Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
PJ-0020241013_setup.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\z.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, UPX compressed
|
dropped
|
|
|
|
C:\Users\user\Documents\czrdnq8b.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Documents\conf.ini
|
ASCII text, with CRLF line terminators
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\PJ-0020241013_setup.exe
|
"C:\Users\user\Desktop\PJ-0020241013_setup.exe"
|
|
|
|
C:\Users\user\Documents\czrdnq8b.exe
|
"C:\Users\user\Documents\czrdnq8b.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://www.wps.com/eula
|
unknown
|
||
|
https://drive.wps.com/filecollect/
|
unknown
|
||
|
https://github.com/ldcsaa/HP-SocketF
|
unknown
|
||
|
http://wps-community.org/download/dicts/Zip
|
unknown
|
||
|
https://www.wps.com/support
|
unknown
|
||
|
https://get.wps.cn/feedback/pc?product_id=1000099&detail=Open_print_service_kso_Printer_ConnectTimeo
|
unknown
|
||
|
http://203.107.1.33/100000/d?host=www.aliyun.comKeep-Alivei
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
||
|
http://www.winimage.com/zLibDll-incompatible
|
unknown
|
||
|
https://2023.ipchaxun.com/
|
unknown
|
||
|
http://wps-community.org/download.html
|
unknown
|
||
|
http://wdl1.cache.wps.cn/per-plugin/dl/onlineshapes/
|
unknown
|
||
|
https://searchplugin.csdn.net/api/v1/ip/get
|
unknown
|
||
|
https://f.wps.cn/
|
unknown
|
||
|
https://privacy.wps.cn/policies/eula/wps-pdf-Windows
|
unknown
|
||
|
https://www.wps.cn/learning/
|
unknown
|
||
|
http://Mpr.dllWNetAddConnection2Wnamelist/wps/jsaddons/jsaddinblockhost.ini/wps/jsaddons/authaddin.j
|
unknown
|
||
|
https://vip.wps.cn/pay/member/%1/?csource=docerpersonclientNewInstallTime1onFinished(QNetworkReply
|
unknown
|
||
|
http://203.107.1.33/100000/d?host=www.aliyun.com
|
unknown
|
||
|
http://www.baidu.com/robots.txt
|
unknown
|
||
|
http://ic.wps.cn/wpsv6internet/infos.adsICLimitElapsedICForTestICPercentCTICPercentProofreadBottomIC
|
unknown
|
||
|
http://switch.pcfg.cache.wpscdn.cn/platform_lmt/BackStageCfgPreCheck
|
unknown
|
||
|
https://f.wps.cn/https://www.wps.cn/learning/https://get.wps.cn/PrintPreview/ControlTitleFeedback&ap
|
unknown
|
||
|
http://info.wps.cn/wpsv6internet/infos.ads56drive_improvenew_slide_btnjm_function/2019/wps/client/ap
|
unknown
|
||
|
https://www.wps.com/supporthttps://get.wps.cn/feedback/pcPreview
|
unknown
|
||
|
https://switch.pcfg.cache.wpscdn.cn/wps_assets/cfg/ad/switch/
|
unknown
|
||
|
https://get.wps.cn/feedback/pc?product_id=1000099&detail=Trouble_shooting
|
unknown
|
||
|
https://get.wps.cn/
|
unknown
|
||
|
http://switch.pcfg.cache.wpscdn.cn/platform_lmt/
|
unknown
|
||
|
http://203.107.1.33/100000/d?host=www.aliyun.comKeep-Alive
|
unknown
|
||
|
https://drive.wps.com/filecollect/pc_filecollectDisableFileCollectfeature_filecollectDateSkewedInval
|
unknown
|
||
|
https://searchplugin.csdn.net/api/v1/ip/geth
|
unknown
|
||
|
https://www.google.com/search?q=%1
|
unknown
|
||
|
https://qa.wps.cn/feedback/front?wpsid=%1&product_name=%2
|
unknown
|
||
|
https://get.wps.cn/feedback/pc?product_id=1000099&detail=Trouble_shooting_kso_Printer_QueryTimeout_M
|
unknown
|
||
|
https://switch.pcfg.cache.wpscdn.cn/wps_assets/cfg/ad/switch/h
|
unknown
|
||
|
https://get.wps.cn/feedback/pc
|
unknown
|
||
|
https://127.0.0.1:58891/transferEcho/runParams
|
unknown
|
||
|
https://vip.wps.cn/pay/member/%1/?csource=docerpersonclient
|
unknown
|
||
|
https://2023.ipchaxun.com/ip#
|
unknown
|
||
|
http://203.107.1.33/7
|
unknown
|
||
|
https://vipapi.wps.cn/skin/api/upgrade_skin?snact=1?snact=01onRequestUrlSuccess(TASKID
|
unknown
|
||
|
http://127.0.0.1:58890/transferEcho/runParamshttps://127.0.0.1:58891/transferEcho/runParams);xhr.sen
|
unknown
|
||
|
https://vipapi.wps.cn/skin/api/upgrade_skin
|
unknown
|
||
|
http://www.baidu.com/robots.txtdefaultValue
|
unknown
|
||
|
https://qing.wps.cn
|
unknown
|
||
|
https://www.wps.cn/privacy/full_pdfproEnableEULAPageSetup/CustomInstitutionsetup/CustomPlatformsetup
|
unknown
|
||
|
http://127.0.0.1:58890/transferEcho/runParams
|
unknown
|
||
|
http://spinfo.wps.cn/subproduct/infos.adsSoftware
|
unknown
|
||
|
https://www.google.com/search?q=%1p
|
unknown
|
||
|
http://203.107.1.33/100000/d?host=www.aliyun.comO
|
unknown
|
||
|
http://root/CertEnroll/kingsoft%20root.crl02
|
unknown
|
||
|
http://root/CertEnroll/root_kingsoft%20root.crt0=
|
unknown
|
||
|
https://qing.wps.cn/api/ping1onNetworkRequestFinished(QNetworkReply
|
unknown
|
||
|
http://wps-community.org/download/dicts/
|
unknown
|
||
|
https://get.wps.cn/feedback/pc?product_id=1000099&detail=Open_print_service
