IOC Report
MDE_File_Sample_b70d20ce558c0162a271d1ecf0e80035ee00f9ad.zip

loading gif

Files

File Path
Type
Category
Malicious
MDE_File_Sample_b70d20ce558c0162a271d1ecf0e80035ee00f9ad.zip
Zip archive data, at least v2.0 to extract, compression method=deflate
initial sample
 malicious
C:\Users\user\Desktop\TestFile\b70d20ce558c0162a271d1ecf0e80035ee00f9ad
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Desktop\b70d20ce558c0162a271d1ecf0e80035ee00f9ad
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious

Processes

Path
Cmdline
Malicious
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\user\Desktop\" -an -ai#7zMap6691:168:7zEvent615
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\user\Desktop\" -an -ai#7zMap11069:168:7zEvent6330
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\user\Desktop\MDE_File_Sample_b70d20ce558c0162a271d1ecf0e80035ee00f9ad\" -ad -an -ai#7zMap30652:168:7zEvent19888
C:\Windows\System32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\System32\notepad.exe
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\user\Desktop\TestFile\b70d20ce558c0162a271d1ecf0e80035ee00f9ad

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\7-Zip\Extraction
PathHistory
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.ApplicationCompany
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files\Mozilla Firefox\firefox.exe.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files\Mozilla Firefox\firefox.exe.ApplicationCompany
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files\Internet Explorer\iexplore.exe.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files\Internet Explorer\iexplore.exe.ApplicationCompany
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.ApplicationCompany
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Windows\system32\mspaint.exe.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Windows\system32\mspaint.exe.ApplicationCompany
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Windows\system32\NOTEPAD.EXE.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Windows\system32\NOTEPAD.EXE.ApplicationCompany
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.ApplicationCompany
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.ApplicationCompany
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.ApplicationCompany
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\abgrcnq.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Notepad
fWindowsOnlyEOL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Notepad
fPasteOriginalEOL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Notepad
fReverse
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Notepad
fWrapAround
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Notepad
fMatchCase
There are 16 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
235EA83D000
heap
page read and write
20F6F09D000
heap
page read and write
20F6F08A000
heap
page read and write
26E7EAED000
heap
page read and write
20F6F062000
heap
page read and write
20F6F068000
heap
page read and write
235EA835000
heap
page read and write
235E8893000
heap
page read and write
235EA851000
heap
page read and write
235EA75B000
heap
page read and write
235E883C000
heap
page read and write
55630FE000
stack
page read and write
20F6F062000
heap
page read and write
20F6F078000
heap
page read and write
235EA841000
heap
page read and write
235EA7E9000
heap
page read and write
20F6F07C000
heap
page read and write
164DE330000
heap
page read and write
235EA839000
heap
page read and write
20F6F088000
heap
page read and write
235EA711000
heap
page read and write
20F6F08B000
heap
page read and write
20F6F083000
heap
page read and write
235EA0B3000
heap
page read and write
235EA7E0000
heap
page read and write
235EA828000
heap
page read and write
235EA851000
heap
page read and write
BB76DFE000
stack
page read and write
235ECF59000
heap
page read and write
20F6F077000
heap
page read and write
20F6F078000
heap
page read and write
164DE337000
heap
page read and write
235EA7FF000
heap
page read and write
235EA83A000
heap
page read and write
235E88A5000
heap
page read and write
235EA839000
heap
page read and write
235EA839000
heap
page read and write
20F6F093000
heap
page read and write
235EA74E000
heap
page read and write
20F6F068000
heap
page read and write
235EA79A000
heap
page read and write
AA5A0FE000
stack
page read and write
20F6F06C000
heap
page read and write
20F6F068000
heap
page read and write
20F6F063000
heap
page read and write
20F6F083000
heap
page read and write
235EA7B5000
heap
page read and write
235E88B0000
heap
page read and write
20F6F06B000
heap
page read and write
20F6F085000
heap
page read and write
20F6F077000
heap
page read and write
20F73190000
heap
page read and write
235EA815000
heap
page read and write
235ECEF0000
heap
