Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
1729445225fa0e5768d1d682409147d63519fc74f7a5fbd0985a9e3ffe794cd2fed7b2306d148.dat-decoded.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
C:\ProgramData\remcos\logs.dat
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\json[1].json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\bhvAE0C.tmp
|
Extensible storage engine DataBase, version 0x620, checksum 0x5a82f026, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\hpzxkuitwfkmc
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\1729445225fa0e5768d1d682409147d63519fc74f7a5fbd0985a9e3ffe794cd2fed7b2306d148.dat-decoded.exe
|
"C:\Users\user\Desktop\1729445225fa0e5768d1d682409147d63519fc74f7a5fbd0985a9e3ffe794cd2fed7b2306d148.dat-decoded.exe"
|
||
C:\Users\user\Desktop\1729445225fa0e5768d1d682409147d63519fc74f7a5fbd0985a9e3ffe794cd2fed7b2306d148.dat-decoded.exe
|
C:\Users\user\Desktop\1729445225fa0e5768d1d682409147d63519fc74f7a5fbd0985a9e3ffe794cd2fed7b2306d148.dat-decoded.exe /stext
"C:\Users\user\AppData\Local\Temp\hpzxkuitwfkmc"
|
||
C:\Users\user\Desktop\1729445225fa0e5768d1d682409147d63519fc74f7a5fbd0985a9e3ffe794cd2fed7b2306d148.dat-decoded.exe
|
C:\Users\user\Desktop\1729445225fa0e5768d1d682409147d63519fc74f7a5fbd0985a9e3ffe794cd2fed7b2306d148.dat-decoded.exe /stext
"C:\Users\user\AppData\Local\Temp\rreicntmjndrmhtg"
|
||
C:\Users\user\Desktop\1729445225fa0e5768d1d682409147d63519fc74f7a5fbd0985a9e3ffe794cd2fed7b2306d148.dat-decoded.exe
|
C:\Users\user\Desktop\1729445225fa0e5768d1d682409147d63519fc74f7a5fbd0985a9e3ffe794cd2fed7b2306d148.dat-decoded.exe /stext
"C:\Users\user\AppData\Local\Temp\tlkadfdoxvvepopkutxk"
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
janbours92harbu007.duckdns.org
|
|||
Wealthabundance.duckdns.org
|
|||
http://www.imvu.comr
|
unknown
|
||
https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=W
|
unknown
|
||
http://www.imvu.comta
|
unknown
|
||
https://ow1.res.office365.com/apc/trans.gif?29331761644ba41ebf9abf96ecc6fbad
|
unknown
|
||
https://aefd.nelreports.net/api/report?cat=bingth
|
unknown
|
||
https://86dd05e6f545b5502aade4a1946d3e9d.azr.footprintdns.com/apc/trans.gif?66601c3b572f284b9da07fcc
|
unknown
|
||
http://www.nirsoft.net
|
unknown
|
||
https://aefd.nelreports.net/api/report?cat=bingaotak
|
unknown
|
||
https://deff.nelreports.net/api/report?cat=msn
|
unknown
|
||
https://ecs.nel.measure.office.net?TenantId=ODSP_Sync_Client&DestinationEndpoint=Edge-Prod-BLUr5a&Fr
|
unknown
|
||
https://58293426822f9aaf9d7c729f28294583.azr.footprintdns.com/apc/trans.gif?fc66b8a78ab7a1394f56e742
|
unknown
|
||
https://ecs.nel.measure.office.net?TenantId=ODSP_Sync_Client&DestinationEndpoint=Edge-Prod-BL2r8e&Fr
|
unknown
|
||
http://www.imvu.comhttp://www.ebuddy.comhttps://www.google.com
|
unknown
|
||
https://rum8.perf.linkedin.com/apc/trans.gif?fe61b216ccbcc1bca02cb20f2e94fb51
|
unknown
|
||
https://www.google.com
|
unknown
|
||
https://fp-afdx-bpdee4gtg6frejfd.z01.azurefd.net/apc/trans.gif?a9bddedb22fa9ee1d455a5d5a89b950c
|
unknown
|
||
http://geoplugin.net/json.gp/C
|
unknown
|
||
https://maps.windows.com/windows-app-web-link
|
unknown
|
||
https://cxcs.microsoft.net/api/settings/en-GB/xml/settings-tipset?release=20h1&sku=Professional&plat
|
unknown
|
||
https://fp-afdx-bpdee4gtg6frejfd.z01.azurefd.net/apc/trans.gif?60caefc8ca640843bccad421cfaadcc8
|
unknown
|
||
https://login.yahoo.com/config/login
|
unknown
|
||
http://www.nirsoft.net/
|
unknown
|
||
https://ow1.res.office365.com/apc/trans.gif?17a81fd4cdc7fc73a2b4cf5b67ff816d
