Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
EKSTRE_1022.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\ageless\pteropod.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pteropod.vbs
|
data
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_bad_module_info_dcd3242e9fa4189184df4216daa4e4c7cdf1959_85207d7d_fd9f1425-13b6-4093-b395-f2ed7ed28e50\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA3D1.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA401.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\WER9401.tmp.WERDataCollectionStatus.txt
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut4C87.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut5467.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut8A0D.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\selectee
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\EKSTRE_1022.exe
|
"C:\Users\user\Desktop\EKSTRE_1022.exe"
|
|
|
|
C:\Users\user\AppData\Local\ageless\pteropod.exe
|
"C:\Users\user\Desktop\EKSTRE_1022.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Users\user\Desktop\EKSTRE_1022.exe"
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pteropod.vbs"
|
|
|
|
C:\Users\user\AppData\Local\ageless\pteropod.exe
|
"C:\Users\user\AppData\Local\ageless\pteropod.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Users\user\AppData\Local\ageless\pteropod.exe"
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 736 -s 12
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://zqamcx.com
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
http://r11.i.lenc
|
unknown
|
||
|
http://r11.o.lencr.org0#
|
unknown
|
||
|
http://r11.i.lencr.org/0#
|
unknown
|
||
|
http://x1.c.lencr.org/0
|
unknown
|
||
|
http://x1.i.lencr.org/0
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
zqamcx.com
|
78.110.166.82
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
78.110.166.82
|
zqamcx.com
|
United Kingdom
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4130000
|
direct allocation
|
page read and write
|
|
|
|
1030000
|
direct allocation
|
page read and write
|
|
|
|
402000
|
system
|
page execute and read and write
|
|
|
|
322A000
|
trusted library allocation
|
page read and write
|
|
|
|
3200000
|
trusted library allocation
|
page read and write
|
|
|
|
31B1000
|
trusted library allocation
|
page read and write
|
|
|
|
2FD0000
|
heap
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
4CC000
|
stack
|
page read and write
|
||
|
1A99000
|
heap
|
page read and write
|
||
|
6650000
|
trusted library allocation
|
page read and write
|
||
|
156E000
|
stack
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
AFD000
|
unkown
|
page readonly
|
||
|
D3A000
|
stack
|
page read and write
|
||
|
AFD000
|
unkown
|
page readonly
|
||
|
AFD000
|
unkown
|
page readonly
|
||
|
183A000
|
heap
|
page read and write
|
||
|
15A0000
|
heap
|
page execute and read and write
|
||
|
113E000
|
heap
|
page read and write
|
||
|
4439000
|
direct allocation
|
page read and write
|
||
|
3BAD000
|
direct allocation
|
page read and write
|
||
|
4439000
|
direct allocation
|
page read and write
|
||
|
A70000
|
unkown
|
page readonly
|
||
|
1290000
|
trusted library allocation
|
page read and write
|
||
|
1329000
|
heap
|
page execute and read and write
|
||
|
114F000
|
heap
|
page read and write
|
||
|
1A97000
|
heap
|
page read and write
|
||
|
114F000
|
heap
|
page read and write
|
||
|
3A03000
|
direct allocation
|
page read and write
|
||
|
1A97000
|
heap
|
page read and write
|
||
|
4345000
|
trusted library allocation
|
page read and write
|
||
|
2BD28280000
|
heap
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
F7F000
|
stack
|
page read and write
|
||
|
1D2E000
|
stack
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
2ED000
|
unkown
|
page readonly
|
||
|
A70000
|
unkown
|
page readonly
|
||
|
3A03000
|
direct allocation
|
page read and write
|
||
|
89A000
|
stack
|
page read and write
|
||
|
16DF000
|
stack
|
page read and write
|
||
|
6C0D000
|
stack
|
page read and write
