Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
INQUIRY_pdf.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\INQUIRY_pdf.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1m1rhqga.ske.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2ilx4ls3.5y5.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4vz3krbz.cl0.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_rd1y0dwn.xzf.ps1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\INQUIRY_pdf.exe
|
"C:\Users\user\Desktop\INQUIRY_pdf.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\INQUIRY_pdf.exe"
|
|
|
|
C:\Users\user\Desktop\INQUIRY_pdf.exe
|
"C:\Users\user\Desktop\INQUIRY_pdf.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
https://api.telegram.org
|
unknown
|
||
|
https://api.telegram.org/bot
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
https://www.google.com/#q=
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
https://chrome.google.com/webstore?hl=en
|
unknown
|
||
|
http://varders.kozow.com:8081
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://checkip.dyndns.org/
|
132.226.247.73
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17Install
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
||
|
https://chrome.google.com/webstore?hl=enlBfq
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/155.94.241.187
|
188.114.97.3
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
||
|
https://www.office.com/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://microsoft.co
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=
|
unknown
|
||
|
https://www.office.com/lBfq
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://aborters.duckdns.org:8081
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:364339%0D%0ADate%20and%20Time:%2019/11/2024%20/%2010:54:07%0D%0ACountry%20Name:%20United%20States%0D%0A%5B%20364339%20Clicked%20on%20the%20File%20If%20you%20see%20nothing%20this's%20mean%20the%20system%20storage's%20empty.%20%5D
|
149.154.167.220
|
||
|
http://anotherarmy.dns.army:8081
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
https://reallyfreegeoip.org
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:364339%0D%0ADate%20a
|
unknown
|
||
|
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Examples
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/155.94.241.187$
|
unknown
|
||
|
http://51.38.247.67:8081/_send_.php?LCapplication/x-www-form-urlencoded
|
unknown
|
There are 42 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
reallyfreegeoip.org
|
188.114.97.3
|
||
|
api.telegram.org
|
149.154.167.220
|
||
|
checkip.dyndns.com
|
132.226.247.73
|
||
|
checkip.dyndns.org
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
||
|
188.114.97.3
|
reallyfreegeoip.org
|
European Union
|
||
|
132.226.247.73
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\INQUIRY_pdf_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\INQUIRY_pdf_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\INQUIRY_pdf_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\INQUIRY_pdf_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\INQUIRY_pdf_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\INQUIRY_pdf_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\INQUIRY_pdf_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\INQUIRY_pdf_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\INQUIRY_pdf_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\INQUIRY_pdf_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\INQUIRY_pdf_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\INQUIRY_pdf_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\INQUIRY_pdf_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\INQUIRY_pdf_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2A31000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
3B61000
|
trusted library allocation
|
page read and write
|
|
|
|
5F70000
|
trusted library allocation
|
page read and write
|
||
|
3CA7000
|
trusted library allocation
|
page read and write
|
||
|
4FC6000
|
trusted library allocation
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
3D6B000
|
trusted library allocation
|