|
unknown
|
||
|
https://home.wps.cn/topic/10224
|
unknown
|
||
|
http://203.107.1.33/100000/d?host=www.aliyun.comr/
|
unknown
|
||
|
https://vip.wps.cn/privilege_page/privilege_detail?id=%1
|
unknown
|
||
|
https://www.wps.cn/privacy/full_pdfpro
|
unknown
|
||
|
http://203.107.1.33/
|
unknown
|
||
|
http://www.winimage.com/zLibDll
|
unknown
|
||
|
https://vip.wps.cn/privilege_page/privilege_detail?id=%1border-radiusKArrowToolTipWidgetshadow-width
|
unknown
|
||
|
http://info.wps.cn/wpsv6internet/infos.adswps_safep0p1p2p3p4p5p6p7dm=%1&action=%1&guid=%1&hdid=%1&uu
|
unknown
|
||
|
https://privacy.wps.cn/policies/eula/wps_forB
|
unknown
|
||
|
http://info.wps.cn/wpsv6internet/infos.ads
|
unknown
|
There are 56 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
203.107.1.33
|
unknown
|
China
|
||
|
58.49.151.131
|
unknown
|
China
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
14EC000
|
stack
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1F60000
|
unkown
|
page readonly
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
FB1000
|
unkown
|
page execute and read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
12ED000
|
heap
|
page read and write
|
||
|
444F000
|
stack
|
page read and write
|
||
|
1D6F000
|
unkown
|
page readonly
|
||
|
19BB000
|
unkown
|
page readonly
|
||
|
1200000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
38C0000
|
remote allocation
|
page read and write
|
||
|
3450000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
5E60000
|
heap
|
page read and write
|
||
|
34EA000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
379E000
|
direct allocation
|
page readonly
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
3449000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1D6F000
|
unkown
|
page readonly
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
2E74000
|
heap
|
page read and write
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
410D000
|
stack
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
34DC000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
2FEC000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
346F000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
1DC6000
|
unkown
|
page readonly
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1238000
|
heap
|
page read and write
|
||
|
4D4000
|
unkown
|
page readonly
|
||
|
3421000
|
heap
|
page read and write
|
||
|
19B3000
|
unkown
|
page readonly
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
4271000
|
heap
|
page read and write
|
||
|
34FD000
|
heap
|
page read and write
|
||
|
3423000
|
heap
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
346F000
|
heap
|
page read and write
|
||
|
1199000
|
unkown
|
page read and write
|
||
|
FB6000
|
unkown
|
page execute read
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
3CF0000
|
heap
|
page execute and read and write
|
||
|
3459000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
2F27000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
38AE000
|
stack
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
399E000
|
stack
|
page read and write
|
||
|
3459000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
FC6000
|
unkown
|
page execute read
|
||
|
34AA000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
13E7000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
345D000
|
heap
|
page read and write
|
||
|
119B000
|
unkown
|
page write copy
|
||
|
19AC000
|
unkown
|
page readonly
|
||
|
395E000
|
stack
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
4D4000
|
unkown
|
page readonly
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
3459000
|
heap
|
page read and write
|
||
|
20D6000
|
heap
|
page read and write
|
||
|
FB1000
|
unkown
|
page execute read
|
||
|
39A0000
|
heap
|
page read and write
|
||
|
3423000
|
heap
|
page read and write
|
||
|
1FCE000
|
stack
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
4271000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
635E000
|
stack
|
page read and write
|
||
|
3E30000
|
heap
|
page read and write
|
||
|
1255000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
4550000
|
heap
|
page read and write
|
||
|
3DD0000
|
trusted library allocation
|
page read and write
|
||
|
5EBF000
|
heap
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
19AC000
|
unkown
|
page readonly
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
4550000
|
trusted library allocation
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
3AAE000
|
stack
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
34A8000
|
heap
|
page read and write