|
unknown
|
||
http://geoplugin.net/json.gpRt
|
unknown
|
||
https://86dd05e6f545b5502aade4a1946d3e9d.azr.footprintdns.com/apc/trans.gif?f67d919da1a9ba8a5672367d
|
unknown
|
||
https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Condition/AAehR3S.svg
|
unknown
|
||
https://www.office.com/
|
unknown
|
||
https://ow1.res.office365.com/apc/trans.gif?2f153f40414852a5ead98f4103d563a8
|
unknown
|
||
https://acae307a6acdd4e64531be6276770618.azr.footprintdns.com/apc/trans.gif?a176b93f037f93b5720edf68
|
unknown
|
||
https://sin06prdapp01-canary-opaph.netmon.azure.com/apc/trans.gif?909b77fc750668f20e07288ff0ed43e2
|
unknown
|
||
https://18a72a1f5c7b170c6cc0a459d463264e.azr.footprintdns.com/apc/trans.gif?c9b5e9d2b836931c8ddd4e8d
|
unknown
|
||
https://18a72a1f5c7b170c6cc0a459d463264e.azr.footprintdns.com/apc/trans.gif?18b635b804a8d6ad0a1fa437
|
unknown
|
||
http://www.imvu.com
|
unknown
|
||
https://aefd.nelreports.net/api/report?cat=wsb
|
unknown
|
||
https://acae307a6acdd4e64531be6276770618.azr.footprintdns.com/apc/trans.gif?467894188c5d788807342326
|
unknown
|
||
https://4c4f378c706610974da9cb9d99fe3116.azr.footprintdns.com/apc/trans.gif?1c89d9658c6af83a02d98b03
|
unknown
|
||
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
https://aefd.nelreports.net/api/report?cat=bingaot
|
unknown
|
||
https://login.windows.net/common/oauth2/authorize?response_type=code&client_id=d3590ed6-52b3-4102-ae
|
unknown
|
||
https://4c4f378c706610974da9cb9d99fe3116.azr.footprintdns.com/apc/trans.gif?74b620657ac570f7999e6ad7
|
unknown
|
||
https://ecs.nel.measure.office.net?TenantId=Skype&DestinationEndpoint=Edge-Prod-BL2r8e&FrontEnd=AFD
|
unknown
|
||
http://geoplugin.net/json.gpes
|
unknown
|
||
https://aefd.nelreports.net/api/report?cat=bingrms
|
unknown
|
||
https://rum8.perf.linkedin.com/apc/trans.gif?690daf9375f3d267a5b7b08fbc174993
|
unknown
|
||
https://www.google.com/accounts/servicelogin
|
unknown
|
||
https://58293426822f9aaf9d7c729f28294583.azr.footprintdns.com/apc/trans.gif?cf2d8bf3b68a3e37eef992d5
|
unknown
|
||
https://login.microsoftonline.com/common/oauth2/authorize?response_type=code&client_id=d3590ed6-52b3
|
unknown
|
||
https://ow1.res.office365.com/apc/trans.gif?a50e32ebd978eda4d21928b1dbc78135
|
unknown
|
||
https://sin06prdapp01-canary-opaph.netmon.azure.com/apc/trans.gif?c6931b9e725f95cf9c20849dd6498c59
|
unknown
|
||
http://www.ebuddy.com
|
unknown
|
There are 42 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
janbours92harbu007.duckdns.org
|
172.111.244.103
|
||
geoplugin.net
|
178.237.33.50
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
172.111.244.103
|
janbours92harbu007.duckdns.org
|
United States
|
||
178.237.33.50
|
geoplugin.net
|
Netherlands
|
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_CURRENT_USER\SOFTWARE\Rmc0393949-KH667X
|
exepath
|
||
HKEY_CURRENT_USER\SOFTWARE\Rmc0393949-KH667X
|
licence
|
||
HKEY_CURRENT_USER\SOFTWARE\Rmc0393949-KH667X
|
time
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
459000
|
unkown
|
page readonly
|
||
459000
|
unkown
|
page readonly
|
||
459000
|
unkown
|
page readonly
|
||
459000
|
unkown
|
page readonly
|
||
58E000
|
heap
|
page read and write
|
||
459000
|
unkown
|
page readonly
|
||
22BF000
|
stack
|
page read and write
|
||
602000
|
heap
|
page read and write
|
||
5B0000
|
heap
|
page read and write
|
||
83C000
|
heap
|
page read and write
|
||
490000
|
heap
|
page read and write
|
||
2651000
|
heap
|
page read and write
|
||
2759000
|
heap
|
page read and write
