Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Mtcn_1637256355_pdf.jar
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
initial sample
|
 |
|
|
C:\ProgramData\Oracle\Java\.oracle_jre_usage\b5820291038aa69c.timestamp
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\hsperfdata_user\6484
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2246122658-3693405117-2476756634-1003\83aa4cc77f591dfc2374580bbd95f6ba_9e146be9-c76a-4720-bcdb-53011b87bd06
|
data
|
dropped
|
||
|
C:\cmdlinestart.log
|
ASCII text, with CRLF line terminators
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files (x86)\Java\jre-1.8\bin\java.exe
|
"C:\Program Files (x86)\Java\jre-1.8\bin\java.exe" -javaagent:"C:\Users\user\AppData\Local\Temp\jartracer.jar" -jar "C:\Users\user\Desktop\Mtcn_1637256355_pdf.jar"
|
|
|
|
C:\Windows\SysWOW64\tasklist.exe
|
tasklist.exe
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Program Files (x86)\Java\jre-1.8\bin\java.exe" -javaagent:"C:\Users\user\AppData\Local\Temp\jartracer.jar"
-jar "C:\Users\user\Desktop\Mtcn_1637256355_pdf.jar"" >> C:\cmdlinestart.log 2>&1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\icacls.exe
|
C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://soakawaypit.s3.eu-west-1.amazonaws.com/server.jar
|
unknown
|
||
|
http://crl.xrampsecurity.com/XGCA.crl
|
unknown
|
||
|
http://crl.chambersign.org/chambersroot.crl0
|
unknown
|
||
|
https://soakawaypit.s3.eu-west-1.amazonaws.com/res.jar
|
unknown
|
||
|
https://repository.luxtrust.lu0
|
unknown
|
||
|
http://bugreport.sun.com/bugreport/
|
unknown
|
||
|
http://cps.chambersign.org/cps/chambersroot.html0
|
unknown
|
||
|
https://soakawaypit.s3.eu-west-1.amazonaws.com/server1.jar
|
unknown
|
||
|
https://soakawaypit.s3.eu-west-1.amazonaws.com/ext.jar
|
unknown
|
||
|
http://java.oracle.com/
|
unknown
|
||
|
http://null.oracle.com/
|
unknown
|
||
|
http://www.chambersign.org1
|
unknown
|
||
|
https://soakawaypit.s3.eu-west-1.amazonaws.com/startup.jar
|
unknown
|
||
|
http://repository.swisssign.com/0
|
unknown
|
||
|
https://branchlock.net
|
unknown
|
||
|
http://policy.camerfirma.com
|
unknown
|
||
|
http://repository.swisssign.com/3
|
unknown
|
||
|
https://ocsp.quovadisoffshore.com
|
unknown
|
||
|
http://crl.securetrust.com/STCA.crl0
|
unknown
|
||
|
http://www.quovadisglobal.com/cps
|
unknown
|
||
|
http://cps.chambersign.org/cps/chambersroot.html
|
unknown
|
||
|
https://branchlock.netU
|
unknown
|
||
|
http://crl.securetrust.com/STCA.crl
|
unknown
|
||
|
https://repository.luxtrust.lu
|
unknown
|
||
|
http://www.quovadisglobal.com/cps0
|
unknown
|
||
|
http://crl.xrampsecurity.com/XGCA.crl0
|
unknown
|
||
|
https://soakawaypit.s3.eu-west-1.amazonaws.com/neft.pdf
|
unknown
|
||
|
http://www.quovadis.bm
|
unknown
|
||
|
http://www.quovadis.bm0
|
unknown
|
||
|
https://ocsp.quovadisoffshore.com0
|
unknown
|
||
|
http://crl.chambersign.org/chambersroot.crl
|
unknown
|
||
|
http://repository.swisssign.com/
|
unknown
|
||
|
http://www.chambersign.org
|
unknown
|
||
|
https://soakawaypit.s3.eu-west-1.amazonaws.com/def.jar
|
unknown
|
||
|
http://policy.camerfirma.com0
|
unknown
|
||
|
https://soakawaypit.s3.eu-west-1.amazonaws.com/email.js
|
unknown
|
There are 26 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
s3-r-w.eu-west-1.amazonaws.com
|
52.218.60.168
|
||
|
soakawaypit.s3.eu-west-1.amazonaws.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
52.218.60.168
|
s3-r-w.eu-west-1.amazonaws.com
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1078000
|
heap
|
page read and write
|
|
|
|
15250000
|
heap
|
page read and write
|
|
|
|
A402000
|
trusted library allocation
|
page read and write
|
||
|
15A9A000
|
heap
|
page read and write
|
||
|
4EB6000
|
trusted library allocation
|
page read and write
|
||
|
2AC7000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FD9000
|
trusted library allocation
|
page read and write
|
||
|
4C58000
|
trusted library allocation
|
page read and write
|
||
|
A514000
|
trusted library allocation
|
page read and write
|
||
|
4E0D000
|
trusted library allocation
|
page read and write
|
||
|
4FA8000
|
trusted library allocation
|
page read and write
|
||
|
503C000
|
trusted library allocation
|
page read and write
|
||
|
FFE000
|
stack
|
page read and write
|
||
|
4F55000
|
trusted library allocation
|
page read and write
|
||
|
4C28000
|
trusted library allocation
|
page read and write
|
||
|
4DFC000
