
trusted library allocation
|
page read and write
|
||
|
A66000
|
heap
|
page read and write
|
||
|
7FFD9B786000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B6C0000
|
trusted library allocation
|
page read and write
|
||
|
B75000
|
heap
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AF7E000
|
stack
|
page read and write
|
||
|
7FFD9B6D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C8B0000
|
heap
|
page read and write
|
||
|
2FDE000
|
stack
|
page read and write
|
||
|
3190000
|
heap
|
page execute and read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
6A1000
|
heap
|
page read and write
|
||
|
6AB000
|
heap
|
page read and write
|
||
|
1B05F000
|
stack
|
page read and write
|
||
|
131A8000
|
trusted library allocation
|
page read and write
|
||
|
1B9AE000
|
stack
|
page read and write
|
||
|
10F1000
|
stack
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
15BF000
|
stack
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
12FD1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
7FFD9B6ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B71C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BBAE000
|
stack
|
page read and write
|
||
|
A25000
|
heap
|
page read and write
|
||
|
13023000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B796000
|
trusted library allocation
|
page execute and read and write
|
||
|
2670000
|
trusted library allocation
|
page read and write
|
||
|
1B5AD000
|
stack
|
page read and write
|
||
|
31AC000
|
trusted library allocation
|
page read and write
|
||
|
1B46E000
|
stack
|
page read and write
|
||
|
2360000
|
heap
|
page execute and read and write
|
||
|
696000
|
heap
|
page read and write
|
||
|
1578000
|
heap
|
page read and write
|
||
|
12828000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B760000
|
trusted library allocation
|
page execute and read and write
|
||
|
C85000
|
heap
|
page read and write
|
||
|
1B9C0000
|
heap
|
page read and write
|
||
|
7FFD9B7F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1280000
|
heap
|
page read and write
|
||
|
9D0000
|
trusted library allocation
|
page read and write
|
||
|
1C7AA000
|
stack
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
72D000
|
heap
|
page read and write
|
||
|
23E0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B842000
|
trusted library allocation
|
page read and write
|
||
|
B3F000
|
stack
|
page read and write
|
||
|
12AB000
|
heap
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
A68000
|
heap
|
page read and write
|
||
|
7FFD9B7B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
24A0000
|
heap
|
page read and write
|
||
|
1BDEE000
|
stack
|
page read and write
|
||
|
CCE000
|
stack
|
page read and write
|
||
|
1B070000
|
heap
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
9A5000
|
heap
|
page read and write
|
||
|
7FFD9B872000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B72C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2950000
|
heap
|
page execute and read and write
|
||
|
7FFD9B6D0000
|
trusted library allocation
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
7FFD9B6F4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6B4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B800000
|
trusted library allocation
|
page execute and read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
987000
|
heap
|
page read and write
|
||
|
7FFD9B6F0000
|
trusted library allocation
|
page read and write
|
||
|
2FE1000
|
trusted library allocation
|
page read and write
|
||
|
1450000
|
heap
|
page read and write
|
||
|
8F1000
|
stack
|
page read and write
|
||
|
133C000
|
heap
|
page read and write
|
||
|
7FFD9B6DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
BB5000
|
heap
|
page read and write
|
||
|
131A3000
|
trusted library allocation
|
page read and write
|
||
|
BC5000
|
heap
|
page read and write
|
||
|
7FFD9B6AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B6E0000
|
trusted library allocation
|
page read and write
|
||
|
1BDAD5F0000
|
heap
|
page read and write
|
||
|
7FFD9B6FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1348000
|
heap
|
page read and write
|
||
|
1655000
|
heap
|
page read and write
|
||
|
159E000
|
stack
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
147E000
|
stack
|
page read and write
|
||
|
1B11E000
|
stack
|
page read and write
|
||
|
1B73D000
|
stack
|
page read and write
|
||
|
A08000
|
heap
|
page read and write
|
||
|
1BCE0000
|
heap
|
page execute and read and write
|
||
|
7FF463730000
|
trusted library allocation
|
page execute and read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
