Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
file.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_file.exe_2f26e4b65edfc9809a16d7533fcfcfa7c28d99cc_852b229c_d8e4eb8d-192d-4a27-acb5-a0d10fcca4b1\Report.wer
|
data
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERFB4C.tmp.dmp
|
Mini DuMP crash report, 15 streams, Sun Oct 13 04:54:10 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERFC67.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERFCB6.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7140 -s 1896
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bathdoomgaz.store
|
|
||
|
studennotediw.store
|
|
||
|
https://sergei-esenin.com/p;
|
unknown
|
|
|
|
clearancek.site
|
|
||
|
dissapoiznw.store
|
|
||
|
https://steamcommunity.com/profiles/76561199724331900
|
104.102.49.254
|
|
|
|
spirittunek.store
|
|
||
|
licendfilteo.site
|
|
||
|
https://sergei-esenin.com/h;
|
unknown
|
|
|
|
eaglepawnoy.store
|
|
||
|
https://steamcommunity.com/profiles/76561199724331900/inventory/
|
unknown
|
|
|
|
https://sergei-esenin.com:443/api
|
unknown
|
|
|
|
mobbipenju.store
|
|
||
|
https://sergei-esenin.com/api
|
104.21.53.8
|
|
|
|
https://steamcommunity.com/profiles/76561199724331900/badges
|
unknown
|
|
|
|
https://steamcommunity.com/my/wishlist/
|
unknown
|
||
|
https://www.cloudflare.com/learning/access-management/phishing-attack/
|
unknown
|
||
|
https://steamcommunity.com:443/profiles/76561199724331900$
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/global.js?v=9OzcxMXbaV84&l=english
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/javascript/auth_refresh.js?v=WgUxSlKTb3W1&
|
unknown
|
||
|
https://steamcommunity.com/?subsection=broadcasts
|
unknown
|
||
|
https://help.steampowered.com/en/
|
unknown
|
||
|
https://steamcommunity.com/market/
|
unknown
|
||
|
https://store.steampowered.com/news/
|
unknown
|
||
|
https://store.steampowered.com/subscriber_agreement/
|
unknown
|
||
|
http://store.steampowered.com/subscriber_agreement/
|
unknown
|
||
|
https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/applications/community/libraries~b28b7af6
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/css/skin_1/modalContent.css?v=.VpiwkLAYt9r1
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/promo/stickers.js?v=upl9NJ5D2xkP&l=en
|
unknown
|
||
|
http://www.valvesoftware.com/legal.htm
|
unknown
|
||
|
https://steamcommunity.com/discussions/
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/css/promo/summer2017/stickers.css?v=HA2Yr5oy3FFG&
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png
|
unknown
|
||
|
https://store.steampowered.com/stats/
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1
|
unknown
|
||
|
https://store.steampowered.com/steam_refunds/
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/css/shared_responsive.css?v=sHIIcMzCffX6&
|
unknown
|
||
|
https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback
|
unknown
|
||
|
https://steamcommunity.com/login/home/?goto=profiles%2F76561199724331900
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/webui/clientcom.js?v=jGtzAgjYROne&l=e
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/applications/community/manifest.js?v=hgPi
|
unknown
|
||
|
https://steamcommunity.com/workshop/
|
unknown
|
||
|
https://store.steampowered.com/legal/
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/reportedcontent.js?v=dAtjbcZMWhSe&l=e
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/css/skin_1/header.css?v=NFoCa4OkAxRb&l=english
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v=pSv
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/css/motiva_sans.css?v=-DH0xTYpnVe2&l=engl
|
unknown
|
||
|
http://store.steampowered.com/privacy_agreement/
|
unknown
|
||
|
https://store.steampowered.com/points/shop/
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
https://store.steampowered.com/
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/images/skin_1/arrowDn9x5.gif
|
unknown
|
||
|
https://avatars.akamai.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb_full.jpg
|
unknown
|
||
|
https://store.steampowered.com/privacy_agreement/
|
unknown
|
||
|
