Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
New Cmr JV2410180005.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\New Cmr JV2410180005.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmp5941.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\kOtBoy.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\kOtBoy.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\kOtBoy.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_43spzwod.fqo.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_czax2xex.lae.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hbnjeid0.rbu.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mpvjau10.ooc.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nca1ykdo.x4r.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pbxvwhva.fiq.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vb10veqf.wzn.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yaiazckf.uvf.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp7C89.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\New Cmr JV2410180005.exe
|
"C:\Users\user\Desktop\New Cmr JV2410180005.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\New Cmr
JV2410180005.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\kOtBoy.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\kOtBoy" /XML "C:\Users\user\AppData\Local\Temp\tmp5941.tmp"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\kOtBoy.exe
|
C:\Users\user\AppData\Roaming\kOtBoy.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\kOtBoy" /XML "C:\Users\user\AppData\Local\Temp\tmp7C89.tmp"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 5 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://mail.iaa-airferight.com
|
unknown
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
There are 18 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mail.iaa-airferight.com
|
46.175.148.58
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
46.175.148.58
|
mail.iaa-airferight.com
|
Ukraine
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2C81000
|
trusted library allocation
|
page read and write
|
|
|
|
70C0000
|
trusted library section
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
3ED9000
|
trusted library allocation
|
page read and write
|
|
|
|
2CCE000
|
trusted library allocation
|
page read and write
|
|
|
|
2C37000
|
trusted library allocation
|
page read and write
|
|
|
|
2C4E000
|
trusted library allocation
|
page read and write
|
|
|
|
552D000
|
trusted library allocation
|
page read and write
|
||
|
751F000
|
stack
|
page read and write
|
||
|
5040000
|
trusted library allocation
|
page read and write
|
||
|
504E000
|
trusted library allocation
|
page read and write
|
||
|
5720000
|
trusted library allocation
|
page read and write
|
||
|
2F36000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
8E7E000
|
heap
|
page read and write
|
||
|
124E000
|
stack
|
page read and write
|
||
|
54C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
11EA000
|
heap
|
page read and write
|
||
|
5052000
|
trusted library allocation
|
page read and write
|
||
|
10A0000
|
trusted library allocation
|
page read and write
|
||
|
1526000
|
heap
|
page read and write
|
||
|
CF9000
|
stack
|
page read and write
|
||
|
1090000
|
trusted library allocation
|
page read and write
|
||
|
C360000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E27000
|
trusted library allocation
|
page execute and read and write
|
||
|
50C6000
|
trusted library allocation
|
page read and write
|
||
|
11FA000
|
heap
|
page read and write
|
||
|
E74000
|
heap
|
page read and write
|
||
|
11EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
56D0000
|
trusted library section
|
page readonly
|
||
|
57E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
D3E000
|
stack
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
5720000
|
trusted library allocation
|
page read and write
|
||
|
57A0000
|
trusted library allocation
|
page read and write
|
||
|
AE0000
|
unkown
|
page readonly
|
||
|
10EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FDF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BFE000
|
stack
|
page read and write
|
||
|
11C0000
|
trusted library allocation
|
page read and write
|
||
|
F0F000
|
heap
|
page read and write