|
||
|
437D000
|
heap
|
page read and write
|
||
|
585E000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
FB0000
|
unkown
|
page readonly
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
126A000
|
heap
|
page read and write
|
||
|
3459000
|
heap
|
page read and write
|
||
|
1FD5000
|
heap
|
page read and write
|
||
|
19C8000
|
unkown
|
page readonly
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
3420000
|
heap
|
page read and write
|
||
|
585A000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
19B9000
|
unkown
|
page readonly
|
||
|
13E7000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
5A60000
|
heap
|
page read and write
|
||
|
3825000
|
direct allocation
|
page read and write
|
||
|
124C000
|
heap
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
19B3000
|
unkown
|
page readonly
|
||
|
346F000
|
heap
|
page read and write
|
||
|
129D000
|
heap
|
page read and write
|
||
|
1EFF000
|
unkown
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
1F00000
|
unkown
|
page write copy
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
4550000
|
trusted library allocation
|
page read and write
|
||
|
4271000
|
heap
|
page read and write
|
||
|
34EA000
|
heap
|
page read and write
|
||
|
5A6E000
|
heap
|
page read and write
|
||
|
4651000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
5851000
|
heap
|
page read and write
|
||
|
344D000
|
heap
|
page read and write
|
||
|
34A7000
|
heap
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
346F000
|
heap
|
page read and write
|
||
|
3C70000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
FA4000
|
direct allocation
|
page execute and read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
10012000
|
unkown
|
page execute and write copy
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD5000
|
heap
|
page read and write
|
||
|
201E000
|
stack
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
345D000
|
heap
|
page read and write
|
||
|
118C000
|
unkown
|
page write copy
|
||
|
1FD5000
|
heap
|
page read and write
|
||
|
1FD5000
|
heap
|
page read and write
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
1FD5000
|
heap
|
page read and write
|
||
|
3E0F000
|
stack
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
3459000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
3721000
|
direct allocation
|
page execute read
|
||
|
FCA000
|
unkown
|
page execute and read and write
|
||
|
3DC0000
|
heap
|
page read and write
|
||
|
391E000
|
stack
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
4750000
|
trusted library allocation
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
3720000
|
direct allocation
|
page read and write
|
||
|
19A9000
|
unkown
|
page readonly
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
20C6000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
FBD000
|
unkown
|
page execute and read and write
|
||
|
434E000
|
stack
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD5000
|
heap
|
page read and write
|
||
|
20F8000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
3471000
|
heap
|
page read and write
|
||
|
3D00000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
34E8000
|
heap
|
page read and write
|
||
|
10013000
|
unkown
|
page read and write
|
||
|
18D4000
|
unkown
|
page readonly
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
1FD5000
|
heap
|
page read and write
|
||
|
1FD5000
|
heap
|
page read and write
|
||
|
208A000
|
heap
|
page read and write
|
||
|
1234000
|
heap
|
page read and write
|
||
|
20C2000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
12BE000
|
heap
|
page read and write
|
||
|
1FD5000
|
heap
|
page read and write
|
||
|
346F000
|
heap
|
page read and write
|
||
|
400E000
|
stack
|
page read and write
|
||
|
2F20000
|
direct allocation
|
page execute and read and write
|
||
|
1190000
|
unkown
|
page write copy
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD5000
|
heap
|
page read and write
|
||
|
FB0000
|
unkown
|
page readonly
|
||
|
1EFD000
|
unkown
|
page write copy
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
3450000
|
heap
|
page read and write
|
||
|
1FD5000
|
heap
|
page read and write
|
||
|
3444000
|
heap
|
page read and write
|
||
|
19B1000
|
unkown
|
page readonly
|
||
|
11D4000
|
unkown
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
1DC6000
|
unkown
|
page readonly
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
125F000
|
heap
|
page read and write
|
||
|
20D6000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
244F000
|
stack
|
page read and write
|
||
|
FC3000
|
unkown
|
page execute read
