Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.FileRepMalware.3248.17662.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\IXP000.TMP\seniorcommunicate.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\cvchost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
modified
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cvchost.vbs
|
ASCII text, with no line terminators
|
dropped
|
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.3248.17662.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.3248.17662.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\IXP000.TMP\seniorcommunicate.exe
|
C:\Users\user\AppData\Local\Temp\IXP000.TMP\seniorcommunicate.exe
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe"
|
|
|
|
C:\Windows\System32\rundll32.exe
|
"C:\Windows\system32\rundll32.exe" C:\Windows\system32\advpack.dll,DelNodeRunDLL32 "C:\Users\user\AppData\Local\Temp\IXP000.TMP\"
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 3796 -s 1172
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://github.com/mgravell/protobuf-net
|
unknown
|
|
|
|
https://github.com/mgravell/protobuf-neti
|
unknown
|
|
|
|
https://stackoverflow.com/q/14436606/23354
|
unknown
|
|
|
|
https://github.com/mgravell/protobuf-netJ
|
unknown
|
|
|
|
http://46.8.237.66/spool01/Rhxkjsv.pdf
|
46.8.237.66
|
|
|
|
http://46.8.237.66/spool01/Rhxkjsv.pdfV
|
unknown
|
|
|
|
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
|
|
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
|
|
|
https://stackoverflow.com/q/11564914/23354;
|
unknown
|
|
|
|
https://stackoverflow.com/q/2152978/23354
|
unknown
|
|
|
|
http://ocsp.thawte.com0
|
unknown
|
|
|
|
http://46.8.237.66
|
unknown
|
|
There are 2 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
46.8.237.66
|
unknown
|
Russian Federation
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
|
wextract_cleanup0
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\seniorcommunicate_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\seniorcommunicate_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\seniorcommunicate_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\seniorcommunicate_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\seniorcommunicate_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\seniorcommunicate_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\seniorcommunicate_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\seniorcommunicate_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\seniorcommunicate_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\seniorcommunicate_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\seniorcommunicate_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\seniorcommunicate_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\seniorcommunicate_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\seniorcommunicate_RASMANCS
|
FileDirectory
|
There are 6 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4645000
|
trusted library allocation
|
page read and write
|
|
|
|
6FB0000
|
trusted library section
|
page read and write
|
|
|
|
3363000
|
trusted library allocation
|
page read and write
|
|
|
|
36D7000
|
trusted library allocation
|
page read and write
|
||
|
1506000
|
heap
|
page read and write
|
||
|
36BE000
|
trusted library allocation
|
page read and write
|
||
|
3777000
|
trusted library allocation
|
page read and write
|
||
|
26EC000
|
trusted library allocation
|
page read and write
|
||
|
6D10000
|
trusted library allocation
|
page read and write
|
||
|
3820000
|
trusted library allocation
|
page read and write
|
||
|
1B8E4EF0000
|
heap
|
page read and write
|
||
|
159F000
|
heap
|
page read and write
|
||
|
6D3E000
|
trusted library allocation
|
page read and write
|
||
|
3622000
|
trusted library allocation
|
page read and write
|
||
|
1B8E4E1F000
|
heap
|
page read and write
|
||
|
FB2000
|
unkown
|
page readonly
|
||
|
367B000