https://www.cloudflare.com/learning/access-manag
|
unknown
|
||
|
https://www.cloudflare.com/5xx-error-landing
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/css/shared_global.css?v=ezWS9te9Zwm9&l=en
|
unknown
|
||
|
https://www.cloudflare.com/5xx-error-X
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/css/applications/community/main.css?v=2Ih2WOq7ErXY&a
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/javascript/shared_global.js?v=REEGJU1hwkYl&am
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/applications/community/main.js?v=bz0kMfQA
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/css/buttons.css?v=PUJIfhtcQn7W&l=english
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/css/globalv2.css?v=PAcV2zMBzzSV&l=english
|
unknown
|
||
|
https://steamcommunity.com/profiles/76561
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=english
|
unknown
|
||
|
http://store.steampowered.com/account/cookiepreferences/
|
unknown
|
||
|
https://store.steampowered.com/mobile
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/images/responsive/header_logo.png
|
unknown
|
||
|
https://avatars.akamai.steamstatic
|
unknown
|
||
|
https://steamcommunity.com/
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/profile.js?v=f3vWO7swdDqp&l=english
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/css/skin_1/profilev2.css?v=M_qL4gO2sKII&l=englis
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/modalContent.js?v=f2hMA1v9Zkc8&l=engl
|
unknown
|
||
|
https://store.steampowered.com/about/
|
unknown
|
There are 71 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
steamcommunity.com
|
104.102.49.254
|
|
|
|
sergei-esenin.com
|
104.21.53.8
|
|
|
|
eaglepawnoy.store
|
unknown
|
|
|
|
bathdoomgaz.store
|
unknown
|
|
|
|
spirittunek.store
|
unknown
|
|
|
|
licendfilteo.site
|
unknown
|
|
|
|
studennotediw.store
|
unknown
|
|
|
|
mobbipenju.store
|
unknown
|
|
|
|
clearancek.site
|
unknown
|
|
|
|
dissapoiznw.store
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.21.53.8
|
sergei-esenin.com
|
United States
|
|
|
|
104.102.49.254
|
steamcommunity.com
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{c74b2a98-50f3-bcbf-f020-cb00c51b4c85}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
ProgramId
|
|
|
|
\REGISTRY\A\{c74b2a98-50f3-bcbf-f020-cb00c51b4c85}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
FileId
|
|
|
|
\REGISTRY\A\{c74b2a98-50f3-bcbf-f020-cb00c51b4c85}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
LowerCaseLongPath
|
|
|
|
\REGISTRY\A\{c74b2a98-50f3-bcbf-f020-cb00c51b4c85}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
LongPathHash
|
|
|
|
\REGISTRY\A\{c74b2a98-50f3-bcbf-f020-cb00c51b4c85}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
Name
|
|
|
|
\REGISTRY\A\{c74b2a98-50f3-bcbf-f020-cb00c51b4c85}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
OriginalFileName
|
|
|
|
\REGISTRY\A\{c74b2a98-50f3-bcbf-f020-cb00c51b4c85}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
Publisher
|
|
|
|
\REGISTRY\A\{c74b2a98-50f3-bcbf-f020-cb00c51b4c85}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
Version
|
|
|
|
\REGISTRY\A\{c74b2a98-50f3-bcbf-f020-cb00c51b4c85}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
BinFileVersion
|
|
|
|
\REGISTRY\A\{c74b2a98-50f3-bcbf-f020-cb00c51b4c85}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
BinaryType
|
|
|
|
\REGISTRY\A\{c74b2a98-50f3-bcbf-f020-cb00c51b4c85}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
ProductName
|
|
|
|
\REGISTRY\A\{c74b2a98-50f3-bcbf-f020-cb00c51b4c85}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
ProductVersion
|
|
|
|
\REGISTRY\A\{c74b2a98-50f3-bcbf-f020-cb00c51b4c85}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
LinkDate
|
|
|
|
\REGISTRY\A\{c74b2a98-50f3-bcbf-f020-cb00c51b4c85}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
BinProductVersion
|
|
|
|
\REGISTRY\A\{c74b2a98-50f3-bcbf-f020-cb00c51b4c85}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
AppxPackageFullName
|
|
|
|
\REGISTRY\A\{c74b2a98-50f3-bcbf-f020-cb00c51b4c85}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
AppxPackageRelativeId
|
|
|
|