page read and write
235ECF52000
heap
page read and write
235EA75D000
heap
page read and write
23EDA9D0000
heap
page read and write
20F6F06B000
heap
page read and write
20F6F068000
heap
page read and write
164DE6F5000
heap
page read and write
20F6F093000
heap
page read and write
26E7EC30000
heap
page read and write
235EA6D0000
heap
page read and write
20F6F06C000
heap
page read and write
164DE38E000
heap
page read and write
BB76CFE000
stack
page read and write
26E7EAC5000
heap
page read and write
235EA839000
heap
page read and write
235EA814000
heap
page read and write
235EA6E4000
heap
page read and write
E4748BC000
stack
page read and write
20F6F06F000
heap
page read and write
235EA82C000
heap
page read and write
20F6F083000
heap
page read and write
20F6F03A000
heap
page read and write
20F6F083000
heap
page read and write
20F6F068000
heap
page read and write
235EA822000
heap
page read and write
20F6F0C1000
heap
page read and write
20F6F093000
heap
page read and write
20F6F068000
heap
page read and write
235EA822000
heap
page read and write
235EA809000
heap
page read and write
235EA815000
heap
page read and write
235EA822000
heap
page read and write
235EA7FF000
heap
page read and write
235EA808000
heap
page read and write
235EA804000
heap
page read and write
20F6F078000
heap
page read and write
235EA822000
heap
page read and write
235EA82C000
heap
page read and write
20F6F07A000
heap
page read and write
235E8885000
heap
page read and write
20F70940000
heap
page read and write
235EA743000
heap
page read and write
235EA81A000
heap
page read and write
235EA804000
heap
page read and write
20F6F06C000
heap
page read and write
235EA81E000
heap
page read and write
20F6F063000
heap
page read and write
AA59DD8000
stack
page read and write
235EA7FF000
heap
page read and write
20F6F077000
heap
page read and write
235EA82E000
heap
page read and write
20F6F094000
heap
page read and write
235EA822000
heap
page read and write
23EDE160000
trusted library allocation
page read and write
235E8849000
heap
page read and write
235EA726000
heap
page read and write
20F6F068000
heap
page read and write
235EA83D000
heap
page read and write
9DBF6FE000
stack
page read and write
20F6F08B000
heap
page read and write
26E7EAD4000
heap
page read and write
20F6F093000
heap
page read and write
235EA831000
heap
page read and write
235E8865000
heap
page read and write
235E88C2000
heap
page read and write
20F6EF60000
heap
page read and write
26E7EFDB000
heap
page read and write
235EA81E000
heap
page read and write
20F6F068000
heap
page read and write
20F6F07F000
heap
page read and write
BB76AFA000
stack
page read and write
20F6F068000
heap
page read and write
20F6F093000
heap
page read and write
20F6F062000
heap
page read and write
235EA72E000
heap
page read and write
235EA7F9000
heap
page read and write
235EA811000
heap
page read and write
20F6F083000
heap
page read and write
235EA115000
heap
page read and write
235E8814000
heap
page read and write
20F6F07A000
heap
page read and write
235EA828000
heap
page read and write
235E882F000
heap
page read and write
26E7EAE1000
heap
page read and write
235ECF1E000
heap
page read and write
20F6F062000
heap
page read and write
235EA81E000
heap
page read and write
20F6F077000
heap
page read and write
235EA804000
heap
page read and write
20F6F063000
heap
page read and write
23EDAB30000
heap
page read and write
235EA82C000
heap
page read and write
20F6F077000
heap
page read and write
235E88CE000
heap
page read and write
235EA704000
heap
page read and write
20F6F093000
heap
page read and write
164E1B20000
trusted library allocation
page read and write
20F6F093000
heap
page read and write
20F6F063000
heap
page read and write
20F6F063000
heap
page read and write
AA5A1FF000
stack
page read and write
20F6F062000
heap
page read and write
20F6F077000
heap
page read and write
235EA6D1000
heap
page read and write
235EA831000
heap
page read and write
235EA755000
heap
page read and write
235E887B000
heap
page read and write
23EDA9DD000
heap
page read and write
235EA82D000
heap
page read and write
235EA846000
heap
page read and write
235EA811000
heap
page read and write
20F6F06E000
heap
page read and write
235EA85C000
heap
page read and write
235EA78A000
heap
page read and write
20F6F063000
heap
page read and write
235EA82C000
heap
page read and write
235EA739000
heap
page read and write
235EA0B0000
heap
page read and write
235EA83D000
heap
page read and write
20F6F077000
heap
page read and write
20F6F083000
heap
page read and write
235EA76E000
heap
page read and write
20F6F062000
heap
page read and write
20F6F078000
heap
page read and write
235EA7E1000
heap
page read and write
235EA82C000
heap
page read and write
20F6F081000
heap
page read and write
235EA82C000
heap
page read and write
20F6F062000
heap
page read and write
235EA845000
heap
page read and write