|
||
|
113A000
|
heap
|
page read and write
|
||
|
B2A000
|
unkown
|
page write copy
|
||
|
103D000
|
stack
|
page read and write
|
||
|
192E000
|
stack
|
page read and write
|
||
|
31A0000
|
heap
|
page execute and read and write
|
||
|
134E000
|
heap
|
page read and write
|
||
|
30E000
|
unkown
|
page readonly
|
||
|
1A97000
|
heap
|
page read and write
|
||
|
42E3000
|
direct allocation
|
page read and write
|
||
|
324000
|
unkown
|
page readonly
|
||
|
12AE000
|
heap
|
page read and write
|
||
|
443D000
|
direct allocation
|
page read and write
|
||
|
3C1E000
|
direct allocation
|
page read and write
|
||
|
64B0000
|
trusted library allocation
|
page read and write
|
||
|
C819EFE000
|
stack
|
page read and write
|
||
|
6D60000
|
heap
|
page read and write
|
||
|
C819BFF000
|
stack
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
1283000
|
trusted library allocation
|
page execute and read and write
|
||
|
39D0000
|
direct allocation
|
page read and write
|
||
|
12A2000
|
trusted library allocation
|
page read and write
|
||
|
1177000
|
heap
|
page read and write
|
||
|
38E0000
|
direct allocation
|
page read and write
|
||
|
162E000
|
stack
|
page read and write
|
||
|
128D000
|
trusted library allocation
|
page execute and read and write
|
||
|
448D000
|
direct allocation
|
page read and write
|
||
|
1372000
|
heap
|
page read and write
|
||
|
3C1E000
|
direct allocation
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
3C1E000
|
direct allocation
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
3A03000
|
direct allocation
|
page read and write
|
||
|
6B0E000
|
stack
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
A71000
|
unkown
|
page execute read
|
||
|
1875000
|
heap
|
page read and write
|
||
|
1407000
|
heap
|
page read and write
|
||
|
38E0000
|
direct allocation
|
page read and write
|
||
|
190A000
|
heap
|
page read and write
|
||
|
125A000
|
stack
|
page read and write
|
||
|
3A80000
|
direct allocation
|
page read and write
|
||
|
3A7D000
|
direct allocation
|
page read and write
|
||
|
3BAD000
|
direct allocation
|
page read and write
|
||
|
33CF000
|
trusted library allocation
|
page read and write
|
||
|
3BAD000
|
direct allocation
|
page read and write
|
||
|
3BA9000
|
direct allocation
|
page read and write
|
||
|
12D0000
|
trusted library allocation
|
page read and write
|
||
|
33B3000
|
trusted library allocation
|
page read and write
|
||
|
FCF000
|
stack
|
page read and write
|
||
|
1A97000
|
heap
|
page read and write
|
||
|
185B000
|
heap
|
page read and write
|
||
|
FFC000
|
stack
|
page read and write
|
||
|
44AE000
|
direct allocation
|
page read and write
|
||
|
31A000
|
unkown
|
page read and write
|
||
|
11A5000
|
heap
|
page read and write
|
||
|
4293000
|
direct allocation
|
page read and write
|
||
|
19C9000
|
heap
|
page read and write
|
||
|
3BAD000
|
direct allocation
|
page read and write
|
||
|
B67000
|
unkown
|
page readonly
|
||
|
189F000
|
heap
|
page read and write
|
||
|
38E0000
|
direct allocation
|
page read and write
|
||
|
261000
|
unkown
|
page execute read
|
||
|
DEE000
|
stack
|
page read and write
|
||
|
2BD28066000
|
heap
|
page read and write
|
||
|
1D0F000
|
stack
|
page read and write
|
||
|
2F9B000
|
trusted library allocation
|
page read and write
|
||
|
323A000
|
trusted library allocation
|
page read and write
|
||
|
5540000
|
trusted library allocation
|
page read and write
|
||
|
17B0000
|
heap
|
page read and write
|
||
|
1179000
|
heap
|
page read and write
|
||
|
3BA9000
|
direct allocation
|
page read and write
|
||
|
38E0000
|
direct allocation
|
page read and write
|
||
|
38E0000
|
direct allocation
|
page read and write
|
||
|
3375000
|
trusted library allocation
|
page read and write
|
||
|
660E000
|
stack
|
page read and write
|
||
|
2FAA000
|
trusted library allocation
|
page read and write
|
||
|
15D0000
|
heap
|
page read and write
|
||
|
5C10000
|
trusted library allocation
|
page execute and read and write
|
||
|
12A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