|
trusted library allocation
|
page read and write
|
||
|
DCE000
|
stack
|
page read and write
|
||
|
4E51000
|
trusted library allocation
|
page read and write
|
||
|
4FFA000
|
trusted library allocation
|
page read and write
|
||
|
4A20000
|
trusted library allocation
|
page read and write
|
||
|
289D000
|
stack
|
page read and write
|
||
|
4E70000
|
trusted library allocation
|
page read and write
|
||
|
4F85000
|
trusted library allocation
|
page read and write
|
||
|
4D59000
|
trusted library allocation
|
page read and write
|
||
|
4F24000
|
trusted library allocation
|
page read and write
|
||
|
4EFE000
|
trusted library allocation
|
page read and write
|
||
|
4D02000
|
trusted library allocation
|
page read and write
|
||
|
4D0D000
|
trusted library allocation
|
page read and write
|
||
|
4C19000
|
trusted library allocation
|
page read and write
|
||
|
4CBD000
|
trusted library allocation
|
page read and write
|
||
|
4CED000
|
trusted library allocation
|
page read and write
|
||
|
4D1D000
|
trusted library allocation
|
page read and write
|
||
|
4F79000
|
trusted library allocation
|
page read and write
|
||
|
5034000
|
trusted library allocation
|
page read and write
|
||
|
4CB1000
|
trusted library allocation
|
page read and write
|
||
|
4D10000
|
trusted library allocation
|
page read and write
|
||
|
98E000
|
stack
|
page read and write
|
||
|
4D0A000
|
trusted library allocation
|
page read and write
|
||
|
4C36000
|
trusted library allocation
|
page read and write
|
||
|
5042000
|
trusted library allocation
|
page read and write
|
||
|
4F44000
|
trusted library allocation
|
page read and write
|
||
|
4DB6000
|
trusted library allocation
|
page read and write
|
||
|
2A00000
|
heap
|
page read and write
|
||
|
161E0000
|
trusted library allocation
|
page read and write
|
||
|
4CDB000
|
trusted library allocation
|
page read and write
|
||
|
4C1B000
|
trusted library allocation
|
page read and write
|
||
|
2A20000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C05000
|
trusted library allocation
|
page read and write
|
||
|
1577D000
|
unkown
|
page read and write
|
||
|
1240000
|
unkown
|
page read and write
|
||
|
4DDA000
|
trusted library allocation
|
page read and write
|
||
|
4FCD000
|
trusted library allocation
|
page read and write
|
||
|
5030000
|
trusted library allocation
|
page read and write
|
||
|
A490000
|
trusted library allocation
|
page read and write
|
||
|
4D94000
|
trusted library allocation
|
page read and write
|
||
|
4C3F000
|
trusted library allocation
|
page read and write
|
||
|
1506F000
|
heap
|
page read and write
|
||
|
1580E000
|
unkown
|
page read and write
|
||
|
A1F8000
|
trusted library allocation
|
page read and write
|
||
|
5037000
|
trusted library allocation
|
page read and write
|
||
|
4E14000
|
trusted library allocation
|
page read and write
|
||
|
4EAA000
|
trusted library allocation
|
page read and write
|
||
|
4EB4000
|
trusted library allocation
|
page read and write
|
||
|
4C70000
|
trusted library allocation
|
page read and write
|
||
|
150AE000
|
stack
|
page read and write
|
||
|
4DD7000
|
trusted library allocation
|
page read and write
|
||
|
2F99000
|
heap
|
page read and write
|
||
|
151CE000
|
unkown
|
page read and write
|
||
|
504A000
|
trusted library allocation
|
page read and write
|
||
|
4C50000
|
trusted library allocation
|
page read and write
|
||
|
4E12000
|
trusted library allocation
|
page read and write
|
||
|
4D3B000
|
trusted library allocation
|
page read and write
|
||
|
4E43000
|
trusted library allocation
|
page read and write
|
||
|
4F87000
|
trusted library allocation
|
page read and write
|
||
|
29C0000
|
heap
|
page read and write
|
||
|
4C45000
|
trusted library allocation
|
page read and write
|
||
|
4E2F000
|
trusted library allocation
|
page read and write
|
||
|
4D4B000
|
trusted library allocation
|
page read and write
|
||
|
4DBC000
|
trusted library allocation
|
page read and write
|
||
|
501E000
|
trusted library allocation
|
page read and write
|
||
|
4E33000
|
trusted library allocation
|
page read and write
|
||
|
A1E3000
|
trusted library allocation
|
page read and write
|
||
|
4F2B000
|
trusted library allocation
|
page read and write
|
||
|
4F36000
|
trusted library allocation
|
page read and write
|
||
|
4C2D000
|
trusted library allocation
|
page read and write
|
||
|
4E55000
|
trusted library allocation
|
page read and write
|
||
|
