Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
22390016593_20210618_14375054_HesapOzeti.pdf.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\nonsubmerged\Glagolitic.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Glagolitic.vbs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\nouses
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\22390016593_20210618_14375054_HesapOzeti.pdf.exe
|
"C:\Users\user\Desktop\22390016593_20210618_14375054_HesapOzeti.pdf.exe"
|
|
|
|
C:\Users\user\AppData\Local\nonsubmerged\Glagolitic.exe
|
"C:\Users\user\Desktop\22390016593_20210618_14375054_HesapOzeti.pdf.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Users\user\Desktop\22390016593_20210618_14375054_HesapOzeti.pdf.exe"
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Glagolitic.vbs"
|
|
|
|
C:\Users\user\AppData\Local\nonsubmerged\Glagolitic.exe
|
"C:\Users\user\AppData\Local\nonsubmerged\Glagolitic.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Users\user\AppData\Local\nonsubmerged\Glagolitic.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://reallyfreegeoip.org
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/173.254.250.71
|
188.114.96.3
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
http://checkip.dyndns.org/
|
132.226.247.73
|
||
|
http://checkip.dyndns.com
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/173.254.250.71$
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
http://reallyfreegeoip.org
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
reallyfreegeoip.org
|
188.114.96.3
|
|
|
|
checkip.dyndns.org
|
unknown
|
|
|
|
checkip.dyndns.com
|
132.226.247.73
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.96.3
|
reallyfreegeoip.org
|
European Union
|
|
|
|
132.226.247.73
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
26BD000
|
trusted library allocation
|
page read and write
|
|
|
|
2621000
|
trusted library allocation
|
page read and write
|
|
|
|
182000
|
system
|
page execute and read and write
|
|
|
|
1760000
|
direct allocation
|
page read and write
|
|
|
|
40F0000
|
direct allocation
|
page read and write
|
|
|
|
24F1000
|
trusted library allocation
|
page read and write
|
|
|
|
27EE000
|
trusted library allocation
|
page read and write
|
|
|
|
4329000
|
direct allocation
|
page read and write
|
||
|
2732000
|
trusted library allocation
|
page read and write
|
||
|
445E000
|
direct allocation
|
page read and write
|
||
|
2658000
|
trusted library allocation
|
page read and write
|
||
|
490000
|
unkown
|
page write copy
|
||
|
800000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
4329000
|
direct allocation
|
page read and write
|
||
|
135000
|
heap
|
page read and write
|
||
|
26E7000
|
trusted library allocation
|
page read and write
|
||
|
684000
|
trusted library allocation
|
page read and write
|
||
|
9A000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
E30000
|
trusted library allocation
|
page read and write
|
||
|
42C0000
|
direct allocation
|
page read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
286B000
|
trusted library allocation
|
page read and write
|
||
|
18E8DA55000
|
heap
|
page read and write
|
||
|
3E0D000
|
heap
|
page read and write
|
||
|
2560000
|
trusted library allocation
|
page read and write
|
||
|
4F90000
|
heap
|
page execute and read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
3B61000
|
heap
|
page read and write
|
||
|
3C67000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4AB000
|
unkown
|
page readonly
|
||
|
6D5000
|
heap
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
3E90000
|
heap
|
page read and write
|
||
|
5DD0FA000
|
stack
|
page read and write
|
||
|
26D8000
|
trusted library allocation
|
page read and write
|
||
|
3CD2000
|
heap
|
page read and write
|
||
|
355E000
|
stack
|
page read and write
|
||
|
4A7000
|
unkown
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
42C0000
|
direct allocation
|
page read and write
|
||
|
680000
|
trusted library allocation
|
page read and write
|
||
|
950000
|
trusted library allocation
|
page execute and read and write
|
||
|
5C9E000
|
stack
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
42F9000
|
direct allocation
|
page read and write
|
||
|
5DDD000
|
stack
|
