Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Documenti di spedizione.bat.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\ProgramData\ankomstperrons.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\semirigorously\Directdiscourse.Mrk
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\semirigorously\Freakouts.mis
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\semirigorously\Kavalerens188.equ
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\semirigorously\Overhates.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\semirigorously\Subarachnoid\Protaspis.sol
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\semirigorously\Subarachnoid\barbecue.ste
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\semirigorously\Subarachnoid\paradiset.cho
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\semirigorously\Subarachnoid\saddleback.jer
|
Matlab v4 mat-file (little endian) , numeric, rows 20224, columns 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\semirigorously\distortionless.Ska
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nseFD4D.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsgDADD.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nshF5CB.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsnEC44.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nspE389.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nstD5BB.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nswCF23.tmp
|
data
|
dropped
|
||
|
C:\Users\user\forvredet.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun
Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600, length=0, window=hide
|
dropped
|
There are 9 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Documenti di spedizione.bat.exe
|
"C:\Users\user\Desktop\Documenti di spedizione.bat.exe"
|
|
|
|
C:\Users\user\Desktop\Documenti di spedizione.bat.exe
|
"C:\Users\user\Desktop\Documenti di spedizione.bat.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://ftp.concaribe.com
|
unknown
|
|
|
|
https://api.ipify.org/
|
104.26.13.205
|
||
|
https://api.ipify.org
|
unknown
|
||
|
http://nsis.sf.net/NSIS_Error
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://concaribe.com
|
unknown
|
||
|
https://api.ipify.org/t
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://84.38.129.16/rNWbaMk175.bin
|
84.38.129.16
|
||
|
http://84.38.129.16/rNWbaMk175.bini
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
concaribe.com
|
192.185.13.234
|
|
|
|
ftp.concaribe.com
|
unknown
|
|
|
|
api.ipify.org
|
104.26.13.205
|
||
|
171.39.242.20.in-addr.arpa
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.185.13.234
|
concaribe.com
|
United States
|
|
|
|
104.26.13.205
|
api.ipify.org
|
United States
|
||
|
84.38.129.16
|
unknown
|
Latvia
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\opilionina\expectedly\forfjumret
|
jockeyer
|
||
|
HKEY_CURRENT_USER\snowbird\Uninstall\waleskringle\Torsionsaffjedringernes
|
upwax
|
||
|
HKEY_CURRENT_USER\maaren\opfrsel\forspent
|
Rekrutteringers105
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione_RASMANCS
|
FileDirectory
|
There are 8 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
35D11000
|
trusted library allocation
|
page read and write
|
|
|
|
35D3C000
|
trusted library allocation
|
page read and write
|
|
|
|
7225000
|
direct allocation
|
page execute and read and write
|
|
|
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
38CA0000
|
trusted library allocation
|
page read and write
|
||
|
35CF6000
|
trusted library allocation
|
page read and write
|
||
|
8625000
|
direct allocation
|
page execute and read and write
|
||
|
575B000
|
heap
|
page read and write
|
||
|
39200000
|
trusted library allocation
|
page read and write
|
||
|
5690000
|
heap
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
7280000
|
heap
|
page read and write
|
||
|
39200000
|
trusted library allocation
|
page read and write
|
||
|
39210000
|
trusted library allocation
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
39200000
|
trusted library allocation
|
page execute and read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D3000
|
heap
|
page read and write
|
||
|
3550F000
|
stack
|
page read and write
|
||
|
35B89000
|
stack
|
page read and write
|
||
|
391E0000
|
trusted library allocation
|
page read and write
|
||
|
7160000
|
direct allocation
|
page read and write
|
||
|
38C90000
|
trusted library allocation
|
page read and write
|
||
|
5590000
|
heap
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
B0000
|
trusted library allocation
|
page read and write
|
||
|
386C2000
|
heap
|
page read and write
|
||
|
38C7D000
|
