Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
7yJsmmW4wS.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\7yJsmmW4wS.exe.log
|
CSV text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\freeware.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\rat.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\edge.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\edge.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\edge.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Sun Oct 13 16:13:10
2024, mtime=Sun Oct 13 16:13:10 2024, atime=Sun Oct 13 16:13:10 2024, length=40448, window=hide
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\7yJsmmW4wS.exe
|
"C:\Users\user\Desktop\7yJsmmW4wS.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\rat.exe
|
"C:\Users\user~1\AppData\Local\Temp\rat.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\freeware.exe
|
"C:\Users\user~1\AppData\Local\Temp\freeware.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /create /f /RL HIGHEST /sc minute /mo 1 /tn "edge" /tr "C:\Users\user\AppData\Roaming\edge.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\edge.exe
|
C:\Users\user\AppData\Roaming\edge.exe
|
|
|
|
C:\Users\user\AppData\Roaming\edge.exe
|
C:\Users\user\AppData\Roaming\edge.exe
|
|
|
|
C:\Users\user\AppData\Roaming\edge.exe
|
|
||
|
C:\Users\user\AppData\Roaming\edge.exe
|
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
authors-reflections.gl.at.ply.gg
|
|
||
|
https://github.com/googlefonts/lexend)6_ju
|
unknown
|
||
|
https://scripts.sil.org/OFLThis
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.urwpp.de
|
unknown
|
||
|
https://scripts.sil.org/OFLhttps://www.lexend.comBonnie
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.urwpp.dehttp://www.urwpp.dehttp://www.urwpp.comhttp://www.urwpp.comNimbus
|
unknown
|
||
|
http://https://_bad_pdb_file.pdb
|
unknown
|
||
|
http://www.urwpp.com
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
authors-reflections.gl.at.ply.gg
|
147.185.221.23
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
147.185.221.23
|
authors-reflections.gl.at.ply.gg
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
edge
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
372000
|
unkown
|
page readonly
|
|
|
|
3271000
|
trusted library allocation
|
page read and write
|
|
|
|
A5E000
|
stack
|
page read and write
|
||
|
7FFAACC70000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BF7E000
|
stack
|
page read and write
|
||
|
15D0000
|
heap
|
page read and write
|
||
|
12E88000
|
trusted library allocation
|
page read and write
|
||
|
1B7DE9D0000
|
heap
|
page read and write
|
||
|
17F0000
|
heap
|
page read and write
|
||
|
1127000
|
heap
|
page read and write
|
||
|
2BC55000000
|
heap
|
page read and write
|
||
|
1C37F000
|
stack
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
1BAB4000
|
stack
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
7FF7952B1000
|
unkown
|
page execute read
|
||
|
7FF7952B0000
|
unkown
|
page readonly
|
||
|
7D5000
|
heap
|
page read and write
|
||
|
1B1CF000
|
stack
|
page read and write
|
||
|
7FF7953E2000
|
unkown
|
page write copy
|
||
|
C20000
|
heap
|
page read and write
|
||
|
7FFAACBC4000
|
trusted library allocation
|
page read and write
|
||
|
7FFB07870000
|
unkown
|
page read and write
|
||
|
7FFAACBC4000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACC80000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B40C000
|
stack
|
page read and write
|
||
|
7FFB07872000
|
unkown
|
page readonly
|
||
|
7FFAACBDD000
|
trusted library allocation
|
page execute and read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
C15000
|
heap
|
page read and write
|
||
|
79C000
|
heap
|
page read and write
|
||
|
1B20E000
|
stack
|
page read and write
|
||
|
7FFB08815000
|
unkown
|
page readonly
|
||
|
AD9000
|
heap
|
page read and write
|
||
|
801000
|
heap
|
page read and write
|
||
|
1B4F1000
|
heap
|
page read and write
|
||
|
7FFB07866000
|
unkown
|
page readonly
|
||
|
730000
|
heap
|
page read and write
|
||
|
7FFAACD50000
|
trusted library allocation
|
page read and write
|
||
|
370000
|
unkown
|
page readonly
|
||
|
1B7DED50000
|
heap
|
page read and write
|
||
|
7FF79539F000
|
unkown
|
page readonly
|
||
|
2E4E000
|
stack
|
page read and write
|
||
|
7FFAACC0C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF7953E1000
|
unkown
|
page read and write
|
||
|
2E8C000
|
trusted library allocation
|
page read and write
|
||
|
1400000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACBC0000
|
trusted library allocation
|
page read and write