7FFD9B6A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B6E0000
|
trusted library allocation
|
page read and write
|
||
|
1BB40000
|
heap
|
page read and write
|
||
|
BFF000
|
stack
|
page read and write
|
||
|
7FFD9B6D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B6FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B6F4000
|
trusted library allocation
|
page read and write
|
||
|
9F0000
|
trusted library allocation
|
page read and write
|
||
|
269C000
|
trusted library allocation
|
page read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
31A1000
|
trusted library allocation
|
page read and write
|
||
|
18A0000
|
heap
|
page read and write
|
||
|
7FFD9B6DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
1880000
|
heap
|
page read and write
|
||
|
DF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B870000
|
trusted library allocation
|
page read and write
|
||
|
1BAAF000
|
stack
|
page read and write
|
||
|
3010000
|
heap
|
page execute and read and write
|
||
|
9B3000
|
heap
|
page read and write
|
||
|
7FFD9B6ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3021000
|
trusted library allocation
|
page read and write
|
||
|
18A5000
|
heap
|
page read and write
|
||
|
1BDAD8D5000
|
heap
|
page read and write
|
||
|
EBE000
|
stack
|
page read and write
|
||
|
1BACE000
|
stack
|
page read and write
|
||
|
1495000
|
heap
|
page read and write
|
||
|
7FFD9B6DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
A3A000
|
heap
|
page read and write
|
||
|
98FD9AF000
|
unkown
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B6A4000
|
trusted library allocation
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
1510000
|
heap
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
2F50000
|
heap
|
page execute and read and write
|
||
|
1B9AE000
|
stack
|
page read and write
|
||
|
13028000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B890000
|
trusted library allocation
|
page execute and read and write
|
||
|
9E6000
|
heap
|
page read and write
|
||
|
1650000
|
heap
|
page read and write
|
||
|
7FFD9B6E4000
|
trusted library allocation
|
page read and write
|
||
|
920000
|
trusted library allocation
|
page read and write
|
||
|
1290000
|
heap
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
8F1000
|
stack
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
735000
|
heap
|
page read and write
|
||
|
7FFD9B872000
|
trusted library allocation
|
page read and write
|
||
|
A2D000
|
heap
|
page read and write
|
||
|
14E0000
|
trusted library allocation
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
9B8000
|
heap
|
page read and write
|
||
|
15DF000
|
heap
|
page read and write
|
||
|
1B685000
|
heap
|
page read and write
|
||
|
3E1000
|
stack
|
page read and write
|
||
|
7FFD9B6B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1740000
|
heap
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
1ADAD000
|
stack
|
page read and write
|
||
|
25BF000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B73C000
|
trusted library allocation
|
page execute and read and write
|
||
|
170F000
|
stack
|
page read and write
|
||
|
133E000
|
heap
|
page read and write
|
||
|
2750000
|
heap
|
page read and write
|
||
|
1C1E8000
|
stack
|
page read and write
|
||
|
6D7000
|
heap
|
page read and write
|
||
|
2FD1000
|
trusted library allocation
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
1400000
|
trusted library allocation
|
page read and write
|
||
|
1BC1E000
|
stack
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B6E4000
|
trusted library allocation
|
page read and write
|
||
|
154D000
|
heap
|
page read and write
|
||
|
AC6000
|
heap
|
page read and write
|
||
|
15B5000
|
heap
|
page read and write
|
||
|
1288000
|
heap
|
page read and write
|
||
|
2FDF000
|
trusted library allocation
|
page read and write
|
||
|
12FD8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B882000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B850000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6E1000
|
trusted library allocation
|
page read and write
|
||
|
12D6000
|
heap
|
page read and write
|
||
|
1640000
|
heap
|
page read and write
|
||
|
1B674000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
678000
|
heap
|
page read and write
|
||
|
2EFF000
|
stack
|
page read and write
|
||
|
1490000
|
heap
|
page read and write
|
||
|
7FFD9B6FB000
|
trusted library allocation
|
page execute and read and write
|
||
|
12831000
|
trusted library allocation
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
125B3000
|
trusted library allocation
|
page read and write
|
||
|
2961000
|
trusted library allocation
|