trusted library allocation
|
page read and write
|
||
|
38C90000
|
trusted library allocation
|
page read and write
|
||
|
39210000
|
trusted library allocation
|
page read and write
|
||
|
391F0000
|
trusted library allocation
|
page read and write
|
||
|
28F4000
|
heap
|
page read and write
|
||
|
37E50000
|
heap
|
page execute and read and write
|
||
|
35D3A000
|
trusted library allocation
|
page read and write
|
||
|
2B95000
|
remote allocation
|
page execute and read and write
|
||
|
3F9C000
|
stack
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
445000
|
unkown
|
page read and write
|
||
|
35D0D000
|
trusted library allocation
|
page read and write
|
||
|
35CFF000
|
trusted library allocation
|
page read and write
|
||
|
680000
|
direct allocation
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
38CB0000
|
trusted library allocation
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
5E25000
|
direct allocation
|
page execute and read and write
|
||
|
38C90000
|
trusted library allocation
|
page read and write
|
||
|
38C90000
|
trusted library allocation
|
page read and write
|
||
|
38725000
|
heap
|
page read and write
|
||
|
90000
|
trusted library allocation
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
4ED000
|
heap
|
page read and write
|
||
|
4995000
|
remote allocation
|
page execute and read and write
|
||
|
18C000
|
stack
|
page read and write
|
||
|
36CC1000
|
trusted library allocation
|
page read and write
|
||
|
37F5C000
|
stack
|
page read and write
|
||
|
38D20000
|
trusted library allocation
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
38CD0000
|
trusted library allocation
|
page read and write
|
||
|
38DDE000
|
stack
|
page read and write
|
||
|
38C70000
|
trusted library allocation
|
page read and write
|
||
|
447000
|
unkown
|
page readonly
|
||
|
37DD2000
|
trusted library allocation
|
page read and write
|
||
|
38C90000
|
trusted library allocation
|
page read and write
|
||
|
38F1D000
|
stack
|
page read and write
|
||
|
352CF000
|
stack
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
38C70000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
38C90000
|
trusted library allocation
|
page read and write
|
||
|
227E000
|
stack
|
page read and write
|
||
|
2195000
|
remote allocation
|
page execute and read and write
|
||
|
2892000
|
heap
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
391E0000
|
trusted library allocation
|
page read and write
|
||
|
37E3C000
|
stack
|
page read and write
|
||
|
390DE000
|
stack
|
page read and write
|
||
|
37DF2000
|
trusted library allocation
|
page read and write
|
||
|
38C90000
|
trusted library allocation
|
page read and write
|
||
|
391E0000
|
trusted library allocation
|
page read and write
|
||
|
CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
37FA0000
|
heap
|
page read and write
|
||
|
38C90000
|
trusted library allocation
|
page read and write
|
||
|
2309000
|
heap
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
38B5E000
|
stack
|
page read and write
|
||
|
690000
|
direct allocation
|
page read and write
|
||
|
3540E000
|
stack
|
page read and write
|
||
|
38C70000
|
trusted library allocation
|
page read and write
|
||
|
38B1E000
|
stack
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
38722000
|
heap
|
page read and write
|
||
|
2230000
|
heap
|
page read and write
|
||
|
3909F000
|
stack
|
page read and write
|
||
|
6E0000
|
direct allocation
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
38CD0000
|
trusted library allocation
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
38CB0000
|
trusted library allocation
|
page read and write
|
||
|
38C90000
|
trusted library allocation
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
39200000
|
trusted library allocation
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
38713000
|
heap
|
page read and write
|
||
|
38CA0000
|
trusted library allocation
|
page read and write
|
||
|
38C90000
|
trusted library allocation
|
page read and write
|
||
|
38C90000
|
trusted library allocation
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
54F0000
|
heap
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
7140000
|
direct allocation
|
page read and write
|
||
|
36D20000
|
trusted library allocation
|
page read and write
|
||
|
429000
|
unkown
|
page read and write
|
||
|
3206000
|
heap
|
page read and write
|
||
|
7C25000
|
direct allocation
|
page execute and read and write
|
||
|
38CD0000
|
trusted library allocation
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
38C81000
|
trusted library allocation
|
page read and write
|
||
|
38C70000
|
trusted library allocation
|
