Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
5yv6ZxNaTP.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Nexus.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Thu Oct 5 07:36:25
2023, mtime=Thu Oct 31 19:42:11 2024, atime=Thu Oct 31 19:42:08 2024, length=3255296, window=hide
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kooj2ijd.zhe.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_v5e0kluk.1fy.psm1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\5yv6ZxNaTP.exe
|
"C:\Users\user\Desktop\5yv6ZxNaTP.exe"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -Command "$ws = New-Object -ComObject WScript.Shell; $s = $ws.CreateShortcut('C:\Users\user\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Startup\Nexus.lnk'); $s.TargetPath = 'C:\Users\user\Desktop\5yv6ZxNaTP.exe'; $s.Save()"
|
|
|
|
C:\Users\user\Desktop\5yv6ZxNaTP.exe
|
"C:\Users\user\Desktop\5yv6ZxNaTP.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
|
|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
|
|
|
https://go.micro
|
unknown
|
|
|
|
https://github.com/Pester/Pester
|
unknown
|
|
|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://oneget.orgX
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://oneget.org
|
unknown
|
There are 4 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.196.10.218
|
unknown
|
Switzerland
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
839000
|
unkown
|
page readonly
|
||
|
C000012000
|
direct allocation
|
page read and write
|
||
|
C000128000
|
direct allocation
|
page read and write
|
||
|
C0000A2000
|
direct allocation
|
page read and write
|
||
|
F41E9FF000
|
stack
|
page read and write
|
||
|
26723A15000
|
heap
|
page read and write
|
||
|
C00004D000
|
direct allocation
|
page read and write
|
||
|
C000092000
|
direct allocation
|
page read and write
|
||
|
C00012E000
|
direct allocation
|
page read and write
|
||
|
7FFB4B260000
|
trusted library allocation
|
page read and write
|
||
|
2763A350000
|
heap
|
page read and write
|
||
|
7FFB4B40A000
|
trusted library allocation
|
page read and write
|
||
|
C000067000
|
direct allocation
|
page read and write
|
||
|
C000052000
|
direct allocation
|
page read and write
|
||
|
26726F64000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B490000
|
trusted library allocation
|
page read and write
|
||
|
C00001A000
|
direct allocation
|
page read and write
|
||
|
2227DD50000
|
heap
|
page read and write
|
||
|
C00015D000
|
direct allocation
|
page read and write
|
||
|
C000006000
|
direct allocation
|
page read and write
|
||
|
2227DF88000
|
direct allocation
|
page read and write
|
||
|
C000044000
|
direct allocation
|
page read and write
|
||
|
2673D7C2000
|
heap
|
page read and write
|
||
|
7FFB4B5B0000
|
trusted library allocation
|
page read and write
|
||
|
C00002C000
|
direct allocation
|
page read and write
|
||
|
26727338000
|
trusted library allocation
|
page read and write
|
||
|
26723990000
|
heap
|
page execute and read and write
|
||
|
7FFB4B300000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B540000
|
trusted library allocation
|
page read and write
|
||
|
267253B0000
|
heap
|
page read and write
|
||
|
26723913000
|
trusted library allocation
|
page read and write
|
||
|
7CD000
|
unkown
|
page read and write
|
||
|
C000063000
|
direct allocation
|
page read and write
|
||
|
2673D700000
|
heap
|
page read and write
|
||
|
7A0000
|
unkown
|
page write copy
|
||
|
26723620000
|
heap
|
page read and write
|
||
|
2673D970000
|
heap
|
page read and write
|
||
|
835000
|
unkown
|
page read and write
|
||
|
C000112000
|
direct allocation
|
page read and write
|
||
|
7A8000
|
unkown
|
page read and write
|
||
|
2673D75A000