4EB8000
|
trusted library allocation
|
page read and write
|
||
|
4DA9000
|
trusted library allocation
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
4FCA000
|
trusted library allocation
|
page read and write
|
||
|
117E000
|
stack
|
page read and write
|
||
|
D0E000
|
stack
|
page read and write
|
||
|
4ED9000
|
trusted library allocation
|
page read and write
|
||
|
4E4C000
|
trusted library allocation
|
page read and write
|
||
|
4FA1000
|
trusted library allocation
|
page read and write
|
||
|
4FD0000
|
trusted library allocation
|
page read and write
|
||
|
4EBC000
|
trusted library allocation
|
page read and write
|
||
|
4C0F000
|
trusted library allocation
|
page read and write
|
||
|
4F1C000
|
trusted library allocation
|
page read and write
|
||
|
4CD4000
|
trusted library allocation
|
page read and write
|
||
|
4C38000
|
trusted library allocation
|
page read and write
|
||
|
4D92000
|
trusted library allocation
|
page read and write
|
||
|
4C3D000
|
trusted library allocation
|
page read and write
|
||
|
4F6B000
|
trusted library allocation
|
page read and write
|
||
|
4FE2000
|
trusted library allocation
|
page read and write
|
||
|
2F60000
|
heap
|
page read and write
|
||
|
89C000
|
stack
|
page read and write
|
||
|
2F10000
|
heap
|
page read and write
|
||
|
4F8D000
|
trusted library allocation
|
page read and write
|
||
|
503F000
|
trusted library allocation
|
page read and write
|
||
|
4C0B000
|
trusted library allocation
|
page read and write
|
||
|
2F99000
|
heap
|
page read and write
|
||
|
2F81000
|
heap
|
page read and write
|
||
|
4D7B000
|
trusted library allocation
|
page read and write
|
||
|
4FC4000
|
trusted library allocation
|
page read and write
|
||
|
4E31000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
4E77000
|
trusted library allocation
|
page read and write
|
||
|
4D52000
|
trusted library allocation
|
page read and write
|
||
|
F6E000
|
stack
|
page read and write
|
||
|
5045000
|
trusted library allocation
|
page read and write
|
||
|
4F62000
|
trusted library allocation
|
page read and write
|
||
|
4CCC000
|
trusted library allocation
|
page read and write
|
||
|
2F81000
|
heap
|
page read and write
|
||
|
514D000
|
trusted library allocation
|
page read and write
|
||
|
4F20000
|
trusted library allocation
|
page read and write
|
||
|
4E6D000
|
trusted library allocation
|
page read and write
|
||
|
4DE0000
|
trusted library allocation
|
page read and write
|
||
|
2F8A000
|
heap
|
page read and write
|
||
|
9CF000
|
stack
|
page read and write
|
||
|
4D1B000
|
trusted library allocation
|
page read and write
|
||
|
4D61000
|
trusted library allocation
|
page read and write
|
||
|
4C9E000
|
trusted library allocation
|
page read and write
|
||
|
2A5A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F4A000
|
trusted library allocation
|
page read and write
|
||
|
2F5F000
|
stack
|
page read and write
|
||
|
4EF2000
|
trusted library allocation
|
page read and write
|
||
|
4D32000
|
trusted library allocation
|
page read and write
|
||
|
4EC9000
|
trusted library allocation
|
page read and write
|
||
|
4D8F000
|
trusted library allocation
|
page read and write
|
||
|
4E94000
|
trusted library allocation
|
page read and write
|
||
|
2F7D000
|
heap
|
page read and write
|
||
|
4DCC000
|
trusted library allocation
|
page read and write
|
||
|
4FBC000
|
trusted library allocation
|
page read and write
|
||
|
2F9E000
|
heap
|
page read and write
|
||
|
150ED000
|
stack
|
page read and write
|
||
|
4E03000
|
trusted library allocation
|
page read and write
|
||
|
4E72000
|
trusted library allocation
|
page read and write
|
||
|
4FA4000
|
trusted library allocation
|
page read and write
|
||
|
4E08000
|
trusted library allocation
|
page read and write
|
||
|
152F3000
|
heap
|
page read and write
|
||
|
4EB0000
|
trusted library allocation
|
page read and write
|
||
|
4C3B000
|
trusted library allocation
|
page read and write
|
||
|
5125000
|
trusted library allocation
|
page read and write
|
||
|
4F83000
|
trusted library allocation
|
page read and write
|
||
|
1517D000
|
stack
|
page read and write
|
||
|
4C52000
|
trusted library allocation
|
page read and write
|
||
|
4B30000
|
trusted library allocation
|
page read and write
|
||
|
4E88000
|
trusted library allocation
|
page read and write
|
||
|
4CF7000
|
trusted library allocation
|
page read and write
|
||
|
4E4E000
|
trusted library allocation