page read and write
|
||
|
2D4C000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
2BE6000
|
trusted library allocation
|
page read and write
|
||
|
298E000
|
trusted library allocation
|
page read and write
|
||
|
1236000
|
heap
|
page read and write
|
||
|
3B0A000
|
trusted library allocation
|
page read and write
|
||
|
1110000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
DBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3CE6000
|
trusted library allocation
|
page read and write
|
||
|
5FFA000
|
heap
|
page read and write
|
||
|
2AA8000
|
trusted library allocation
|
page read and write
|
||
|
4F7D000
|
stack
|
page read and write
|
||
|
612E000
|
stack
|
page read and write
|
||
|
538E000
|
stack
|
page read and write
|
||
|
2AAC000
|
trusted library allocation
|
page read and write
|
||
|
3DCA000
|
trusted library allocation
|
page read and write
|
||
|
FBE000
|
stack
|
page read and write
|
||
|
2AA4000
|
trusted library allocation
|
page read and write
|
||
|
1100000
|
trusted library allocation
|
page execute and read and write
|
||
|
E16000
|
heap
|
page read and write
|
||
|
3C95000
|
trusted library allocation
|
page read and write
|
||
|
2E98000
|
trusted library allocation
|
page read and write
|
||
|
2E94000
|
trusted library allocation
|
page read and write
|
||
|
2E12000
|
trusted library allocation
|
page read and write
|
||
|
A5CE000
|
stack
|
page read and write
|
||
|
5470000
|
trusted library allocation
|
page execute and read and write
|
||
|
DF6000
|
heap
|
page read and write
|
||
|
DB0000
|
trusted library allocation
|
page read and write
|
||
|
751E000
|
heap
|
page read and write
|
||
|
3C3C000
|
trusted library allocation
|
page read and write
|
||
|
299A000
|
trusted library allocation
|
page read and write
|
||
|
2E6E000
|
trusted library allocation
|
page read and write
|
||
|
2BF5000
|
trusted library allocation
|
page read and write
|
||
|
29B2000
|
trusted library allocation
|
page read and write
|
||
|
2B35000
|
trusted library allocation
|
page read and write
|
||
|
2DE4000
|
trusted library allocation
|
page read and write
|
||
|
DA0000
|
trusted library allocation
|
page read and write
|
||
|
10C0000
|
trusted library allocation
|
page read and write
|
||
|
3B62000
|
trusted library allocation
|
page read and write
|
||
|
29D0000
|
heap
|
page read and write
|
||
|
787F000
|
stack
|
page read and write
|
||
|
5DCE000
|
stack
|
page read and write
|
||
|
DA3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BC9000
|
trusted library allocation
|
page read and write
|
||
|
652E000
|
stack
|
page read and write
|
||
|
2AF2000
|
trusted library allocation
|
page read and write
|
||
|
3DAD000
|
trusted library allocation
|
page read and write
|
||
|
2986000
|
trusted library allocation
|
page read and write
|
||
|
1080000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E88000
|
trusted library allocation
|
page read and write
|
||
|
2BEA000
|
trusted library allocation
|
page read and write
|
||
|
3B26000
|
trusted library allocation
|
page read and write
|
||
|
3B78000
|
trusted library allocation
|
page read and write
|
||
|
A5A000
|
stack
|
page read and write
|
||
|
AD8B000
|
stack
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
2C13000
|
trusted library allocation
|
page read and write
|
||
|
64EF000
|
stack
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2A8E000
|
trusted library allocation
|
page read and write
|
||
|
10B0000
|
trusted library allocation
|
page read and write
|
||
|
D6E000
|
stack
|
page read and write
|
||
|
DA4000
|
trusted library allocation
|
page read and write
|
||
|
3A59000
|
trusted library allocation
|
page read and write
|
||
|
4FAB000
|
trusted library allocation
|
page read and write
|
||
|
6C60000
|
heap
|
page read and write
|
||
|
3CC8000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
5050000
|
heap
|
page read and write
|
||
|
DAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F86000
|
trusted library allocation
|
page read and write
|
||
|
710E000
|
stack
|
page read and write
|
||
|
3D57000
|
trusted library allocation
|
page read and write
|
||
|
2B50000
|
heap
|