\REGISTRY\A\{c74b2a98-50f3-bcbf-f020-cb00c51b4c85}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
Size
|
|
|
|
\REGISTRY\A\{c74b2a98-50f3-bcbf-f020-cb00c51b4c85}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
Language
|
|
|
|
\REGISTRY\A\{c74b2a98-50f3-bcbf-f020-cb00c51b4c85}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
Usn
|
|
There are 9 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
781000
|
unkown
|
page execute and read and write
|
|
|
|
1140000
|
direct allocation
|
page read and write
|
||
|
47AE000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
122A000
|
heap
|
page read and write
|
||
|
3EAF000
|
stack
|
page read and write
|
||
|
4D30000
|
direct allocation
|
page read and write
|
||
|
30EF000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
500E000
|
stack
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
38AE000
|
stack
|
page read and write
|
||
|
3B2E000
|
stack
|
page read and write
|
||
|
7E0000
|
unkown
|
page execute and read and write
|
||
|
2BC0000
|
direct allocation
|
page read and write
|
||
|
34AF000
|
stack
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
113B000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
4EDC000
|
trusted library allocation
|
page read and write
|
||
|
10FE000
|
stack
|
page read and write
|
||
|
550D000
|
stack
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
386F000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
11E6000
|
heap
|
page read and write
|
||
|
2BD0000
|
direct allocation
|
page execute and read and write
|
||
|
3D6F000
|
stack
|
page read and write
|
||
|
1140000
|
direct allocation
|
page read and write
|
||
|
452E000
|
stack
|
page read and write
|
||
|
2BE7000
|
heap
|
page read and write
|
||
|
1225000
|
heap
|
page read and write
|
||
|
4E70000
|
direct allocation
|
page execute and read and write
|
||
|
2BAE000
|
stack
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
11B3000
|
heap
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
C06000
|
unkown
|
page execute and read and write
|
||
|
60B000
|
stack
|
page read and write
|
||
|
A5F000
|
unkown
|
page execute and read and write
|
||
|
4E90000
|
direct allocation
|
page execute and read and write
|
||
|
39EE000
|
stack
|
page read and write
|
||
|
2BED000
|
heap
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
1195000
|
heap
|
page read and write
|
||
|
3EEE000
|
stack
|
page read and write
|
||
|
5690000
|
heap
|
page read and write
|
||
|
11E1000
|
heap
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
A67000
|
unkown
|
page execute and read and write
|
||
|
504E000
|
stack
|
page read and write
|
||
|
3DAE000
|
stack
|
page read and write
|
||
|
554D000
|
stack
|
page read and write
|
||
|
33AE000
|
stack
|
page read and write
|
||
|
2FEF000
|
stack
|
page read and write
|
||
|
70B000
|
stack
|
page read and write
|
||
|
4F0D000
|
stack
|
page read and write
|
||
|
466E000
|
stack
|
page read and write
|
||
|
1140000
|
direct allocation
|
page read and write
|
||
|
426F000
|
stack
|
page read and write
|
||
|
362E000
|
stack
|
page read and write
|
||
|
122D000
|
heap
|
page read and write
|
||
|
4D10000
|
remote allocation
|
page read and write
|
||
|
416E000
|
stack
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
1140000
|
direct allocation
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
11CD000
|
heap
|
page read and write
|
||
|
1140000
|
direct allocation
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
780000
|
unkown
|
page read and write
|
||
|
1140000
|
direct allocation
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
376E000
|
stack
|
page read and write
|
||
|
4CF0000
|
trusted library allocation
|
page read and write
|
||
|
115E000
|
heap
|
page read and write
|
||
|
57DF000
|
stack
|
page read and write
|
||
|
3FEE000
|
stack
|
page read and write
|
||
|
3C2F000
|
stack
|
page read and write
|
||
|
53CF000
|
stack
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
4E90000
|
direct allocation
|
page execute and read and write
|
||
|
35EF000
|
stack
|
page read and write
|
||
|
1140000
|
direct allocation
|
page read and write
|
||
|
4D10000
|
remote allocation
|
page read and write
|
||
|