235ECF2C000
heap
page read and write
20F6F077000
heap
page read and write
235EA816000
heap
page read and write
20F6F07A000
heap
page read and write
20F6F06C000
heap
page read and write
20F73586000
heap
page read and write
20F6F078000
heap
page read and write
20F6F094000
heap
page read and write
164DE379000
heap
page read and write
20F6F08A000
heap
page read and write
235EA811000
heap
page read and write
235EA846000
heap
page read and write
235EA831000
heap
page read and write
20F6F078000
heap
page read and write
235EA7F6000
heap
page read and write
20F6F09E000
heap
page read and write
20F6F068000
heap
page read and write
20F6F06C000
heap
page read and write
235EA822000
heap
page read and write
20F6F068000
heap
page read and write
2DF8D445000
heap
page read and write
235EA808000
heap
page read and write
E47493F000
stack
page read and write
235EECA2000
trusted library allocation
page read and write
20F6F077000
heap
page read and write
26E7F530000
heap
page read and write
235EA835000
heap
page read and write
20F6F07A000
heap
page read and write
235EA6F0000
heap
page read and write
20F6F081000
heap
page read and write
164DE366000
heap
page read and write
20F6F07A000
heap
page read and write
20F6F015000
heap
page read and write
26E7E9B0000
heap
page read and write
20F6F069000
heap
page read and write
235EA77D000
heap
page read and write
235E885A000
heap
page read and write
20F6F09E000
heap
page read and write
20F6F093000
heap
page read and write
26E7EAE5000
heap
page read and write
235EA828000
heap
page read and write
20F6F068000
heap
page read and write
20F6F06C000
heap
page read and write
235EA704000
heap
page read and write
23EDA9D1000
heap
page read and write
20F6F06C000
heap
page read and write
20F6F093000
heap
page read and write
235EA846000
heap
page read and write
23EDA9D2000
heap
page read and write
235E88C4000
heap
page read and write
235E87D0000
heap
page read and write
26E7EAED000
heap
page read and write
235E8831000
heap
page read and write
20F6F093000
heap
page read and write
235EA846000
heap
page read and write
20F6F062000
heap
page read and write
235EA830000
heap
page read and write
20F6F083000
heap
page read and write
2DF8D1C0000
heap
page read and write
235EA815000
heap
page read and write
235EA846000
heap
page read and write
20F6F068000
heap
page read and write
20F6F062000
heap
page read and write
20F6F078000
heap
page read and write
235EA828000
heap
page read and write
235EA82C000
heap
page read and write
235EA7E5000
heap
page read and write
23EDA830000
heap
page read and write
235EA813000
heap
page read and write
20F6F068000
heap
page read and write
26E7EADC000
heap
page read and write
235EA81E000
heap
page read and write
20F6F08B000
heap
page read and write
20F6F09F000
heap
page read and write
235EA7C9000
heap
page read and write
235EA804000
heap
page read and write
20F6F07C000
heap
page read and write
20F6F078000
heap
page read and write
235EC920000
trusted library allocation
page read and write
235E87D8000
heap
page read and write
20F6F062000
heap
page read and write
235EA7FB000
heap
page read and write
235EA822000
heap
page read and write
AA5A17E000
stack
page read and write
20F6F063000
heap
page read and write
235ECF20000
heap
page read and write
55634FE000
stack
page read and write
20F6F069000
heap
page read and write
20F6F077000
heap
page read and write
20F6F078000
heap
page read and write
235E8888000
heap
page read and write
235EA83D000
heap
page read and write
235EA83E000
heap
page read and write
235EA816000
heap
page read and write
235ECF2B000
heap
page read and write
235EA845000
heap
page read and write
20F6F063000
heap
page read and write
235E8815000
heap
page read and write
20F6F077000
heap
page read and write
23EDA9D1000
heap
page read and write
235EA831000
heap
page read and write
235EA7B6000
heap
page read and write
26E7EAD7000
heap
page read and write
20F7356A000
heap
page read and write
20F6F078000
heap
page read and write
235EA816000
heap
page read and write
235ECF29000
heap
page read and write
BB76BFD000
stack
page read and write
20F6F077000
heap
page read and write
235EA835000
heap
page read and write
20F6F06C000
heap
page read and write
235E8888000
heap
page read and write
235ECF44000
heap
page read and write
235EA6F8000
heap
page read and write
55631FE000
stack
page read and write
20F6F078000
heap
page read and write
26E7F0F0000
heap
page read and write
20F70920000
trusted library allocation
page read and write
20F6F08B000
heap
page read and write
235ECF50000
heap
page read and write
20F6F063000
heap
page read and write
20F6F06B000
heap
page read and write
20F6F09F000
heap
page read and write
235EA7FF000
heap
page read and write
235E8680000
heap
page read and write
20F6F093000
heap
page read and write
20F6F08A000
heap
page read and write
20F6F062000
heap
page read and write
20F6F0A0000
heap