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
621E000
|
stack
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD5000
|
heap
|
page read and write
|
||
|
34EB000
|
heap
|
page read and write
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
3444000
|
heap
|
page read and write
|
||
|
126E000
|
heap
|
page read and write
|
||
|
1F70000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
4651000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1F58000
|
unkown
|
page read and write
|
||
|
FBE000
|
unkown
|
page execute read
|
||
|
34DE000
|
heap
|
page read and write
|
||
|
3AFE000
|
stack
|
page read and write
|
||
|
B3A000
|
stack
|
page read and write
|
||
|
10A8000
|
unkown
|
page readonly
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
1FD5000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
38C0000
|
remote allocation
|
page read and write
|
||
|
2F10000
|
heap
|
page read and write
|
||
|
1EFD000
|
unkown
|
page write copy
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
19B3000
|
unkown
|
page readonly
|
||
|
38D0000
|
heap
|
page read and write
|
||
|
3450000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
61DF000
|
stack
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
234E000
|
stack
|
page read and write
|
||
|
34DF000
|
heap
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
19A2000
|
unkown
|
page readonly
|
||
|
3451000
|
heap
|
page read and write
|
||
|
1234000
|
heap
|
page read and write
|
||
|
13E5000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
34A8000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1F20000
|
unkown
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
3DD0000
|
trusted library allocation
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1234000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
BFC000
|
stack
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
20B9000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
19C8000
|
unkown
|
page readonly
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
3427000
|
heap
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
3450000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
19BB000
|
unkown
|
page readonly
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
3E27000
|
heap
|
page read and write
|
||
|
6077000
|
heap
|
page read and write
|
||
|
FC1000
|
unkown
|
page execute and read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
4270000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
4280000
|
heap
|
page read and write
|
||
|
345B000
|
heap
|
page read and write
|
||
|
19AC000
|
unkown
|
page readonly
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
FE5000
|
unkown
|
page execute read
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
37AE000
|
direct allocation
|
page read and write
|
||
|
19B1000
|
unkown
|
page readonly
|
||
|
65DC000
|
stack
|
page read and write
|
||
|
4271000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
344D000
|
heap
|
page read and write
|
||
|
586D000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
3423000
|
heap
|
page read and write
|
||
|
13E7000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
342A000
|
heap
|
page read and write
|
||
|
3427000
|
heap
|
page read and write
|
||
|
4D4000
|
unkown
|
page readonly
|
||
|
3421000
|
heap
|
page read and write
|
||
|
5856000
|
heap
|
page read and write
|
||
|
118E000
|
unkown
|
page read and write
|
||
|
3C0F000
|
stack
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
3450000
|
heap
|
page read and write
|
||
|
3429000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
10001000
|
unkown
|
page execute and read and write
|
||
|
1FD0000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
584F000
|
heap
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
4271000
|
heap
|
page read and write
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
5C75000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
454E000
|
stack
|
page read and write
|
||
|
1243000
|
heap
|
page read and write
|
||
|
4D7D000
|
heap
|
page read and write
|
||
|
4651000
|
heap
|
page read and write
|
||
|
5E1E000
|
stack
|
page read and write
|
||
|
346F000
|
heap
|
page read and write
|
||
|
3601000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1269000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
5C97000
|
heap
|
page read and write
|
||
|
3520000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
126E000
|
heap
|
page read and write
|
||
|
ED4000
|
unkown
|
page readonly
|
||
|
12AA000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
20AF000
|
heap
|
page read and write