4EC0000
|
direct allocation
|
page execute and read and write
|
||
|
1140000
|
direct allocation
|
page read and write
|
||
|
D8E000
|
stack
|
page read and write
|
||
|
540D000
|
stack
|
page read and write
|
||
|
412E000
|
stack
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
780000
|
unkown
|
page readonly
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
2B2E000
|
stack
|
page read and write
|
||
|
A76000
|
unkown
|
page execute and write copy
|
||
|
4D6B000
|
stack
|
page read and write
|
||
|
43EE000
|
stack
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
1227000
|
heap
|
page read and write
|
||
|
2CEF000
|
stack
|
page read and write
|
||
|
4D10000
|
remote allocation
|
page read and write
|
||
|
326E000
|
stack
|
page read and write
|
||
|
2BE0000
|
heap
|
page read and write
|
||
|
42AE000
|
stack
|
page read and write
|
||
|
528E000
|
stack
|
page read and write
|
||
|
11E7000
|
heap
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
336F000
|
stack
|
page read and write
|
||
|
44EF000
|
stack
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
1188000
|
heap
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
462F000
|
stack
|
page read and write
|
||
|
4EA0000
|
direct allocation
|
page execute and read and write
|
||
|
1191000
|
heap
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
11D1000
|
heap
|
page read and write
|
||
|
4E90000
|
direct allocation
|
page execute and read and write
|
||
|
D4E000
|
stack
|
page read and write
|
||
|
4E90000
|
direct allocation
|
page execute and read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
52CE000
|
stack
|
page read and write
|
||
|
A76000
|
unkown
|
page execute and read and write
|
||
|
95A000
|
unkown
|
page execute and read and write
|
||
|
3AEF000
|
stack
|
page read and write
|
||
|
48B0000
|
heap
|
page read and write
|
||
|
2EEF000
|
stack
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
564E000
|
stack
|
page read and write
|
||
|
514D000
|
stack
|
page read and write
|
||
|
3C6E000
|
stack
|
page read and write
|
||
|
312E000
|
stack
|
page read and write
|
||
|
4E90000
|
direct allocation
|
page execute and read and write
|
||
|
56DE000
|
stack
|
page read and write
|
||
|
134E000
|
stack
|
page read and write
|
||
|
115A000
|
heap
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
1140000
|
direct allocation
|
page read and write
|
||
|
1140000
|
direct allocation
|
page read and write
|
||
|
119E000
|
heap
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
4E80000
|
direct allocation
|
page execute and read and write
|
||
|
1140000
|
direct allocation
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
476F000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
48AF000
|
stack
|
page read and write
|
||
|
2DEE000
|
stack
|
page read and write
|
||
|
A77000
|
unkown
|
page execute and write copy
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
4CF0000
|
heap
|
page read and write
|
||
|
322F000
|
stack
|
page read and write
|
||
|
1233000
|
heap
|
page read and write
|
||
|
781000
|
unkown
|
page execute and write copy
|
||
|
372F000
|
stack
|
page read and write
|
||
|
39AF000
|
stack
|
page read and write
|
||
|
4E6F000
|
stack
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
4E90000
|
direct allocation
|
page execute and read and write
|
||
|
A34000
|
unkown
|
page execute and read and write
|
||
|
DEE000
|
stack
|
page read and write
|
||
|
1140000
|
direct allocation
|
page read and write
|
||
|
518E000
|
stack
|
page read and write
|
||
|
402E000
|
stack
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
34EE000
|
stack
|
page read and write
|
||
|
1140000
|
direct allocation
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
4EB0000
|
direct allocation
|
page execute and read and write
|
||
|
43AF000
|
stack
|
page read and write
|
||
|
2B6E000
|
stack
|
page read and write
|
||
|
1140000
|
direct allocation
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
1222000
|
heap
|
page read and write
|
||
|
11E6000
|
heap
|
page read and write
|
||
|
2BC0000
|
direct allocation
|
page read and write
|
There are 174 hidden memdumps, click here to show them.