page execute and read and write
|
||
|
5250000
|
heap
|
page read and write
|
||
|
4F8A000
|
trusted library allocation
|
page read and write
|
||
|
7ABE000
|
stack
|
page read and write
|
||
|
3DA0000
|
trusted library allocation
|
page read and write
|
||
|
10D7000
|
trusted library allocation
|
page execute and read and write
|
||
|
5320000
|
heap
|
page execute and read and write
|
||
|
5610000
|
trusted library allocation
|
page read and write
|
||
|
2BBF000
|
trusted library allocation
|
page read and write
|
||
|
3D78000
|
trusted library allocation
|
page read and write
|
||
|
3DBA000
|
trusted library allocation
|
page read and write
|
||
|
DC6000
|
trusted library allocation
|
page execute and read and write
|
||
|
76CE000
|
heap
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
7FE000
|
stack
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
4FD0000
|
trusted library allocation
|
page read and write
|
||
|
2CAE000
|
trusted library allocation
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
6780000
|
trusted library allocation
|
page read and write
|
||
|
AC0E000
|
stack
|
page read and write
|
||
|
DC0000
|
trusted library allocation
|
page read and write
|
||
|
3B22000
|
trusted library allocation
|
page read and write
|
||
|
E63000
|
heap
|
page read and write
|
||
|
3DD9000
|
trusted library allocation
|
page read and write
|
||
|
2BE2000
|
trusted library allocation
|
page read and write
|
||
|
3B68000
|
trusted library allocation
|
page read and write
|
||
|
2A99000
|
trusted library allocation
|
page read and write
|
||
|
2AD1000
|
trusted library allocation
|
page read and write
|
||
|
29A1000
|
trusted library allocation
|
page read and write
|
||
|
2BB6000
|
trusted library allocation
|
page read and write
|
||
|
702000
|
unkown
|
page readonly
|
||
|
C20000
|
heap
|
page read and write
|
||
|
10A0000
|
trusted library allocation
|
page read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
2E8C000
|
trusted library allocation
|
page read and write
|
||
|
3DB4000
|
trusted library allocation
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
3C18000
|
trusted library allocation
|
page read and write
|
||
|
2A00000
|
heap
|
page execute and read and write
|
||
|
2ADD000
|
trusted library allocation
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
AEC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
656E000
|
stack
|
page read and write
|
||
|
2C7E000
|
trusted library allocation
|
page read and write
|
||
|
5060000
|
heap
|
page read and write
|
||
|
DE9000
|
heap
|
page read and write
|
||
|
EAC000
|
heap
|
page read and write
|
||
|
5F6E000
|
stack
|
page read and write
|
||
|
4FA4000
|
trusted library allocation
|
page read and write
|
||
|
622E000
|
stack
|
page read and write
|
||
|
2DB7000
|
trusted library allocation
|
page read and write
|
||
|
2D8A000
|
trusted library allocation
|
page read and write
|
||
|
2B61000
|
trusted library allocation
|
page read and write
|
||
|
3DD1000
|
trusted library allocation
|
page read and write
|
||
|
DBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FC1000
|
trusted library allocation
|
page read and write
|
||
|
3AF1000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
66C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3D89000
|
trusted library allocation
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
4FCD000
|
trusted library allocation
|
page read and write
|
||
|
50CE000
|
stack
|
page read and write
|
||
|
FF0000
|
trusted library allocation
|
page read and write
|
||
|
3CC2000
|
trusted library allocation
|
page read and write
|
||
|
7132000
|
trusted library allocation
|
page read and write
|
||
|
2E7D000
|
trusted library allocation
|
page read and write
|
||
|
3D29000
|
trusted library allocation
|
page read and write
|
||
|
76AA000
|
heap
|
page read and write
|
||
|
78A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
51B0000
|
trusted library allocation
|
page read and write
|
||
|
2AD5000
|
trusted library allocation
|
page read and write
|
||
|
3C24000
|
trusted library allocation
|
page read and write
|
||
|
67A0000
|
trusted library allocation