|
||
|
2F5F000
|
unkown
|
page read and write
|
||
|
652E000
|
stack
|
page read and write
|
||
|
98CE000
|
stack
|
page read and write
|
||
|
31CE000
|
stack
|
page read and write
|
||
|
559F000
|
stack
|
page read and write
|
||
|
2D30000
|
trusted library allocation
|
page read and write
|
||
|
E77000
|
heap
|
page read and write
|
||
|
5A00000
|
heap
|
page read and write
|
||
|
64EE000
|
stack
|
page read and write
|
||
|
11BF000
|
stack
|
page read and write
|
||
|
2E7A000
|
stack
|
page read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
5830000
|
heap
|
page read and write
|
||
|
C9EF000
|
stack
|
page read and write
|
||
|
5F80000
|
heap
|
page read and write
|
||
|
11D6000
|
trusted library allocation
|
page execute and read and write
|
||
|
58D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
608D000
|
stack
|
page read and write
|
||
|
2F50000
|
heap
|
page execute and read and write
|
||
|
BCEE000
|
stack
|
page read and write
|
||
|
CA2B000
|
stack
|
page read and write
|
||
|
3C89000
|
trusted library allocation
|
page read and write
|
||
|
55DE000
|
stack
|
page read and write
|
||
|
56CB000
|
stack
|
page read and write
|
||
|
1295000
|
heap
|
page read and write
|
||
|
3C09000
|
trusted library allocation
|
page read and write
|
||
|
C1A0000
|
heap
|
page read and write
|
||
|
54DE000
|
stack
|
page read and write
|
||
|
741E000
|
stack
|
page read and write
|
||
|
50C0000
|
trusted library allocation
|
page read and write
|
||
|
2D2B000
|
stack
|
page read and write
|
||
|
AE2000
|
unkown
|
page readonly
|
||
|
7710000
|
trusted library allocation
|
page read and write
|
||
|
2E3D000
|
stack
|
page read and write
|
||
|
43CE000
|
trusted library allocation
|
page read and write
|
||
|
2E22000
|
trusted library allocation
|
page read and write
|
||
|
55E0000
|
heap
|
page execute and read and write
|
||
|
5E00000
|
heap
|
page read and write
|
||
|
5360000
|
trusted library allocation
|
page read and write
|
||
|
5726000
|
trusted library allocation
|
page read and write
|
||
|
10CE000
|
stack
|
page read and write
|
||
|
10A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
549F000
|
stack
|
page read and write
|
||
|
70E0000
|
trusted library allocation
|
page read and write
|
||
|
11E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E76000
|
trusted library allocation
|
page read and write
|
||
|
549E000
|
stack
|
page read and write
|
||
|
C0AF000
|
stack
|
page read and write
|
||
|
5044000
|
trusted library allocation
|
page read and write
|
||
|
775E000
|
stack
|
page read and write
|
||
|
2C44000
|
trusted library allocation
|
page read and write
|
||
|
3ED1000
|
trusted library allocation
|
page read and write
|
||
|
5E0E000
|
heap
|
page read and write
|
||
|
1202000
|
heap
|
page read and write
|
||
|
10D2000
|
trusted library allocation
|
page read and write
|
||
|
1340000
|
heap
|
page read and write
|
||
|
139E000
|
stack
|
page read and write
|
||
|
56F0000
|
heap
|
page read and write
|
||
|
4352000
|
trusted library allocation
|
page read and write
|
||
|
11DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C29000
|
trusted library allocation
|
page read and write
|
||
|
3CA9000
|
trusted library allocation
|
page read and write
|
||
|
616E000
|
stack
|
page read and write
|
||
|
1569000
|
heap
|
page read and write
|
||
|
2F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
5E70000
|
trusted library allocation
|
page read and write
|
||
|
12F0000
|
heap
|
page read and write
|
||
|
5840000
|
heap
|
page read and write
|
||
|
EC8000
|
heap
|
page read and write
|
||
|
58A0000
|
trusted library allocation
|
page read and write
|
||
|
505A000
|
trusted library allocation
|
page read and write
|
||
|
52DC000
|
stack
|
page read and write
|
||
|
5814000
|
trusted library section
|
page readonly
|
||
|
F63000
|
heap
|
page read and write
|
||
|
1280000
|
heap
|
page read and write
|
||
|
5950000
|
heap
|
page read and write
|
||
|
5550000
|
trusted library allocation
|
page read and write
|
||
|
7142000
|
trusted library allocation
|
page read and write
|
||
|
2ED1000
|
trusted library allocation
|
page read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
54D0000
|
heap
|
page read and write
|
||
|
50BC000
|
stack