|
page read and write
|
||
|
162E0000
|
heap
|
page read and write
|
||
|
A4CC000
|
trusted library allocation
|
page read and write
|
||
|
4EAC000
|
trusted library allocation
|
page read and write
|
||
|
4D9D000
|
trusted library allocation
|
page read and write
|
||
|
15AFC000
|
heap
|
page read and write
|
||
|
5010000
|
trusted library allocation
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
4F6E000
|
trusted library allocation
|
page read and write
|
||
|
4D27000
|
trusted library allocation
|
page read and write
|
||
|
4F1E000
|
trusted library allocation
|
page read and write
|
||
|
5048000
|
trusted library allocation
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
4DF3000
|
trusted library allocation
|
page read and write
|
||
|
4CEA000
|
trusted library allocation
|
page read and write
|
||
|
4D17000
|
trusted library allocation
|
page read and write
|
||
|
4D66000
|
trusted library allocation
|
page read and write
|
||
|
4EDB000
|
trusted library allocation
|
page read and write
|
||
|
4D6A000
|
trusted library allocation
|
page read and write
|
||
|
2A62000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E41000
|
trusted library allocation
|
page read and write
|
||
|
4E18000
|
trusted library allocation
|
page read and write
|
||
|
4D77000
|
trusted library allocation
|
page read and write
|
||
|
5013000
|
trusted library allocation
|
page read and write
|
||
|
2FAB000
|
heap
|
page read and write
|
||
|
A20D000
|
trusted library allocation
|
page read and write
|
||
|
4EEE000
|
trusted library allocation
|
page read and write
|
||
|
BDC000
|
stack
|
page read and write
|
||
|
4E23000
|
trusted library allocation
|
page read and write
|
||
|
4F52000
|
trusted library allocation
|
page read and write
|
||
|
A3FE000
|
trusted library allocation
|
page read and write
|
||
|
4CB6000
|
trusted library allocation
|
page read and write
|
||
|
4D37000
|
trusted library allocation
|
page read and write
|
||
|
4E9C000
|
trusted library allocation
|
page read and write
|
||
|
4FE7000
|
trusted library allocation
|
page read and write
|
||
|
2F8B000
|
heap
|
page read and write
|
||
|
4F0F000
|
trusted library allocation
|
page read and write
|
||
|
5003000
|
trusted library allocation
|
page read and write
|
||
|
4E79000
|
trusted library allocation
|
page read and write
|
||
|
157BD000
|
stack
|
page read and write
|
||
|
4FA6000
|
trusted library allocation
|
page read and write
|
||
|
4C8F000
|
trusted library allocation
|
page read and write
|
||
|
4C8D000
|
trusted library allocation
|
page read and write
|
||
|
2F99000
|
heap
|
page read and write
|
||
|
4C84000
|
trusted library allocation
|
page read and write
|
||
|
4CFB000
|
trusted library allocation
|
page read and write
|
||
|
4EE1000
|
trusted library allocation
|
page read and write
|
||
|
4C4B000
|
trusted library allocation
|
page read and write
|
||
|
4D63000
|
trusted library allocation
|
page read and write
|
||
|
4D5D000
|
trusted library allocation
|
page read and write
|
||
|
2F28000
|
heap
|
page read and write
|
||
|
4FFD000
|
trusted library allocation
|
page read and write
|
||
|
14F83000
|
trusted library allocation
|
page read and write
|
||
|
4EDE000
|
trusted library allocation
|
page read and write
|
||
|
504F000
|
trusted library allocation
|
page read and write
|
||
|
4FC8000
|
trusted library allocation
|
page read and write
|
||
|
4F33000
|
trusted library allocation
|
page read and write
|
||
|
4C25000
|
trusted library allocation
|
page read and write
|
||
|
4C1F000
|
trusted library allocation
|
page read and write
|
||
|
A1F4000
|
trusted library allocation
|
page read and write
|
||
|
4C5B000
|
trusted library allocation
|
page read and write
|
||
|
4F4C000
|
trusted library allocation
|
page read and write
|
||
|
4DB9000
|
trusted library allocation
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
4F94000
|
trusted library allocation
|
page read and write
|
||
|
512B000
|
trusted library allocation
|
page read and write
|
||
|
2FAB000
|
heap
|
page read and write
|
||
|
163B0000
|
heap
|
page read and write
|
||
|
FBE000
|
stack
|
page read and write
|
||
|
1572D000
|
stack
|
page read and write
|
||
|
2FA7000
|
heap
|
page read and write
|
||
|
4FB1000
|
trusted library allocation
|
page read and write
|
||
|
4CDF000
|
trusted library allocation
|
page read and write
|
||
|
4DD5000
|
trusted library allocation
|