|
||
|
1735000
|
heap
|
page read and write
|
||
|
A00000
|
trusted library allocation
|
page read and write
|
||
|
10E6000
|
heap
|
page read and write
|
||
|
A90000
|
trusted library allocation
|
page read and write
|
||
|
B23000
|
heap
|
page read and write
|
||
|
7FFB087FB000
|
unkown
|
page write copy
|
||
|
1296000
|
heap
|
page read and write
|
||
|
12E81000
|
trusted library allocation
|
page read and write
|
||
|
1B4AE000
|
heap
|
page read and write
|
||
|
7FFB087F6000
|
unkown
|
page read and write
|
||
|
1AD8D000
|
stack
|
page read and write
|
||
|
7FFAACBD4000
|
trusted library allocation
|
page read and write
|
||
|
16D0000
|
heap
|
page execute and read and write
|
||
|
2921000
|
trusted library allocation
|
page read and write
|
||
|
3071000
|
trusted library allocation
|
page read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
1C27E000
|
stack
|
page read and write
|
||
|
1B8BA000
|
stack
|
page read and write
|
||
|
17EE000
|
stack
|
page read and write
|
||
|
7FFAACBD2000
|
trusted library allocation
|
page read and write
|
||
|
311E000
|
stack
|
page read and write
|
||
|
1BDDF000
|
stack
|
page read and write
|
||
|
16F5679000
|
stack
|
page read and write
|
||
|
2BC54E16000
|
heap
|
page read and write
|
||
|
F90000
|
heap
|
page execute and read and write
|
||
|
1B7FC000
|
stack
|
page read and write
|
||
|
17B0000
|
heap
|
page read and write
|
||
|
165E000
|
stack
|
page read and write
|
||
|
1B98E000
|
stack
|
page read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
10FA000
|
heap
|
page read and write
|
||
|
1B6AD000
|
stack
|
page read and write
|
||
|
1C57E000
|
stack
|
page read and write
|
||
|
155E000
|
stack
|
page read and write
|
||
|
24C1000
|
trusted library allocation
|
page read and write
|
||
|
1B880000
|
heap
|
page read and write
|
||
|
1239000
|
heap
|
page read and write
|
||
|
12E83000
|
trusted library allocation
|
page read and write
|
||
|
A92000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page execute and read and write
|
||
|
7FFAACC1C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF7952B1000
|
unkown
|
page execute read
|
||
|
84D000
|
heap
|
page read and write
|
||
|
312C000
|
trusted library allocation
|
page read and write
|
||
|
A57000
|
heap
|
page read and write
|
||
|
1BAF0000
|
heap
|
page read and write
|
||
|
3061000
|
trusted library allocation
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
7FFAACCE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAACCA6000
|
trusted library allocation
|
page execute and read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
7FFAACD50000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACBE4000
|
trusted library allocation
|
page read and write
|
||
|
1B40E000
|
stack
|
page read and write
|
||
|
10F1000
|
heap
|
page read and write
|
||
|
1BE70000
|
heap
|
page execute and read and write
|
||
|
1C09A000
|
stack
|
page read and write
|
||
|
129D000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
7CF000
|
heap
|
page read and write
|
||
|
1C17F000
|
stack
|
page read and write
|
||
|
7FFAACBC0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACD60000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACBDD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
2F80000
|
heap
|
page execute and read and write
|
||
|
1B9BC000
|
stack
|
page read and write
|
||
|
12911000
|
trusted library allocation
|
page read and write
|
||
|
16F0000
|
heap
|
page read and write
|
||
|
1188000
|
heap
|
page read and write
|
||
|
3260000
|
heap
|
page execute and read and write
|
||
|
16A3000
|
heap
|
page read and write
|
||
|
A7A000
|
heap
|
page read and write
|
||
|
BAE000
|
stack
|
page read and write
|
||
|
291C000
|
trusted library allocation
|
page read and write
|
||
|
15FD000
|
heap
|
page read and write
|
||
|
13273000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACC80000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BC54F20000
|
heap
|
page read and write
|
||
|
7FFAACD60000
|
trusted library allocation
|
page read and write
|
||
|
A8F000
|
heap
|
page read and write
|
||
|
1705000
|
heap
|
page read and write
|
||
|
124C1000
|
trusted library allocation
|
page read and write
|
||
|
1B4DE000
|
stack
|
page read and write
|
||
|
7FFAACD70000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C19C000
|
stack
|
page read and write
|
||
|
88C000
|
heap
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
2E91000
|
trusted library allocation
|
page read and write
|
||
|
1B84E000
|
stack
|
page read and write
|
||
|
7FF7953A0000
|
unkown
|
page readonly
|
||
|
16DF000
|