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
16D7000
|
heap
|
page read and write
|
||
|
16C0000
|
trusted library allocation
|
page read and write
|
||
|
2E8E000
|
stack
|
page read and write
|
||
|
10E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
1042000
|
trusted library allocation
|
page read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
7300000
|
heap
|
page read and write
|
||
|
51DC000
|
stack
|
page read and write
|
||
|
2FA0000
|
heap
|
page read and write
|
||
|
59A000
|
stack
|
page read and write
|
||
|
ED9000
|
heap
|
page read and write
|
||
|
5555000
|
trusted library allocation
|
page read and write
|
||
|
78CE000
|
stack
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
C3DE000
|
stack
|
page read and write
|
||
|
152A000
|
heap
|
page read and write
|
||
|
7520000
|
trusted library allocation
|
page execute and read and write
|
||
|
1080000
|
trusted library allocation
|
page execute and read and write
|
||
|
C39E000
|
stack
|
page read and write
|
||
|
2C70000
|
heap
|
page read and write
|
||
|
5603000
|
heap
|
page read and write
|
||
|
5740000
|
trusted library allocation
|
page read and write
|
||
|
2E4E000
|
stack
|
page read and write
|
||
|
2C64000
|
trusted library allocation
|
page read and write
|
||
|
29CE000
|
unkown
|
page read and write
|
||
|
C09E000
|
stack
|
page read and write
|
||
|
2C0C000
|
trusted library allocation
|
page read and write
|
||
|
2CCC000
|
trusted library allocation
|
page read and write
|
||
|
C4DE000
|
stack
|
page read and write
|
||
|
8DA000
|
stack
|
page read and write
|
||
|
2E5B000
|
trusted library allocation
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
5560000
|
trusted library allocation
|
page read and write
|
||
|
534C000
|
stack
|
page read and write
|
||
|
5E80000
|
trusted library allocation
|
page execute and read and write
|
||
|
10D6000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C69000
|
trusted library allocation
|
page read and write
|
||
|
114E000
|
stack
|
page read and write
|
||
|
59FE000
|
stack
|
page read and write
|
||
|
2C2C000
|
stack
|
page read and write
|
||
|
1060000
|
trusted library allocation
|
page read and write
|
||
|
7713000
|
heap
|
page read and write
|
||
|
1064000
|
trusted library allocation
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
7170000
|
heap
|
page read and write
|
||
|
2C65000
|
trusted library allocation
|
page read and write
|
||
|
434A000
|
trusted library allocation
|
page read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
C1EE000
|
stack
|
page read and write
|
||
|
572C000
|
trusted library allocation
|
page read and write
|
||
|
1470000
|
trusted library allocation
|
page read and write
|
||
|
5746000
|
trusted library allocation
|
page read and write
|
||
|
2E98000
|
trusted library allocation
|
page read and write
|
||
|
C0EE000
|
stack
|
page read and write
|
||
|
1463000
|
trusted library allocation
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
5F75000
|
heap
|
page read and write
|
||
|
53C0000
|
trusted library allocation
|
page read and write
|
||
|
2B98000
|
heap
|
page read and write
|
||
|
E5A000
|
stack
|
page read and write
|
||
|
5400000
|
heap
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
656E000
|
stack
|
page read and write
|
||
|
F57000
|
stack
|
page read and write
|
||
|
62AE000
|
stack
|
page read and write
|
||
|
5E1C000
|
stack
|
page read and write
|
||
|
2A38000
|
trusted library allocation
|
page read and write
|
||
|
539E000
|
stack
|
page read and write
|
||
|
41DC000
|
trusted library allocation
|
page read and write
|
||
|
105B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FC8000
|
heap
|
page read and write
|
||
|
1158000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
4CFD000
|
stack
|
page read and write
|
||
|
60AE000
|
stack
|
page read and write
|
||
|
561E000
|
stack
|
page read and write
|
||
|
76E4000
|
heap
|
page read and write
|
||
|
1055000
|
trusted library allocation
|
page execute and read and write
|
||
|
1200000
|
trusted library allocation
|
page read and write
|
||
|
307F000
|
stack
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
58F5000
|
heap
|
page read and write
|
||
|
56E0000
|
heap
|
page read and write
|
||
|
56DE000
|