|
||
|
4650000
|
heap
|
page read and write
|
||
|
19B1000
|
unkown
|
page readonly
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
34AF000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
F90000
|
direct allocation
|
page execute and read and write
|
||
|
11D6000
|
unkown
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
2E7A000
|
heap
|
page read and write
|
||
|
FCE000
|
unkown
|
page execute read
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
2070000
|
heap
|
page read and write
|
||
|
1FD5000
|
heap
|
page read and write
|
||
|
FE2000
|
unkown
|
page execute and read and write
|
||
|
3449000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
11DD000
|
unkown
|
page readonly
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
344D000
|
heap
|
page read and write
|
||
|
FB7000
|
unkown
|
page execute and read and write
|
||
|
659F000
|
stack
|
page read and write
|
||
|
3B00000
|
heap
|
page read and write
|
||
|
3C70000
|
heap
|
page read and write
|
||
|
1F60000
|
unkown
|
page readonly
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
1FD5000
|
heap
|
page read and write
|
||
|
60CE000
|
heap
|
page read and write
|
||
|
2EAE000
|
stack
|
page read and write
|
||
|
128C000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
20C6000
|
heap
|
page read and write
|
||
|
649E000
|
stack
|
page read and write
|
||
|
20C6000
|
heap
|
page read and write
|
||
|
5C7D000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
19B9000
|
unkown
|
page readonly
|
||
|
126A000
|
heap
|
page read and write
|
||
|
128D000
|
heap
|
page read and write
|
||
|
34A8000
|
heap
|
page read and write
|
||
|
5865000
|
heap
|
page read and write
|
||
|
37C0000
|
direct allocation
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
FC5000
|
unkown
|
page execute and read and write
|
||
|
16C0000
|
heap
|
page read and write
|
||
|
18D4000
|
unkown
|
page readonly
|
||
|
EFC000
|
stack
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
358E000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
5E5E000
|
stack
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
11AE000
|
unkown
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
3463000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
2FB7000
|
heap
|
page read and write
|
||
|
19A9000
|
unkown
|
page readonly
|
||
|
2EEB000
|
stack
|
page read and write
|
||
|
34AA000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD5000
|
heap
|
page read and write
|
||
|
3E20000
|
heap
|
page read and write
|
||
|
2528000
|
heap
|
page read and write
|
||
|
11DD000
|
unkown
|
page readonly
|
||
|
19A2000
|
unkown
|
page readonly
|
||
|
13E7000
|
heap
|
page read and write
|
||
|
18D4000
|
unkown
|
page readonly
|
||
|
3421000
|
heap
|
page read and write
|
||
|
1209000
|
heap
|
page read and write
|
||
|
2F22000
|
heap
|
page read and write
|
||
|
37E0000
|
direct allocation
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
19A2000
|
unkown
|
page readonly
|
||
|
34F3000
|
heap
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
3423000
|
heap
|
page read and write
|
||
|
1242000
|
heap
|
page read and write
|
||
|
4750000
|
trusted library allocation
|
page read and write
|
||
|
20F9000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1234000
|
heap
|
page read and write
|
||
|
1288000
|
heap
|
page read and write
|
||
|
19C0000
|
unkown
|
page readonly
|
||
|
345E000
|
heap
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
1FD5000
|
heap
|
page read and write
|
||
|
1FD5000
|
heap
|
page read and write
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
1F12000
|
unkown
|
page read and write
|
||
|
5A60000
|
trusted library allocation
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
20D6000
|
heap
|
page read and write
|
||
|
3459000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
19C8000
|
unkown
|
page readonly
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1234000
|
heap
|
page read and write
|
||
|
1F80000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
34DE000
|
heap
|
page read and write
|
||
|
346F000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
5E4F000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
343D000
|
heap
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
5A60000
|
trusted library allocation
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
3451000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
20C3000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
2F08000
|
heap
|
page read and write
|
||
|
118C000
|
unkown
|
page write copy
|
||
|
5847000
|
heap
|
page read and write
|
||
|