|
page read and write
|
||
|
3B66000
|
trusted library allocation
|
page read and write
|
||
|
6760000
|
trusted library allocation
|
page execute and read and write
|
||
|
DAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C5A000
|
stack
|
page read and write
|
||
|
3D64000
|
trusted library allocation
|
page read and write
|
||
|
D2E000
|
stack
|
page read and write
|
||
|
3CCA000
|
trusted library allocation
|
page read and write
|
||
|
4BCD000
|
stack
|
page read and write
|
||
|
6265000
|
heap
|
page read and write
|
||
|
DE8000
|
heap
|
page read and write
|
||
|
C25000
|
heap
|
page read and write
|
||
|
E8A000
|
heap
|
page read and write
|
||
|
10C0000
|
trusted library allocation
|
page read and write
|
||
|
3B12000
|
trusted library allocation
|
page read and write
|
||
|
AACE000
|
stack
|
page read and write
|
||
|
78F0000
|
trusted library allocation
|
page read and write
|
||
|
5FA5000
|
heap
|
page read and write
|
||
|
2C21000
|
trusted library allocation
|
page read and write
|
||
|
E98000
|
heap
|
page read and write
|
||
|
4F20000
|
trusted library allocation
|
page read and write
|
||
|
2C4D000
|
trusted library allocation
|
page read and write
|
||
|
4F90000
|
trusted library allocation
|
page read and write
|
||
|
DA0000
|
trusted library allocation
|
page read and write
|
||
|
3D1E000
|
trusted library allocation
|
page read and write
|
||
|
4FF0000
|
trusted library allocation
|
page read and write
|
||
|
A80E000
|
stack
|
page read and write
|
||
|
3D06000
|
trusted library allocation
|
page read and write
|
||
|
3CC6000
|
trusted library allocation
|
page read and write
|
||
|
ECD000
|
heap
|
page read and write
|
||
|
2A82000
|
trusted library allocation
|
page read and write
|
||
|
6001000
|
heap
|
page read and write
|
||
|
3D86000
|
trusted library allocation
|
page read and write
|
||
|
2EF8000
|
trusted library allocation
|
page read and write
|
||
|
6790000
|
trusted library allocation
|
page read and write
|
||
|
116E000
|
stack
|
page read and write
|
||
|
6750000
|
trusted library allocation
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
DD5000
|
trusted library allocation
|
page execute and read and write
|
||
|
10D2000
|
trusted library allocation
|
page read and write
|
||
|
5230000
|
heap
|
page read and write
|
||
|
66D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
AB0E000
|
stack
|
page read and write
|
||
|
1178000
|
trusted library allocation
|
page read and write
|
||
|
2AE1000
|
trusted library allocation
|
page read and write
|
||
|
2ECA000
|
trusted library allocation
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
66F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
DCE000
|
heap
|
page read and write
|
||
|
4F9D000
|
trusted library allocation
|
page read and write
|
||
|
700000
|
unkown
|
page readonly
|
||
|
10A4000
|
trusted library allocation
|
page read and write
|
||
|
C0E000
|
stack
|
page read and write
|
||
|
103E000
|
stack
|
page read and write
|
||
|
3B03000
|
trusted library allocation
|
page read and write
|
||
|
10BE000
|
stack
|
page read and write
|
||
|
66E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E9C000
|
trusted library allocation
|
page read and write
|
||
|
FDE000
|
stack
|
page read and write
|
||
|
65AE000
|
stack
|
page read and write
|
||
|
5240000
|
trusted library section
|
page readonly
|
||
|
10F0000
|
trusted library allocation
|
page read and write
|
||
|
3B16000
|
trusted library allocation
|
page read and write
|
||
|
A9CE000
|
stack
|
page read and write
|
||
|
2B3D000
|
trusted library allocation
|
page read and write
|
||
|
4FBE000
|
trusted library allocation
|
page read and write
|
||
|
2B40000
|
trusted library allocation
|
page read and write
|
||
|
2B18000
|
trusted library allocation
|
page read and write
|
||
|
2B20000
|
trusted library allocation
|
page read and write
|
||
|
3D8C000
|
trusted library allocation
|
page read and write
|
||
|
10CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E40000
|
trusted library allocation
|
page read and write
|
||
|
5CCE000
|
stack
|
page read and write
|
||
|
5064000
|
heap
|
page read and write
|
||