page read and write
|
||
|
7150000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
35540000
|
trusted library allocation
|
page read and write
|
||
|
545000
|
heap
|
page read and write
|
||
|
288F000
|
stack
|
page read and write
|
||
|
38661000
|
heap
|
page read and write
|
||
|
2305000
|
heap
|
page read and write
|
||
|
35D36000
|
trusted library allocation
|
page read and write
|
||
|
391E0000
|
trusted library allocation
|
page read and write
|
||
|
2300000
|
heap
|
page read and write
|
||
|
9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7230000
|
heap
|
page read and write
|
||
|
39200000
|
trusted library allocation
|
page read and write
|
||
|
39210000
|
trusted library allocation
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
37DBE000
|
stack
|
page read and write
|
||
|
35C8F000
|
stack
|
page read and write
|
||
|
36CE9000
|
trusted library allocation
|
page read and write
|
||
|
10005000
|
unkown
|
page readonly
|
||
|
80000
|
trusted library allocation
|
page read and write
|
||
|
37DCB000
|
trusted library allocation
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
353CB000
|
stack
|
page read and write
|
||
|
38CB0000
|
trusted library allocation
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
39210000
|
trusted library allocation
|
page read and write
|
||
|
38CA0000
|
trusted library allocation
|
page read and write
|
||
|
38D10000
|
trusted library allocation
|
page read and write
|
||
|
5710000
|
heap
|
page read and write
|
||
|
C2000
|
trusted library allocation
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
39200000
|
trusted library allocation
|
page read and write
|
||
|
35A80000
|
heap
|
page read and write
|
||
|
356A0000
|
heap
|
page read and write
|
||
|
1E5000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
38D00000
|
trusted library allocation
|
page read and write
|
||
|
39210000
|
trusted library allocation
|
page read and write
|
||
|
AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
5425000
|
direct allocation
|
page execute and read and write
|
||
|
38EE0000
|
trusted library allocation
|
page read and write
|
||
|
39210000
|
trusted library allocation
|
page read and write
|
||
|
38CC0000
|
trusted library allocation
|
page read and write
|
||
|
38C5F000
|
stack
|
page read and write
|
||
|
35D42000
|
trusted library allocation
|
page read and write
|
||
|
3866A000
|
heap
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
274F000
|
stack
|
page read and write
|
||
|
3926E000
|
stack
|
page read and write
|
||
|
38C90000
|
trusted library allocation
|
page read and write
|
||
|
39200000
|
trusted library allocation
|
page read and write
|
||
|
39200000
|
trusted library allocation
|
page read and write
|
||
|
35A50000
|
trusted library allocation
|
page read and write
|
||
|
38CD0000
|
trusted library allocation
|
page read and write
|
||
|
278E000
|
stack
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
7170000
|
direct allocation
|
page read and write
|
||
|
5540000
|
heap
|
page read and write
|
||
|
38C68000
|
trusted library allocation
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
37DC0000
|
trusted library allocation
|
page read and write
|
||
|
22C0000
|
heap
|
page read and write
|
||
|
38EE0000
|
trusted library allocation
|
page read and write
|
||
|
391F0000
|
trusted library allocation
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
38CB0000
|
trusted library allocation
|
page read and write
|
||
|
93000
|
trusted library allocation
|
page execute and read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
35950000
|
direct allocation
|
page read and write
|
||
|
39230000
|
trusted library allocation
|
page read and write
|
||
|
38F5F000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
425000
|
unkown
|
page read and write
|
||
|
38C70000
|
trusted library allocation
|
page read and write
|
||
|
38CD0000
|
trusted library allocation
|
page read and write
|
||
|
38705000
|
heap
|
page read and write
|
||
|
38C90000
|
trusted library allocation
|
page read and write
|
||
|
38C83000
|
trusted library allocation
|
page read and write
|
||
|
31E0000
|
direct allocation
|
page read and write
|
||
|
391E0000
|
trusted library allocation
|
page read and write
|
||
|
498000
|
heap
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
421000
|
unkown
|
page read and write
|
||
|
39200000
|
trusted library allocation
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
6825000
|
direct allocation
|
page execute and read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
38C70000
|
trusted library allocation
|
page read and write
|
||
|
10003000
|
unkown
|
page readonly