|
trusted library allocation
|
page read and write
|
||
|
1357000
|
stack
|
page read and write
|
||
|
398E000
|
trusted library allocation
|
page read and write
|
||
|
B40000
|
trusted library allocation
|
page execute and read and write
|
||
|
6BC0000
|
trusted library section
|
page read and write
|
||
|
86C000
|
stack
|
page read and write
|
||
|
69AE000
|
stack
|
page read and write
|
||
|
3605000
|
trusted library allocation
|
page read and write
|
||
|
3734000
|
trusted library allocation
|
page read and write
|
||
|
35A4000
|
trusted library allocation
|
page read and write
|
||
|
636FFAF000
|
stack
|
page read and write
|
||
|
6B0E000
|
heap
|
page read and write
|
||
|
377D000
|
trusted library allocation
|
page read and write
|
||
|
3732000
|
trusted library allocation
|
page read and write
|
||
|
5A2E000
|
stack
|
page read and write
|
||
|
36A5000
|
trusted library allocation
|
page read and write
|
||
|
6AF0000
|
heap
|
page read and write
|
||
|
42D1000
|
trusted library allocation
|
page read and write
|
||
|
70B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7930000
|
trusted library allocation
|
page execute and read and write
|
||
|
374F000
|
trusted library allocation
|
page read and write
|
||
|
18CE000
|
stack
|
page read and write
|
||
|
3559000
|
trusted library allocation
|
page read and write
|
||
|
1B8E4E17000
|
heap
|
page read and write
|
||
|
637027F000
|
stack
|
page read and write
|
||
|
18ED7930000
|
heap
|
page read and write
|
||
|
51F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
657E000
|
stack
|
page read and write
|
||
|
356A000
|
trusted library allocation
|
page read and write
|
||
|
3301000
|
trusted library allocation
|
page read and write
|
||
|
6D90000
|
trusted library allocation
|
page read and write
|
||
|
35EE000
|
trusted library allocation
|
page read and write
|
||
|
3692000
|
trusted library allocation
|
page read and write
|
||
|
3603000
|
trusted library allocation
|
page read and write
|
||
|
5FEE000
|
stack
|
page read and write
|
||
|
39A9000
|
trusted library allocation
|
page read and write
|
||
|
3807000
|
trusted library allocation
|
page read and write
|
||
|
66DD000
|
stack
|
page read and write
|
||
|
290F000
|
trusted library allocation
|
page read and write
|
||
|
36C9000
|
trusted library allocation
|
page read and write
|
||
|
18ED7935000
|
heap
|
page read and write
|
||
|
7FF71D1DE000
|
unkown
|
page readonly
|
||
|
382A000
|
trusted library allocation
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
AF8000
|
trusted library allocation
|
page read and write
|
||
|
39AB000
|
trusted library allocation
|
page read and write
|
||
|
6D3C000
|
trusted library allocation
|
page read and write
|
||
|
3717000
|
trusted library allocation
|
page read and write
|
||
|
36FA000
|
trusted library allocation
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
1B8E4E0E000
|
heap
|
page read and write
|
||
|
AE3000
|
trusted library allocation
|
page execute and read and write
|
||
|
375A000
|
trusted library allocation
|
page read and write
|
||
|
3993000
|
trusted library allocation
|
page read and write
|
||
|
28FB000
|
trusted library allocation
|
page read and write
|
||
|
17B2000
|
trusted library allocation
|
page read and write
|
||
|
3652000
|
trusted library allocation
|
page read and write
|
||
|
37C0000
|
trusted library allocation
|
page read and write
|
||
|
3607000
|
trusted library allocation
|
page read and write
|
||
|
28C1000
|
trusted library allocation
|
page read and write
|
||
|
36FC000
|
trusted library allocation
|
page read and write
|
||
|
35B7000
|
trusted library allocation
|
page read and write
|
||
|
36DB000
|
trusted library allocation
|
page read and write
|
||
|
3BAC000
|
trusted library allocation
|
page read and write
|
||
|
353E000
|
trusted library allocation
|
page read and write
|
||
|
38F2000
|
trusted library allocation
|
page read and write
|
||
|
39BE000