page read and write
|
||
|
4F01000
|
trusted library allocation
|
page read and write
|
||
|
5006000
|
trusted library allocation
|
page read and write
|
||
|
15A54000
|
heap
|
page read and write
|
||
|
4D56000
|
trusted library allocation
|
page read and write
|
||
|
4C68000
|
trusted library allocation
|
page read and write
|
||
|
4DCA000
|
trusted library allocation
|
page read and write
|
||
|
4F31000
|
trusted library allocation
|
page read and write
|
||
|
4F57000
|
trusted library allocation
|
page read and write
|
||
|
502C000
|
trusted library allocation
|
page read and write
|
||
|
4C8A000
|
trusted library allocation
|
page read and write
|
||
|
4EBA000
|
trusted library allocation
|
page read and write
|
||
|
4D35000
|
trusted library allocation
|
page read and write
|
||
|
4E7E000
|
trusted library allocation
|
page read and write
|
||
|
4C56000
|
trusted library allocation
|
page read and write
|
||
|
4F92000
|
trusted library allocation
|
page read and write
|
||
|
4F14000
|
trusted library allocation
|
page read and write
|
||
|
4F28000
|
trusted library allocation
|
page read and write
|
||
|
4E80000
|
trusted library allocation
|
page read and write
|
||
|
4FF2000
|
trusted library allocation
|
page read and write
|
||
|
2A73000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E3F000
|
trusted library allocation
|
page read and write
|
||
|
4C7E000
|
trusted library allocation
|
page read and write
|
||
|
4C94000
|
trusted library allocation
|
page read and write
|
||
|
4ED2000
|
trusted library allocation
|
page read and write
|
||
|
16B63000
|
trusted library allocation
|
page read and write
|
||
|
4C9C000
|
trusted library allocation
|
page read and write
|
||
|
4F71000
|
trusted library allocation
|
page read and write
|
||
|
14C00000
|
trusted library allocation
|
page read and write
|
||
|
D45000
|
heap
|
page read and write
|
||
|
4F66000
|
trusted library allocation
|
page read and write
|
||
|
4C60000
|
trusted library allocation
|
page read and write
|
||
|
4D70000
|
trusted library allocation
|
page read and write
|
||
|
2F7D000
|
heap
|
page read and write
|
||
|
A5DC000
|
trusted library allocation
|
page read and write
|
||
|
4E2C000
|
trusted library allocation
|
page read and write
|
||
|
A40B000
|
trusted library allocation
|
page read and write
|
||
|
4EA7000
|
trusted library allocation
|
page read and write
|
||
|
4E83000
|
trusted library allocation
|
page read and write
|
||
|
4C77000
|
trusted library allocation
|
page read and write
|
||
|
1216000
|
unkown
|
page read and write
|
||
|
103B000
|
heap
|
page read and write
|
||
|
4D04000
|
trusted library allocation
|
page read and write
|
||
|
4E36000
|
trusted library allocation
|
page read and write
|
||
|
4DA3000
|
trusted library allocation
|
page read and write
|
||
|
4C98000
|
trusted library allocation
|
page read and write
|
||
|
A641000
|
trusted library allocation
|
page read and write
|
||
|
4F3A000
|
trusted library allocation
|
page read and write
|
||
|
4CB0000
|
heap
|
page read and write
|
||
|
4F22000
|
trusted library allocation
|
page read and write
|
||
|
4E1A000
|
trusted library allocation
|
page read and write
|
||
|
5024000
|
trusted library allocation
|
page read and write
|
||
|
4C2B000
|
trusted library allocation
|
page read and write
|
||
|
4D98000
|
trusted library allocation
|
page read and write
|
||
|
4CC2000
|
trusted library allocation
|
page read and write
|
||
|
4F50000
|
trusted library allocation
|
page read and write
|
||
|
2FAB000
|
heap
|
page read and write
|
||
|
4FEE000
|
trusted library allocation
|
page read and write
|
||
|
4DCF000
|
trusted library allocation
|
page read and write
|
||
|
2D4F000
|
stack
|
page read and write
|
||
|
4EA4000
|
trusted library allocation
|
page read and write
|
||
|
A150000
|
trusted library allocation
|
page read and write
|
||
|
4CF5000
|
trusted library allocation
|
page read and write
|
||
|
4CE1000
|
trusted library allocation
|
page read and write
|
||
|
4F98000
|
trusted library allocation
|
page read and write
|
||
|
4D75000
|
trusted library allocation
|
page read and write
|
||
|
4D2D000
|
trusted library allocation
|
page read and write
|
||
|
1524D000
|
stack
|
page read and write
|
||
|
2F99000
|
heap
|
page read and write
|
||
|
4D47000
|
trusted library allocation
|
page read and write
|
||
|
4F41000
|
trusted library allocation
|
page read and write
|
||
|
4CCA000
