IOC Report
DellTpm1.2_Fw5.81.2.1_V2_64.exe

loading gif

Files

File Path
Type
Category
Malicious
DellTpm1.2_Fw5.81.2.1_V2_64.exe
PE32+ executable (GUI) x86-64, for MS Windows
initial sample
 malicious
C:\ProgramData\Microsoft\Network\Downloader\edb.log
data
dropped
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
Extensible storage engine DataBase, version 0x620, checksum 0xed75ac4b, page size 16384, DirtyShutdown, Windows version 10.0
dropped
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
data
dropped
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_DellTpm1.2_Fw5.8_edb15fb60ccb2c127253bc03d768e559934021_8f146201_e374e0fc-bcd4-4636-85ec-a6bb25239134\Report.wer
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE834.tmp.dmp
Mini DuMP crash report, 14 streams, Sun Oct 20 21:45:43 2024, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE8A3.tmp.WERInternalMetadata.xml
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE8D2.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE8E0.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE910.tmp.txt
data
dropped
C:\Users\user\AppData\Local\Temp\DBUtil_2_3.Sys
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log
Unicode text, UTF-16, little-endian text, with CRLF line terminators
modified
C:\Windows\appcompat\Programs\Amcache.hve
MS Windows registry file, NT/2000 or above
dropped
There are 3 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\DellTpm1.2_Fw5.81.2.1_V2_64.exe
"C:\Users\user\Desktop\DellTpm1.2_Fw5.81.2.1_V2_64.exe"
 malicious
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
 malicious
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
 malicious
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k NetworkService -p
 malicious
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
 malicious
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
 malicious
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s wscsvc
 malicious
C:\Windows\System32\WerFault.exe
C:\Windows\system32\WerFault.exe -pss -s 456 -p 2940 -ip 2940
C:\Windows\System32\WerFault.exe
C:\Windows\system32\WerFault.exe -u -p 2940 -s 288
C:\Windows\System32\SgrmBroker.exe
C:\Windows\system32\SgrmBroker.exe
C:\Program Files\Windows Defender\MpCmdRun.exe
"C:\Program Files\Windows Defender\mpcmdrun.exe" -wdenable
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
There are 2 hidden processes, click here to show them.

URLs

Name
IP
Malicious
https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx
unknown
http://aia.entrust.net/ovcs1-chain256.cer01
unknown
http://ocsp.entrust.net05
unknown
https://dev.ditu.live.com/REST/v1/Routes/
unknown
https://dev.virtualearth.net/REST/v1/Routes/Driving
unknown
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx
unknown
http://ocsp.entrust.net02
unknown
https://dev.ditu.live.com/REST/v1/Transit/Stops/
unknown
http://ocsp.entrust.net00
unknown
https://dev.virtualearth.net/REST/v1/Routes/
unknown
https://dev.virtualearth.net/REST/v1/Traffic/Incidents/
unknown
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r=
unknown
https://dev.virtualearth.net/REST/v1/Routes/Walking
unknown
https://dynamic.api.tiles.ditu.live.com/odvs/gri?pv=1&r=
unknown
http://crl.ver)
unknown
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?
unknown
http://upx.sf.net
unknown
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r=
unknown
https://dev.virtualearth.net/REST/v1/Locations
unknown
https://dev.ditu.live.com/REST/V1/MapControlConfiguration/native/
unknown
https://dev.virtualearth.net/mapcontrol/logging.ashx
unknown
http://crl.entrust.net/level1d.crl03
unknown
https://dev.ditu.live.com/mapcontrol/logging.ashx
unknown
https://dev.ditu.live.com/REST/v1/Imagery/Copyright/
unknown
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r=
unknown
http://crl.entrust.net/ovcs1.crl0J
unknown
https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r=
unknown
https://dev.virtualearth.net/REST/v1/Transit/Schedules/
unknown
http://crl.entrust.net/g2ca.crl0;
unknown
https://dynamic.t
unknown
https://g.live.com/odclientsettings/Prod-C:
unknown
https://dev.virtualearth.net/REST/v1/Routes/Transit
unknown
https://g.live.com/odclientsettings/ProdV2-C:
unknown
https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen
unknown
https://tiles.virtualearth.net/tiles/cmd/StreetSideBubbleMetaData?north=
unknown
https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r=
unknown
http://crl.entrust.net/2048ca.crl0;
unknown
http://www.entrust.net/rpa0
unknown
http://www.bingmapsportal.com
unknown
https://dev.ditu.live.com/REST/v1/Locations
unknown
https://dev.virtualearth.net/REST/v1/Imagery/Copyright/
unknown
http://ocsp.entrust.net0A
unknown
https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/
unknown
https://dev.ditu.live.com/REST/v1/JsonFilter/VenueMaps/data/
unknown
https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r=
unknown
There are 35 hidden URLs, click here to show them.