|
heap
|
page read and write
|
||
|
F41E8F7000
|
stack
|
page read and write
|
||
|
F41E18E000
|
stack
|
page read and write
|
||
|
C00000A000
|
direct allocation
|
page read and write
|
||
|
C00005C000
|
direct allocation
|
page read and write
|
||
|
2763A1D4000
|
direct allocation
|
page read and write
|
||
|
C00002A000
|
direct allocation
|
page read and write
|
||
|
2673D7C9000
|
heap
|
page read and write
|
||
|
C000098000
|
direct allocation
|
page read and write
|
||
|
2227DE54000
|
heap
|
page read and write
|
||
|
C000022000
|
direct allocation
|
page read and write
|
||
|
C00000E000
|
direct allocation
|
page read and write
|
||
|
C000150000
|
direct allocation
|
page read and write
|
||
|
7FFB4B3F0000
|
trusted library allocation
|
page read and write
|
||
|
26735701000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B252000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B500000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B590000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B4B0000
|
trusted library allocation
|
page read and write
|
||
|
C000049000
|
direct allocation
|
page read and write
|
||
|
F2815FE000
|
stack
|
page read and write
|
||
|
C000138000
|
direct allocation
|
page read and write
|
||
|
C000056000
|
direct allocation
|
page read and write
|
||
|
7FFB4B530000
|
trusted library allocation
|
page read and write
|
||
|
2672381E000
|
heap
|
page read and write
|
||
|
7FFB4B254000
|
trusted library allocation
|
page read and write
|
||
|
5D59DFE000
|
stack
|
page read and write
|
||
|
C00000C000
|
direct allocation
|
page read and write
|
||
|
2767F4A0000
|
direct allocation
|
page read and write
|
||
|
267237D2000
|
heap
|
page read and write
|
||
|
267237A2000
|
heap
|
page read and write
|
||
|
F41EB7B000
|
stack
|
page read and write
|
||
|
7A2000
|
unkown
|
page write copy
|
||
|
C00010E000
|
direct allocation
|
page read and write
|
||
|
C000098000
|
direct allocation
|
page read and write
|
||
|
C000018000
|
direct allocation
|
page read and write
|
||
|
26735710000
|
trusted library allocation
|
page read and write
|
||
|
921000
|
unkown
|
page readonly
|
||
|
C0000C8000
|
direct allocation
|
page read and write
|
||
|
7FFB4B560000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B306000
|
trusted library allocation
|
page read and write
|
||
|
C000180000
|
direct allocation
|
page read and write
|
||
|
C00008E000
|
direct allocation
|
page read and write
|
||
|
C000094000
|
direct allocation
|
page read and write
|
||
|
26723700000
|
heap
|
page read and write
|
||
|
C0000C6000
|
direct allocation
|
page read and write
|
||
|
7FFB4B4F0000
|
trusted library allocation
|
page read and write
|
||
|
5D59BFE000
|
stack
|
page read and write
|
||
|
C00009C000
|
direct allocation
|
page read and write
|
||
|
5A0000
|
unkown
|
page readonly
|
||
|
C00012C000
|
direct allocation
|
page read and write
|
||
|
26735773000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B5A0000
|
trusted library allocation
|
page read and write
|
||
|
C000169000
|
direct allocation
|
page read and write
|
||
|
F281DFE000
|
stack
|
page read and write
|
||
|
267238D0000
|
heap
|
page readonly
|
||
|
2673D711000
|
heap
|
page read and write
|
||
|
87F000
|
unkown
|
page readonly
|
||
|
2763A1D8000
|
direct allocation
|
page read and write
|
||
|
7FFB4B4E0000
|
trusted library allocation
|
page read and write
|
||
|
F41E779000
|
stack
|
page read and write
|
||
|
2673D9A1000
|
heap
|
page read and write
|
||
|
2227E001000
|
direct allocation
|
page read and write
|
||
|
5A1000
|
unkown
|
page execute read
|
||
|
2763A330000
|
direct allocation
|
page read and write
|
||
|
7FFB4B510000
|
trusted library allocation