page read and write
|
||
|
4200000
|
direct allocation
|
page read and write
|
||
|
3B0B000
|
heap
|
page read and write
|
||
|
42F9000
|
direct allocation
|
page read and write
|
||
|
5CA0000
|
heap
|
page read and write
|
||
|
36AF000
|
trusted library allocation
|
page read and write
|
||
|
53E000
|
stack
|
page read and write
|
||
|
5DD7FD000
|
stack
|
page read and write
|
||
|
3C79000
|
heap
|
page read and write
|
||
|
2766000
|
trusted library allocation
|
page read and write
|
||
|
3C90000
|
heap
|
page read and write
|
||
|
2643000
|
trusted library allocation
|
page read and write
|
||
|
8E0000
|
trusted library allocation
|
page read and write
|
||
|
2861000
|
trusted library allocation
|
page read and write
|
||
|
445E000
|
direct allocation
|
page read and write
|
||
|
4030000
|
direct allocation
|
page read and write
|
||
|
5DD9FF000
|
stack
|
page read and write
|
||
|
2727000
|
trusted library allocation
|
page read and write
|
||
|
223E000
|
trusted library allocation
|
page read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
3B50000
|
direct allocation
|
page read and write
|
||
|
89F000
|
stack
|
page read and write
|
||
|
3D01000
|
heap
|
page read and write
|
||
|
3D32000
|
heap
|
page read and write
|
||
|
4150000
|
direct allocation
|
page read and write
|
||
|
5A8000
|
heap
|
page read and write
|
||
|
3D33000
|
heap
|
page read and write
|
||
|
42FD000
|
direct allocation
|
page read and write
|
||
|
271E000
|
trusted library allocation
|
page read and write
|
||
|
613A000
|
trusted library allocation
|
page read and write
|
||
|
5DDAFF000
|
stack
|
page read and write
|
||
|
4200000
|
direct allocation
|
page read and write
|
||
|
8B4000
|
stack
|
page read and write
|
||
|
490000
|
unkown
|
page read and write
|
||
|
5C9E000
|
stack
|
page read and write
|
||
|
25FA000
|
trusted library allocation
|
page read and write
|
||
|
929000
|
heap
|
page read and write
|
||
|
224A000
|
trusted library allocation
|
page read and write
|
||
|
6B5000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E1D000
|
heap
|
page execute and read and write
|
||
|
6250000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C32000
|
trusted library allocation
|
page read and write
|
||
|
3D32000
|
heap
|
page read and write
|
||
|
18E8D93F000
|
heap
|
page read and write
|
||
|
4419000
|
direct allocation
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
448E000
|
direct allocation
|
page read and write
|
||
|
2715000
|
trusted library allocation
|
page read and write
|
||
|
3C60000
|
heap
|
page read and write
|
||
|
2647000
|
trusted library allocation
|
page read and write
|
||
|
223B000
|
trusted library allocation
|
page read and write
|
||
|
5F10000
|
heap
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
3D42000
|
heap
|
page read and write
|
||
|
448E000
|
direct allocation
|
page read and write
|
||
|
3A9F000
|
stack
|
page read and write
|
||
|
4153000
|
direct allocation
|
page read and write
|
||
|
5EE0000
|
trusted library allocation
|
page read and write
|
||
|
4E4F000
|
stack
|
page read and write
|
||
|
276A000
|
trusted library allocation
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
4153000
|
direct allocation
|
page read and write
|
||
|
8B4000
|
stack
|
page read and write
|
||
|
277E000
|
trusted library allocation
|
page read and write
|
||
|
5E28000
|
trusted library allocation
|
page read and write
|
||
|
6B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E4000
|
heap
|
page read and write
|
||
|
26CA000
|
trusted library allocation
|
page read and write
|
||
|
3E60000
|
heap
|
page read and write
|
||
|
4C00000
|
trusted library allocation
|
page read and write
|
||
|
5F9E000
|
stack
|
page read and write
|
||
|
4150000
|
direct allocation
|
page read and write
|
||
|
5F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
A45000
|
heap
|
page read and write
|
||
|
25D0000
|
trusted library allocation
|
page read and write
|
||
|
1645000
|
heap
|
page read and write
|
||
|
100000
|
heap
|
page read and write
|
||
|
5E60000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
4030000
|
direct allocation
|
page read and write
|
||
|
36AC000
|
trusted library allocation
|
page read and write
|
||
|
25BE000
|
stack
|