3382000
|
trusted library allocation
|
page read and write
|
||
|
11E2000
|
heap
|
page read and write
|
||
|
3A80000
|
direct allocation
|
page read and write
|
||
|
3208000
|
trusted library allocation
|
page read and write
|
||
|
6DA0000
|
heap
|
page read and write
|
||
|
3C1E000
|
direct allocation
|
page read and write
|
||
|
31F000
|
unkown
|
page write copy
|
||
|
1370000
|
heap
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
1A97000
|
heap
|
page read and write
|
||
|
42E3000
|
direct allocation
|
page read and write
|
||
|
1A64000
|
heap
|
page read and write
|
||
|
30E000
|
unkown
|
page readonly
|
||
|
357000
|
unkown
|
page readonly
|
||
|
18A4000
|
heap
|
page read and write
|
||
|
B34000
|
unkown
|
page readonly
|
||
|
576C000
|
stack
|
page read and write
|
||
|
B2F000
|
unkown
|
page write copy
|
||
|
1370000
|
heap
|
page read and write
|
||
|
132E000
|
heap
|
page read and write
|
||
|
7F1C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
341C000
|
trusted library allocation
|
page read and write
|
||
|
64AF000
|
stack
|
page read and write
|
||
|
664E000
|
stack
|
page read and write
|
||
|
186B000
|
heap
|
page read and write
|
||
|
1179000
|
heap
|
page read and write
|
||
|
1194000
|
heap
|
page read and write
|
||
|
1A97000
|
heap
|
page read and write
|
||
|
B1E000
|
unkown
|
page readonly
|
||
|
3C1E000
|
direct allocation
|
page read and write
|
||
|
1875000
|
heap
|
page read and write
|
||
|
6D80000
|
trusted library allocation
|
page execute and read and write
|
||
|
16E0000
|
heap
|
page read and write
|
||
|
C81A0FB000
|
stack
|
page read and write
|
||
|
1874000
|
heap
|
page read and write
|
||
|
B34000
|
unkown
|
page readonly
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
FDB000
|
stack
|
page read and write
|
||
|
1A51000
|
heap
|
page read and write
|
||
|
B67000
|
unkown
|
page readonly
|
||
|
17FE000
|
stack
|
page read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
3A8E000
|
direct allocation
|
page read and write
|
||
|
39C0000
|
heap
|
page read and write
|
||
|
4489000
|
direct allocation
|
page read and write
|
||
|
4170000
|
direct allocation
|
page read and write
|
||
|
99E000
|
stack
|
page read and write
|
||
|
12B0000
|
trusted library allocation
|
page read and write
|
||
|
B34000
|
unkown
|
page readonly
|
||
|
5560000
|
heap
|
page read and write
|
||
|
AFD000
|
unkown
|
page readonly
|
||
|
17A0000
|
heap
|
page read and write
|
||
|
3DEF000
|
stack
|
page read and write
|
||
|
2BD28285000
|
heap
|
page read and write
|
||
|
38E0000
|
direct allocation
|
page read and write
|
||
|
3A80000
|
direct allocation
|
page read and write
|
||
|
443D000
|
direct allocation
|
page read and write
|
||
|
11A8000
|
heap
|
page read and write
|
||
|
113E000
|
stack
|
page read and write
|
||
|
58AF000
|
stack
|
page read and write
|
||
|
44FE000
|
direct allocation
|
page read and write
|
||
|
116D000
|
heap
|
page read and write
|
||
|
3A03000
|
direct allocation
|
page read and write
|
||
|
2BD28030000
|
heap
|
page read and write
|
||
|
4360000
|
direct allocation
|
page read and write
|
||
|
5548000
|
trusted library allocation
|
page read and write
|
||
|
1875000
|
heap
|
page read and write
|
||
|
4489000
|
direct allocation
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
1118000
|
heap
|
page read and write
|
||
|
3C1E000
|
direct allocation
|
page read and write
|
||
|
12B2000
|
trusted library allocation
|
page read and write
|
||
|
C8196FA000
|
stack
|
page read and write
|
||
|
1A50000
|
heap
|
page execute and read and write
|
||
|
FBC000
|
stack
|
page read and write
|
||
|
2BD280C3000
|
heap
|
page read and write
|
||
|
3C1E000
|
direct allocation
|
page read and write
|
||
|
3BA9000
|
direct allocation
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
16C0000
|
heap
|
page read and write
|
||
|
3BA9000
|
direct allocation
|
page read and write
|
||
|
5D9000
|
stack
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
4217000
|
trusted library allocation
|
page read and write