IPs

IP
Domain
Country
Malicious
127.0.0.1
unknown
unknown

Registry

Path
Value
Malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
cval
 malicious
\REGISTRY\A\{d87678b3-bcc8-60e7-789d-e39b7bcabff5}\Root\InventoryApplicationFile\delltpm1.2_fw5.8|8f10ba2a612fac9f
ProgramId
\REGISTRY\A\{d87678b3-bcc8-60e7-789d-e39b7bcabff5}\Root\InventoryApplicationFile\delltpm1.2_fw5.8|8f10ba2a612fac9f
FileId
\REGISTRY\A\{d87678b3-bcc8-60e7-789d-e39b7bcabff5}\Root\InventoryApplicationFile\delltpm1.2_fw5.8|8f10ba2a612fac9f
LowerCaseLongPath
\REGISTRY\A\{d87678b3-bcc8-60e7-789d-e39b7bcabff5}\Root\InventoryApplicationFile\delltpm1.2_fw5.8|8f10ba2a612fac9f
LongPathHash
\REGISTRY\A\{d87678b3-bcc8-60e7-789d-e39b7bcabff5}\Root\InventoryApplicationFile\delltpm1.2_fw5.8|8f10ba2a612fac9f
Name
\REGISTRY\A\{d87678b3-bcc8-60e7-789d-e39b7bcabff5}\Root\InventoryApplicationFile\delltpm1.2_fw5.8|8f10ba2a612fac9f
OriginalFileName
\REGISTRY\A\{d87678b3-bcc8-60e7-789d-e39b7bcabff5}\Root\InventoryApplicationFile\delltpm1.2_fw5.8|8f10ba2a612fac9f
Publisher
\REGISTRY\A\{d87678b3-bcc8-60e7-789d-e39b7bcabff5}\Root\InventoryApplicationFile\delltpm1.2_fw5.8|8f10ba2a612fac9f
Version
\REGISTRY\A\{d87678b3-bcc8-60e7-789d-e39b7bcabff5}\Root\InventoryApplicationFile\delltpm1.2_fw5.8|8f10ba2a612fac9f
BinFileVersion
\REGISTRY\A\{d87678b3-bcc8-60e7-789d-e39b7bcabff5}\Root\InventoryApplicationFile\delltpm1.2_fw5.8|8f10ba2a612fac9f
BinaryType
\REGISTRY\A\{d87678b3-bcc8-60e7-789d-e39b7bcabff5}\Root\InventoryApplicationFile\delltpm1.2_fw5.8|8f10ba2a612fac9f
ProductName
\REGISTRY\A\{d87678b3-bcc8-60e7-789d-e39b7bcabff5}\Root\InventoryApplicationFile\delltpm1.2_fw5.8|8f10ba2a612fac9f
ProductVersion
\REGISTRY\A\{d87678b3-bcc8-60e7-789d-e39b7bcabff5}\Root\InventoryApplicationFile\delltpm1.2_fw5.8|8f10ba2a612fac9f
LinkDate
\REGISTRY\A\{d87678b3-bcc8-60e7-789d-e39b7bcabff5}\Root\InventoryApplicationFile\delltpm1.2_fw5.8|8f10ba2a612fac9f
BinProductVersion
\REGISTRY\A\{d87678b3-bcc8-60e7-789d-e39b7bcabff5}\Root\InventoryApplicationFile\delltpm1.2_fw5.8|8f10ba2a612fac9f
AppxPackageFullName
\REGISTRY\A\{d87678b3-bcc8-60e7-789d-e39b7bcabff5}\Root\InventoryApplicationFile\delltpm1.2_fw5.8|8f10ba2a612fac9f
AppxPackageRelativeId
\REGISTRY\A\{d87678b3-bcc8-60e7-789d-e39b7bcabff5}\Root\InventoryApplicationFile\delltpm1.2_fw5.8|8f10ba2a612fac9f
Size
\REGISTRY\A\{d87678b3-bcc8-60e7-789d-e39b7bcabff5}\Root\InventoryApplicationFile\delltpm1.2_fw5.8|8f10ba2a612fac9f
Language
\REGISTRY\A\{d87678b3-bcc8-60e7-789d-e39b7bcabff5}\Root\InventoryApplicationFile\delltpm1.2_fw5.8|8f10ba2a612fac9f
Usn
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
PerfMMFileName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WMI\Security
c688cf83-9945-5ff6-0e1e-1ff1f8a2ec9a
There are 12 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
756D6FE000
stack
page read and write
756CC7E000
unkown
page readonly
1D0E3C93000
heap
page read and write
292C566F000
heap
page read and write
23BC7242000
heap
page read and write
C1F18FE000
unkown
page readonly
15885864000
heap
page read and write
756D3FE000
unkown
page readonly
406B576000
stack
page read and write
158857B0000
heap
page read and write
C1F0B3B000
stack
page read and write
292C5570000
heap
page read and write
C1F1BFD000
stack
page read and write
7FF7CFDCA000
unkown
page execute read
7FF7CFDFE000
unkown
page read and write
52ACAFE000
stack
page read and write
292C564C000
heap
page read and write
23BC729A000
heap
page read and write
15885813000
heap
page read and write
15885802000
heap
page read and write
CFC000
stack
page read and write
1D0E3C4F000
heap
page read and write
2C1DCFD0000
heap
page read and write
1D0E3C49000
heap
page read and write
23BC1C88000
heap
page read and write
C1F177E000
stack
page read and write
7FF7CFDF7000
unkown
page write copy
292C5659000
heap
page read and write
23BC2502000
heap
page read and write
1DB14513000
heap
page read and write
292C5648000
heap
page read and write
1D0E3C75000
heap