page read and write
|
||
|
5E2B000
|
trusted library allocation
|
page read and write
|
||
|
3C8E000
|
heap
|
page read and write
|
||
|
41D0000
|
direct allocation
|
page read and write
|
||
|
4153000
|
direct allocation
|
page read and write
|
||
|
490000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
100000
|
heap
|
page read and write
|
||
|
25B7000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
25F0000
|
trusted library allocation
|
page read and write
|
||
|
3519000
|
trusted library allocation
|
page read and write
|
||
|
439E000
|
direct allocation
|
page read and write
|
||
|
263B000
|
trusted library allocation
|
page read and write
|
||
|
4930000
|
heap
|
page read and write
|
||
|
8EA000
|
heap
|
page read and write
|
||
|
3BDA000
|
heap
|
page read and write
|
||
|
5E4A000
|
trusted library allocation
|
page read and write
|
||
|
C46000
|
heap
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
3D32000
|
heap
|
page read and write
|
||
|
482000
|
unkown
|
page readonly
|
||
|
21FE000
|
stack
|
page read and write
|
||
|
4FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
432D000
|
direct allocation
|
page read and write
|
||
|
42C0000
|
direct allocation
|
page read and write
|
||
|
68D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6140000
|
trusted library allocation
|
page read and write
|
||
|
42FD000
|
direct allocation
|
page read and write
|
||
|
614B000
|
trusted library allocation
|
page read and write
|
||
|
482000
|
unkown
|
page readonly
|
||
|
27CD000
|
trusted library allocation
|
page read and write
|
||
|
1640000
|
heap
|
page read and write
|
||
|
3BE5000
|
heap
|
page read and write
|
||
|
4243000
|
direct allocation
|
page read and write
|
||
|
6A2000
|
trusted library allocation
|
page read and write
|
||
|
3B40000
|
heap
|
page read and write
|
||
|
3C89000
|
heap
|
page read and write
|
||
|
5B1E000
|
stack
|
page read and write
|
||
|
490000
|
unkown
|
page read and write
|
||
|
601E000
|
stack
|
page read and write
|
||
|
43ED000
|
direct allocation
|
page read and write
|
||
|
490000
|
unkown
|
page write copy
|
||
|
970000
|
heap
|
page read and write
|
||
|
26C7000
|
trusted library allocation
|
page read and write
|
||
|
490000
|
unkown
|
page write copy
|
||
|
3CCD000
|
heap
|
page read and write
|
||
|
18E8D8A8000
|
heap
|
page read and write
|
||
|
3BF9000
|
heap
|
page read and write
|
||
|
599E000
|
stack
|
page read and write
|
||
|
259D000
|
trusted library allocation
|
page read and write
|
||
|
3E22000
|
heap
|
page read and write
|
||
|
42F0000
|
direct allocation
|
page read and write
|
||
|
3BAB000
|
heap
|
page read and write
|
||
|
36BE000
|
stack
|
page read and write
|
||
|
5E30000
|
trusted library allocation
|
page execute and read and write
|
||
|
2210000
|
heap
|
page read and write
|
||
|
4B1D000
|
stack
|
page read and write
|
||
|
5DD8FE000
|
stack
|
page read and write
|
||
|
25E5000
|
trusted library allocation
|
page read and write
|
||
|
6160000
|
trusted library allocation
|
page read and write
|
||
|
18E8D939000
|
heap
|
page read and write
|
||
|
3CAF000
|
heap
|
page read and write
|
||
|
432D000
|
direct allocation
|
page read and write
|
||
|
956000
|
heap
|
page read and write
|
||
|
3B60000
|
heap
|
page read and write
|
||
|
4060000
|
direct allocation
|
page read and write
|
||
|
26A1000
|
trusted library allocation
|
page read and write
|
||
|
690000
|
trusted library allocation
|
page read and write
|
||
|
906000
|
trusted library allocation
|
page execute and read and write
|
||
|
6150000
|
trusted library allocation
|
page execute and read and write
|
||
|
43E9000
|
direct allocation
|
page read and write
|
||
|
4419000
|
direct allocation
|
page read and write
|
||
|
4F7000
|
stack
|
page read and write
|
||
|
100000
|
heap
|
page read and write
|
||
|
27B1000
|
trusted library allocation
|
page read and write
|
||
|
5CFD000
|
heap
|
page read and write
|
||
|
3BFD000
|
heap
|
page read and write
|
||
|
42F9000
|
direct allocation
|
page read and write
|
||
|
59A0000
|
heap
|
page read and write
|
||
|
683000
|
trusted library allocation
|
page execute and read and write
|
||
|
445E000
|
direct allocation
|
page read and write
|
||
|
5FDE000
|
stack
|
page read and write