|
trusted library allocation
|
page read and write
|
||
|
1B8E4E23000
|
heap
|
page read and write
|
||
|
1770000
|
trusted library allocation
|
page read and write
|
||
|
38F6000
|
trusted library allocation
|
page read and write
|
||
|
1B8E4FD0000
|
heap
|
page read and write
|
||
|
1515000
|
heap
|
page read and write
|
||
|
3631000
|
trusted library allocation
|
page read and write
|
||
|
36C4000
|
trusted library allocation
|
page read and write
|
||
|
1B8E4DF8000
|
heap
|
page read and write
|
||
|
18F0000
|
heap
|
page execute and read and write
|
||
|
35DC000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
275E000
|
stack
|
page read and write
|
||
|
36B1000
|
trusted library allocation
|
page read and write
|
||
|
402000
|
remote allocation
|
page execute and read and write
|
||
|
358D000
|
trusted library allocation
|
page read and write
|
||
|
3593000
|
trusted library allocation
|
page read and write
|
||
|
36EE000
|
trusted library allocation
|
page read and write
|
||
|
3822000
|
trusted library allocation
|
page read and write
|
||
|
3796000
|
trusted library allocation
|
page read and write
|
||
|
3562000
|
trusted library allocation
|
page read and write
|
||
|
5BFE000
|
stack
|
page read and write
|
||
|
14DB000
|
heap
|
page read and write
|
||
|
6D75000
|
trusted library allocation
|
page read and write
|
||
|
1950000
|
trusted library allocation
|
page read and write
|
||
|
35AF000
|
trusted library allocation
|
page read and write
|
||
|
17C0000
|
heap
|
page read and write
|
||
|
3540000
|
trusted library allocation
|
page read and write
|
||
|
1784000
|
trusted library allocation
|
page read and write
|
||
|
6DA0000
|
trusted library allocation
|
page read and write
|
||
|
14DE000
|
heap
|
page read and write
|
||
|
17B0000
|
trusted library allocation
|
page read and write
|
||
|
178D000
|
trusted library allocation
|
page execute and read and write
|
||
|
357D000
|
trusted library allocation
|
page read and write
|
||
|
39C6000
|
trusted library allocation
|
page read and write
|
||
|
1581000
|
heap
|
page read and write
|
||
|
6EE0000
|
trusted library section
|
page read and write
|
||
|
17AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
17BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF71D1D0000
|
unkown
|
page readonly
|
||
|
39DB000
|
trusted library allocation
|
page read and write
|
||
|
572F000
|
stack
|
page read and write
|
||
|
289E000
|
stack
|
page read and write
|
||
|
390E000
|
trusted library allocation
|
page read and write
|
||
|
39A5000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
trusted library allocation
|
page read and write
|
||
|
6AB0000
|
heap
|
page read and write
|
||
|
4BD7000
|
trusted library allocation
|
page read and write
|
||
|
2A06000
|
trusted library allocation
|
page read and write
|
||
|
35C3000
|
trusted library allocation
|
page read and write
|
||
|
6AC4000
|
heap
|
page read and write
|
||
|
3574000
|
trusted library allocation
|
page read and write
|
||
|
35DE000
|
trusted library allocation
|
page read and write
|
||
|
39C0000
|
trusted library allocation
|
page read and write
|
||
|
18E0000
|
trusted library allocation
|
page read and write
|
||
|
B98000
|
heap
|
page read and write
|
||
|
3912000
|
trusted library allocation
|
page read and write
|
||
|
6D80000
|
trusted library allocation
|
page read and write
|
||
|
3737000
|
trusted library allocation
|
page read and write
|
||
|
530C000
|
stack
|
page read and write
|
||
|
647E000
|
stack
|
page read and write
|
||
|
61A0000
|
trusted library allocation
|
page read and write
|
||
|
372C000
|
trusted library allocation
|
page read and write
|
||
|
4DB0000
|
heap
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
3616000
|
trusted library allocation
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
1B8E4E1F000
|
heap
|
page read and write
|
||
|
6E00000
|
trusted library allocation
|
page execute and read and write