|
page read and write
|
||
|
F41E7F7000
|
stack
|
page read and write
|
||
|
5D59FFE000
|
stack
|
page read and write
|
||
|
C0000CE000
|
direct allocation
|
page read and write
|
||
|
C000016000
|
direct allocation
|
page read and write
|
||
|
C00004D000
|
direct allocation
|
page read and write
|
||
|
7FFB4B580000
|
trusted library allocation
|
page read and write
|
||
|
2672578A000
|
trusted library allocation
|
page read and write
|
||
|
920000
|
unkown
|
page write copy
|
||
|
C000090000
|
direct allocation
|
page read and write
|
||
|
7FFB4B4A0000
|
trusted library allocation
|
page read and write
|
||
|
C000198000
|
direct allocation
|
page read and write
|
||
|
C000069000
|
direct allocation
|
page read and write
|
||
|
267237F0000
|
heap
|
page read and write
|
||
|
C000136000
|
direct allocation
|
page read and write
|
||
|
5A1000
|
unkown
|
page execute read
|
||
|
7FFB4B26B000
|
trusted library allocation
|
page read and write
|
||
|
C000038000
|
direct allocation
|
page read and write
|
||
|
C000159000
|
direct allocation
|
page read and write
|
||
|
C000110000
|
direct allocation
|
page read and write
|
||
|
C00004F000
|
direct allocation
|
page read and write
|
||
|
7AD000
|
unkown
|
page write copy
|
||
|
7FFB4B434000
|
trusted library allocation
|
page read and write
|
||
|
F41E6FD000
|
stack
|
page read and write
|
||
|
C000096000
|
direct allocation
|
page read and write
|
||
|
C000086000
|
direct allocation
|
page read and write
|
||
|
C000142000
|
direct allocation
|
page read and write
|
||
|
C00019A000
|
direct allocation
|
page read and write
|
||
|
C000031000
|
direct allocation
|
page read and write
|
||
|
C000148000
|
direct allocation
|
page read and write
|
||
|
26723760000
|
heap
|
page read and write
|
||
|
7A0000
|
unkown
|
page write copy
|
||
|
921000
|
unkown
|
page readonly
|
||
|
2763A390000
|
heap
|
page read and write
|
||
|
87F000
|
unkown
|
page readonly
|
||
|
87F000
|
unkown
|
page readonly
|
||
|
7AE000
|
unkown
|
page read and write
|
||
|
835000
|
unkown
|
page read and write
|
||
|
2227E044000
|
direct allocation
|
page read and write
|
||
|
267237DA000
|
heap
|
page read and write
|
||
|
921000
|
unkown
|
page readonly
|
||
|
7FFB4B480000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B30C000
|
trusted library allocation
|
page execute and read and write
|
||
|
C000118000
|
direct allocation
|
page read and write
|
||
|
26726DBC000
|
trusted library allocation
|
page read and write
|
||
|
267358B6000
|
trusted library allocation
|
page read and write
|
||
|
2673DD30000
|
heap
|
page read and write
|
||
|
7FFB4B25D000
|
trusted library allocation
|
page execute and read and write
|
||
|
267237D0000
|
heap
|
page read and write
|
||
|
2672726E000
|
trusted library allocation
|
page read and write
|
||
|
5A0000
|
unkown
|
page readonly
|
||
|
C0000E8000
|
direct allocation
|
page read and write
|
||
|
2227DF8A000
|
direct allocation
|
page read and write
|
||
|
2673D726000
|
heap
|
page read and write
|
||
|
2227DFE0000
|
direct allocation
|
page read and write
|
||
|
26726D31000
|
trusted library allocation
|
page read and write
|
||
|
C000028000
|
direct allocation
|
page read and write
|
||
|
C00013C000
|
direct allocation
|
page read and write
|
||
|
87F000
|
unkown
|
page readonly
|
||
|
C000002000
|
direct allocation
|
page read and write
|
||
|
C00003D000
|
direct allocation
|
page read and write
|
||
|
C000120000
|
direct allocation
|
page read and write
|
||
|
C00003D000
|
direct allocation
|
page read and write
|
||
|
C000134000
|
direct allocation
|
page read and write
|
||
|
F41E10E000
|
stack
|
page read and write
|
||
|
2763A1D0000
|
direct allocation
|
page read and write