|
||
|
611E000
|
stack
|
page read and write
|
||
|
616F000
|
trusted library allocation
|
page read and write
|
||
|
4C26000
|
trusted library allocation
|
page read and write
|
||
|
28AD000
|
trusted library allocation
|
page read and write
|
||
|
432D000
|
direct allocation
|
page read and write
|
||
|
2570000
|
heap
|
page execute and read and write
|
||
|
3FC0000
|
direct allocation
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
17B0000
|
heap
|
page read and write
|
||
|
3C67000
|
heap
|
page read and write
|
||
|
287D000
|
trusted library allocation
|
page read and write
|
||
|
36A2000
|
trusted library allocation
|
page read and write
|
||
|
166F000
|
stack
|
page read and write
|
||
|
25F2000
|
trusted library allocation
|
page read and write
|
||
|
17E000
|
stack
|
page read and write
|
||
|
613E000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4C0E000
|
trusted library allocation
|
page read and write
|
||
|
5DD2FE000
|
stack
|
page read and write
|
||
|
3BCA000
|
heap
|
page read and write
|
||
|
3C33000
|
heap
|
page read and write
|
||
|
2262000
|
trusted library allocation
|
page read and write
|
||
|
8C0000
|
trusted library allocation
|
page read and write
|
||
|
C15000
|
heap
|
page read and write
|
||
|
8ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
96B000
|
heap
|
page read and write
|
||
|
2242000
|
trusted library allocation
|
page read and write
|
||
|
18E8D907000
|
heap
|
page read and write
|
||
|
C46000
|
heap
|
page read and write
|
||
|
9F4000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
34F1000
|
trusted library allocation
|
page read and write
|
||
|
2230000
|
trusted library allocation
|
page read and write
|
||
|
8F0000
|
trusted library allocation
|
page read and write
|
||
|
5DDBFB000
|
stack
|
page read and write
|
||
|
436E000
|
direct allocation
|
page read and write
|
||
|
8AF000
|
stack
|
page read and write
|
||
|
274E000
|
trusted library allocation
|
page read and write
|
||
|
276E000
|
trusted library allocation
|
page read and write
|
||
|
110000
|
heap
|
page read and write
|
||
|
4AB000
|
unkown
|
page readonly
|
||
|
273B000
|
trusted library allocation
|
page read and write
|
||
|
6200000
|
trusted library allocation
|
page read and write
|
||
|
18E8DA5E000
|
heap
|
page read and write
|
||
|
AAC000
|
heap
|
page read and write
|
||
|
C57000
|
heap
|
page read and write
|
||
|
900000
|
trusted library allocation
|
page read and write
|
||
|
956000
|
heap
|
page read and write
|
||
|
13CE000
|
stack
|
page read and write
|
||
|
3B91000
|
heap
|
page read and write
|
||
|
395F000
|
stack
|
page read and write
|
||
|
2256000
|
trusted library allocation
|
page read and write
|
||
|
482000
|
unkown
|
page readonly
|
||
|
5E70000
|
trusted library allocation
|
page read and write
|
||
|
C57000
|
heap
|
page read and write
|
||
|
2796000
|
trusted library allocation
|
page read and write
|
||
|
436E000
|
direct allocation
|
page read and write
|
||
|
3588000
|
trusted library allocation
|
page read and write
|
||
|
41D0000
|
direct allocation
|
page read and write
|
||
|
5D1E000
|
stack
|
page read and write
|
||
|
3AA1000
|
heap
|
page read and write
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
C5E000
|
stack
|
page read and write
|
||
|
357C000
|
trusted library allocation
|
page read and write
|
||
|
5E43000
|
trusted library allocation
|
page read and write
|
||
|
263F000
|
trusted library allocation
|
page read and write
|
||
|
3C9A000
|
heap
|
page read and write
|
||
|
4AB000
|
unkown
|
page readonly
|
||
|
180000
|
system
|
page execute and read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
69D000
|
trusted library allocation
|
page execute and read and write
|
||
|
AEE000
|
heap
|
page read and write
|
||
|
9D4000
|
heap
|
page read and write
|
||
|
3C92000
|
heap
|
page read and write
|
||
|
149000
|
stack
|
page read and write
|
||
|
277B000
|
trusted library allocation
|
page read and write
|
||
|
272A000
|
trusted library allocation
|
page read and write
|
||
|
4F7E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
4A33000
|
heap
|
page read and write
|
||
|
3C9D000
|
heap
|
page read and write
|
||
|
3D57000
|
heap
|
page read and write
|
||
|
2251000
|
trusted library allocation