page read and write
235EA7F2000
heap
page read and write
20F6F093000
heap
page read and write
20F70B33000
heap
page read and write
235EA827000
heap
page read and write
20F6F063000
heap
page read and write
235EA7F0000
heap
page read and write
20F6F062000
heap
page read and write
235E887B000
heap
page read and write
235E8868000
heap
page read and write
20F6F0BF000
heap
page read and write
235EA828000
heap
page read and write
20F6F09F000
heap
page read and write
235ECF22000
heap
page read and write
20F6F081000
heap
page read and write
20F6F077000
heap
page read and write
235E88BB000
heap
page read and write
235E8851000
heap
page read and write
20F6F068000
heap
page read and write
235EA7CE000
heap
page read and write
20F6F07A000
heap
page read and write
20F6F088000
heap
page read and write
23EDA9D0000
heap
page read and write
20F6F069000
heap
page read and write
AA5A27E000
stack
page read and write
164DE2A0000
heap
page read and write
20F6F077000
heap
page read and write
20F6F062000
heap
page read and write
20F6F06B000
heap
page read and write
235EA82D000
heap
page read and write
20F6F068000
heap
page read and write
235EA83A000
heap
page read and write
235EA720000
heap
page read and write
235ECF4E000
heap
page read and write
20F6F06B000
heap
page read and write
2DF8D218000
heap
page read and write
20F6F085000
heap
page read and write
235EA841000
heap
page read and write
235EA846000
heap
page read and write
235EA7C9000
heap
page read and write
26E02670000
trusted library allocation
page read and write
20F6F062000
heap
page read and write
235EA811000
heap
page read and write
AA5A2FD000
stack
page read and write
164DE2C0000
heap
page read and write
235EA719000
heap
page read and write
235E88B2000
heap
page read and write
235EA78C000
heap
page read and write
235EA832000
heap
page read and write
26E7EA90000
heap
page read and write
20F6F0A0000
heap
page read and write
20F6F0C1000
heap
page read and write
235EA7A3000
heap
page read and write
20F6F068000
heap
page read and write
20F70EE0000
heap
page read and write
20F6F06B000
heap
page read and write
235EA828000
heap
page read and write
235E8863000
heap
page read and write
9DBF2FD000
stack
page read and write
235EA704000
heap
page read and write
20F6F068000
heap
page read and write
164DE374000
heap
page read and write
235EA822000
heap
page read and write
235EA831000
heap
page read and write
235ECF48000
heap
page read and write
235E8834000
heap
page read and write
235EA857000
heap
page read and write
20F6F063000
heap
page read and write
235E88AA000
heap
page read and write
164DE6D0000
heap
page read and write
20F70EC0000
heap
page read and write
20F6F06B000
heap
page read and write
20F6F078000
heap
page read and write
235EA811000
heap
page read and write
20F6F093000
heap
page read and write
9DBEF5A000
stack
page read and write
20F6F0BF000
heap
page read and write
235EA7F3000
heap
page read and write
235E886C000
heap
page read and write
26E7EAF0000
heap
page read and write
20F6F01E000
heap
page read and write
235EA81C000
heap
page read and write
235EA6E8000
heap
page read and write
235EA82C000
heap
page read and write
235ECF5B000
heap
page read and write
23EDA9C3000
heap
page read and write
20F6F06B000
heap
page read and write
20F6F062000
heap
page read and write
235EA804000
heap
page read and write
235EA841000
heap
page read and write
164DE37D000
heap
page read and write
20F6F081000
heap
page read and write
20F6F063000
heap
page read and write
235EA73C000
heap
page read and write
235EA786000
heap
page read and write
20F6F063000
heap
page read and write
235EA734000
heap
page read and write
20F6F06C000
heap
page read and write
23EDA9D4000
heap
page read and write
235EA835000
heap
page read and write
235EA809000
heap
page read and write
2DF8D190000
heap
page read and write
164DE36D000
heap
page read and write
235E8860000
heap
page read and write
235EA7B7000
heap
page read and write
235EA828000
heap
page read and write
235EA83C000
heap
page read and write
235EA787000
heap
page read and write
235EA80A000
heap
page read and write
23EDAAB0000
heap
page read and write
9DBF4FE000
stack
page read and write
235EA822000
heap
page read and write
235ECF0A000
heap
page read and write
20F6F068000
heap
page read and write
20F6F077000
heap
page read and write
235EA85D000
heap
page read and write
235EA77F000
heap
page read and write
235EA81A000
heap
page read and write
20F6F067000
heap
page read and write
20F6F093000
heap
page read and write
235ECF59000
heap
page read and write
235EA811000
heap
page read and write
235EA81E000
heap
page read and write
2DF8D1A0000
heap
page read and write
20F6F081000
heap
page read and write
20F6F077000
heap
page read and write
20F6F093000
heap
page read and write
235EA785000
heap
page read and write
20F70EC2000
heap
page read and write
20F6F06C000
heap
page read and write
20F6F063000