|
||
|
18ED7500000
|
heap
|
page read and write
|
||
|
37F5000
|
trusted library allocation
|
page read and write
|
||
|
1790000
|
trusted library allocation
|
page read and write
|
||
|
6D20000
|
trusted library allocation
|
page read and write
|
||
|
3536000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
353A000
|
trusted library allocation
|
page read and write
|
||
|
3658000
|
trusted library allocation
|
page read and write
|
||
|
38F4000
|
trusted library allocation
|
page read and write
|
||
|
4DAE000
|
trusted library allocation
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
7FF71D1DC000
|
unkown
|
page read and write
|
||
|
3538000
|
trusted library allocation
|
page read and write
|
||
|
37D9000
|
trusted library allocation
|
page read and write
|
||
|
35C9000
|
trusted library allocation
|
page read and write
|
||
|
1B8E6C12000
|
heap
|
page read and write
|
||
|
1B8E6E12000
|
heap
|
page read and write
|
||
|
37EE000
|
trusted library allocation
|
page read and write
|
||
|
3769000
|
trusted library allocation
|
page read and write
|
||
|
3A39000
|
trusted library allocation
|
page read and write
|
||
|
3578000
|
trusted library allocation
|
page read and write
|
||
|
3601000
|
trusted library allocation
|
page read and write
|
||
|
B1B000
|
trusted library allocation
|
page execute and read and write
|
||
|
35A8000
|
trusted library allocation
|
page read and write
|
||
|
5820000
|
heap
|
page execute and read and write
|
||
|
3700000
|
trusted library allocation
|
page read and write
|
||
|
5750000
|
trusted library allocation
|
page read and write
|
||
|
FB8000
|
unkown
|
page readonly
|
||
|
3779000
|
trusted library allocation
|
page read and write
|
||
|
377F000
|
trusted library allocation
|
page read and write
|
||
|
3719000
|
trusted library allocation
|
page read and write
|
||
|
3639000
|
trusted library allocation
|
page read and write
|
||
|
368A000
|
trusted library allocation
|
page read and write
|
||
|
3925000
|
trusted library allocation
|
page read and write
|
||
|
35E0000
|
trusted library allocation
|
page read and write
|
||
|
363F000
|
trusted library allocation
|
page read and write
|
||
|
3624000
|
trusted library allocation
|
page read and write
|
||
|
355F000
|
trusted library allocation
|
page read and write
|
||
|
36F6000
|
trusted library allocation
|
page read and write
|
||
|
3786000
|
trusted library allocation
|
page read and write
|
||
|
4DA0000
|
trusted library section
|
page read and write
|
||
|
5E7D000
|
stack
|
page read and write
|
||
|
65DE000
|
stack
|
page read and write
|
||
|
37BA000
|
trusted library allocation
|
page read and write
|
||
|
6E20000
|
trusted library allocation
|
page read and write
|
||
|
3910000
|
trusted library allocation
|
page read and write
|
||
|
36C2000
|
trusted library allocation
|
page read and write
|
||
|
36E3000
|
trusted library allocation
|
page read and write
|
||
|
390A000
|
trusted library allocation
|
page read and write
|
||
|
364C000
|
trusted library allocation
|
page read and write
|
||
|
3730000
|
trusted library allocation
|
page read and write
|
||
|
3597000
|
trusted library allocation
|
page read and write
|
||
|
3697000
|
trusted library allocation
|
page read and write
|
||
|
125C000
|
stack
|
page read and write
|
||
|
372A000
|
trusted library allocation
|
page read and write
|
||
|
1783000
|
trusted library allocation
|
page execute and read and write
|
||
|
14F8000
|
heap
|
page read and write
|
||
|
7100000
|
trusted library allocation
|
page execute and read and write
|
||
|
3803000
|
trusted library allocation
|
page read and write
|
||
|
37A7000
|
trusted library allocation
|
page read and write
|
||
|
37D1000
|
trusted library allocation
|
page read and write
|
||
|
9DF06FF000
|
stack
|
page read and write
|
||
|
357A000
|
trusted library allocation
|
page read and write
|
||
|
28B0000
|
heap
|
page execute and read and write
|
||
|
371B000