|
||
|
5A1000
|
unkown
|
page execute read
|
||
|
2227DF40000
|
heap
|
page read and write
|
||
|
7FFB4B437000
|
trusted library allocation
|
page read and write
|
||
|
C00003F000
|
direct allocation
|
page read and write
|
||
|
7FFB4B470000
|
trusted library allocation
|
page read and write
|
||
|
C000012000
|
direct allocation
|
page read and write
|
||
|
C00000A000
|
direct allocation
|
page read and write
|
||
|
267270DA000
|
trusted library allocation
|
page read and write
|
||
|
C00001A000
|
direct allocation
|
page read and write
|
||
|
27639FC0000
|
heap
|
page read and write
|
||
|
C00005E000
|
direct allocation
|
page read and write
|
||
|
F281FFE000
|
stack
|
page read and write
|
||
|
5D595FC000
|
stack
|
page read and write
|
||
|
C000073000
|
direct allocation
|
page read and write
|
||
|
C00009E000
|
direct allocation
|
page read and write
|
||
|
26723950000
|
trusted library allocation
|
page read and write
|
||
|
2673D74A000
|
heap
|
page read and write
|
||
|
7FFB4B370000
|
trusted library allocation
|
page execute and read and write
|
||
|
2763A1DC000
|
direct allocation
|
page read and write
|
||
|
F281BFF000
|
stack
|
page read and write
|
||
|
2227DF84000
|
direct allocation
|
page read and write
|
||
|
F41E083000
|
stack
|
page read and write
|
||
|
27639FF0000
|
heap
|
page read and write
|
||
|
5A1000
|
unkown
|
page execute read
|
||
|
C00005E000
|
direct allocation
|
page read and write
|
||
|
26723720000
|
heap
|
page read and write
|
||
|
C00005A000
|
direct allocation
|
page read and write
|
||
|
C00018C000
|
direct allocation
|
page read and write
|
||
|
68E000
|
unkown
|
page readonly
|
||
|
C000002000
|
direct allocation
|
page read and write
|
||
|
2227E048000
|
direct allocation
|
page read and write
|
||
|
7A0000
|
unkown
|
page read and write
|
||
|
C00014A000
|
direct allocation
|
page read and write
|
||
|
C00002C000
|
direct allocation
|
page read and write
|
||
|
C000144000
|
direct allocation
|
page read and write
|
||
|
26725701000
|
trusted library allocation
|
page read and write
|
||
|
F41E5FE000
|
stack
|
page read and write
|
||
|
C000100000
|
direct allocation
|
page read and write
|
||
|
C000184000
|
direct allocation
|
page read and write
|
||
|
7A0000
|
unkown
|
page read and write
|
||
|
C000080000
|
direct allocation
|
page read and write
|
||
|
26723819000
|
heap
|
page read and write
|
||
|
F41E1CE000
|
stack
|
page read and write
|
||
|
2227DE40000
|
heap
|
page read and write
|
||
|
C0000C0000
|
direct allocation
|
page read and write
|
||
|
267252F0000
|
heap
|
page execute and read and write
|
||
|
C000186000
|
direct allocation
|
page read and write
|
||
|
C00001E000
|
direct allocation
|
page read and write
|
||
|
F41E57D000
|
stack
|
page read and write
|
||
|
5A0000
|
unkown
|
page readonly
|
||
|
2673D7FA000
|
heap
|
page read and write
|
||
|
7FFB4B550000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B401000
|
trusted library allocation
|
page read and write
|
||
|
267238C0000
|
trusted library allocation
|
page read and write
|
||
|
C00009A000
|
direct allocation
|
page read and write
|
||
|
267251CB000
|
heap
|
page read and write
|
||
|
C00001E000
|
direct allocation
|
page read and write
|
||
|
C000086000
|
direct allocation
|
page read and write
|
||
|
C000004000
|
direct allocation
|
page read and write
|
||
|
26723888000
|
heap
|
page read and write
|
||
|
921000
|
unkown
|
page readonly
|
||
|
2767F522000
|
direct allocation
|
page read and write
|
||
|
C00000E000
|
direct allocation
|
page read and write
|
||
|
2227E040000
|
direct allocation
|
page read and write
|
||
|
7A8000
|
unkown
|
page read and write
|
||
|
C000014000
|
direct allocation
|