heap
page read and write
235E88C2000
heap
page read and write
235EA82C000
heap
page read and write
235EA761000
heap
page read and write
235ECF5D000
heap
page read and write
235EA7D0000
heap
page read and write
20F6F077000
heap
page read and write
164DE6F0000
heap
page read and write
235E88CE000
heap
page read and write
235EA828000
heap
page read and write
20F6F08B000
heap
page read and write
235EA778000
heap
page read and write
20F6F06B000
heap
page read and write
235EA830000
heap
page read and write
235EA811000
heap
page read and write
235EA839000
heap
page read and write
235EA839000
heap
page read and write
235EA835000
heap
page read and write
26E7EABC000
heap
page read and write
235ECF42000
heap
page read and write
235EA811000
heap
page read and write
20F6F068000
heap
page read and write
20F6F078000
heap
page read and write
235EA77A000
heap
page read and write
20F6F06B000
heap
page read and write
20F6F06C000
heap
page read and write
43512FF000
stack
page read and write
20F6F07F000
heap
page read and write
235EA726000
heap
page read and write
235EA7B5000
heap
page read and write
235EF310000
heap
page read and write
20F6F06B000
heap
page read and write
235EA816000
heap
page read and write
235EA84F000
heap
page read and write
20F6F078000
heap
page read and write
20F709AC000
heap
page read and write
20F6F078000
heap
page read and write
235EA811000
heap
page read and write
26E7EABF000
heap
page read and write
20F6F078000
heap
page read and write
235EA81A000
heap
page read and write
235EA7FA000
heap
page read and write
26E7F850000
trusted library allocation
page read and write
235ECF24000
heap
page read and write
164E1B20000
trusted library allocation
page read and write
235EA816000
heap
page read and write
235EA110000
heap
page read and write
20F6F078000
heap
page read and write
20F6F06D000
heap
page read and write
23EDAB35000
heap
page read and write
20F6F063000
heap
page read and write
20F6F069000
heap
page read and write
20F6F077000
heap
page read and write
235EA831000
heap
page read and write
235E8897000
heap
page read and write
20F6F078000
heap
page read and write
20F6F068000
heap
page read and write
20F6F078000
heap
page read and write
20F6F06C000
heap
page read and write
20F6F08B000
heap
page read and write
164DE36F000
heap
page read and write
20F6F08B000
heap
page read and write
235EA81A000
heap
page read and write
20F6F07A000
heap
page read and write
235EA823000
heap
page read and write
20F6F089000
heap
page read and write
20F6F08B000
heap
page read and write
235EA828000
heap
page read and write
20F6F093000
heap
page read and write
23EDA9D8000
heap
page read and write
26E7EAD1000
heap
page read and write
26E7EFD0000
heap
page read and write
235EA761000
heap
page read and write
9DBF7FF000
stack
page read and write
235EA857000
heap
page read and write
5562FFD000
stack
page read and write
164DE344000
heap
page read and write
26E7F550000
trusted library allocation
page read and write
235EA823000
heap
page read and write
20F6F06B000
heap
page read and write
20F6F093000
heap
page read and write
235EA7FF000
heap
page read and write
235EA77C000
heap
page read and write
235EA83A000
heap
page read and write
20F6F078000
heap
page read and write
235ECF29000
heap
page read and write
26E7EAD1000
heap
page read and write
20F709A0000
heap
page read and write
235EA814000
heap
page read and write
20F6F094000
heap
page read and write
23EDC2E0000
heap
page read and write
20F6F06C000
heap
page read and write
235ECF4B000
heap
page read and write
20F6F077000
heap
page read and write
AA5A07E000
stack
page read and write
20F6F077000
heap
page read and write
20F6F077000
heap
page read and write
235EA822000
heap
page read and write
20F6F06B000
heap
page read and write
20F6F07A000
heap
page read and write
235EA808000
heap
page read and write
235EF890000
heap
page read and write
20F6F069000
heap
page read and write
235EA77F000
heap
page read and write
235EA835000
heap
page read and write
164DFD83000
heap
page read and write
164DFD80000
heap
page read and write
235EA80B000
heap
page read and write
235E8896000
heap
page read and write
20F6F06B000
heap
page read and write
235EA839000
heap
page read and write
20F6F077000
heap
page read and write
235ECF12000
heap
page read and write
235EA82D000
heap
page read and write
20F6F06B000
heap
page read and write
235EA7BF000
heap
page read and write
20F6F078000
heap
page read and write
235EA769000
heap
page read and write
26E7EAD4000
heap
page read and write
235EA823000
heap
page read and write
20F6F062000
heap
page read and write
26E7EBB0000
heap
page read and write
235E8885000
heap
page read and write
20F6F0A0000
heap
page read and write
20F6F083000
heap
page read and write
20F6F077000
heap
page read and write
235E889B000
heap
page read and write
20F6F08B000
heap
page read and write
20F6F077000
heap
page read and write