|
trusted library allocation
|
page read and write
|
||
|
592E000
|
stack
|
page read and write
|
||
|
361C000
|
trusted library allocation
|
page read and write
|
||
|
582F000
|
stack
|
page read and write
|
||
|
372E000
|
trusted library allocation
|
page read and write
|
||
|
5F90000
|
trusted library allocation
|
page read and write
|
||
|
18ED75E0000
|
heap
|
page read and write
|
||
|
3783000
|
trusted library allocation
|
page read and write
|
||
|
35CD000
|
trusted library allocation
|
page read and write
|
||
|
35CB000
|
trusted library allocation
|
page read and write
|
||
|
3715000
|
trusted library allocation
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
5A6E000
|
stack
|
page read and write
|
||
|
36DD000
|
trusted library allocation
|
page read and write
|
||
|
361A000
|
trusted library allocation
|
page read and write
|
||
|
3595000
|
trusted library allocation
|
page read and write
|
||
|
3914000
|
trusted library allocation
|
page read and write
|
||
|
4A5E000
|
stack
|
page read and write
|
||
|
363B000
|
trusted library allocation
|
page read and write
|
||
|
1B8E5120000
|
heap
|
page read and write
|
||
|
1A20000
|
heap
|
page read and write
|
||
|
B7E000
|
heap
|
page read and write
|
||
|
3747000
|
trusted library allocation
|
page read and write
|
||
|
38DE000
|
trusted library allocation
|
page read and write
|
||
|
BBC000
|
heap
|
page read and write
|
||
|
35F0000
|
trusted library allocation
|
page read and write
|
||
|
BD8000
|
heap
|
page read and write
|
||
|
295B000
|
trusted library allocation
|
page read and write
|
||
|
363D000
|
trusted library allocation
|
page read and write
|
||
|
57DD000
|
stack
|
page read and write
|
||
|
36C6000
|
trusted library allocation
|
page read and write
|
||
|
374B000
|
trusted library allocation
|
page read and write
|
||
|
365F000
|
trusted library allocation
|
page read and write
|
||
|
35BF000
|
trusted library allocation
|
page read and write
|
||
|
36D9000
|
trusted library allocation
|
page read and write
|
||
|
3650000
|
trusted library allocation
|
page read and write
|
||
|
39D3000
|
trusted library allocation
|
page read and write
|
||
|
A80000
|
trusted library allocation
|
page read and write
|
||
|
7FF71D1D9000
|
unkown
|
page readonly
|
||
|
37BE000
|
trusted library allocation
|
page read and write
|
||
|
1B8E4E21000
|
heap
|
page read and write
|
||
|
381A000
|
trusted library allocation
|
page read and write
|
||
|
3609000
|
trusted library allocation
|
page read and write
|
||
|
35BD000
|
trusted library allocation
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
3542000
|
trusted library allocation
|
page read and write
|
||
|
365D000
|
trusted library allocation
|
page read and write
|
||
|
6960000
|
heap
|
page read and write
|
||
|
360B000
|
trusted library allocation
|
page read and write
|
||
|
5E3E000
|
stack
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
7090000
|
trusted library allocation
|
page execute and read and write
|
||
|
35F2000
|
trusted library allocation
|
page read and write
|
||
|
28F9000
|
trusted library allocation
|
page read and write
|
||
|
AED000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
3762000
|
trusted library allocation
|
page read and write
|
||
|
52E0000
|
trusted library allocation
|
page read and write
|
||
|
6E30000
|
trusted library allocation
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
3818000
|
trusted library allocation
|
page read and write
|
||
|
35AC000
|
trusted library allocation
|
page read and write
|
||
|
4FEE000
|
stack
|
page read and write
|
||
|
6D30000
|
trusted library allocation
|
page read and write
|
||
|
C37000
|
heap
|
page read and write
|
||
|
9DF067E000
|
stack
|
page read and write
|
||
|
5830000
|
heap
|
page read and write
|
||
|
39A1000
|
trusted library allocation
|
page read and write
|
||
|
1988000
|
trusted library allocation
|
page read and write
|
||
|
5050000
|
heap
|