page read and write
|
||
|
26726331000
|
trusted library allocation
|
page read and write
|
||
|
C000010000
|
direct allocation
|
page read and write
|
||
|
C000190000
|
direct allocation
|
page read and write
|
||
|
C0000DF000
|
direct allocation
|
page read and write
|
||
|
C00004F000
|
direct allocation
|
page read and write
|
||
|
C0000E1000
|
direct allocation
|
page read and write
|
||
|
26723997000
|
heap
|
page execute and read and write
|
||
|
839000
|
unkown
|
page readonly
|
||
|
F2817FE000
|
stack
|
page read and write
|
||
|
267253B5000
|
heap
|
page read and write
|
||
|
7FFB4B460000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B310000
|
trusted library allocation
|
page execute and read and write
|
||
|
2673D7BE000
|
heap
|
page read and write
|
||
|
267237DC000
|
heap
|
page read and write
|
||
|
C00013A000
|
direct allocation
|
page read and write
|
||
|
C000044000
|
direct allocation
|
page read and write
|
||
|
C00000C000
|
direct allocation
|
page read and write
|
||
|
920000
|
unkown
|
page write copy
|
||
|
C000088000
|
direct allocation
|
page read and write
|
||
|
C000094000
|
direct allocation
|
page read and write
|
||
|
C00004B000
|
direct allocation
|
page read and write
|
||
|
C0000AE000
|
direct allocation
|
page read and write
|
||
|
27639FD0000
|
heap
|
page read and write
|
||
|
C000010000
|
direct allocation
|
page read and write
|
||
|
F41E4FE000
|
stack
|
page read and write
|
||
|
C000104000
|
direct allocation
|
page read and write
|
||
|
26723822000
|
heap
|
page read and write
|
||
|
26727334000
|
trusted library allocation
|
page read and write
|
||
|
C000122000
|
direct allocation
|
page read and write
|
||
|
F41E67E000
|
stack
|
page read and write
|
||
|
C000114000
|
direct allocation
|
page read and write
|
||
|
7FFB4B253000
|
trusted library allocation
|
page execute and read and write
|
||
|
C00016B000
|
direct allocation
|
page read and write
|
||
|
920000
|
unkown
|
page write copy
|
||
|
2673D9AA000
|
heap
|
page read and write
|
||
|
C000084000
|
direct allocation
|
page read and write
|
||
|
2673D890000
|
heap
|
page read and write
|
||
|
7FFB4B520000
|
trusted library allocation
|
page read and write
|
||
|
F41E97E000
|
stack
|
page read and write
|
||
|
C000124000
|
direct allocation
|
page read and write
|
||
|
C000016000
|
direct allocation
|
page read and write
|
||
|
C00003F000
|
direct allocation
|
page read and write
|
||
|
C0000B2000
|
direct allocation
|
page read and write
|
||
|
7DF4A1690000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4B4C0000
|
trusted library allocation
|
page read and write
|
||
|
F41F54E000
|
stack
|
page read and write
|
||
|
7AD000
|
unkown
|
page write copy
|
||
|
C00010C000
|
direct allocation
|
page read and write
|
||
|
7FFB4B4D0000
|
trusted library allocation
|
page read and write
|
||
|
C000004000
|
direct allocation
|
page read and write
|
||
|
F41E878000
|
stack
|
page read and write
|
||
|
7FFB4B410000
|
trusted library allocation
|
page execute and read and write
|
||
|
2767F4A8000
|
direct allocation
|
page read and write
|
||
|
920000
|
unkown
|
page write copy
|
||
|
C00002A000
|
direct allocation
|
page read and write
|
||
|
C00015F000
|
direct allocation
|
page read and write
|
||
|
C000052000
|
direct allocation
|
page read and write
|
||
|
26723A10000
|
heap
|
page read and write
|
||
|
26723825000
|
heap
|
page read and write
|
||
|
C00018A000
|
direct allocation
|
page read and write
|
||
|
F41EAFE000
|
stack
|
page read and write
|
||
|
C0000D8000
|
direct allocation
|
page read and write
|
||
|
F2811FD000
|
stack
|
page read and write
|
||
|
26723910000
|
trusted library allocation
|
page read and write
|
||
|
2673D7EF000