|
trusted library allocation
|
page read and write
|
||
|
16AE0000
|
trusted library allocation
|
page read and write
|
||
|
4FFF000
|
trusted library allocation
|
page read and write
|
||
|
4CD7000
|
trusted library allocation
|
page read and write
|
||
|
2AB7000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C4D000
|
trusted library allocation
|
page read and write
|
||
|
4E5C000
|
trusted library allocation
|
page read and write
|
||
|
4D42000
|
trusted library allocation
|
page read and write
|
||
|
4E75000
|
trusted library allocation
|
page read and write
|
||
|
4F3D000
|
trusted library allocation
|
page read and write
|
||
|
503A000
|
trusted library allocation
|
page read and write
|
||
|
10EA000
|
heap
|
page read and write
|
||
|
4CA4000
|
trusted library allocation
|
page read and write
|
||
|
2A22000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FAB000
|
heap
|
page read and write
|
||
|
4F96000
|
trusted library allocation
|
page read and write
|
||
|
4EC3000
|
trusted library allocation
|
page read and write
|
||
|
4CAB000
|
trusted library allocation
|
page read and write
|
||
|
4F0C000
|
trusted library allocation
|
page read and write
|
||
|
4DC5000
|
trusted library allocation
|
page read and write
|
||
|
4FC6000
|
trusted library allocation
|
page read and write
|
||
|
4FB4000
|
trusted library allocation
|
page read and write
|
||
|
4CB4000
|
trusted library allocation
|
page read and write
|
||
|
4E25000
|
trusted library allocation
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
4C6E000
|
trusted library allocation
|
page read and write
|
||
|
4D79000
|
trusted library allocation
|
page read and write
|
||
|
4E2A000
|
trusted library allocation
|
page read and write
|
||
|
4DDD000
|
trusted library allocation
|
page read and write
|
||
|
4CCF000
|
trusted library allocation
|
page read and write
|
||
|
4DED000
|
trusted library allocation
|
page read and write
|
||
|
4D4E000
|
trusted library allocation
|
page read and write
|
||
|
2F68000
|
heap
|
page read and write
|
||
|
4C65000
|
trusted library allocation
|
page read and write
|
||
|
4FC0000
|
trusted library allocation
|
page read and write
|
||
|
4DC1000
|
trusted library allocation
|
page read and write
|
||
|
4FE5000
|
trusted library allocation
|
page read and write
|
||
|
4EC6000
|
trusted library allocation
|
page read and write
|
||
|
4D00000
|
trusted library allocation
|
page read and write
|
||
|
4D8C000
|
trusted library allocation
|
page read and write
|
||
|
4FE9000
|
trusted library allocation
|
page read and write
|
||
|
4D9F000
|
trusted library allocation
|
page read and write
|
||
|
4C80000
|
heap
|
page read and write
|
||
|
4F68000
|
trusted library allocation
|
page read and write
|
||
|
4CFD000
|
trusted library allocation
|
page read and write
|
||
|
4CE7000
|
trusted library allocation
|
page read and write
|
||
|
4C32000
|
trusted library allocation
|
page read and write
|
||
|
4FF7000
|
trusted library allocation
|
page read and write
|
||
|
4BCB000
|
stack
|
page read and write
|
||
|
15CA0000
|
trusted library allocation
|
page read and write
|
||
|
15C7F000
|
heap
|
page read and write
|
||
|
2A6B000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F80000
|
trusted library allocation
|
page read and write
|
||
|
4CA0000
|
trusted library allocation
|
page read and write
|
||
|
4EE8000
|
trusted library allocation
|
page read and write
|
||
|
4D87000
|
trusted library allocation
|
page read and write
|
||
|
E0F000
|
stack
|
page read and write
|
||
|
4C15000
|
trusted library allocation
|
page read and write
|
||
|
4E0F000
|
trusted library allocation
|
page read and write
|
||
|
4F7D000
|
trusted library allocation
|
page read and write
|
||
|
4F74000
|
trusted library allocation
|
page read and write
|
||
|
A49D000
|
trusted library allocation
|
page read and write
|
||
|
4D40000
|
trusted library allocation
|
page read and write
|
||
|
A24F000
|
trusted library allocation
|
page read and write
|
||
|
4DE9000
|
trusted library allocation
|
page read and write
|
||
|
4EC0000
|
trusted library allocation
|
page read and write
|
||
|
4F89000
|
trusted library allocation
|
page read and write
|
||
|
28DD000
|
stack
|
page read and write
|
||
|
2F7F000
|
heap
|
page read and write
|
||
|
2F99000
|
heap
|
page read and write
|
||
|
2F18000
|
heap
|
page read and write
|
||
|
4E8F000
|
trusted library allocation
|