page execute and read and write
|
||
|
5D3E000
|
stack
|
page read and write
|
||
|
4517000
|
trusted library allocation
|
page read and write
|
||
|
3637000
|
trusted library allocation
|
page read and write
|
||
|
9DF038E000
|
stack
|
page read and write
|
||
|
37F0000
|
trusted library allocation
|
page read and write
|
||
|
377B000
|
trusted library allocation
|
page read and write
|
||
|
3713000
|
trusted library allocation
|
page read and write
|
||
|
3812000
|
trusted library allocation
|
page read and write
|
||
|
38C1000
|
trusted library allocation
|
page read and write
|
||
|
39D1000
|
trusted library allocation
|
page read and write
|
||
|
364E000
|
trusted library allocation
|
page read and write
|
||
|
502E000
|
stack
|
page read and write
|
||
|
66E0000
|
heap
|
page read and write
|
||
|
271D000
|
heap
|
page read and write
|
||
|
35A0000
|
trusted library allocation
|
page read and write
|
||
|
39C8000
|
trusted library allocation
|
page read and write
|
||
|
37EA000
|
trusted library allocation
|
page read and write
|
||
|
6E10000
|
trusted library allocation
|
page read and write
|
||
|
37AA000
|
trusted library allocation
|
page read and write
|
||
|
1B8E5125000
|
heap
|
page read and write
|
||
|
39D9000
|
trusted library allocation
|
page read and write
|
||
|
380B000
|
trusted library allocation
|
page read and write
|
||
|
193E000
|
stack
|
page read and write
|
||
|
3724000
|
trusted library allocation
|
page read and write
|
||
|
353C000
|
trusted library allocation
|
page read and write
|
||
|
36AB000
|
trusted library allocation
|
page read and write
|
||
|
3646000
|
trusted library allocation
|
page read and write
|
||
|
39C4000
|
trusted library allocation
|
page read and write
|
||
|
35A6000
|
trusted library allocation
|
page read and write
|
||
|
375E000
|
trusted library allocation
|
page read and write
|
||
|
380D000
|
trusted library allocation
|
page read and write
|
||
|
B0A000
|
trusted library allocation
|
page execute and read and write
|
||
|
BC6000
|
heap
|
page read and write
|
||
|
562F000
|
stack
|
page read and write
|
||
|
42D8000
|
trusted library allocation
|
page read and write
|
||
|
6DB0000
|
trusted library allocation
|
page read and write
|
||
|
1B8E4E23000
|
heap
|
page read and write
|
||
|
AF4000
|
trusted library allocation
|
page read and write
|
||
|
37D7000
|
trusted library allocation
|
page read and write
|
||
|
37B8000
|
trusted library allocation
|
page read and write
|
||
|
3620000
|
trusted library allocation
|
page read and write
|
||
|
7FF71D1DE000
|
unkown
|
page readonly
|
||
|
36AF000
|
trusted library allocation
|
page read and write
|
||
|
355D000
|
trusted library allocation
|
page read and write
|
||
|
179D000
|
trusted library allocation
|
page execute and read and write
|
||
|
38E1000
|
trusted library allocation
|
page read and write
|
||
|
160E000
|
stack
|
page read and write
|
||
|
36F4000
|
trusted library allocation
|
page read and write
|
||
|
5060000
|
trusted library section
|
page read and write
|
||
|
6AC0000
|
heap
|
page read and write
|
||
|
36E6000
|
trusted library allocation
|
page read and write
|
||
|
3591000
|
trusted library allocation
|
page read and write
|
||
|
35C1000
|
trusted library allocation
|
page read and write
|
||
|
B17000
|
trusted library allocation
|
page execute and read and write
|
||
|
3635000
|
trusted library allocation
|
page read and write
|
||
|
579E000
|
stack
|
page read and write
|
||
|
1940000
|
trusted library allocation
|
page execute and read and write
|
||
|
513E000
|
stack
|
page read and write
|
||
|
3656000
|
trusted library allocation
|
page read and write
|
||
|
368C000
|
trusted library allocation
|
page read and write
|
||
|
17B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
18ED7890000
|
heap
|
page read and write
|
||
|
398C000
|
trusted library allocation
|
page read and write
|
||
|
358B000
|
trusted library allocation
|