stack
|
page read and write
|
||
|
2E50000
|
trusted library allocation
|
page read and write
|
||
|
10E0000
|
trusted library allocation
|
page read and write
|
||
|
2E2B000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C85000
|
trusted library allocation
|
page read and write
|
||
|
551E000
|
trusted library allocation
|
page read and write
|
||
|
C66E000
|
stack
|
page read and write
|
||
|
2EA5000
|
trusted library allocation
|
page read and write
|
||
|
5580000
|
trusted library allocation
|
page read and write
|
||
|
1330000
|
trusted library allocation
|
page read and write
|
||
|
6770000
|
trusted library allocation
|
page read and write
|
||
|
BA2E000
|
stack
|
page read and write
|
||
|
1453000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E7D000
|
trusted library allocation
|
page read and write
|
||
|
5140000
|
heap
|
page execute and read and write
|
||
|
148A000
|
heap
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
938E000
|
stack
|
page read and write
|
||
|
75F0000
|
trusted library allocation
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
2EB0000
|
trusted library allocation
|
page read and write
|
||
|
1454000
|
trusted library allocation
|
page read and write
|
||
|
EC5000
|
heap
|
page read and write
|
||
|
425A000
|
trusted library allocation
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
DA5000
|
heap
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
5521000
|
trusted library allocation
|
page read and write
|
||
|
C370000
|
heap
|
page read and write
|
||
|
2EC0000
|
heap
|
page execute and read and write
|
||
|
531E000
|
stack
|
page read and write
|
||
|
2A0D000
|
stack
|
page read and write
|
||
|
5072000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
heap
|
page execute and read and write
|
||
|
5A75000
|
trusted library allocation
|
page read and write
|
||
|
5710000
|
trusted library allocation
|
page read and write
|
||
|
30F9000
|
trusted library allocation
|
page read and write
|
||
|
1310000
|
heap
|
page execute and read and write
|
||
|
5066000
|
trusted library allocation
|
page read and write
|
||
|
1057000
|
trusted library allocation
|
page execute and read and write
|
||
|
95E0000
|
trusted library allocation
|
page read and write
|
||
|
2B90000
|
heap
|
page read and write
|
||
|
55C0000
|
heap
|
page read and write
|
||
|
2CD6000
|
trusted library allocation
|
page read and write
|
||
|
5430000
|
trusted library allocation
|
page read and write
|
||
|
11D2000
|
trusted library allocation
|
page read and write
|
||
|
2F64000
|
trusted library allocation
|
page read and write
|
||
|
51BC000
|
stack
|
page read and write
|
||
|
50C4000
|
trusted library allocation
|
page read and write
|
||
|
5150000
|
heap
|
page read and write
|
||
|
2E71000
|
trusted library allocation
|
page read and write
|
||
|
115E000
|
heap
|
page read and write
|
||
|
5500000
|
trusted library allocation
|
page read and write
|
||
|
5083000
|
heap
|
page read and write
|
||
|
1447000
|
heap
|
page read and write
|
||
|
F71000
|
heap
|
page read and write
|
||
|
3C81000
|
trusted library allocation
|
page read and write
|
||
|
148E000
|
heap
|
page read and write
|
||
|
7600000
|
trusted library allocation
|
page execute and read and write
|
||
|
31E4000
|
trusted library allocation
|
page read and write
|
||
|
10F7000
|
stack
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
543A000
|
trusted library allocation
|
page read and write
|
||
|
1237000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
42D6000
|
trusted library allocation
|
page read and write
|
||
|
54D3000
|
heap
|
page read and write
|
||
|
E6A000
|
heap
|
page read and write
|
||
|
4081000
|
trusted library allocation
|
page read and write
|
||
|
C7AE000
|
stack
|
page read and write
|
||
|
2A4E000
|
stack
|
page read and write
|
||
|
565D000
|
stack
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
67A0000
|
heap
|
page read and write
|
||
|
127E000
|
stack
|
page read and write
|
||
|
5A70000
|
trusted library allocation
|
page read and write
|
||
|
5540000
|
trusted library allocation
|
page read and write
|
||
|
5E20000
|
trusted library allocation
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
5E76000
|
trusted library allocation
|