page read and write
1D0E3CA8000
heap
page read and write
406B87E000
unkown
page readonly
23BC7190000
trusted library allocation
page read and write
1D0E3C83000
heap
page read and write
756C67C000
stack
page read and write
23BC2513000
heap
page read and write
15885902000
heap
page read and write
23BC7285000
heap
page read and write
1D0E3C72000
heap
page read and write
23BC1C9F000
heap
page read and write
756DA7E000
unkown
page readonly
756CCFE000
stack
page read and write
23BC70B0000
trusted library allocation
page read and write
23BC1C27000
heap
page read and write
23BC2940000
trusted library allocation
page read and write
1D0E3C3F000
heap
page read and write
1D0E3C7D000
heap
page read and write
756C37E000
unkown
page readonly
C1F15FE000
stack
page read and write
52ACDF9000
stack
page read and write
23BC7080000
trusted library allocation
page read and write
15886002000
heap
page read and write
CD2687E000
stack
page read and write
1D0E3C6E000
heap
page read and write
1D0E3C4D000
heap
page read and write
38B96BB000
stack
page read and write
15885800000
heap
page read and write
1DB142E0000
trusted library allocation
page read and write
23BC72F7000
heap
page read and write
C1F1FFE000
unkown
page readonly
2C1DEC02000
trusted library allocation
page read and write
23BC7120000
trusted library allocation
page read and write
23BC72C7000
heap
page read and write
2C1DD102000
heap
page read and write
CD262EC000
stack
page read and write
1D0E3C8E000
heap
page read and write
1D0E3C86000
heap
page read and write
23BC1CFC000
heap
page read and write
1D0E3C30000
heap
page read and write
292C55A0000
trusted library allocation
page read and write
1588584E000
heap
page read and write
1DB14400000
heap
page read and write
38BA47E000
unkown
page readonly
23BC70B3000
trusted library allocation
page read and write
756CA7B000
stack
page read and write
292C5616000
heap
page read and write
23BC1B90000
trusted library allocation
page read and write
103E000
stack
page read and write
756C87C000
stack
page read and write
1D0E3C5E000
heap
page read and write
292C566B000
heap
page read and write
C1F17FE000
unkown
page readonly
23BC7060000
trusted library allocation
page read and write
15885840000
heap
page read and write
23BC72E2000
heap
page read and write
756D57E000
unkown
page readonly
23BC7110000
trusted library allocation
page read and write
1D0E3C55000
heap
page read and write
406AEBB000
stack
page read and write
1D0E3C91000
heap
page read and write
CD26C7E000
stack
page read and write
2C1DD075000
heap
page read and write
756E27E000
unkown
page readonly
756C57E000
unkown
page readonly
23BC1A80000
heap
page read and write
23BC7041000
trusted library allocation
page read and write
2C1DCFC0000
heap
page read and write
1D0E3C8C000
heap
page read and write
1D0E4402000
trusted library allocation
page read and write
7FF7CFE05000
unkown
page read and write
1D0E3C39000
heap
page read and write
1D0E3C70000
heap
page read and write
23BC721D000
heap
page read and write
23BC1C8D000
heap
page read and write
23BC7302000
heap
page read and write
38B97BE000
stack
page read and write
2A00000
heap
page read and write
52AC87D000
stack
page read and write
1D0E3C59000
heap
page read and write
23BC2A40000
trusted library section
page readonly
756BB9B000
stack
page read and write
38B9A7E000
unkown
page readonly
756D87E000
unkown
page readonly
1D0E3C62000
heap
page read and write
1D0E3C60000
heap
page read and write
2C1DD080000
heap
page read and write
756D0FE000
stack
page read and write
23BC2402000
heap
page read and write
1D0E3C50000
heap
page read and write
C1F16FE000
unkown
page readonly
1588583B000
heap
page read and write
C1F14FE000
unkown
page readonly
1D0E3C57000
heap
page read and write
23BC1CB9000
heap
page read and write
1D0E3C4C000
heap
page read and write
1D0E3C13000
heap
page read and write
23BC7283000
heap
page read and write
C1F1EFD000
stack
page read and write
158857D0000
heap
page read and write
C1F11FE000
stack
page readonly
1D0E3C6D000