|
||
|
39200000
|
trusted library allocation
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
16F0000
|
remote allocation
|
page execute and read and write
|
||
|
5680000
|
direct allocation
|
page read and write
|
||
|
D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F0000
|
direct allocation
|
page read and write
|
||
|
38CB7000
|
trusted library allocation
|
page read and write
|
||
|
38C70000
|
trusted library allocation
|
page read and write
|
||
|
38CC0000
|
trusted library allocation
|
page read and write
|
||
|
38C60000
|
trusted library allocation
|
page read and write
|
||
|
38C70000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3936F000
|
stack
|
page read and write
|
||
|
356C0000
|
heap
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
4CF000
|
heap
|
page read and write
|
||
|
36D0000
|
heap
|
page read and write
|
||
|
490000
|
heap
|
page read and write
|
||
|
39230000
|
trusted library allocation
|
page read and write
|
||
|
38F9E000
|
unkown
|
page read and write
|
||
|
37DC6000
|
trusted library allocation
|
page read and write
|
||
|
7FDF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
A0000
|
trusted library allocation
|
page read and write
|
||
|
3F95000
|
remote allocation
|
page execute and read and write
|
||
|
35A60000
|
trusted library allocation
|
page read and write
|
||
|
94000
|
trusted library allocation
|
page read and write
|
||
|
3568F000
|
stack
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
700000
|
direct allocation
|
page read and write
|
||
|
39200000
|
trusted library allocation
|
page read and write
|
||
|
38C60000
|
trusted library allocation
|
page read and write
|
||
|
577E000
|
heap
|
page read and write
|
||
|
38C91000
|
trusted library allocation
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
3865C000
|
stack
|
page read and write
|
||
|
391E0000
|
trusted library allocation
|
page read and write
|
||
|
3558E000
|
stack
|
page read and write
|
||
|
3760000
|
trusted library allocation
|
page read and write
|
||
|
5771000
|
heap
|
page read and write
|
||
|
39120000
|
trusted library allocation
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
71B0000
|
direct allocation
|
page read and write
|
||
|
38EDD000
|
stack
|
page read and write
|
||
|
37E40000
|
remote allocation
|
page read and write
|
||
|
6A0000
|
direct allocation
|
page read and write
|
||
|
38C70000
|
trusted library allocation
|
page read and write
|
||
|
3911F000
|
stack
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
B2000
|
trusted library allocation
|
page read and write
|
||
|
7287000
|
heap
|
page read and write
|
||
|
35D38000
|
trusted library allocation
|
page read and write
|
||
|
C5000
|
trusted library allocation
|
page execute and read and write
|
||
|
14E000
|
stack
|
page read and write
|
||
|
38C81000
|
trusted library allocation
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
71D0000
|
direct allocation
|
page read and write
|
||
|
F0000
|
trusted library allocation
|
page read and write
|
||
|
6D0000
|
direct allocation
|
page read and write
|
||
|
100000
|
heap
|
page execute and read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
447000
|
unkown
|
page readonly
|
||
|
5706000
|
heap
|
page read and write
|
||
|
22C4000
|
heap
|
page read and write
|
||
|
5712000
|
heap
|
page read and write
|
||
|
B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
35CB0000
|
heap
|
page read and write
|
||
|
37DCE000
|
trusted library allocation
|
page read and write
|
||
|
38CA0000
|
trusted library allocation
|
page read and write
|
||
|
357FE000
|
stack
|
page read and write
|
||
|
37DED000
|
trusted library allocation
|
page read and write
|
||
|
35A60000
|
trusted library allocation
|
page read and write
|
||
|
358FF000
|
stack
|
page read and write
|
||
|
39220000
|
trusted library allocation
|
page read and write
|
||
|
3595000
|
remote allocation
|
page execute and read and write
|
||
|
35A60000
|
trusted library allocation
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
409B000
|
stack
|
page read and write
|
||
|
3350000
|
heap
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
5698000
|
heap
|
page read and write
|
||
|
391F0000
|
trusted library allocation
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
389DF000
|
stack
|
page read and write
|
||
|
38660000
|
heap
|
page read and write
|
||
|
38C70000
|
trusted library allocation
|
page read and write
|
||
|
2280000
|
heap
|
page read and write
|
||
|
38CF0000
|
trusted library allocation
|
page read and write
|
||
|
56D3000
|
heap
|
page read and write
|
||
|
4D7000
|
heap
|
page read and write
|
||
|
359AA000