|
heap
|
page read and write
|
||
|
C00019C000
|
direct allocation
|
page read and write
|
||
|
C000108000
|
direct allocation
|
page read and write
|
||
|
7FFB4B450000
|
trusted library allocation
|
page read and write
|
||
|
C000038000
|
direct allocation
|
page read and write
|
||
|
C00008A000
|
direct allocation
|
page read and write
|
||
|
C00006E000
|
direct allocation
|
page read and write
|
||
|
C0000BA000
|
direct allocation
|
page read and write
|
||
|
C00008A000
|
direct allocation
|
page read and write
|
||
|
2227DF80000
|
direct allocation
|
page read and write
|
||
|
C0000C4000
|
direct allocation
|
page read and write
|
||
|
27639FF8000
|
heap
|
page read and write
|
||
|
2227E080000
|
heap
|
page read and write
|
||
|
2673D984000
|
heap
|
page read and write
|
||
|
F41E47E000
|
stack
|
page read and write
|
||
|
C00013E000
|
direct allocation
|
page read and write
|
||
|
2673577F000
|
trusted library allocation
|
page read and write
|
||
|
5D599FF000
|
stack
|
page read and write
|
||
|
267237D8000
|
heap
|
page read and write
|
||
|
26726FED000
|
trusted library allocation
|
page read and write
|
||
|
C000132000
|
direct allocation
|
page read and write
|
||
|
2673D870000
|
heap
|
page read and write
|
||
|
C000080000
|
direct allocation
|
page read and write
|
||
|
2227E085000
|
heap
|
page read and write
|
||
|
C000146000
|
direct allocation
|
page read and write
|
||
|
267238A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B336000
|
trusted library allocation
|
page execute and read and write
|
||
|
68E000
|
unkown
|
page readonly
|
||
|
7FFB4B570000
|
trusted library allocation
|
page read and write
|
||
|
C000014000
|
direct allocation
|
page read and write
|
||
|
839000
|
unkown
|
page readonly
|
||
|
7FFB4B420000
|
trusted library allocation
|
page execute and read and write
|
||
|
839000
|
unkown
|
page readonly
|
||
|
7AE000
|
unkown
|
page read and write
|
||
|
2227DF8C000
|
direct allocation
|
page read and write
|
||
|
26723790000
|
heap
|
page read and write
|
||
|
26725310000
|
heap
|
page execute and read and write
|
||
|
C000018000
|
direct allocation
|
page read and write
|
||
|
C0000B7000
|
direct allocation
|
page read and write
|
||
|
7CD000
|
unkown
|
page read and write
|
||
|
5A0000
|
unkown
|
page readonly
|
||
|
2763A1DA000
|
direct allocation
|
page read and write
|
||
|
2673D720000
|
heap
|
page read and write
|
||
|
2673D75C000
|
heap
|
page read and write
|
||
|
7FFB4B432000
|
trusted library allocation
|
page read and write
|
||
|
C000023000
|
direct allocation
|
page read and write
|
||
|
C00011A000
|
direct allocation
|
page read and write
|
||
|
C0000DD000
|
direct allocation
|
page read and write
|
||
|
C00004B000
|
direct allocation
|
page read and write
|
||
|
C000006000
|
direct allocation
|
page read and write
|
||
|
C0000BC000
|
direct allocation
|
page read and write
|
||
|
26723817000
|
heap
|
page read and write
|
||
|
7FFB4B440000
|
trusted library allocation
|
page execute and read and write
|
||
|
68E000
|
unkown
|
page readonly
|
||
|
2227DE4C000
|
heap
|
page read and write
|
||
|
68E000
|
unkown
|
page readonly
|
||
|
C000056000
|
direct allocation
|
page read and write
|
||
|
2227DF60000
|
heap
|
page read and write
|
||
|
7A2000
|
unkown
|
page write copy
|
||
|
26725931000
|
trusted library allocation
|
page read and write
|
||
|
26726F90000
|
trusted library allocation
|
page read and write
|
||
|
2763A395000
|
heap
|
page read and write
|
||
|
26725350000
|
heap
|
page read and write
|
||
|
C000102000
|
direct allocation
|
page read and write
|
||
|
C000126000
|
direct allocation
|
page read and write
|
There are 356 hidden memdumps, click here to show them.