heap
page read and write
1DB14502000
heap
page read and write
1DB14100000
trusted library allocation
page read and write
2A30000
heap
page read and write
38BA07E000
unkown
page readonly
406B97E000
stack
page read and write
756D67E000
stack
page read and write
292C5540000
heap
page read and write
406BB7E000
stack
page read and write
1DB14502000
heap
page read and write
23BC72D4000
heap
page read and write
1D0E3B30000
heap
page read and write
15885F40000
trusted library allocation
page read and write
C1F117E000
stack
page read and write
1DB14505000
heap
page read and write
2C1DD013000
heap
page read and write
1D0E3C4B000
heap
page read and write
C1F1DFE000
unkown
page readonly
38BA17E000
stack
page read and write
1DB14513000
heap
page read and write
1D0E3A30000
heap
page read and write
23BC7228000
heap
page read and write
292C5600000
heap
page read and write
23BC7260000
heap
page read and write
756DC7E000
unkown
page readonly
23BC71E0000
remote allocation
page read and write
756D4FE000
stack
page read and write
113E000
stack
page read and write
23BC2FB0000
trusted library allocation
page read and write
1D0E3C7B000
heap
page read and write
756C277000
stack
page read and write
23BC7020000
trusted library allocation
page read and write
15885827000
heap
page read and write
1D0E3C5A000
heap
page read and write
2C1DD02B000
heap
page read and write
1DB14413000
heap
page read and write
23BC2500000
heap
page read and write
2C1DD022000
heap
page read and write
23BC71E0000
remote allocation
page read and write
23BC1C8F000
heap
page read and write
1DB14402000
heap
page read and write
756D17E000
unkown
page readonly
23BC1B60000
heap
page read and write
38B9AFE000
stack
page read and write
15886015000
heap
page read and write
23BC1A60000
heap
page read and write
1DB14102000
trusted library allocation
page read and write
7FF7CFE01000
unkown
page read and write
1588587F000
heap
page read and write
23BC70A2000
trusted library allocation
page read and write
1D0E3C2B000
heap
page read and write
CD26A7C000
stack
page read and write
2C1DD128000
heap
page read and write
23BC7180000
trusted library allocation
page read and write
2C1DCFA0000
heap
page read and write
1D0E3C6C000
heap
page read and write
1D0E3C3D000
heap
page read and write
CD2677E000
stack
page read and write
38BA37E000
stack
page read and write
7FF7CFDEB000
unkown
page readonly
1D0E3C53000
heap
page read and write
D50000
heap
page read and write
2C1DEA70000
trusted library allocation
page read and write
292C5E02000
trusted library allocation
page read and write
C1F13FD000
stack
page read and write
C1F20FC000
stack
page read and write
38B9B7E000
unkown
page readonly
1D0E3C58000
heap
page read and write
23BC7040000
trusted library allocation
page read and write
1DB14500000
heap
page read and write
23BC1D13000
heap
page read and write
1D0E3C61000
heap
page read and write
23BC6FB0000
trusted library allocation
page read and write
23BC1C71000
heap
page read and write
1DB14002000
unkown
page read and write
1D0E3C4E000
heap
page read and write
23BC7300000
heap
page read and write
756D97E000
stack
page read and write
1588584B000
heap
page read and write
1D0E3A50000
heap
page read and write
C1F19FE000
stack
page read and write
23BC71E0000
remote allocation
page read and write
756CE7E000
unkown
page readonly
38B9F7E000
stack
page read and write
CD2697C000
stack
page read and write
23BC7110000
trusted library allocation
page read and write
23BC1C43000
heap
page read and write
1D0E3D02000
heap
page read and write
1D0E3C35000
heap
page read and write
2C1DD100000
heap
page read and write
756CD7E000
unkown
page readonly
23BC1CA5000
heap
page read and write
1D0E3B60000
trusted library allocation
page read and write
7FF7CFDA0000
unkown
page readonly
1D0E3C6B000
heap
page read and write
23BC7255000
heap
page read and write
23BC1C6E000
heap
page read and write
406BE7E000
unkown
page readonly
756D7FE000
unkown
page readonly
292C5613000
heap
page read and write