page read and write
|
||
|
1073000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
trusted library allocation
|
page read and write
|
||
|
5E50000
|
trusted library allocation
|
page read and write
|
||
|
504B000
|
trusted library allocation
|
page read and write
|
||
|
1204000
|
trusted library allocation
|
page read and write
|
||
|
506C000
|
stack
|
page read and write
|
||
|
5820000
|
heap
|
page read and write
|
||
|
594D000
|
stack
|
page read and write
|
||
|
40C4000
|
trusted library allocation
|
page read and write
|
||
|
C4AE000
|
stack
|
page read and write
|
||
|
84E000
|
unkown
|
page read and write
|
||
|
D85000
|
heap
|
page read and write
|
||
|
E48000
|
heap
|
page read and write
|
||
|
2C2C000
|
trusted library allocation
|
page read and write
|
||
|
11FE000
|
stack
|
page read and write
|
||
|
5526000
|
trusted library allocation
|
page read and write
|
||
|
2E40000
|
trusted library allocation
|
page read and write
|
||
|
E23000
|
trusted library allocation
|
page execute and read and write
|
||
|
5F72000
|
heap
|
page read and write
|
||
|
7120000
|
trusted library allocation
|
page read and write
|
||
|
13DE000
|
stack
|
page read and write
|
||
|
57F0000
|
trusted library allocation
|
page read and write
|
||
|
512C000
|
stack
|
page read and write
|
||
|
EBA000
|
heap
|
page read and write
|
||
|
E98000
|
heap
|
page read and write
|
||
|
2E90000
|
trusted library allocation
|
page read and write
|
||
|
11E0000
|
trusted library allocation
|
page read and write
|
||
|
58E0000
|
trusted library allocation
|
page read and write
|
||
|
3034000
|
trusted library allocation
|
page read and write
|
||
|
C8AE000
|
stack
|
page read and write
|
||
|
5730000
|
trusted library allocation
|
page read and write
|
||
|
B9EE000
|
stack
|
page read and write
|
||
|
122A000
|
heap
|
page read and write
|
||
|
14B4000
|
heap
|
page read and write
|
||
|
11E2000
|
trusted library allocation
|
page read and write
|
||
|
147A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5420000
|
trusted library allocation
|
page execute and read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
5BB0000
|
trusted library allocation
|
page read and write
|
||
|
3CEA000
|
trusted library allocation
|
page read and write
|
||
|
C32C000
|
stack
|
page read and write
|
||
|
55DE000
|
stack
|
page read and write
|
||
|
5410000
|
heap
|
page execute and read and write
|
||
|
104A000
|
trusted library allocation
|
page execute and read and write
|
||
|
11F6000
|
heap
|
page read and write
|
||
|
5960000
|
heap
|
page read and write
|
||
|
1258000
|
trusted library allocation
|
page read and write
|
||
|
5190000
|
heap
|
page read and write
|
||
|
CB30000
|
trusted library allocation
|
page execute and read and write
|
||
|
1063000
|
trusted library allocation
|
page execute and read and write
|
||
|
5700000
|
heap
|
page read and write
|
||
|
C76F000
|
stack
|
page read and write
|
||
|
506D000
|
trusted library allocation
|
page read and write
|
||
|
1040000
|
trusted library allocation
|
page read and write
|
||
|
59A0000
|
heap
|
page read and write
|
||
|
76B7000
|
heap
|
page read and write
|
||
|
6040000
|
trusted library allocation
|
page execute and read and write
|
||
|
58B5000
|
trusted library allocation
|
page read and write
|
||
|
5E28000
|
heap
|
page read and write
|
||
|
2F40000
|
trusted library allocation
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
BBEE000
|
stack
|
page read and write
|
||
|
2ED0000
|
heap
|
page read and write
|
||
|
C5AE000
|
stack
|
page read and write
|
||
|
E10000
|
trusted library allocation
|
page read and write
|
||
|
5972000
|
heap
|
page read and write
|
||
|
6090000
|
trusted library allocation
|
page execute and read and write
|
||
|
1210000
|
heap
|
page execute and read and write
|
||
|
125C000
|
stack
|
page read and write
|
||
|
5F70000
|
heap
|
page read and write
|
||
|
40CF000
|
trusted library allocation
|
page read and write
|
||
|
1532000
|
heap
|
page read and write
|
||
|
153E000
|
heap
|
page read and write
|
||
|
2EA0000
|
trusted library allocation
|
page read and write
|
||
|
5600000
|
heap
|
page read and write
|
||
|
1260000
|
trusted library allocation
|
page read and write
|
||
|
4ED8000
|
trusted library allocation