|
||
|
B67000
|
unkown
|
page readonly
|
||
|
135C000
|
stack
|
page read and write
|
||
|
11E1000
|
heap
|
page read and write
|
||
|
3A80000
|
direct allocation
|
page read and write
|
||
|
2BD28220000
|
heap
|
page read and write
|
||
|
3C1E000
|
direct allocation
|
page read and write
|
||
|
5570000
|
heap
|
page read and write
|
||
|
1A97000
|
heap
|
page read and write
|
||
|
C8198FE000
|
stack
|
page read and write
|
||
|
1A97000
|
heap
|
page read and write
|
||
|
3417000
|
trusted library allocation
|
page read and write
|
||
|
41C0000
|
direct allocation
|
page read and write
|
||
|
4293000
|
direct allocation
|
page read and write
|
||
|
2BD2828E000
|
heap
|
page read and write
|
||
|
2F90000
|
trusted library allocation
|
page read and write
|
||
|
33B1000
|
trusted library allocation
|
page read and write
|
||
|
3422000
|
trusted library allocation
|
page read and write
|
||
|
640D000
|
stack
|
page read and write
|
||
|
3BA9000
|
direct allocation
|
page read and write
|
||
|
12AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
10F8000
|
stack
|
page read and write
|
||
|
1395000
|
heap
|
page read and write
|
||
|
115D000
|
heap
|
page read and write
|
||
|
4439000
|
direct allocation
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
698E000
|
stack
|
page read and write
|
||
|
3BA9000
|
direct allocation
|
page read and write
|
||
|
1177000
|
heap
|
page read and write
|
||
|
B2F000
|
unkown
|
page write copy
|
||
|
C819DFD000
|
stack
|
page read and write
|
||
|
31FE000
|
trusted library allocation
|
page read and write
|
||
|
144F000
|
heap
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
F8B000
|
stack
|
page read and write
|
||
|
1A51000
|
heap
|
page read and write
|
||
|
13A1000
|
heap
|
page read and write
|
||
|
41D9000
|
trusted library allocation
|
page read and write
|
||
|
FAC000
|
stack
|
page read and write
|
||
|
3BA9000
|
direct allocation
|
page read and write
|
||
|
6410000
|
trusted library allocation
|
page read and write
|
||
|
6D4E000
|
stack
|
page read and write
|
||
|
1201000
|
heap
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
1909000
|
heap
|
page read and write
|
||
|
443D000
|
direct allocation
|
page read and write
|
||
|
357000
|
unkown
|
page readonly
|
||
|
340F000
|
trusted library allocation
|
page read and write
|
||
|
1875000
|
heap
|
page read and write
|
||
|
39E4000
|
heap
|
page read and write
|
||
|
1830000
|
heap
|
page read and write
|
||
|
1ED0000
|
heap
|
page read and write
|
||
|
132A000
|
heap
|
page read and write
|
||
|
129D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1284000
|
trusted library allocation
|
page read and write
|
||
|
B67000
|
unkown
|
page readonly
|
||
|
132A000
|
heap
|
page read and write
|
||
|
1375000
|
heap
|
page read and write
|
||
|
120C000
|
heap
|
page read and write
|
||
|
1280000
|
trusted library allocation
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
114F000
|
heap
|
page read and write
|
||
|
324000
|
unkown
|
page readonly
|
||
|
44FE000
|
direct allocation
|
page read and write
|
||
|
4310000
|
direct allocation
|
page read and write
|
||
|
2BD27FA0000
|
heap
|
page read and write
|
||
|
260000
|
unkown
|
page readonly
|
||
|
114F000
|
heap
|
page read and write
|
||
|
2BD27FD0000
|
heap
|
page read and write
|
||
|
12A0000
|
trusted library allocation
|
page read and write
|
||
|
4310000
|
direct allocation
|
page read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
190E000
|
stack
|
page read and write
|
||
|
5580000
|
heap
|
page read and write
|
||
|
1A97000
|
heap
|
page read and write
|
||
|
342A000
|
trusted library allocation
|
page read and write
|
||
|
187F000
|
heap
|
page read and write
|
||
|
3AC2000
|
direct allocation
|
page read and write
|
||
|
41C0000
|
direct allocation
|
page read and write
|
||
|
3A80000
|
direct allocation
|
page read and write
|
||
|
B1E000
|
unkown
|
page readonly
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
B1E000
|
unkown
|
page readonly
|
||
|
57AE000
|
stack