|
||
846000
|
heap
|
page read and write
|
||
10016000
|
direct allocation
|
page execute and read and write
|
||
85E000
|
heap
|
page read and write
|
||
9C000
|
stack
|
page read and write
|
||
5B4000
|
heap
|
page read and write
|
||
478000
|
unkown
|
page readonly
|
||
830000
|
heap
|
page read and write
|
||
275A000
|
heap
|
page read and write
|
||
831000
|
heap
|
page read and write
|
||
279C000
|
heap
|
page read and write
|
||
83B000
|
heap
|
page read and write
|
||
71F000
|
heap
|
page read and write
|
||
631000
|
heap
|
page read and write
|
||
5F4000
|
heap
|
page read and write
|
||
5B4000
|
heap
|
page read and write
|
||
38FA000
|
heap
|
page read and write
|
||
473000
|
system
|
page execute and read and write
|
||
574000
|
heap
|
page read and write
|
||
395E000
|
heap
|
page read and write
|
||
846000
|
heap
|
page read and write
|
||
700000
|
heap
|
page read and write
|
||
2757000
|
heap
|
page read and write
|
||
36C8000
|
heap
|
page read and write
|
||
37D9000
|
heap
|
page read and write
|
||
831000
|
heap
|
page read and write
|
||
2950000
|
trusted library allocation
|
page read and write
|
||
839000
|
heap
|
page read and write
|
||
642000
|
heap
|
page read and write
|
||
574000
|
heap
|
page read and write
|
||
80F000
|
stack
|
page read and write
|
||
680000
|
heap
|
page read and write
|
||
845000
|
heap
|
page read and write
|
||
837000
|
heap
|
page read and write
|
||
57E000
|
stack
|
page read and write
|
||
216C000
|
stack
|
page read and write
|
||
3650000
|
heap
|
page read and write
|
||
3885000
|
heap
|
page read and write
|
||
2218000
|
heap
|
page read and write
|
||
728000
|
heap
|
page read and write
|
||
279C000
|
heap
|
page read and write
|
||
837000
|
heap
|
page read and write
|
||
3651000
|
heap
|
page read and write
|
||
275C000
|
heap
|
page read and write
|
||
177000
|
stack
|
page read and write
|
||
3761000
|
heap
|
page read and write
|
||
3882000
|
heap
|
page read and write
|
||
275A000
|
heap
|
page read and write
|
||
27AD000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
24BF000
|
stack
|
page read and write
|
||
5B4000
|
heap
|
page read and write
|
||
82C000
|
heap
|
page read and write
|
||
277E000
|
heap
|
page read and write
|
||
2751000
|
heap
|
page read and write
|
||
574000
|
heap
|
page read and write
|
||
5F0000
|
heap
|
page read and write
|
||
2570000
|
trusted library allocation
|
page read and write
|
||
21AE000
|
stack
|
page read and write
|
||
471000
|
unkown
|
page write copy
|
||
53E000
|
stack
|
page read and write
|
||
2B10000
|
unclassified section
|
page execute and read and write
|
||
67E000
|
heap
|
page read and write
|
||
2657000
|
heap
|
page read and write
|
||
478000
|
unkown
|
page readonly
|
||
708000
|
heap
|
page read and write
|
||
610000
|
heap
|
page read and write
|
||
37DA000
|
heap
|
page read and write
|
||
60C000
|
heap
|
page read and write
|
||
60C000
|
heap
|
page read and write
|
||
275A000
|
heap
|
page read and write
|
||
2755000
|
heap
|
page read and write
|
||
395E000
|
heap
|
page read and write
|
||
837000
|
heap
|
page read and write
|
||
2755000
|
heap
|
page read and write
|
||
6BE000
|
stack
|
page read and write
|
||
973000
|
heap
|
page read and write
|
||
58A000
|
heap
|
page read and write
|
||
5D0000
|
heap
|
page read and write
|
||
841000
|
heap
|
page read and write
|
||
83B000
|
heap
|
page read and write
|
||
471000
|
unkown
|
page write copy
|
||
401000
|
unkown
|
page execute read
|
||
25BF000
|
stack
|
page read and write
|
||