|
page read and write
|
||
|
259A000
|
trusted library allocation
|
page read and write
|
||
|
2280000
|
trusted library allocation
|
page read and write
|
||
|
3621000
|
trusted library allocation
|
page read and write
|
||
|
6230000
|
heap
|
page read and write
|
||
|
4030000
|
direct allocation
|
page read and write
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
6410000
|
heap
|
page read and write
|
||
|
2270000
|
trusted library allocation
|
page read and write
|
||
|
AEC000
|
heap
|
page read and write
|
||
|
3BE8000
|
heap
|
page read and write
|
||
|
3D22000
|
heap
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
6146000
|
trusted library allocation
|
page read and write
|
||
|
4183000
|
direct allocation
|
page read and write
|
||
|
5E40000
|
trusted library allocation
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
C42000
|
heap
|
page read and write
|
||
|
3DF1000
|
heap
|
page read and write
|
||
|
3CB4000
|
heap
|
page read and write
|
||
|
3572000
|
trusted library allocation
|
page read and write
|
||
|
11AE000
|
stack
|
page read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
25C0000
|
trusted library allocation
|
page read and write
|
||
|
5E1E000
|
stack
|
page read and write
|
||
|
4060000
|
direct allocation
|
page read and write
|
||
|
578000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
3C3F000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
89F000
|
stack
|
page read and write
|
||
|
1678000
|
heap
|
page read and write
|
||
|
17CE000
|
stack
|
page read and write
|
||
|
1BE000
|
stack
|
page read and write
|
||
|
25E0000
|
heap
|
page read and write
|
||
|
6B2000
|
trusted library allocation
|
page read and write
|
||
|
26D2000
|
trusted library allocation
|
page read and write
|
||
|
448E000
|
direct allocation
|
page read and write
|
||
|
439E000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3DED000
|
heap
|
page execute and read and write
|
||
|
6AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
6170000
|
trusted library allocation
|
page execute and read and write
|
||
|
6190000
|
trusted library allocation
|
page read and write
|
||
|
2874000
|
trusted library allocation
|
page read and write
|
||
|
15EE000
|
stack
|
page read and write
|
||
|
9AE000
|
heap
|
page read and write
|
||
|
4060000
|
direct allocation
|
page read and write
|
||
|
2745000
|
trusted library allocation
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
C15000
|
heap
|
page read and write
|
||
|
224E000
|
trusted library allocation
|
page read and write
|
||
|
89F000
|
stack
|
page read and write
|
||
|
445E000
|
direct allocation
|
page read and write
|
||
|
482000
|
unkown
|
page readonly
|
||
|
5E1E000
|
stack
|
page read and write
|
||
|
1740000
|
heap
|
page read and write
|
||
|
5F1000
|
heap
|
page read and write
|
||
|
436E000
|
direct allocation
|
page read and write
|
||
|
43E9000
|
direct allocation
|
page read and write
|
||
|
4030000
|
direct allocation
|
page read and write
|
||
|
18E8DA50000
|
heap
|
page read and write
|
||
|
2681000
|
trusted library allocation
|
page read and write
|
||
|
26CF000
|
trusted library allocation
|
page read and write
|
||
|
26FF000
|
trusted library allocation
|
page read and write
|
||
|
8EE000
|
heap
|
page read and write
|
||
|
4FE0000
|
trusted library allocation
|
page read and write
|
||
|
22A0000
|
trusted library allocation
|
page read and write
|
||
|
616A000
|
trusted library allocation
|
page read and write
|
||
|
2762000
|
trusted library allocation
|
page read and write
|
||
|
18E8D8A0000
|
heap
|
page read and write
|
||
|
17B8000
|
heap
|
page read and write
|
||
|
25E3000
|
heap
|
page read and write
|
||
|
2637000
|
trusted library allocation
|
page read and write
|
||
|
902000
|
trusted library allocation
|
page read and write
|
||
|
436E000
|
direct allocation
|
page read and write
|
||
|
8C0000
|
heap
|
page read and write
|
||
|
9C6000
|
heap
|
page read and write
|
||
|
4C06000
|
trusted library allocation
|
page read and write
|
||
|
28A8000
|
trusted library allocation
|
page read and write
|
||
|
9A000
|
stack
|
page read and write
|
||
|
27D1000
|
trusted library allocation
|
page read and write
|
||
|
3FF0000
|
direct allocation
|