|
page read and write
|
||
|
1228000
|
heap
|
page read and write
|
||
|
67B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5722000
|
trusted library allocation
|
page read and write
|
||
|
7336000
|
heap
|
page read and write
|
||
|
1191000
|
heap
|
page read and write
|
||
|
1290000
|
heap
|
page read and write
|
||
|
145D000
|
trusted library allocation
|
page execute and read and write
|
||
|
10A0000
|
trusted library allocation
|
page read and write
|
||
|
612E000
|
stack
|
page read and write
|
||
|
1052000
|
trusted library allocation
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
5E29000
|
trusted library allocation
|
page read and write
|
||
|
5740000
|
heap
|
page read and write
|
||
|
1472000
|
trusted library allocation
|
page read and write
|
||
|
3C01000
|
trusted library allocation
|
page read and write
|
||
|
E24000
|
trusted library allocation
|
page read and write
|
||
|
5046000
|
trusted library allocation
|
page read and write
|
||
|
95B000
|
stack
|
page read and write
|
||
|
1320000
|
trusted library allocation
|
page read and write
|
||
|
5369000
|
trusted library allocation
|
page read and write
|
||
|
5A60000
|
trusted library allocation
|
page execute and read and write
|
||
|
99CF000
|
stack
|
page read and write
|
||
|
EC7000
|
heap
|
page read and write
|
||
|
5440000
|
trusted library allocation
|
page read and write
|
||
|
151E000
|
stack
|
page read and write
|
||
|
BFAE000
|
stack
|
page read and write
|
||
|
7110000
|
trusted library allocation
|
page read and write
|
||
|
E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C40000
|
trusted library allocation
|
page read and write
|
||
|
2C4C000
|
trusted library allocation
|
page read and write
|
||
|
118F000
|
heap
|
page read and write
|
||
|
4156000
|
trusted library allocation
|
page read and write
|
||
|
1046000
|
trusted library allocation
|
page execute and read and write
|
||
|
70F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
76F9000
|
heap
|
page read and write
|
||
|
9810000
|
trusted library section
|
page read and write
|
||
|
104E000
|
stack
|
page read and write
|
||
|
14C2000
|
heap
|
page read and write
|
||
|
141E000
|
stack
|
page read and write
|
||
|
588B000
|
stack
|
page read and write
|
||
|
1300000
|
trusted library allocation
|
page execute and read and write
|
||
|
CC3E000
|
stack
|
page read and write
|
||
|
584F000
|
stack
|
page read and write
|
||
|
11D0000
|
trusted library allocation
|
page read and write
|
||
|
2F9E000
|
stack
|
page read and write
|
||
|
7880000
|
trusted library allocation
|
page execute and read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
2F1E000
|
unkown
|
page read and write
|
||
|
7690000
|
heap
|
page read and write
|
||
|
CB2C000
|
stack
|
page read and write
|
||
|
55FA000
|
trusted library allocation
|
page read and write
|
||
|
5F6E000
|
stack
|
page read and write
|
||
|
167F000
|
stack
|
page read and write
|
||
|
7F290000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F66000
|
trusted library allocation
|
page read and write
|
||
|
108F000
|
stack
|
page read and write
|
||
|
5810000
|
trusted library section
|
page readonly
|
||
|
2E20000
|
trusted library allocation
|
page read and write
|
||
|
E3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
550B000
|
trusted library allocation
|
page read and write
|
||
|
BE6E000
|
stack
|
page read and write
|
||
|
10A4000
|
trusted library allocation
|
page read and write
|
||
|
5061000
|
trusted library allocation
|
page read and write
|
||
|
F14000
|
heap
|
page read and write
|
||
|
55FC000
|
trusted library allocation
|
page read and write
|
||
|
1050000
|
trusted library allocation
|
page read and write
|
||
|
9D9000
|
stack
|
page read and write
|
||
|
10DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
2C34000
|
trusted library allocation
|
page read and write
|
||
|
1564000
|
heap
|
page read and write
|
||
|
1430000
|
trusted library allocation
|
page read and write
|
||
|
50D0000
|
trusted library allocation
|
page read and write
|
||
|
5E33000
|
heap
|
page read and write
|
||
|
60EE000
|
stack
|
page read and write
|
||
|
1450000
|
trusted library allocation
|
page read and write
|
||
|
79CE000
|
stack
|
page read and write
|
||
|