5B4000
|
heap
|
page read and write
|
||
574000
|
heap
|
page read and write
|
||
5B4000
|
heap
|
page read and write
|
||
395B000
|
heap
|
page read and write
|
||
2755000
|
heap
|
page read and write
|
||
275A000
|
heap
|
page read and write
|
||
5B5000
|
heap
|
page read and write
|
||
2756000
|
heap
|
page read and write
|
||
8BF000
|
stack
|
page read and write
|
||
840000
|
heap
|
page read and write
|
||
574000
|
heap
|
page read and write
|
||
278E000
|
heap
|
page read and write
|
||
848000
|
heap
|
page read and write
|
||
5B4000
|
heap
|
page read and write
|
||
9C0000
|
heap
|
page read and write
|
||
36C8000
|
heap
|
page read and write
|
||
94E000
|
heap
|
page read and write
|
||
478000
|
unkown
|
page readonly
|
||
873000
|
heap
|
page read and write
|
||
83C000
|
heap
|
page read and write
|
||
271F000
|
stack
|
page read and write
|
||
276D000
|
heap
|
page read and write
|
||
6BF000
|
stack
|
page read and write
|
||
276B000
|
heap
|
page read and write
|
||
580000
|
heap
|
page read and write
|
||
193000
|
stack
|
page read and write
|
||
8AF000
|
heap
|
page read and write
|
||
20EE000
|
stack
|
page read and write
|
||
2950000
|
trusted library allocation
|
page read and write
|
||
3853000
|
heap
|
page read and write
|
||
831000
|
heap
|
page read and write
|
||
3882000
|
heap
|
page read and write
|
||
246E000
|
stack
|
page read and write
|
||
5D1000
|
heap
|
page read and write
|
||
613000
|
heap
|
page read and write
|
||
5C2000
|
heap
|
page read and write
|
||
1E7000
|
heap
|
page read and write
|
||
848000
|
heap
|
page read and write
|
||
3960000
|
unclassified section
|
page execute and read and write
|
||
71E000
|
stack
|
page read and write
|
||
848000
|
heap
|
page read and write
|
||
2755000
|
heap
|
page read and write
|
||
2751000
|
heap
|
page read and write
|
||
5B4000
|
heap
|
page read and write
|
||
3651000
|
heap
|
page read and write
|
||
2950000
|
trusted library allocation
|
page read and write
|
||
2755000
|
heap
|
page read and write
|
||
613000
|
heap
|
page read and write
|
||
395E000
|
heap
|
page read and write
|
||
5B0000
|
heap
|
page read and write
|
||
83B000
|
heap
|
page read and write
|
||
831000
|
heap
|
page read and write
|
||
5F4000
|
heap
|
page read and write
|
||
1F0000
|
heap
|
page read and write
|
||
456000
|
system
|
page execute and read and write
|
||
5B4000
|
heap
|
page read and write
|
||
471000
|
unkown
|
page read and write
|
||
820000
|
heap
|
page read and write
|
||
275A000
|
heap
|
page read and write
|
||
94E000
|
heap
|
page read and write
|
||
1E0000
|
heap
|
page read and write
|
||
275A000
|
heap
|
page read and write
|
||
18F000
|
stack
|
page read and write
|
||
837000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
574000
|
heap
|
page read and write
|
||
832000
|
heap
|
page read and write
|
||
275D000
|
heap
|
page read and write
|
||
613000
|
heap
|
page read and write
|
||
21B0000
|
heap
|
page read and write
|
||
604000
|
heap
|
page read and write
|
||
83F000
|
heap
|
page read and write
|
||
97D000
|
heap
|
page read and write
|
||
2750000
|
trusted library allocation
|
page read and write
|
||
5B5000
|
heap
|
page read and write
|
||
834000
|
heap
|
page read and write
|
||
19A000
|
stack
|
page read and write
|
||
2950000
|
trusted library allocation
|
page read and write
|
||
459000
|
system
|
page execute and read and write
|
||
2650000
|
heap
|
page read and write
|
||
1F0000
|
heap
|
page read and write
|
||
58E000
|
stack
|
page read and write
|
||
842000
|