|
page read and write
|
||
|
1A97000
|
heap
|
page read and write
|
||
|
1A97000
|
heap
|
page read and write
|
||
|
1590000
|
trusted library allocation
|
page read and write
|
||
|
1A97000
|
heap
|
page read and write
|
||
|
12B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2100000
|
heap
|
page read and write
|
||
|
3A03000
|
direct allocation
|
page read and write
|
||
|
5BF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4310000
|
direct allocation
|
page read and write
|
||
|
A70000
|
unkown
|
page readonly
|
||
|
694E000
|
stack
|
page read and write
|
||
|
1A97000
|
heap
|
page read and write
|
||
|
2F8E000
|
stack
|
page read and write
|
||
|
107E000
|
stack
|
page read and write
|
||
|
1A97000
|
heap
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
4170000
|
direct allocation
|
page read and write
|
||
|
3BAD000
|
direct allocation
|
page read and write
|
||
|
A34000
|
heap
|
page read and write
|
||
|
134D000
|
heap
|
page execute and read and write
|
||
|
1A55000
|
heap
|
page read and write
|
||
|
3A03000
|
direct allocation
|
page read and write
|
||
|
11E1000
|
heap
|
page read and write
|
||
|
2FBD000
|
trusted library allocation
|
page read and write
|
||
|
552C000
|
stack
|
page read and write
|
||
|
3217000
|
trusted library allocation
|
page read and write
|
||
|
1A97000
|
heap
|
page read and write
|
||
|
39E0000
|
heap
|
page read and write
|
||
|
44AE000
|
direct allocation
|
page read and write
|
||
|
4360000
|
direct allocation
|
page read and write
|
||
|
134E000
|
heap
|
page read and write
|
||
|
A71000
|
unkown
|
page execute read
|
||
|
2FAE000
|
trusted library allocation
|
page read and write
|
||
|
5590000
|
heap
|
page read and write
|
||
|
1143000
|
heap
|
page read and write
|
||
|
3A03000
|
direct allocation
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
5563000
|
heap
|
page read and write
|
||
|
4170000
|
direct allocation
|
page read and write
|
||
|
3684000
|
heap
|
page read and write
|
||
|
3620000
|
direct allocation
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
317E000
|
stack
|
page read and write
|
||
|
12B5000
|
trusted library allocation
|
page execute and read and write
|
||
|
163B000
|
stack
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
C8197FE000
|
stack
|
page read and write
|
||
|
4360000
|
direct allocation
|
page read and write
|
||
|
83D000
|
system
|
page execute and read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
B2A000
|
unkown
|
page write copy
|
||
|
B1E000
|
unkown
|
page readonly
|
||
|
3BA9000
|
direct allocation
|
page read and write
|
||
|
2BD28094000
|
heap
|
page read and write
|
||
|
C819FFE000
|
stack
|
page read and write
|
||
|
3BAD000
|
direct allocation
|
page read and write
|
||
|
33A4000
|
trusted library allocation
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
F6C000
|
stack
|
page read and write
|
||
|
A71000
|
unkown
|
page execute read
|
||
|
1370000
|
heap
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
1352000
|
heap
|
page read and write
|
||
|
117E000
|
heap
|
page read and write
|
||
|
134E000
|
heap
|
page read and write
|
||
|
4293000
|
direct allocation
|
page read and write
|
||
|
3432000
|
trusted library allocation
|
page read and write
|
||
|
448D000
|
direct allocation
|
page read and write
|
||
|
555C000
|
trusted library allocation
|
page read and write
|
||
|
B2A000
|
unkown
|
page read and write
|
||
|
13A6000
|
heap
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
2FB6000
|
trusted library allocation
|
page read and write
|
||
|
B34000
|
unkown
|
page readonly
|
||
|
3427000
|
trusted library allocation
|
page read and write
|
||
|
B2A000
|
unkown
|
page read and write
|
||
|
2ED000
|
unkown
|
page readonly
|
||
|
3A80000
|
direct allocation
|
page read and write
|
||
|
183E000
|
heap
|
page read and write
|
||
|
5550000
|
trusted library allocation
|
page read and write
|
||
|
5BE6000
|
trusted library allocation
|
page read and write
|
||
|
165C000
|
stack
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