stack
|
page read and write
|
||
|
7FFAACBC3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAACBCD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAACC70000
|
trusted library allocation
|
page read and write
|
||
|
7D2000
|
heap
|
page read and write
|
||
|
12913000
|
trusted library allocation
|
page read and write
|
||
|
7FF79539F000
|
unkown
|
page read and write
|
||
|
7FF7952B0000
|
unkown
|
page readonly
|
||
|
B37000
|
heap
|
page read and write
|
||
|
6F4000
|
stack
|
page read and write
|
||
|
7FFAACBB3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAACC80000
|
trusted library allocation
|
page execute and read and write
|
||
|
14D0000
|
heap
|
page read and write
|
||
|
7FC000
|
heap
|
page read and write
|
||
|
1B7DE9A0000
|
heap
|
page read and write
|
||
|
1840000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
126C000
|
heap
|
page read and write
|
||
|
7FFAACBB3000
|
trusted library allocation
|
page execute and read and write
|
||
|
FA5000
|
heap
|
page read and write
|
||
|
1AF00000
|
heap
|
page execute and read and write
|
||
|
12FC000
|
heap
|
page read and write
|
||
|
1BAEE000
|
stack
|
page read and write
|
||
|
306F000
|
trusted library allocation
|
page read and write
|
||
|
10DB000
|
heap
|
page read and write
|
||
|
1614000
|
heap
|
page read and write
|
||
|
8F4000
|
stack
|
page read and write
|
||
|
1810000
|
heap
|
page read and write
|
||
|
1B760000
|
heap
|
page read and write
|
||
|
7FFAACD60000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACBD2000
|
trusted library allocation
|
page read and write
|
||
|
1B4E1000
|
heap
|
page read and write
|
||
|
1B7DE9B0000
|
heap
|
page read and write
|
||
|
1B7DEA78000
|
heap
|
page read and write
|
||
|
1038000
|
unkown
|
page readonly
|
||
|
1420000
|
trusted library allocation
|
page read and write
|
||
|
1730000
|
heap
|
page read and write
|
||
|
7FFAACBC2000
|
trusted library allocation
|
page read and write
|
||
|
15CE000
|
stack
|
page read and write
|
||
|
1129000
|
heap
|
page read and write
|
||
|
1605000
|
heap
|
page read and write
|
||
|
1BBD0000
|
heap
|
page read and write
|
||
|
1BBD0000
|
heap
|
page read and write
|
||
|
7FFAACBC4000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACC60000
|
trusted library allocation
|
page read and write
|
||
|
D2E000
|
stack
|
page read and write
|
||
|
7FFAACBCD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
7FFAACBD0000
|
trusted library allocation
|
page read and write
|
||
|
1B7DEA70000
|
heap
|
page read and write
|
||
|
7FFAACBB4000
|
trusted library allocation
|
page read and write
|
||
|
323E000
|
stack
|
page read and write
|
||
|
13128000
|
trusted library allocation
|
page read and write
|
||
|
7FFB07850000
|
unkown
|
page readonly
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
3121000
|
trusted library allocation
|
page read and write
|
||
|
13063000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACC0C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAACC96000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C29C000
|
stack
|
page read and write
|
||
|
17B5000
|
heap
|
page read and write
|
||
|
1700000
|
heap
|
page read and write
|
||
|
12918000
|
trusted library allocation
|
page read and write
|
||
|
1BA40000
|
heap
|
page execute and read and write
|
||
|
7FFAACBD4000
|
trusted library allocation
|
page read and write
|
||
|
1647000
|
heap
|
page read and write
|
||
|
7FFAACBC4000
|
trusted library allocation
|
page read and write
|
||
|
1BCDE000
|
stack
|
page read and write
|
||
|
18C5000
|
heap
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
13121000
|
trusted library allocation
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
7FFB07851000
|
unkown
|
page execute read
|
||
|
2911000
|
trusted library allocation
|
page read and write
|
||
|
1B5ED000
|
stack
|
page read and write
|
||
|
126A000
|
heap
|
page read and write
|
||
|
123C000
|
heap
|
page read and write
|
||
|
15DF000
|
stack
|
page read and write
|
||
|
1BF80000
|
heap
|
page read and write
|
||
|
7FFAACBD2000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACCA6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAACBB3000
|
trusted library allocation
|
page execute and read and write
|
||
|
12F2000
|
heap
|
page read and write
|
||
|
163F000
|
heap
|
page read and write
|
||
|
7FFAACBC4000
|
trusted library allocation
|
page read and write
|
||
|
117E000
|
heap
|
page read and write
|
||
|
1261000
|
heap
|
page read and write
|
||
|
7FFAACC96000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B3DE000
|
stack
|
page read and write
|