heap
|
page read and write
|
||
9C000
|
stack
|
page read and write
|
||
83F000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
2759000
|
heap
|
page read and write
|
||
845000
|
heap
|
page read and write
|
||
2651000
|
heap
|
page read and write
|
||
275A000
|
heap
|
page read and write
|
||
275D000
|
heap
|
page read and write
|
||
39B6000
|
unclassified section
|
page execute and read and write
|
||
643000
|
heap
|
page read and write
|
||
392B000
|
heap
|
page read and write
|
||
622000
|
heap
|
page read and write
|
||
5F4000
|
heap
|
page read and write
|
||
848000
|
heap
|
page read and write
|
||
400000
|
system
|
page execute and read and write
|
||
574000
|
heap
|
page read and write
|
||
842000
|
heap
|
page read and write
|
||
10001000
|
direct allocation
|
page execute and read and write
|
||
23BF000
|
stack
|
page read and write
|
||
839000
|
heap
|
page read and write
|
||
5B4000
|
heap
|
page read and write
|
||
7BE000
|
stack
|
page read and write
|
||
2070000
|
heap
|
page read and write
|
||
5D1000
|
heap
|
page read and write
|
||
851000
|
heap
|
page read and write
|
||
471000
|
unkown
|
page write copy
|
||
643000
|
heap
|
page read and write
|
||
275D000
|
heap
|
page read and write
|
||
831000
|
heap
|
page read and write
|
||
845000
|
heap
|
page read and write
|
||
841000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
2758000
|
heap
|
page read and write
|
||
846000
|
heap
|
page read and write
|
||
261E000
|
stack
|
page read and write
|
||
19C000
|
stack
|
page read and write
|
||
97D000
|
heap
|
page read and write
|
||
2950000
|
trusted library allocation
|
page read and write
|
||
5B5000
|
heap
|
page read and write
|
||
841000
|
heap
|
page read and write
|
||
39BC000
|
unclassified section
|
page execute and read and write
|
||
401000
|
unkown
|
page execute read
|
||
322F000
|
stack
|
page read and write
|
||
946000
|
heap
|
page read and write
|
||
9CC000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
85A000
|
heap
|
page read and write
|
||
580000
|
heap
|
page read and write
|
||
839000
|
heap
|
page read and write
|
||
970000
|
heap
|
page read and write
|
||
275A000
|
heap
|
page read and write
|
||
5B5000
|
heap
|
page read and write
|
||
570000
|
heap
|
page read and write
|
||
38FB000
|
heap
|
page read and write
|
||
2B83000
|
unclassified section
|
page execute and read and write
|
||
5B5000
|
heap
|
page read and write
|
||
2651000
|
heap
|
page read and write
|
||
39E0000
|
unclassified section
|
page execute and read and write
|
||
94D000
|
heap
|
page read and write
|
||
3747000
|
heap
|
page read and write
|
||
312E000
|
stack
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
5B5000
|
heap
|
page read and write
|
||
5D1000
|
heap
|
page read and write
|
||
45D000
|
system
|
page execute and read and write
|
||
2763000
|
heap
|
page read and write
|
||
2577000
|
heap
|
page read and write
|
||
83B000
|
heap
|
page read and write
|
||
212C000
|
stack
|
page read and write
|
||
3760000
|
heap
|
page read and write
|
||
9C000
|
stack
|
page read and write
|
||
574000
|
heap
|
page read and write
|
||
940000
|
heap
|
page read and write
|
||
275D000
|
heap
|
page read and write
|
||
574000
|
heap
|
page read and write
|
||
574000
|
heap
|
page read and write
|
||
36CA000
|
heap
|
page read and write
|
||
540000
|
heap
|
page read and write
|
||
5B4000
|
heap
|
page read and write
|
||
2651000
|
heap
|
page read and write
|
||
83F000
|
heap
|
page read and write
|
||
844000
|
heap
|
page read and write