page read and write
|
||
|
1513E000
|
unkown
|
page read and write
|
||
|
4F18000
|
trusted library allocation
|
page read and write
|
||
|
E26000
|
heap
|
page read and write
|
||
|
4CC6000
|
trusted library allocation
|
page read and write
|
||
|
4FAC000
|
trusted library allocation
|
page read and write
|
||
|
4D9A000
|
trusted library allocation
|
page read and write
|
||
|
4F46000
|
trusted library allocation
|
page read and write
|
||
|
4FF4000
|
trusted library allocation
|
page read and write
|
||
|
4D20000
|
trusted library allocation
|
page read and write
|
||
|
4ED4000
|
trusted library allocation
|
page read and write
|
||
|
4C08000
|
trusted library allocation
|
page read and write
|
||
|
4CF0000
|
trusted library allocation
|
page read and write
|
||
|
4F11000
|
trusted library allocation
|
page read and write
|
||
|
4C92000
|
trusted library allocation
|
page read and write
|
||
|
4E1E000
|
trusted library allocation
|
page read and write
|
||
|
4E60000
|
trusted library allocation
|
page read and write
|
||
|
164ED000
|
heap
|
page read and write
|
||
|
502E000
|
trusted library allocation
|
page read and write
|
||
|
4DB3000
|
trusted library allocation
|
page read and write
|
||
|
4F5E000
|
trusted library allocation
|
page read and write
|
||
|
4C30000
|
trusted library allocation
|
page read and write
|
||
|
EAF000
|
stack
|
page read and write
|
||
|
2D0E000
|
stack
|
page read and write
|
||
|
4D2A000
|
trusted library allocation
|
page read and write
|
||
|
4C02000
|
trusted library allocation
|
page read and write
|
||
|
4E9E000
|
trusted library allocation
|
page read and write
|
||
|
4E85000
|
trusted library allocation
|
page read and write
|
||
|
4D12000
|
trusted library allocation
|
page read and write
|
||
|
4CAE000
|
trusted library allocation
|
page read and write
|
||
|
5028000
|
trusted library allocation
|
page read and write
|
||
|
4C22000
|
trusted library allocation
|
page read and write
|
||
|
512D000
|
trusted library allocation
|
page read and write
|
||
|
4EFB000
|
trusted library allocation
|
page read and write
|
||
|
4DAB000
|
trusted library allocation
|
page read and write
|
||
|
4FD6000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
4DB0000
|
trusted library allocation
|
page read and write
|
||
|
4DF9000
|
trusted library allocation
|
page read and write
|
||
|
4DC8000
|
trusted library allocation
|
page read and write
|
||
|
D8E000
|
stack
|
page read and write
|
||
|
4F9F000
|
trusted library allocation
|
page read and write
|
||
|
4C73000
|
trusted library allocation
|
page read and write
|
||
|
4C6B000
|
trusted library allocation
|
page read and write
|
||
|
4E53000
|
trusted library allocation
|
page read and write
|
||
|
4D3E000
|
trusted library allocation
|
page read and write
|
||
|
4CBF000
|
trusted library allocation
|
page read and write
|
||
|
8DC000
|
stack
|
page read and write
|
||
|
513A000
|
trusted library allocation
|
page read and write
|
||
|
A645000
|
trusted library allocation
|
page read and write
|
||
|
A20F000
|
trusted library allocation
|
page read and write
|
||
|
4DA7000
|
trusted library allocation
|
page read and write
|
||
|
500A000
|
trusted library allocation
|
page read and write
|
||
|
4D85000
|
trusted library allocation
|
page read and write
|
||
|
4EE6000
|
trusted library allocation
|
page read and write
|
||
|
4FDE000
|
trusted library allocation
|
page read and write
|
||
|
4E68000
|
trusted library allocation
|
page read and write
|
||
|
4DFF000
|
trusted library allocation
|
page read and write
|
||
|
4FAE000
|
trusted library allocation
|
page read and write
|
||
|
154EF000
|
unkown
|
page read and write
|
||
|
501B000
|
trusted library allocation
|
page read and write
|
||
|
4ECB000
|
trusted library allocation
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
4D30000
|
trusted library allocation
|
page read and write
|
||
|
4C87000
|
trusted library allocation
|
page read and write
|
||
|
4DF6000
|
trusted library allocation
|
page read and write
|
||
|
2F9D000
|
heap
|
page read and write
|
||
|
A479000
|
trusted library allocation
|
page read and write
|
||
|
5020000
|
trusted library allocation
|
page read and write
|
||
|
4DE6000
|
trusted library allocation
|
page read and write
|
||
|
154F0000
|
heap
|
page read and write
|
||
|
4CA2000
|
trusted library allocation
|
page read and write
|
||
|
29BF000
|
stack
|
page read and write
|
||