page read and write
|
||
|
1B8E4DF0000
|
heap
|
page read and write
|
||
|
35C7000
|
trusted library allocation
|
page read and write
|
||
|
FB0000
|
unkown
|
page readonly
|
||
|
26E0000
|
trusted library allocation
|
page read and write
|
||
|
9DF030C000
|
stack
|
page read and write
|
||
|
366F000
|
trusted library allocation
|
page read and write
|
||
|
3576000
|
trusted library allocation
|
page read and write
|
||
|
38F8000
|
trusted library allocation
|
page read and write
|
||
|
368E000
|
trusted library allocation
|
page read and write
|
||
|
39D7000
|
trusted library allocation
|
page read and write
|
||
|
540E000
|
stack
|
page read and write
|
||
|
38FA000
|
trusted library allocation
|
page read and write
|
||
|
AF0000
|
trusted library allocation
|
page read and write
|
||
|
2710000
|
heap
|
page read and write
|
||
|
35DA000
|
trusted library allocation
|
page read and write
|
||
|
3809000
|
trusted library allocation
|
page read and write
|
||
|
7FF71D1DC000
|
unkown
|
page write copy
|
||
|
365A000
|
trusted library allocation
|
page read and write
|
||
|
36CB000
|
trusted library allocation
|
page read and write
|
||
|
3690000
|
trusted library allocation
|
page read and write
|
||
|
360E000
|
trusted library allocation
|
page read and write
|
||
|
3633000
|
trusted library allocation
|
page read and write
|
||
|
1A27000
|
heap
|
page read and write
|
||
|
3654000
|
trusted library allocation
|
page read and write
|
||
|
5F7E000
|
stack
|
page read and write
|
||
|
390C000
|
trusted library allocation
|
page read and write
|
||
|
3751000
|
trusted library allocation
|
page read and write
|
||
|
3828000
|
trusted library allocation
|
page read and write
|
||
|
36DF000
|
trusted library allocation
|
page read and write
|
||
|
52F0000
|
heap
|
page read and write
|
||
|
367E000
|
trusted library allocation
|
page read and write
|
||
|
366D000
|
trusted library allocation
|
page read and write
|
||
|
4D0E000
|
trusted library allocation
|
page read and write
|
||
|
3760000
|
trusted library allocation
|
page read and write
|
||
|
3826000
|
trusted library allocation
|
page read and write
|
||
|
18ED76C0000
|
heap
|
page read and write
|
||
|
3908000
|
trusted library allocation
|
page read and write
|
||
|
3728000
|
trusted library allocation
|
page read and write
|
||
|
37F2000
|
trusted library allocation
|
page read and write
|
||
|
6AAE000
|
stack
|
page read and write
|
||
|
17A2000
|
trusted library allocation
|
page read and write
|
||
|
35EA000
|
trusted library allocation
|
page read and write
|
||
|
7FF71D1D0000
|
unkown
|
page readonly
|
||
|
3764000
|
trusted library allocation
|
page read and write
|
||
|
355B000
|
trusted library allocation
|
page read and write
|
||
|
380F000
|
trusted library allocation
|
page read and write
|
||
|
3626000
|
trusted library allocation
|
page read and write
|
||
|
968000
|
stack
|
page read and write
|
||
|
37C3000
|
trusted library allocation
|
page read and write
|
||
|
35E8000
|
trusted library allocation
|
page read and write
|
||
|
174E000
|
stack
|
page read and write
|
||
|
4C25000
|
trusted library allocation
|
page read and write
|
||
|
35C5000
|
trusted library allocation
|
page read and write
|
||
|
18ED76C8000
|
heap
|
page read and write
|
||
|
3781000
|
trusted library allocation
|
page read and write
|
||
|
17A0000
|
trusted library allocation
|
page read and write
|
||
|
39A7000
|
trusted library allocation
|
page read and write
|
||
|
36AD000
|
trusted library allocation
|
page read and write
|
||
|
3694000
|
trusted library allocation
|
page read and write
|
||
|
6AF8000
|
heap
|
page read and write
|
||
|
285E000
|
stack
|
page read and write
|
||
|
354F000
|
trusted library allocation
|
page read and write
|
||
|
3570000
|
trusted library allocation
|
page read and write
|
||
|
3805000
|
trusted library allocation
|
page read and write
|
||
|
2916000
|
trusted library allocation
|
page read and write