page read and write
|
||
|
3649000
|
trusted library allocation
|
page read and write
|
||
|
6130000
|
trusted library allocation
|
page read and write
|
||
|
26AF000
|
trusted library allocation
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
369E000
|
stack
|
page read and write
|
||
|
4183000
|
direct allocation
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
61A0000
|
trusted library allocation
|
page read and write
|
||
|
3AC1000
|
heap
|
page read and write
|
||
|
45EE000
|
stack
|
page read and write
|
||
|
8AF000
|
stack
|
page read and write
|
||
|
3CB6000
|
heap
|
page read and write
|
||
|
8E4000
|
trusted library allocation
|
page read and write
|
||
|
3C7F000
|
heap
|
page read and write
|
||
|
767000
|
stack
|
page read and write
|
||
|
2788000
|
trusted library allocation
|
page read and write
|
||
|
4C1E000
|
trusted library allocation
|
page read and write
|
||
|
1650000
|
heap
|
page read and write
|
||
|
22E0000
|
heap
|
page read and write
|
||
|
3DDD000
|
heap
|
page read and write
|
||
|
3F20000
|
heap
|
page read and write
|
||
|
5E4F000
|
trusted library allocation
|
page read and write
|
||
|
66A000
|
stack
|
page read and write
|
||
|
5A02000
|
heap
|
page read and write
|
||
|
5E5E000
|
stack
|
page read and write
|
||
|
163E000
|
stack
|
page read and write
|
||
|
4243000
|
direct allocation
|
page read and write
|
||
|
25EE000
|
trusted library allocation
|
page read and write
|
||
|
4273000
|
direct allocation
|
page read and write
|
||
|
2772000
|
trusted library allocation
|
page read and write
|
||
|
43ED000
|
direct allocation
|
page read and write
|
||
|
43E9000
|
direct allocation
|
page read and write
|
||
|
9AE000
|
stack
|
page read and write
|
||
|
960000
|
trusted library allocation
|
page read and write
|
||
|
2773000
|
trusted library allocation
|
page read and write
|
||
|
2236000
|
trusted library allocation
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
4153000
|
direct allocation
|
page read and write
|
||
|
3BF1000
|
heap
|
page read and write
|
||
|
3C59000
|
heap
|
page read and write
|
||
|
3D9D000
|
heap
|
page read and write
|
||
|
1755000
|
heap
|
page read and write
|
||
|
8D5000
|
heap
|
page read and write
|
||
|
6A0000
|
trusted library allocation
|
page read and write
|
||
|
27A4000
|
trusted library allocation
|
page read and write
|
||
|
2726000
|
trusted library allocation
|
page read and write
|
||
|
4AB000
|
unkown
|
page readonly
|
||
|
255E000
|
stack
|
page read and write
|
||
|
4A7000
|
unkown
|
page read and write
|
||
|
C09000
|
heap
|
page read and write
|
||
|
9A000
|
stack
|
page read and write
|
||
|
65E000
|
heap
|
page read and write
|
||
|
AA1000
|
heap
|
page read and write
|
||
|
5F5F000
|
stack
|
page read and write
|
||
|
4120000
|
direct allocation
|
page read and write
|
||
|
3C67000
|
heap
|
page read and write
|
||
|
6180000
|
trusted library allocation
|
page execute and read and write
|
||
|
4120000
|
direct allocation
|
page read and write
|
||
|
5E26000
|
trusted library allocation
|
page read and write
|
||
|
5B5E000
|
stack
|
page read and write
|
||
|
6120000
|
trusted library allocation
|
page execute and read and write
|
||
|
91D000
|
heap
|
page read and write
|
||
|
2777000
|
trusted library allocation
|
page read and write
|
||
|
43E9000
|
direct allocation
|
page read and write
|
||
|
4329000
|
direct allocation
|
page read and write
|
||
|
18E8D800000
|
heap
|
page read and write
|
||
|
5DD4FE000
|
stack
|
page read and write
|
||
|
23EF000
|
stack
|
page read and write
|
||
|
3CB8000
|
heap
|
page read and write
|
||
|
A47000
|
heap
|
page read and write
|
||
|
275E000
|
trusted library allocation
|
page read and write
|
||
|
4C21000
|
trusted library allocation
|
page read and write
|
||
|
25A2000
|
trusted library allocation
|
page read and write
|
||
|
225D000
|
trusted library allocation
|
page read and write
|
||
|
3BDD000
|
heap
|
page read and write
|
||
|
262F000
|
trusted library allocation
|
page read and write
|
||
|
272C000
|
trusted library allocation
|
page read and write
|
||
|
47BE000
|
stack
|
page read and write
|
||
|
4150000
|
direct allocation
|
page read and write
|
||
|
27E0000
|
trusted library allocation
|
page read and write
|