|
||
5F4000
|
heap
|
page read and write
|
||
39FB000
|
unclassified section
|
page execute and read and write
|
||
574000
|
heap
|
page read and write
|
||
2759000
|
heap
|
page read and write
|
||
837000
|
heap
|
page read and write
|
||
2763000
|
heap
|
page read and write
|
||
82C000
|
heap
|
page read and write
|
||
841000
|
heap
|
page read and write
|
||
2753000
|
heap
|
page read and write
|
||
2B69000
|
unclassified section
|
page execute and read and write
|
||
3853000
|
heap
|
page read and write
|
||
574000
|
heap
|
page read and write
|
||
67F000
|
stack
|
page read and write
|
||
720000
|
heap
|
page read and write
|
||
2651000
|
heap
|
page read and write
|
||
19C000
|
stack
|
page read and write
|
||
82F000
|
heap
|
page read and write
|
||
5B4000
|
heap
|
page read and write
|
||
8FF000
|
stack
|
page read and write
|
||
810000
|
heap
|
page read and write
|
||
5CF000
|
heap
|
page read and write
|
||
400000
|
system
|
page execute and read and write
|
||
9CC000
|
heap
|
page read and write
|
||
2950000
|
trusted library allocation
|
page read and write
|
||
5B4000
|
heap
|
page read and write
|
||
5D1000
|
heap
|
page read and write
|
||
474000
|
unkown
|
page read and write
|
||
82C000
|
heap
|
page read and write
|
||
400000
|
system
|
page execute and read and write
|
||
5F4000
|
heap
|
page read and write
|
||
5B4000
|
heap
|
page read and write
|
||
471000
|
unkown
|
page write copy
|
||
570000
|
heap
|
page read and write
|
||
848000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
73F000
|
heap
|
page read and write
|
||
41B000
|
system
|
page execute and read and write
|
||
574000
|
heap
|
page read and write
|
||
5B4000
|
heap
|
page read and write
|
||
841000
|
heap
|
page read and write
|
||
837000
|
heap
|
page read and write
|
||
844000
|
heap
|
page read and write
|
||
618000
|
heap
|
page read and write
|
||
478000
|
unkown
|
page readonly
|
||
5B4000
|
heap
|
page read and write
|
||
1F0000
|
heap
|
page read and write
|
||
256F000
|
stack
|
page read and write
|
||
574000
|
heap
|
page read and write
|
||
25BF000
|
stack
|
page read and write
|
||
5C1000
|
heap
|
page read and write
|
||
5B5000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
60C000
|
heap
|
page read and write
|
||
5B4000
|
heap
|
page read and write
|
||
2200000
|
heap
|
page read and write
|
||
82D000
|
heap
|
page read and write
|
||
574000
|
heap
|
page read and write
|
||
2A69000
|
heap
|
page read and write
|
||
574000
|
heap
|
page read and write
|
||
9C3000
|
heap
|
page read and write
|
||
45C000
|
system
|
page execute and read and write
|
||
2B6D000
|
unclassified section
|
page execute and read and write
|
||
83B000
|
heap
|
page read and write
|
||
574000
|
heap
|
page read and write
|
||
25C0000
|
heap
|
page read and write
|
||
36C8000
|
heap
|
page read and write
|
||
5C2000
|
heap
|
page read and write
|
||
276B000
|
heap
|
page read and write
|
||
478000
|
unkown
|
page readonly
|
||
631000
|
heap
|
page read and write
|
||
2750000
|
heap
|
page read and write
|
||
841000
|
heap
|
page read and write
|
||
2650000
|
heap
|
page read and write
|
||
17C000
|
stack
|
page read and write
|
||
845000
|
heap
|
page read and write
|
||
590000
|
heap
|
page read and write
|
||
5B5000
|
heap
|
page read and write
|
||
9C000
|
stack
|
page read and write
|
||
845000
|
heap
|
page read and write
|
||
820000
|
heap
|
page read and write
|
||
10000000
|
direct allocation
|
page read and write
|
There are 332 hidden memdumps, click here to show them.