page read and write
|
||
|
11E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BDAD620000
|
heap
|
page read and write
|
||
|
1B37F000
|
stack
|
page read and write
|
||
|
9BC000
|
heap
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page read and write
|
||
|
2683000
|
trusted library allocation
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
7FFD9B750000
|
trusted library allocation
|
page read and write
|
||
|
184E000
|
stack
|
page read and write
|
||
|
7FFD9B786000
|
trusted library allocation
|
page read and write
|
||
|
1B66C000
|
stack
|
page read and write
|
||
|
1B1EB000
|
stack
|
page read and write
|
||
|
1BEEE000
|
stack
|
page read and write
|
||
|
12FC000
|
heap
|
page read and write
|
||
|
7FFD9B6F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
7FFD9B860000
|
trusted library allocation
|
page read and write
|
||
|
125B1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6FC000
|
trusted library allocation
|
page execute and read and write
|
||
|
561000
|
stack
|
page read and write
|
||
|
7FFD9B6CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
2983000
|
trusted library allocation
|
page read and write
|
||
|
1B56E000
|
stack
|
page read and write
|
||
|
1B260000
|
heap
|
page read and write
|
||
|
1C56E000
|
stack
|
page read and write
|
||
|
1AB3D000
|
stack
|
page read and write
|
||
|
12B3000
|
heap
|
page read and write
|
||
|
1B38E000
|
stack
|
page read and write
|
||
|
7FFD9B6D4000
|
trusted library allocation
|
page read and write
|
||
|
296F000
|
trusted library allocation
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
1B56D000
|
stack
|
page read and write
|
||
|
7FFD9B700000
|
trusted library allocation
|
page read and write
|
||
|
DBC000
|
stack
|
page read and write
|
||
|
1B30E000
|
stack
|
page read and write
|
||
|
7FFD9B6D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
16BF000
|
stack
|
page read and write
|
||
|
A03000
|
heap
|
page read and write
|
||
|
7FFD9B72C000
|
trusted library allocation
|
page execute and read and write
|
||
|
12821000
|
trusted library allocation
|
page read and write
|
||
|
13E0000
|
trusted library allocation
|
page read and write
|
||
|
699000
|
heap
|
page read and write
|
||
|
1A850000
|
trusted library allocation
|
page read and write
|
||
|
1500000
|
trusted library allocation
|
page read and write
|
||
|
1AC1D000
|
stack
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
12E8000
|
heap
|
page read and write
|
||
|
12BE000
|
heap
|
page read and write
|
||
|
B95000
|
heap
|
page read and write
|
||
|
12FD3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6C4000
|
trusted library allocation
|
page read and write
|
||
|
154B000
|
heap
|
page read and write
|
||
|
1B6BD000
|
heap
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BB10000
|
heap
|
page execute and read and write
|
||
|
12698000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FDC000
|
trusted library allocation
|
page read and write
|
||
|
1B000000
|
heap
|
page read and write
|
||
|
6AD000
|
heap
|
page read and write
|
||
|
7FFD9B72C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B6B0000
|
trusted library allocation
|
page read and write
|
||
|
285D000
|
stack
|
page read and write
|
||
|
A35000
|
heap
|
page read and write
|
||
|
1BDAD7F0000
|
heap
|
page read and write
|
||
|
12BC000
|
heap
|
page read and write
|
||
|
12693000
|
trusted library allocation
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page execute and read and write
|
||
|
12C1000
|
heap
|
page read and write
|
||
|
13021000
|
trusted library allocation
|
page read and write
|
||
|
C70000
|
heap
|
page execute and read and write
|
||
|
1B20E000
|
stack
|
page read and write
|
||
|
7FFD9B6C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B263000
|
heap
|
page read and write
|
||
|
7FFD9B6D0000
|
trusted library allocation
|
page read and write
|
||
|
1538000
|
heap
|
page read and write
|
||
|
1730000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
98FDC7E000
|
stack
|
page read and write
|
||
|
1B6D4000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
C00000
|
heap
|
page execute and read and write
|
||
|
7FFD9B6ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
281E000
|
stack
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
ABE000
|
heap
|
page read and write
|
||
|
7FFD9B78C000
|
trusted library allocation
|
page execute and read and write
|
||
|
12691000
|
trusted library allocation
|
page read and write
|
||
|
14B5000
|
heap
|
page read and write
|
||
|
269F000
|
trusted library allocation
|
page read and write
|
There are 419 hidden memdumps, click here to show them.