||
|
42F9000
|
direct allocation
|
page read and write
|
||
|
917000
|
trusted library allocation
|
page execute and read and write
|
||
|
2274000
|
trusted library allocation
|
page read and write
|
||
|
5E80000
|
trusted library allocation
|
page read and write
|
||
|
3558000
|
trusted library allocation
|
page read and write
|
||
|
2673000
|
trusted library allocation
|
page read and write
|
||
|
91B000
|
trusted library allocation
|
page execute and read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
8E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
A78000
|
heap
|
page read and write
|
||
|
3B2A000
|
heap
|
page read and write
|
||
|
18E8D890000
|
heap
|
page read and write
|
||
|
4C0B000
|
trusted library allocation
|
page read and write
|
||
|
96B000
|
heap
|
page read and write
|
||
|
4C9D000
|
stack
|
page read and write
|
||
|
2666000
|
trusted library allocation
|
page read and write
|
||
|
BDE000
|
heap
|
page read and write
|
||
|
2784000
|
trusted library allocation
|
page read and write
|
||
|
6148000
|
trusted library allocation
|
page read and write
|
||
|
264B000
|
trusted library allocation
|
page read and write
|
||
|
4FEE000
|
trusted library allocation
|
page read and write
|
||
|
285B000
|
trusted library allocation
|
page read and write
|
||
|
4183000
|
direct allocation
|
page read and write
|
||
|
126F000
|
stack
|
page read and write
|
||
|
51A0000
|
trusted library allocation
|
page read and write
|
||
|
2276000
|
trusted library allocation
|
page read and write
|
||
|
B19000
|
heap
|
page read and write
|
||
|
6790000
|
heap
|
page read and write
|
||
|
3DCE000
|
heap
|
page read and write
|
||
|
3688000
|
trusted library allocation
|
page read and write
|
||
|
670000
|
trusted library allocation
|
page read and write
|
||
|
4243000
|
direct allocation
|
page read and write
|
||
|
36B8000
|
trusted library allocation
|
page read and write
|
||
|
4BF0000
|
trusted library allocation
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
130000
|
heap
|
page read and write
|
||
|
22AF000
|
trusted library allocation
|
page read and write
|
||
|
28A1000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
357F000
|
trusted library allocation
|
page read and write
|
||
|
912000
|
trusted library allocation
|
page read and write
|
||
|
AB2000
|
heap
|
page read and write
|
||
|
3A6F000
|
heap
|
page read and write
|
||
|
4FCE000
|
stack
|
page read and write
|
||
|
3BC0000
|
heap
|
page read and write
|
||
|
3CC4000
|
heap
|
page read and write
|
||
|
439E000
|
direct allocation
|
page read and write
|
||
|
42F0000
|
direct allocation
|
page read and write
|
||
|
25F6000
|
trusted library allocation
|
page read and write
|
||
|
7C1000
|
system
|
page execute and read and write
|
||
|
5E50000
|
trusted library allocation
|
page execute and read and write
|
||
|
2610000
|
heap
|
page read and write
|
||
|
4051000
|
heap
|
page read and write
|
||
|
5DD1FE000
|
stack
|
page read and write
|
||
|
8FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
28B3000
|
trusted library allocation
|
page read and write
|
||
|
8AF000
|
stack
|
page read and write
|
||
|
4120000
|
direct allocation
|
page read and write
|
||
|
269D000
|
trusted library allocation
|
page read and write
|
||
|
3BFA000
|
heap
|
page read and write
|
||
|
8B4000
|
stack
|
page read and write
|
||
|
42FD000
|
direct allocation
|
page read and write
|
||
|
4419000
|
direct allocation
|
page read and write
|
||
|
2856000
|
trusted library allocation
|
page read and write
|
||
|
8AF000
|
stack
|
page read and write
|
||
|
9BE000
|
stack
|
page read and write
|
||
|
441D000
|
direct allocation
|
page read and write
|
||
|
482000
|
unkown
|
page readonly
|
||
|
42C0000
|
direct allocation
|
page read and write
|
||
|
59A000
|
heap
|
page read and write
|
||
|
274A000
|
trusted library allocation
|
page read and write
|
||
|
C42000
|
heap
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
18E8D8D1000
|
heap
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
929000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2879000
|
trusted library allocation
|
page read and write
|
||
|
4A7000
|
unkown
|
page read and write
|
||
|
5ADD000
|
stack
|
page read and write
|
||
|