||
|
7FFAACC1C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AA4D000
|
stack
|
page read and write
|
||
|
7FFAACBBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
13271000
|
trusted library allocation
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
7FFB07875000
|
unkown
|
page readonly
|
||
|
1860000
|
trusted library allocation
|
page read and write
|
||
|
7FFB08825000
|
unkown
|
page readonly
|
||
|
7FFAACBD0000
|
trusted library allocation
|
page read and write
|
||
|
124C8000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACBD0000
|
trusted library allocation
|
page read and write
|
||
|
FAE47DC000
|
stack
|
page read and write
|
||
|
7FFAACC70000
|
trusted library allocation
|
page read and write
|
||
|
F2F000
|
stack
|
page read and write
|
||
|
1BCB0000
|
heap
|
page read and write
|
||
|
12BA000
|
heap
|
page read and write
|
||
|
A95000
|
heap
|
page read and write
|
||
|
7FFAACBE0000
|
trusted library allocation
|
page read and write
|
||
|
16BA000
|
heap
|
page read and write
|
||
|
7FFB087AD000
|
unkown
|
page readonly
|
||
|
869000
|
heap
|
page read and write
|
||
|
1BDFE000
|
stack
|
page read and write
|
||
|
2900000
|
heap
|
page read and write
|
||
|
12F7000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
1273000
|
heap
|
page read and write
|
||
|
E00000
|
unkown
|
page readonly
|
||
|
1390000
|
trusted library allocation
|
page read and write
|
||
|
16F56FF000
|
unkown
|
page read and write
|
||
|
7FFAACBCD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1298000
|
heap
|
page read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
13123000
|
trusted library allocation
|
page read and write
|
||
|
BC3000
|
trusted library allocation
|
page read and write
|
||
|
1455000
|
heap
|
page read and write
|
||
|
28B5000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACBC2000
|
trusted library allocation
|
page read and write
|
||
|
1BEDE000
|
stack
|
page read and write
|
||
|
1BDBD000
|
stack
|
page read and write
|
||
|
1264000
|
heap
|
page read and write
|
||
|
7FFAACCE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B410000
|
heap
|
page read and write
|
||
|
1259000
|
heap
|
page read and write
|
||
|
FAE4AFE000
|
stack
|
page read and write
|
||
|
163D000
|
heap
|
page read and write
|
||
|
7FFAACC96000
|
trusted library allocation
|
page execute and read and write
|
||
|
129F000
|
heap
|
page read and write
|
||
|
A70000
|
trusted library allocation
|
page read and write
|
||
|
13F0000
|
heap
|
page execute and read and write
|
||
|
7FFAACBCD000
|
trusted library allocation
|
page execute and read and write
|
||
|
12F1000
|
heap
|
page read and write
|
||
|
ED0000
|
unkown
|
page readonly
|
||
|
7FFAACCD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
10C9000
|
heap
|
page read and write
|
||
|
1B45A000
|
heap
|
page read and write
|
||
|
2E81000
|
trusted library allocation
|
page read and write
|
||
|
DD4000
|
stack
|
page read and write
|
||
|
AA5000
|
heap
|
page read and write
|
||
|
1B7DED55000
|
heap
|
page read and write
|
||
|
125A000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
156F000
|
stack
|
page read and write
|
||
|
2FA0000
|
heap
|
page execute and read and write
|
||
|
7FFAACBC2000
|
trusted library allocation
|
page read and write
|
||
|
ED0000
|
unkown
|
page readonly
|
||
|
306C000
|
trusted library allocation
|
page read and write
|
||
|
1B60C000
|
stack
|
page read and write
|
||
|
7FFAACC1C000
|
trusted library allocation
|
page execute and read and write
|
||
|
16F577F000
|
stack
|
page read and write
|
||
|
7FFAACC76000
|
trusted library allocation
|
page read and write
|
||
|
1BC4E000
|
stack
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
7FF7954E1000
|
unkown
|
page readonly
|
||
|
1BE5E000
|
stack
|
page read and write
|
||
|
1B7AF000
|
stack
|
page read and write
|
||
|
3010000
|
heap
|
page read and write
|
||
|
13B0000
|
trusted library allocation
|
page read and write
|
||
|
16D0000
|
heap
|
page read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
E2E000
|
stack
|
page read and write
|
||
|
1BCFE000
|
stack
|
page read and write
|
||
|
7FFAACBCD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAACBC3000
|
trusted library allocation
|
page execute and read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
A6F000
|
heap
|
page read and write
|
||
|
C25000
|
heap
|
page read and write
|
||
|
10E9000
|
heap
|
page read and write
|
||
|
1660000
|
trusted library allocation
|
page read and write
|
||
|
F94000
|
stack
|
page read and write
|
||
|
13278000
|
trusted library allocation
|
page read and write