20F6F093000
heap
page read and write
26E7EAD0000
heap
page read and write
235E8890000
heap
page read and write
20F6F093000
heap
page read and write
20F6F081000
heap
page read and write
235EA83D000
heap
page read and write
235ECF5D000
heap
page read and write
20F6F068000
heap
page read and write
164DE38F000
heap
page read and write
20F6F08B000
heap
page read and write
20F6F06B000
heap
page read and write
20F6F07A000
heap
page read and write
20F6F093000
heap
page read and write
235EA81A000
heap
page read and write
20F6F063000
heap
page read and write
20F6F081000
heap
page read and write
235EA7EB000
heap
page read and write
20F6F077000
heap
page read and write
235E88B0000
heap
page read and write
235ECF5D000
heap
page read and write
20F6F068000
heap
page read and write
235E88AA000
heap
page read and write
235EA82C000
heap
page read and write
23EDA910000
heap
page read and write
E4749BE000
stack
page read and write
235E8849000
heap
page read and write
235ECF2E000
heap
page read and write
20F6F06B000
heap
page read and write
26E7F860000
trusted library allocation
page read and write
20F6F06B000
heap
page read and write
235EA819000
heap
page read and write
235EA846000
heap
page read and write
20F6F081000
heap
page read and write
20F70EE2000
heap
page read and write
235E8860000
heap
page read and write
235EA85D000
heap
page read and write
235E8854000
heap
page read and write
235EA846000
heap
page read and write
20F70E80000
heap
page read and write
235EA11E000
heap
page read and write
20F6F07A000
heap
page read and write
20F6F094000
heap
page read and write
20F6F078000
heap
page read and write
20F6F093000
heap
page read and write
20F6F06B000
heap
page read and write
235EA7FB000
heap
page read and write
20F6F069000
heap
page read and write
235E888F000
heap
page read and write
20F6F081000
heap
page read and write
235EA7B7000
heap
page read and write
235E8896000
heap
page read and write
235E888F000
heap
page read and write
20F6F093000
heap
page read and write
23EDA9D7000
heap
page read and write
235EA81E000
heap
page read and write
235EA832000
heap
page read and write
20F6F087000
heap
page read and write
235EA7F2000
heap
page read and write
20F6F068000
heap
page read and write
20F6F062000
heap
page read and write
20F6F078000
heap
page read and write
23EDA930000
heap
page read and write
26E7EAD6000
heap
page read and write
235EA719000
heap
page read and write
26E7EAD9000
heap
page read and write
164DE362000
heap
page read and write
20F6F063000
heap
page read and write
235EA735000
heap
page read and write
164DE397000
heap
page read and write
235E882E000
heap
page read and write
20F6F068000
heap
page read and write
235EA84B000
heap
page read and write
235E884C000
heap
page read and write
20F6F08A000
heap
page read and write
235EA722000
heap
page read and write
235EA76C000
heap
page read and write
20F6F065000
heap
page read and write
235EA759000
heap
page read and write
20F6F093000
heap
page read and write
235E8862000
heap
page read and write
20F6F077000
heap
page read and write
235E8888000
heap
page read and write
20F6F081000
heap
page read and write
20F6F077000
heap
page read and write
235E889B000
heap
page read and write
235EA838000
heap
page read and write
20F735B8000
heap
page read and write
26E7EACD000
heap
page read and write
164DE372000
heap
page read and write
235EA846000
heap
page read and write
235EA82C000
heap
page read and write
235EA846000
heap
page read and write
235EF780000
trusted library allocation
page read and write
235EA839000
heap
page read and write
20F6F077000
heap
page read and write
20F6F083000
heap
page read and write
235EA7ED000
heap
page read and write
2DF8ED40000
heap
page read and write
20F6F05D000
heap
page read and write
235EA7C9000
heap
page read and write
235E87A0000
heap
page read and write
235EA6E0000
heap
page read and write
20F6F089000
heap
page read and write
20F6F060000
heap
page read and write
235EA76D000
heap
page read and write
235EA816000
heap
page read and write
20F6F077000
heap
page read and write
20F6F078000
heap
page read and write
20F6F068000
heap
page read and write
20F6F078000
heap
page read and write
26E7EB90000
heap
page read and write
23EDA9D7000
heap
page read and write
20F6F078000
heap
page read and write
235ECF33000
heap
page read and write
235E8879000
heap
page read and write
23EDA9D4000
heap
page read and write
20F6F093000
heap
page read and write
235EA828000
heap
page read and write
20F6F077000
heap
page read and write
235ECF34000
heap
page read and write
20F6F078000
heap
page read and write
235EA811000
heap
page read and write
235EA83A000
heap
page read and write
20F6F06B000
heap
page read and write
235E8885000
heap
page read and write
235EA768000
heap
page read and write
20F6F078000
heap
page read and write
23EDA9D0000
heap
page read and write
26E7EAC9000
heap
page read and write
20F6F063000