|
3B50000
|
trusted library allocation
|
page read and write
|
||
|
67B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3D04000
|
trusted library allocation
|
page read and write
|
||
|
7890000
|
trusted library allocation
|
page read and write
|
||
|
6787000
|
trusted library allocation
|
page read and write
|
||
|
5FA0000
|
heap
|
page read and write
|
||
|
3CBC000
|
trusted library allocation
|
page read and write
|
||
|
10DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
74A000
|
stack
|
page read and write
|
||
|
2980000
|
trusted library allocation
|
page read and write
|
||
|
B57000
|
stack
|
page read and write
|
||
|
78EC000
|
trusted library allocation
|
page read and write
|
||
|
7880000
|
trusted library allocation
|
page execute and read and write
|
||
|
1090000
|
trusted library allocation
|
page read and write
|
||
|
636D000
|
stack
|
page read and write
|
||
|
7680000
|
heap
|
page read and write
|
||
|
DA3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A9B000
|
trusted library allocation
|
page read and write
|
||
|
510E000
|
stack
|
page read and write
|
||
|
3D27000
|
trusted library allocation
|
page read and write
|
||
|
10C2000
|
trusted library allocation
|
page read and write
|
||
|
5215000
|
trusted library allocation
|
page read and write
|
||
|
2B3C000
|
trusted library allocation
|
page read and write
|
||
|
66AE000
|
stack
|
page read and write
|
||
|
1210000
|
trusted library allocation
|
page read and write
|
||
|
AC4E000
|
stack
|
page read and write
|
||
|
2C19000
|
trusted library allocation
|
page read and write
|
||
|
D3E000
|
stack
|
page read and write
|
||
|
E01000
|
heap
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
A98F000
|
stack
|
page read and write
|
||
|
4FA0000
|
trusted library allocation
|
page read and write
|
||
|
3CAE000
|
trusted library allocation
|
page read and write
|
||
|
2F27000
|
trusted library allocation
|
page read and write
|
||
|
3D94000
|
trusted library allocation
|
page read and write
|
||
|
2AD9000
|
trusted library allocation
|
page read and write
|
||
|
5F90000
|
trusted library section
|
page read and write
|
||
|
7E8F000
|
stack
|
page read and write
|
||
|
29D3000
|
heap
|
page read and write
|
||
|
2E81000
|
trusted library allocation
|
page read and write
|
||
|
3B5F000
|
trusted library allocation
|
page read and write
|
||
|
54A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
107C000
|
stack
|
page read and write
|
||
|
2C17000
|
trusted library allocation
|
page read and write
|
||
|
3BEA000
|
trusted library allocation
|
page read and write
|
||
|
DA4000
|
trusted library allocation
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
A88E000
|
stack
|
page read and write
|
||
|
7AFE000
|
stack
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
63AE000
|
stack
|
page read and write
|
||
|
7D00000
|
trusted library section
|
page read and write
|
||
|
2AED000
|
trusted library allocation
|
page read and write
|
||
|
3B1E000
|
trusted library allocation
|
page read and write
|
||
|
AE8C000
|
stack
|
page read and write
|
||
|
3C97000
|
trusted library allocation
|
page read and write
|
||
|
4C5D000
|
stack
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
3C91000
|
trusted library allocation
|
page read and write
|
||
|
2BC1000
|
trusted library allocation
|
page read and write
|
||
|
3AED000
|
trusted library allocation
|
page read and write
|
||
|
DB0000
|
trusted library allocation
|
page read and write
|
||
|
A70E000
|
stack
|
page read and write
|
||
|
542E000
|
stack
|
page read and write
|
||
|
5FB0000
|
heap
|
page read and write
|
||
|
3CB6000
|
trusted library allocation
|
page read and write
|
||
|
3D71000
|
trusted library allocation
|
page read and write
|
||
|
3A9D000
|
trusted library allocation
|
page read and write
|
||
|
3BE8000
|
trusted library allocation
|
page read and write
|
||
|
3BDF000
|
trusted library allocation
|
page read and write
|
||
|
298B000
|
trusted library allocation
|
page read and write
|
||
|
2AE9000
|
trusted library allocation
|
page read and write
|
||
|
5FC0000
|
heap
|
page read and write
|
||
|
29AD000
|
trusted library allocation