|
4E39000
|
trusted library allocation
|
page read and write
|
||
|
4D07000
|
trusted library allocation
|
page read and write
|
||
|
4FB7000
|
trusted library allocation
|
page read and write
|
||
|
E46000
|
heap
|
page read and write
|
||
|
2930000
|
heap
|
page read and write
|
||
|
4F2E000
|
trusted library allocation
|
page read and write
|
||
|
4E45000
|
trusted library allocation
|
page read and write
|
||
|
4D68000
|
trusted library allocation
|
page read and write
|
||
|
4E0B000
|
trusted library allocation
|
page read and write
|
||
|
4C7B000
|
trusted library allocation
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
2F1E000
|
stack
|
page read and write
|
||
|
4ECE000
|
trusted library allocation
|
page read and write
|
||
|
4F9A000
|
trusted library allocation
|
page read and write
|
||
|
E6E000
|
stack
|
page read and write
|
||
|
297E000
|
stack
|
page read and write
|
||
|
4DE2000
|
trusted library allocation
|
page read and write
|
||
|
4C42000
|
trusted library allocation
|
page read and write
|
||
|
4D22000
|
trusted library allocation
|
page read and write
|
||
|
4EF7000
|
trusted library allocation
|
page read and write
|
||
|
4C0D000
|
trusted library allocation
|
page read and write
|
||
|
A4C2000
|
trusted library allocation
|
page read and write
|
||
|
4D82000
|
trusted library allocation
|
page read and write
|
||
|
1531E000
|
heap
|
page read and write
|
||
|
4F09000
|
trusted library allocation
|
page read and write
|
||
|
4E49000
|
trusted library allocation
|
page read and write
|
||
|
4C63000
|
trusted library allocation
|
page read and write
|
||
|
4EF9000
|
trusted library allocation
|
page read and write
|
||
|
4DAD000
|
trusted library allocation
|
page read and write
|
||
|
5019000
|
trusted library allocation
|
page read and write
|
||
|
4F77000
|
trusted library allocation
|
page read and write
|
||
|
11CD000
|
stack
|
page read and write
|
||
|
4D7E000
|
trusted library allocation
|
page read and write
|
||
|
4CC4000
|
trusted library allocation
|
page read and write
|
||
|
2F99000
|
heap
|
page read and write
|
||
|
4E20000
|
trusted library allocation
|
page read and write
|
||
|
4ED7000
|
trusted library allocation
|
page read and write
|
||
|
4CBA000
|
trusted library allocation
|
page read and write
|
||
|
4E91000
|
trusted library allocation
|
page read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
5015000
|
trusted library allocation
|
page read and write
|
||
|
158A0000
|
heap
|
page read and write
|
||
|
4EF4000
|
trusted library allocation
|
page read and write
|
||
|
4FEC000
|
trusted library allocation
|
page read and write
|
||
|
4F3F000
|
trusted library allocation
|
page read and write
|
||
|
4CD2000
|
trusted library allocation
|
page read and write
|
||
|
4C5D000
|
trusted library allocation
|
page read and write
|
||
|
504D000
|
trusted library allocation
|
page read and write
|
||
|
4E3C000
|
trusted library allocation
|
page read and write
|
||
|
4F5C000
|
trusted library allocation
|
page read and write
|
||
|
4C12000
|
trusted library allocation
|
page read and write
|
||
|
B8C000
|
stack
|
page read and write
|
||
|
4E8A000
|
trusted library allocation
|
page read and write
|
||
|
4EA1000
|
trusted library allocation
|
page read and write
|
||
|
4CA8000
|
trusted library allocation
|
page read and write
|
||
|
15DA0000
|
trusted library allocation
|
page read and write
|
||
|
158E4000
|
heap
|
page read and write
|
||
|
2FAB000
|
heap
|
page read and write
|
||
|
4D8A000
|
trusted library allocation
|
page read and write
|
||
|
2ABE000
|
trusted library allocation
|
page execute and read and write
|
||
|
16322000
|
heap
|
page read and write
|
||
|
4D25000
|
trusted library allocation
|
page read and write
|
||
|
4D6C000
|
trusted library allocation
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
4E01000
|
trusted library allocation
|
page read and write
|
||
|
4FD3000
|
trusted library allocation
|
page read and write
|
||
|
4DD1000
|
trusted library allocation
|
page read and write
|
||
|
4FBA000
|
trusted library allocation
|
page read and write
|
||
|
4E59000
|
trusted library allocation
|
page read and write
|
||
|
4C48000
|
trusted library allocation
|
page read and write
|
||
|
502A000
|
trusted library allocation
|
page read and write
|
||
|
4CF2000
|
trusted library allocation
|
page read and write
|
There are 510 hidden memdumps, click here to show them.