|
||
|
3794000
|
trusted library allocation
|
page read and write
|
||
|
3551000
|
trusted library allocation
|
page read and write
|
||
|
366B000
|
trusted library allocation
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
7FF71D1D9000
|
unkown
|
page readonly
|
||
|
3544000
|
trusted library allocation
|
page read and write
|
||
|
37BC000
|
trusted library allocation
|
page read and write
|
||
|
17C7000
|
heap
|
page read and write
|
||
|
37DD000
|
trusted library allocation
|
page read and write
|
||
|
35AA000
|
trusted library allocation
|
page read and write
|
||
|
6DC0000
|
trusted library allocation
|
page read and write
|
||
|
3572000
|
trusted library allocation
|
page read and write
|
||
|
AE4000
|
trusted library allocation
|
page read and write
|
||
|
636FF2C000
|
stack
|
page read and write
|
||
|
B07000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF71D1D1000
|
unkown
|
page execute read
|
||
|
3745000
|
trusted library allocation
|
page read and write
|
||
|
3766000
|
trusted library allocation
|
page read and write
|
||
|
38F0000
|
trusted library allocation
|
page read and write
|
||
|
6280000
|
trusted library allocation
|
page read and write
|
||
|
3798000
|
trusted library allocation
|
page read and write
|
||
|
39AE000
|
trusted library allocation
|
page read and write
|
||
|
17A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
3923000
|
trusted library allocation
|
page read and write
|
||
|
39BC000
|
trusted library allocation
|
page read and write
|
||
|
4EEE000
|
stack
|
page read and write
|
||
|
7FF71D1D1000
|
unkown
|
page execute read
|
||
|
5CFE000
|
stack
|
page read and write
|
||
|
159B000
|
heap
|
page read and write
|
||
|
36E1000
|
trusted library allocation
|
page read and write
|
||
|
379A000
|
trusted library allocation
|
page read and write
|
||
|
38FE000
|
trusted library allocation
|
page read and write
|
||
|
5200000
|
remote allocation
|
page read and write
|
||
|
18ED7600000
|
heap
|
page read and write
|
||
|
61B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B8E4FF0000
|
heap
|
page read and write
|
||
|
1970000
|
heap
|
page read and write
|
||
|
37B6000
|
trusted library allocation
|
page read and write
|
||
|
3720000
|
trusted library allocation
|
page read and write
|
||
|
3711000
|
trusted library allocation
|
page read and write
|
||
|
374D000
|
trusted library allocation
|
page read and write
|
||
|
581D000
|
stack
|
page read and write
|
||
|
37DB000
|
trusted library allocation
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
36FE000
|
trusted library allocation
|
page read and write
|
||
|
35EC000
|
trusted library allocation
|
page read and write
|
||
|
382C000
|
trusted library allocation
|
page read and write
|
||
|
60EF000
|
stack
|
page read and write
|
||
|
3557000
|
trusted library allocation
|
page read and write
|
||
|
3771000
|
trusted library allocation
|
page read and write
|
||
|
1780000
|
trusted library allocation
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
32CE000
|
stack
|
page read and write
|
||
|
7080000
|
trusted library allocation
|
page read and write
|
||
|
6DB6000
|
trusted library allocation
|
page read and write
|
||
|
34CF000
|
trusted library allocation
|
page read and write
|
||
|
517E000
|
stack
|
page read and write
|
||
|
14D0000
|
heap
|
page read and write
|
||
|
170F000
|
stack
|
page read and write
|
||
|
B58000
|
heap
|
page read and write
|
||
|
6150000
|
trusted library section
|
page read and write
|
||
|
A95000
|
heap
|
page read and write
|
||
|
70C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3916000
|
trusted library allocation
|
page read and write
|
||
|
36EC000
|
trusted library allocation
|
page read and write
|
||
|
F2F000
|
trusted library allocation
|
page read and write
|
||
|
6AEE000
|
heap
|
page read and write
|
||
|
2700000
|
heap
|
page read and write
|
There are 472 hidden memdumps, click here to show them.