448D000
|
direct allocation
|
page read and write
|
||
|
38E0000
|
direct allocation
|
page read and write
|
||
|
120B000
|
heap
|
page read and write
|
||
|
12BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
31A000
|
unkown
|
page write copy
|
||
|
1909000
|
heap
|
page read and write
|
||
|
3BAD000
|
direct allocation
|
page read and write
|
||
|
38E0000
|
direct allocation
|
page read and write
|
||
|
2FE8000
|
trusted library allocation
|
page read and write
|
||
|
64B8000
|
trusted library allocation
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
138F000
|
heap
|
page read and write
|
||
|
3A03000
|
direct allocation
|
page read and write
|
||
|
3A80000
|
direct allocation
|
page read and write
|
||
|
1435000
|
heap
|
page read and write
|
||
|
5573000
|
heap
|
page read and write
|
||
|
3A80000
|
direct allocation
|
page read and write
|
||
|
42E3000
|
direct allocation
|
page read and write
|
||
|
A71000
|
unkown
|
page execute read
|
||
|
680E000
|
stack
|
page read and write
|
||
|
131E000
|
stack
|
page read and write
|
||
|
11A1000
|
heap
|
page read and write
|
||
|
2FB1000
|
trusted library allocation
|
page read and write
|
||
|
41C0000
|
direct allocation
|
page read and write
|
||
|
33CD000
|
trusted library allocation
|
page read and write
|
||
|
41B1000
|
trusted library allocation
|
page read and write
|
||
|
2BD27FB0000
|
heap
|
page read and write
|
||
|
1352000
|
heap
|
page read and write
|
||
|
1190000
|
trusted library allocation
|
page read and write
|
||
|
3BAD000
|
direct allocation
|
page read and write
|
||
|
202F000
|
stack
|
page read and write
|
||
|
132A000
|
heap
|
page read and write
|
||
|
6C4E000
|
stack
|
page read and write
|
||
|
3600000
|
heap
|
page read and write
|
||
|
1361000
|
heap
|
page read and write
|
||
|
690E000
|
stack
|
page read and write
|
||
|
4489000
|
direct allocation
|
page read and write
|
||
|
1A51000
|
heap
|
page read and write
|
||
|
3680000
|
heap
|
page read and write
|
||
|
3225000
|
trusted library allocation
|
page read and write
|
||
|
206E000
|
stack
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
F9F000
|
stack
|
page read and write
|
||
|
3221000
|
trusted library allocation
|
page read and write
|
||
|
2BD2828C000
|
heap
|
page read and write
|
||
|
1378000
|
heap
|
page read and write
|
||
|
3231000
|
trusted library allocation
|
page read and write
|
||
|
13E2000
|
heap
|
page read and write
|
||
|
2F96000
|
trusted library allocation
|
page read and write
|
||
|
44FE000
|
direct allocation
|
page read and write
|
||
|
4170000
|
direct allocation
|
page read and write
|
||
|
44AE000
|
direct allocation
|
page read and write
|
||
|
5BE0000
|
trusted library allocation
|
page read and write
|
||
|
18BB000
|
heap
|
page read and write
|
||
|
161C000
|
stack
|
page read and write
|
||
|
1A9B000
|
heap
|
page read and write
|
||
|
340B000
|
trusted library allocation
|
page read and write
|
||
|
3436000
|
trusted library allocation
|
page read and write
|
||
|
114B000
|
heap
|
page read and write
|
||
|
260000
|
unkown
|
page readonly
|
||
|
1580000
|
trusted library allocation
|
page read and write
|
||
|
5BD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
120B000
|
heap
|
page read and write
|
||
|
1133000
|
heap
|
page read and write
|
||
|
64C0000
|
trusted library allocation
|
page read and write
|
||
|
1179000
|
heap
|
page read and write
|
||
|
64D0000
|
heap
|
page read and write
|
||
|
15B0000
|
trusted library allocation
|
page read and write
|
||
|
A70000
|
unkown
|
page readonly
|
||
|
2FA2000
|
trusted library allocation
|
page read and write
|
||
|
2F9E000
|
trusted library allocation
|
page read and write
|
||
|
13A9000
|
heap
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
1360000
|
trusted library allocation
|
page execute and read and write
|
||
|
C819AFF000
|
stack
|
page read and write
|
||
|
9DE000
|
stack
|
page read and write
|
||
|
261000
|
unkown
|
page execute read
|
There are 439 hidden memdumps, click here to show them.