3B90000
|
heap
|
page read and write
|
||
|
4200000
|
direct allocation
|
page read and write
|
||
|
2779000
|
trusted library allocation
|
page read and write
|
||
|
AD9000
|
heap
|
page read and write
|
||
|
25AB000
|
trusted library allocation
|
page read and write
|
||
|
4243000
|
direct allocation
|
page read and write
|
||
|
3ABF000
|
stack
|
page read and write
|
||
|
4C1A000
|
trusted library allocation
|
page read and write
|
||
|
41D0000
|
direct allocation
|
page read and write
|
||
|
5B9E000
|
stack
|
page read and write
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
2200000
|
heap
|
page execute and read and write
|
||
|
3AC0000
|
heap
|
page read and write
|
||
|
4BFE000
|
stack
|
page read and write
|
||
|
1968000
|
heap
|
page read and write
|
||
|
1960000
|
heap
|
page read and write
|
||
|
43ED000
|
direct allocation
|
page read and write
|
||
|
9BA000
|
heap
|
page read and write
|
||
|
4084000
|
direct allocation
|
page read and write
|
||
|
6163000
|
trusted library allocation
|
page read and write
|
||
|
85E000
|
stack
|
page read and write
|
||
|
25B4000
|
trusted library allocation
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
18E8D720000
|
heap
|
page read and write
|
||
|
2633000
|
trusted library allocation
|
page read and write
|
||
|
A3E000
|
stack
|
page read and write
|
||
|
26DB000
|
trusted library allocation
|
page read and write
|
||
|
4273000
|
direct allocation
|
page read and write
|
||
|
3DFE000
|
heap
|
page read and write
|
||
|
3F10000
|
heap
|
page read and write
|
||
|
A1E000
|
stack
|
page read and write
|
||
|
3BDB000
|
heap
|
page read and write
|
||
|
1670000
|
heap
|
page read and write
|
||
|
90A000
|
trusted library allocation
|
page execute and read and write
|
||
|
24EE000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4D80000
|
heap
|
page read and write
|
||
|
5CDE000
|
stack
|
page read and write
|
||
|
1750000
|
heap
|
page read and write
|
||
|
4C00000
|
heap
|
page execute and read and write
|
||
|
E2D000
|
stack
|
page read and write
|
||
|
18E8D8D7000
|
heap
|
page read and write
|
||
|
42F0000
|
direct allocation
|
page read and write
|
||
|
42FD000
|
direct allocation
|
page read and write
|
||
|
3D6C000
|
heap
|
page read and write
|
||
|
3F96000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
5DD5FE000
|
stack
|
page read and write
|
||
|
4A30000
|
heap
|
page read and write
|
||
|
4120000
|
direct allocation
|
page read and write
|
||
|
BDA000
|
heap
|
page read and write
|
||
|
980000
|
trusted library allocation
|
page execute and read and write
|
||
|
998000
|
heap
|
page read and write
|
||
|
43ED000
|
direct allocation
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
915000
|
trusted library allocation
|
page execute and read and write
|
||
|
975000
|
heap
|
page read and write
|
||
|
97E000
|
stack
|
page read and write
|
||
|
6134000
|
trusted library allocation
|
page read and write
|
||
|
6A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
4AB000
|
unkown
|
page readonly
|
||
|
5E20000
|
trusted library allocation
|
page read and write
|
||
|
26E4000
|
trusted library allocation
|
page read and write
|
||
|
94E000
|
stack
|
page read and write
|
||
|
441D000
|
direct allocation
|
page read and write
|
||
|
A7D000
|
heap
|
page read and write
|
||
|
3C24000
|
heap
|
page read and write
|
||
|
2722000
|
trusted library allocation
|
page read and write
|
||
|
5C5F000
|
stack
|
page read and write
|
||
|
4C2D000
|
trusted library allocation
|
page read and write
|
||
|
3960000
|
heap
|
page read and write
|
||
|
3CBE000
|
heap
|
page read and write
|
||
|
4273000
|
direct allocation
|
page read and write
|
||
|
6BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
15AF000
|
stack
|
page read and write
|
||
|
3D52000
|
heap
|
page execute and read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
18E8D820000
|
heap
|
page read and write
|
||
|
58E000
|
heap
|
page read and write
|
||
|
AAC000
|
heap
|
page read and write
|
||
|
41D0000
|
direct allocation
|
page read and write
|
||
|
4AB000
|
unkown
|
page readonly
|
||
|
441D000
|
direct allocation
|
page read and write
|
||
|
482000
|
unkown
|
page readonly
|
There are 615 hidden memdumps, click here to show them.