|
stack
|
page read and write
|
||
|
6C0000
|
direct allocation
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
37DE6000
|
trusted library allocation
|
page read and write
|
||
|
38EE0000
|
trusted library allocation
|
page read and write
|
||
|
37E40000
|
remote allocation
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
98000
|
stack
|
page read and write
|
||
|
710000
|
direct allocation
|
page read and write
|
||
|
37DE1000
|
trusted library allocation
|
page read and write
|
||
|
37DDA000
|
trusted library allocation
|
page read and write
|
||
|
388DD000
|
stack
|
page read and write
|
||
|
35960000
|
direct allocation
|
page read and write
|
||
|
190000
|
trusted library allocation
|
page read and write
|
||
|
391E0000
|
trusted library allocation
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
39210000
|
trusted library allocation
|
page read and write
|
||
|
39200000
|
trusted library allocation
|
page read and write
|
||
|
7190000
|
direct allocation
|
page read and write
|
||
|
38C90000
|
trusted library allocation
|
page read and write
|
||
|
38C81000
|
trusted library allocation
|
page read and write
|
||
|
56EE000
|
heap
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
3340000
|
heap
|
page read and write
|
||
|
71C0000
|
direct allocation
|
page read and write
|
||
|
9025000
|
direct allocation
|
page execute and read and write
|
||
|
35CC1000
|
trusted library allocation
|
page read and write
|
||
|
38CA0000
|
trusted library allocation
|
page read and write
|
||
|
37E40000
|
remote allocation
|
page read and write
|
||
|
391D7000
|
trusted library allocation
|
page read and write
|
||
|
1795000
|
remote allocation
|
page execute and read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
38C90000
|
trusted library allocation
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
7130000
|
direct allocation
|
page read and write
|
||
|
7180000
|
direct allocation
|
page read and write
|
||
|
4F3000
|
heap
|
page read and write
|
||
|
31C0000
|
heap
|
page read and write
|
||
|
447000
|
unkown
|
page readonly
|
||
|
38CA0000
|
trusted library allocation
|
page read and write
|
||
|
5395000
|
remote allocation
|
page execute and read and write
|
||
|
38C7D000
|
trusted library allocation
|
page read and write
|
||
|
38C70000
|
trusted library allocation
|
page read and write
|
||
|
5595000
|
heap
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
391D0000
|
trusted library allocation
|
page read and write
|
||
|
35A60000
|
trusted library allocation
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
727D000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute read
|
||
|
35A70000
|
trusted library allocation
|
page read and write
|
||
|
38CD7000
|
trusted library allocation
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
39200000
|
trusted library allocation
|
page read and write
|
||
|
722E000
|
stack
|
page read and write
|
||
|
38CA0000
|
trusted library allocation
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
577B000
|
heap
|
page read and write
|
||
|
447000
|
unkown
|
page readonly
|
||
|
19A000
|
stack
|
page read and write
|
||
|
6B0000
|
direct allocation
|
page read and write
|
||
|
38D10000
|
trusted library allocation
|
page read and write
|
||
|
35A70000
|
heap
|
page read and write
|
||
|
56BF000
|
heap
|
page read and write
|
||
|
3300000
|
direct allocation
|
page read and write
|
||
|
38CF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
38EE0000
|
trusted library allocation
|
page read and write
|
||
|
359B8000
|
trusted library allocation
|
page read and write
|
||
|
37DDE000
|
trusted library allocation
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
38CE2000
|
trusted library allocation
|
page read and write
|
||
|
37F9E000
|
stack
|
page read and write
|
||
|
38D20000
|
trusted library allocation
|
page read and write
|
||
|
E0000
|
trusted library allocation
|
page read and write
|
||
|
38CC0000
|
trusted library allocation
|
page read and write
|
||
|
38D00000
|
trusted library allocation
|
page read and write
|
||
|
38C70000
|
trusted library allocation
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
5380000
|
direct allocation
|
page execute and read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
38A1E000
|
stack
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
535000
|
heap
|
page read and write
|
||
|
38C73000
|
trusted library allocation
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
38CE0000
|
trusted library allocation
|
page read and write
|
||
|
71A0000
|
direct allocation
|
page read and write
|
There are 404 hidden memdumps, click here to show them.