1D0E3C67000
heap
page read and write
2AE0000
heap
page read and write
2C1DEA90000
trusted library allocation
page read and write
29E0000
heap
page read and write
158857E0000
heap
page read and write
1588588B000
heap
page read and write
406BC7E000
unkown
page readonly
292C5602000
heap
page read and write
7FF7CFE07000
unkown
page readonly
15886000000
heap
page read and write
C1F21FE000
unkown
page readonly
1D0E3C4A000
heap
page read and write
23BC6FC0000
trusted library allocation
page read and write
756C47E000
stack
page read and write
15885890000
heap
page read and write
C1F1CFE000
unkown
page readonly
23BC23E1000
trusted library allocation
page read and write
C1F187E000
stack
page read and write
23BC1CAD000
heap
page read and write
292C5637000
heap
page read and write
D5B000
heap
page read and write
23BC251A000
heap
page read and write
23BC1BA0000
trusted library section
page read and write
1DB14115000
trusted library allocation
page read and write
15885900000
heap
page read and write
1D0E3C74000
heap
page read and write
406B77B000
stack
page read and write
2C1DD063000
heap
page read and write
1DB14200000
heap
page read and write
CD26B7E000
stack
page read and write
23BC7293000
heap
page read and write
23BC7200000
heap
page read and write
23BC7040000
trusted library allocation
page read and write
406BA7E000
unkown
page readonly
23BC1D02000
heap
page read and write
23BC1CB1000
heap
page read and write
2C1DD091000
heap
page read and write
1DB14000000
unkown
page read and write
38B9C7E000
unkown
page readonly
38B9BFE000
stack
page read and write
2C1DD113000
heap
page read and write
23BC1C94000
heap
page read and write
7FF7CFDEB000
unkown
page readonly
756CF7E000
stack
page read and write
1DB14014000
unkown
page read and write
23BC72E8000
heap
page read and write
C1F1AFE000
unkown
page readonly
1D0E3C26000
heap
page read and write
1D0E3C5D000
heap
page read and write
C1F1D7E000
stack
page read and write
756C77E000
unkown
page readonly
1D0E3C3B000
heap
page read and write
1D0E3C44000
heap
page read and write
292C5702000
heap
page read and write
756D2FE000
stack
page read and write
23BC1C13000
heap
page read and write
23BC71A0000
trusted library allocation
page read and write
123F000
stack
page read and write
1DB14124000
heap
page read and write
D56000
heap
page read and write
23BC1C5B000
heap
page read and write
1D0E3C41000
heap
page read and write
292C5633000
heap
page read and write
23BC1D28000
heap
page read and write
23BC1C00000
heap
page read and write
1D0E3C97000
heap
page read and write
D30000
heap
page read and write
23BC2B80000
trusted library allocation
page read and write
756DB7A000
stack
page read and write
756D27B000
stack
page read and write
23BC730A000
heap
page read and write
1D0E3C65000
heap
page read and write
406B67E000
unkown
page readonly
15885913000
heap
page read and write
23BC720B000
heap
page read and write
1D0E3C5B000
heap
page read and write
756D07E000
unkown
page readonly
406BD7E000
stack
page read and write
756CBFE000
stack
page read and write
756C97E000
unkown
page readonly
1D0E3C22000
heap
page read and write
23BC72C4000
heap
page read and write
1D0E3C00000
heap
page read and write
2A3D000
heap
page read and write
F20000
heap
page read and write
1DB14038000
heap
page read and write
23BC724E000
heap
page read and write
756E1FE000
stack
page read and write
2C1DD040000
heap
page read and write
2C1DD002000
heap
page read and write
38BA27E000
unkown
page readonly
23BC2400000
heap
page read and write
292C5560000
heap
page read and write
1DB13FE0000
heap
page read and write
23BC2415000
heap
page read and write
23BC1C6B000
heap
page read and write
2C1DD000000
heap
page read and write
1DB14024000
unkown
page read and write
23BC7170000
trusted library allocation
page read and write
23BC728D000
heap
page read and write
1D0E3C51000
heap
page read and write
756CB7E000
unkown
page readonly
756CDFE000
stack
page read and write
There are 325 hidden memdumps, click here to show them.