|
||
|
ED2000
|
unkown
|
page readonly
|
||
|
7FFB086A0000
|
unkown
|
page readonly
|
||
|
7FFAACBE0000
|
trusted library allocation
|
page read and write
|
||
|
1611000
|
heap
|
page read and write
|
||
|
1B30F000
|
stack
|
page read and write
|
||
|
15DC000
|
heap
|
page read and write
|
||
|
1BB4E000
|
stack
|
page read and write
|
||
|
7FFAACD50000
|
trusted library allocation
|
page read and write
|
||
|
1BF9E000
|
stack
|
page read and write
|
||
|
12F4000
|
heap
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
A20000
|
trusted library allocation
|
page read and write
|
||
|
A84000
|
heap
|
page read and write
|
||
|
7BB000
|
heap
|
page read and write
|
||
|
15EF000
|
heap
|
page read and write
|
||
|
7FFAACCE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B46F000
|
heap
|
page read and write
|
||
|
7FFAACBED000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAACBC0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACC0C000
|
trusted library allocation
|
page execute and read and write
|
||
|
13068000
|
trusted library allocation
|
page read and write
|
||
|
1420000
|
heap
|
page read and write
|
||
|
10FC000
|
heap
|
page read and write
|
||
|
7FFB087F8000
|
unkown
|
page write copy
|
||
|
BC0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACCA6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
7FFB086A1000
|
unkown
|
page execute read
|
||
|
84A000
|
heap
|
page read and write
|
||
|
7FF7953E1000
|
unkown
|
page write copy
|
||
|
7FF7954E1000
|
unkown
|
page readonly
|
||
|
18C0000
|
heap
|
page read and write
|
||
|
1B04E000
|
stack
|
page read and write
|
||
|
7FFAACC70000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACBDD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1256000
|
heap
|
page read and write
|
||
|
A7C000
|
heap
|
page read and write
|
||
|
1AF43000
|
heap
|
page read and write
|
||
|
1A4F0000
|
trusted library allocation
|
page read and write
|
||
|
1B2DF000
|
stack
|
page read and write
|
||
|
12A3000
|
heap
|
page read and write
|
||
|
7FFAACCD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BC54E10000
|
heap
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
7FFAACCD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
291F000
|
trusted library allocation
|
page read and write
|
||
|
13061000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACBCD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAACBBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAACBED000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAACBD0000
|
trusted library allocation
|
page read and write
|
||
|
1BA2E000
|
stack
|
page read and write
|
||
|
F44000
|
stack
|
page read and write
|
||
|
7FFAACC7C000
|
trusted library allocation
|
page execute and read and write
|
||
|
24BE000
|
stack
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
138E000
|
stack
|
page read and write
|
||
|
305F000
|
stack
|
page read and write
|
||
|
2BC54E1C000
|
heap
|
page read and write
|
||
|
1680000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACBC4000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACBE0000
|
trusted library allocation
|
page read and write
|
||
|
1C47B000
|
stack
|
page read and write
|
||
|
2E8F000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACBBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF4121B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1815000
|
heap
|
page read and write
|
||
|
7FFAACBC3000
|
trusted library allocation
|
page execute and read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
1B4B9000
|
heap
|
page read and write
|
||
|
7FFAACBC0000
|
trusted library allocation
|
page read and write
|
||
|
1720000
|
heap
|
page execute and read and write
|
||
|
1460000
|
heap
|
page read and write
|
||
|
1BBFE000
|
stack
|
page read and write
|
||
|
1B4A9000
|
heap
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
1AF40000
|
heap
|
page read and write
|
||
|
ABB000
|
heap
|
page read and write
|
||
|
1236000
|
heap
|
page read and write
|
||
|
B70000
|
heap
|
page execute and read and write
|
||
|
FAE4BFE000
|
stack
|
page read and write
|
||
|
1B48F000
|
heap
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
1B1D0000
|
heap
|
page read and write
|
||
|
1174000
|
stack
|
page read and write
|
||
|
1450000
|
heap
|
page read and write
|
||
|
1A847000
|
heap
|
page read and write
|
||
|
14D5000
|
heap
|
page read and write
|
||
|
1465000
|
heap
|
page read and write
|
||
|
7FFAACC7C000
|
trusted library allocation
|
page execute and read and write
|
There are 402 hidden memdumps, click here to show them.