heap
page read and write
235E8879000
heap
page read and write
235EA7F8000
heap
page read and write
20F6F07F000
heap
page read and write
26E7EAD0000
heap
page read and write
235EA83D000
heap
page read and write
235EA81F000
heap
page read and write
20F6F093000
heap
page read and write
20F6F08B000
heap
page read and write
164DE380000
heap
page read and write
235EA835000
heap
page read and write
BB76FFF000
stack
page read and write
20F6F011000
heap
page read and write
20F6F063000
heap
page read and write
26E7EAC3000
heap
page read and write
164DE290000
heap
page read and write
20F709A5000
heap
page read and write
20F6F093000
heap
page read and write
23EDA998000
heap
page read and write
23EDC2E8000
heap
page read and write
20F6F077000
heap
page read and write
2DF8D440000
heap
page read and write
20F6F068000
heap
page read and write
23EDA9EF000
heap
page read and write
20F6F06B000
heap
page read and write
20F6F078000
heap
page read and write
235EA822000
heap
page read and write
55633FE000
stack
page read and write
235EA778000
heap
page read and write
235EA81E000
heap
page read and write
20F6F077000
heap
page read and write
E474C7F000
stack
page read and write
235EA81E000
heap
page read and write
235ECF60000
heap
page read and write
20F6F09F000
heap
page read and write
235EA842000
heap
page read and write
20F6F062000
heap
page read and write
235EA753000
heap
page read and write
235EA719000
heap
page read and write
20F6F06B000
heap
page read and write
20F6F062000
heap
page read and write
20F6F093000
heap
page read and write
20F6F078000
heap
page read and write
20F6F08B000
heap
page read and write
235EA822000
heap
page read and write
20F6F078000
heap
page read and write
235EA7FF000
heap
page read and write
26E02670000
trusted library allocation
page read and write
235EA815000
heap
page read and write
20F6F083000
heap
page read and write
235EA83D000
heap
page read and write
235EA7F4000
heap
page read and write
20F6EFE0000
heap
page read and write
23EDA9D8000
heap
page read and write
235EA809000
heap
page read and write
20F6F07C000
heap
page read and write
20F6F068000
heap
page read and write
20F6F077000
heap
page read and write
235EA84F000
heap
page read and write
235EA846000
heap
page read and write
164DE379000
heap
page read and write
235ECF37000
heap
page read and write
235EA808000
heap
page read and write
23EDA9CD000
heap
page read and write
235EA7F2000
heap
page read and write
235E8760000
heap
page read and write
20F6F063000
heap
page read and write
235E88B6000
heap
page read and write
164DE373000
heap
page read and write
235EA832000
heap
page read and write
235EA841000
heap
page read and write
235EA7E7000
heap
page read and write
20F6F094000
heap
page read and write
7DF43D491000
trusted library allocation
page execute read
235ECF22000
heap
page read and write
235E883C000
heap
page read and write
235EA811000
heap
page read and write
26E7EAEA000
heap
page read and write
20F6F077000
heap
page read and write
235EA78A000
heap
page read and write
20F6F078000
heap
page read and write
AA5A57B000
stack
page read and write
9DBF3FE000
stack
page read and write
235E884C000
heap
page read and write
20F6F093000
heap
page read and write
26E7EAD6000
heap
page read and write
BB76EFE000
stack
page read and write
20F6F078000
heap
page read and write
23EDA990000
heap
page read and write
164DE373000
heap
page read and write
26E7EC35000
heap
page read and write
235EA85D000
heap
page read and write
235EA81A000
heap
page read and write
20F6F068000
heap
page read and write
164DE37C000
heap
page read and write
20F6F068000
heap
page read and write
20F6F077000
heap
page read and write
235EA83C000
heap
page read and write
20F6F06B000
heap
page read and write
2DF8D210000
heap
page read and write
235EA828000
heap
page read and write
20F6F093000
heap
page read and write
26E7F0F3000
heap
page read and write
20F6F087000
heap
page read and write
23EDA9D8000
heap
page read and write
20F6F077000
heap
page read and write
20F70B30000
heap
page read and write
20F6F063000
heap
page read and write
235EA11D000
heap
page read and write
235ECF39000
heap
page read and write
235EA6E5000
heap
page read and write
20F6F068000
heap
page read and write
20F6F089000
heap
page read and write
20F6F093000
heap
page read and write
164DFD9F000
heap
page read and write
20F6F06C000
heap
page read and write
26E7EABF000
heap
page read and write
235EA811000
heap
page read and write
235EA811000
heap
page read and write
20F6F078000
heap
page read and write
235EA824000
heap
page read and write
235EA827000
heap
page read and write
20F6F078000
heap
page read and write
20F6F077000
heap
page read and write
235EA835000
heap
page read and write
20F6F083000
heap
page read and write
235EA831000
heap
page read and write
235EA7F7000
heap
page read and write
235EA7CE000
heap
page read and write
235EA6FE000
heap