1FD5000
|
heap
|
page read and write
|
||
|
34EA000
|
heap
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
3449000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
20B8000
|
heap
|
page read and write
|
||
|
5860000
|
heap
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
2F7A000
|
direct allocation
|
page execute and read and write
|
||
|
2510000
|
heap
|
page read and write
|
||
|
1FD5000
|
heap
|
page read and write
|
||
|
15B0000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
4930000
|
heap
|
page read and write
|
||
|
3461000
|
heap
|
page read and write
|
||
|
208E000
|
heap
|
page read and write
|
||
|
37D8000
|
direct allocation
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
19C0000
|
unkown
|
page readonly
|
||
|
1FD5000
|
heap
|
page read and write
|
||
|
1FD5000
|
heap
|
page read and write
|
||
|
ED4000
|
unkown
|
page readonly
|
||
|
1FD5000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
4651000
|
heap
|
page read and write
|
||
|
2060000
|
heap
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
37BC000
|
direct allocation
|
page read and write
|
||
|
34AE000
|
heap
|
page read and write
|
||
|
2064000
|
heap
|
page read and write
|
||
|
5C26000
|
heap
|
page read and write
|
||
|
5A60000
|
trusted library allocation
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
16A0000
|
heap
|
page read and write
|
||
|
19A9000
|
unkown
|
page readonly
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
10AC000
|
unkown
|
page readonly
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
3459000
|
heap
|
page read and write
|
||
|
ED4000
|
unkown
|
page readonly
|
||
|
1234000
|
heap
|
page read and write
|
||
|
10A8000
|
unkown
|
page readonly
|
||
|
342D000
|
heap
|
page read and write
|
||
|
120E000
|
heap
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
3930000
|
trusted library allocation
|
page read and write
|
||
|
20B2000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
3824000
|
direct allocation
|
page readonly
|
||
|
5C1E000
|
heap
|
page read and write
|
||
|
2F23000
|
heap
|
page read and write
|
||
|
1F3C000
|
unkown
|
page read and write
|
||
|
4651000
|
heap
|
page read and write
|
||
|
10011000
|
unkown
|
page execute and read and write
|
||
|
5A60000
|
trusted library allocation
|
page read and write
|
||
|
F9F000
|
direct allocation
|
page execute and read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1234000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2E78000
|
heap
|
page read and write
|
||
|
5EA6000
|
heap
|
page read and write
|
||
|
125B000
|
heap
|
page read and write
|
||
|
577D000
|
heap
|
page read and write
|
||
|
13E7000
|
heap
|
page read and write
|
||
|
119F000
|
unkown
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
38C0000
|
remote allocation
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD5000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
2080000
|
heap
|
page read and write
|
||
|
3423000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
3427000
|
heap
|
page read and write
|
||
|
5D1E000
|
stack
|
page read and write
|
||
|
10AB000
|
unkown
|
page execute and read and write
|
||
|
1291000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
2F04000
|
heap
|
page read and write
|
||
|
5A66000
|
heap
|
page read and write
|
||
|
1510000
|
heap
|
page read and write
|
||
|
3C20000
|
trusted library allocation
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
631F000
|
stack
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1F5E000
|
unkown
|
page read and write
|
||
|
346F000
|
heap
|
page read and write
|
||
|
645F000
|
stack
|
page read and write
|
||
|
19B9000
|
unkown
|
page readonly
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
5A60000
|
trusted library allocation
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
3470000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
19C0000
|
unkown
|
page readonly
|
||
|
2520000
|
heap
|
page read and write
|
||
|
66DC000
|
stack
|
page read and write
|
||
|
344B000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
344D000
|
heap
|
page read and write
|
||
|
34DE000
|
heap
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
4750000
|
trusted library allocation
|
page read and write
|
||
|
1FD4000
|
heap
|
page read and write
|
||
|
342C000
|
heap
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
4750000
|
trusted library allocation
|
page read and write
|
||
|
19BB000
|
unkown
|
page readonly
|
||
|
FBB000
|
unkown
|
page execute read
|
||
|
1FD4000
|
heap
|
page read and write
|
There are 650 hidden memdumps, click here to show them.