549E000
|
stack
|
page read and write
|
||
|
8E9E000
|
heap
|
page read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
2F4D000
|
trusted library allocation
|
page read and write
|
||
|
1184000
|
heap
|
page read and write
|
||
|
10AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
146D000
|
trusted library allocation
|
page execute and read and write
|
||
|
BF6E000
|
stack
|
page read and write
|
||
|
1460000
|
trusted library allocation
|
page read and write
|
||
|
55D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5670000
|
trusted library allocation
|
page read and write
|
||
|
1177000
|
heap
|
page read and write
|
||
|
1050000
|
trusted library allocation
|
page read and write
|
||
|
75E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
10E2000
|
trusted library allocation
|
page read and write
|
||
|
58B0000
|
trusted library allocation
|
page read and write
|
||
|
2C01000
|
trusted library allocation
|
page read and write
|
||
|
6170000
|
trusted library allocation
|
page read and write
|
||
|
5E5C000
|
trusted library allocation
|
page read and write
|
||
|
717E000
|
heap
|
page read and write
|
||
|
C22C000
|
stack
|
page read and write
|
||
|
8E70000
|
heap
|
page read and write
|
||
|
5730000
|
trusted library allocation
|
page read and write
|
||
|
632E000
|
stack
|
page read and write
|
||
|
5890000
|
trusted library allocation
|
page read and write
|
||
|
2C56000
|
trusted library allocation
|
page read and write
|
||
|
4089000
|
trusted library allocation
|
page read and write
|
||
|
56F5000
|
heap
|
page read and write
|
||
|
3340000
|
heap
|
page read and write
|
||
|
DFA000
|
stack
|
page read and write
|
||
|
30E6000
|
trusted library allocation
|
page read and write
|
||
|
2BEE000
|
stack
|
page read and write
|
||
|
2C59000
|
trusted library allocation
|
page read and write
|
||
|
1440000
|
heap
|
page read and write
|
||
|
11E5000
|
trusted library allocation
|
page execute and read and write
|
||
|
EAE000
|
heap
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
5ECE000
|
stack
|
page read and write
|
||
|
535E000
|
stack
|
page read and write
|
||
|
7520000
|
heap
|
page read and write
|
||
|
106D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5080000
|
heap
|
page read and write
|
||
|
2F60000
|
trusted library allocation
|
page read and write
|
||
|
156C000
|
heap
|
page read and write
|
||
|
75FC000
|
trusted library allocation
|
page read and write
|
||
|
5D1F000
|
stack
|
page read and write
|
||
|
6180000
|
trusted library allocation
|
page read and write
|
||
|
E30000
|
trusted library allocation
|
page read and write
|
||
|
5E58000
|
heap
|
page read and write
|
||
|
2AC0000
|
heap
|
page read and write
|
||
|
2A80000
|
heap
|
page read and write
|
||
|
1100000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
107D000
|
trusted library allocation
|
page execute and read and write
|
||
|
16D0000
|
heap
|
page read and write
|
||
|
2E6E000
|
trusted library allocation
|
page read and write
|
||
|
7100000
|
trusted library allocation
|
page execute and read and write
|
||
|
3081000
|
trusted library allocation
|
page read and write
|
||
|
5E20000
|
heap
|
page read and write
|
||
|
C0EE000
|
stack
|
page read and write
|
||
|
6980000
|
heap
|
page read and write
|
||
|
1476000
|
trusted library allocation
|
page execute and read and write
|
||
|
F26000
|
heap
|
page read and write
|
||
|
11FE000
|
heap
|
page read and write
|
||
|
4D7D000
|
stack
|
page read and write
|
||
|
6177000
|
trusted library allocation
|
page read and write
|
||
|
1090000
|
trusted library allocation
|
page read and write
|
||
|
C8EE000
|
stack
|
page read and write
|
||
|
5193000
|
heap
|
page read and write
|
||
|
55F0000
|
trusted library allocation
|
page read and write
|
||
|
5A10000
|
heap
|
page read and write
|
||
|
2AF0000
|
heap
|
page read and write
|
||
|
58F0000
|
heap
|
page read and write
|
||
|
4310000
|
trusted library allocation
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
D7E000
|
stack
|
page read and write
|
||
|
55D000
|
stack
|
page read and write
|
||
|
505E000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
trusted library allocation
|
page read and write
|
There are 515 hidden memdumps, click here to show them.