page read and write
235E88AF000
heap
page read and write
235EA835000
heap
page read and write
235ED190000
heap
page read and write
20F6F06C000
heap
page read and write
235ECF57000
heap
page read and write
AA5A37B000
stack
page read and write
235EA829000
heap
page read and write
235EA83E000
heap
page read and write
235EA822000
heap
page read and write
235EA76C000
heap
page read and write
20F6F06B000
heap
page read and write
20F6F063000
heap
page read and write
235EA84B000
heap
page read and write
235EA811000
heap
page read and write
235EA80D000
heap
page read and write
235E8892000
heap
page read and write
235EA811000
heap
page read and write
235E88B3000
heap
page read and write
235EA7F6000
heap
page read and write
164DE37C000
heap
page read and write
235E8879000
heap
page read and write
235EA822000
heap
page read and write
20F6F083000
heap
page read and write
235EA720000
heap
page read and write
20F6F093000
heap
page read and write
235EA822000
heap
page read and write
235EA6FC000
heap
page read and write
164DE362000
heap
page read and write
235EA831000
heap
page read and write
164DFD90000
heap
page read and write
235EA7FF000
heap
page read and write
26E7EAD1000
heap
page read and write
20F6F093000
heap
page read and write
235EA84A000
heap
page read and write
20F6F0C1000
heap
page read and write
235EA822000
heap
page read and write
20F6F063000
heap
page read and write
23EDA9ED000
heap
page read and write
164DE372000
heap
page read and write
235EA7A3000
heap
page read and write
20F6F094000
heap
page read and write
235EA822000
heap
page read and write
235EA830000
heap
page read and write
235EA815000
heap
page read and write
20F6F06C000
heap
page read and write
20F6F093000
heap
page read and write
20F6F088000
heap
page read and write
20F6F06B000
heap
page read and write
235EA760000
heap
page read and write
20F6F05F000
heap
page read and write
20F6F07C000
heap
page read and write
20F6F077000
heap
page read and write
235EA7FB000
heap
page read and write
20F6F063000
heap
page read and write
235EA79C000
heap
page read and write
20F6F06B000
heap
page read and write
23EDAAF0000
unkown
page read and write
5562EF9000
stack
page read and write
235EA84F000
heap
page read and write
235EA804000
heap
page read and write
235EA812000
heap
page read and write
235EA846000
heap
page read and write
20F6EE80000
heap
page read and write
435127E000
stack
page read and write
20F6F06B000
heap
page read and write
164DE38F000
heap
page read and write
20F6F06C000
heap
page read and write
435137F000
stack
page read and write
20F6F068000
heap
page read and write
164DE37D000
heap
page read and write
20F733E9000
heap
page read and write
235EA808000
heap
page read and write
235EA7F8000
heap
page read and write
20F6F068000
heap
page read and write
235EA82C000
heap
page read and write
235EA805000
heap
page read and write
20F6F06C000
heap
page read and write
235EA81E000
heap
page read and write
20F6F068000
heap
page read and write
20F6F08B000
heap
page read and write
235EF790000
heap
page readonly
20F6F06B000
heap
page read and write
20F6F077000
heap
page read and write
235E88C2000
heap
page read and write
20F6F062000
heap
page read and write
20F6F078000
heap
page read and write
20F6F077000
heap
page read and write
235EA823000
heap
page read and write
20F6F083000
heap
page read and write
20F6EFA0000
heap
page read and write
20F6F068000
heap
page read and write
20F6F078000
heap
page read and write
235ECF48000
heap
page read and write
20F6F077000
heap
page read and write
20F6F078000
heap
page read and write
20F72990000
trusted library allocation
page read and write
20F6F06B000
heap
page read and write
20F6F07A000
heap
page read and write
235EA726000
heap
page read and write
235EA85E000
heap
page read and write
235EA811000
heap
page read and write
20F6F093000
heap
page read and write
23EDC4C4000
heap
page read and write
20F6F078000
heap
page read and write
235ECF5B000
heap
page read and write
23EDC4C0000
heap
page read and write
235EA822000
heap
page read and write
26E7EAE1000
heap
page read and write
20F6F06B000
heap
page read and write
23EDA99F000
heap
page read and write
20F6F078000
heap
page read and write
235EA811000
heap
page read and write
164DE397000
heap
page read and write
235EA7EF000
heap
page read and write
20F735D5000
heap
page read and write
235EA753000
heap
page read and write
235EA755000
heap
page read and write
235EA81E000
heap
page read and write
4351079000
stack
page read and write
26E7EAD7000
heap
page read and write
20F6F09F000
heap
page read and write
20F6F0BF000
heap
page read and write
235E8893000
heap
page read and write
235E8885000
heap
page read and write
235E888C000
heap
page read and write
235EA83D000
heap
page read and write
20F6F077000
heap
page read and write
235EA77D000
heap
page read and write
There are 947 hidden memdumps, click here to show them.