|
page read and write
|
||
|
EC6000
|
heap
|
page read and write
|
||
|
3B87000
|
trusted library allocation
|
page read and write
|
||
|
E03000
|
heap
|
page read and write
|
||
|
DD2000
|
trusted library allocation
|
page read and write
|
||
|
3BC7000
|
trusted library allocation
|
page read and write
|
||
|
3B18000
|
trusted library allocation
|
page read and write
|
||
|
2AE5000
|
trusted library allocation
|
page read and write
|
||
|
5FF4000
|
heap
|
page read and write
|
||
|
4A38000
|
trusted library allocation
|
page read and write
|
||
|
2E90000
|
trusted library allocation
|
page read and write
|
||
|
2C1B000
|
trusted library allocation
|
page read and write
|
||
|
299E000
|
trusted library allocation
|
page read and write
|
||
|
C25000
|
heap
|
page read and write
|
||
|
5488000
|
heap
|
page read and write
|
||
|
2E84000
|
trusted library allocation
|
page read and write
|
||
|
546B000
|
stack
|
page read and write
|
||
|
AD4F000
|
stack
|
page read and write
|
||
|
7110000
|
trusted library allocation
|
page read and write
|
||
|
E77000
|
heap
|
page read and write
|
||
|
DD7000
|
trusted library allocation
|
page execute and read and write
|
||
|
51F0000
|
trusted library allocation
|
page read and write
|
||
|
7510000
|
heap
|
page read and write
|
||
|
3CBA000
|
trusted library allocation
|
page read and write
|
||
|
5490000
|
trusted library allocation
|
page read and write
|
||
|
4F84000
|
trusted library allocation
|
page read and write
|
||
|
3B42000
|
trusted library allocation
|
page read and write
|
||
|
2ADF000
|
stack
|
page read and write
|
||
|
3DB8000
|
trusted library allocation
|
page read and write
|
||
|
3CF4000
|
trusted library allocation
|
page read and write
|
||
|
2D1D000
|
trusted library allocation
|
page read and write
|
||
|
6770000
|
trusted library allocation
|
page read and write
|
||
|
793E000
|
stack
|
page read and write
|
||
|
67E0000
|
heap
|
page read and write
|
||
|
10C6000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BC7000
|
trusted library allocation
|
page read and write
|
||
|
2BE8000
|
trusted library allocation
|
page read and write
|
||
|
54B0000
|
trusted library allocation
|
page read and write
|
||
|
505B000
|
stack
|
page read and write
|
||
|
627E000
|
heap
|
page read and write
|
||
|
51E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
51D0000
|
heap
|
page read and write
|
||
|
AF7000
|
stack
|
page read and write
|
||
|
2B1C000
|
stack
|
page read and write
|
||
|
3A3B000
|
trusted library allocation
|
page read and write
|
||
|
3AF3000
|
trusted library allocation
|
page read and write
|
||
|
4FD2000
|
trusted library allocation
|
page read and write
|
||
|
6230000
|
heap
|
page read and write
|
||
|
78E0000
|
trusted library allocation
|
page read and write
|
||
|
66B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F30000
|
heap
|
page execute and read and write
|
||
|
3A31000
|
trusted library allocation
|
page read and write
|
||
|
A4CE000
|
stack
|
page read and write
|
||
|
5480000
|
heap
|
page read and write
|
||
|
2C26000
|
trusted library allocation
|
page read and write
|
||
|
3B24000
|
trusted library allocation
|
page read and write
|
||
|
63EE000
|
stack
|
page read and write
|
||
|
DCA000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A53000
|
trusted library allocation
|
page read and write
|
||
|
5484000
|
heap
|
page read and write
|
||
|
DC2000
|
trusted library allocation
|
page read and write
|
||
|
297E000
|
stack
|
page read and write
|
||
|
62C6000
|
heap
|
page read and write
|
||
|
5210000
|
trusted library allocation
|
page read and write
|
||
|
2A20000
|
heap
|
page read and write
|
||
|
3B7F000
|
trusted library allocation
|
page read and write
|
||
|
62B9000
|
heap
|
page read and write
|
||
|
5310000
|
heap
|
page read and write
|
||
|
29A6000
|
trusted library allocation
|
page read and write
|
||
|
4FA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3D7C000
|
trusted library allocation
|
page read and write
|
||
|
DDB000
|
trusted library allocation
|
page execute and read and write
|
There are 366 hidden memdumps, click here to show them.