Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
PO#8329837372938383839238PDF.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SupportsDynamicPartitions.vbs
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\SupportsDynamicPartitions.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\SupportsDynamicPartitions.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
modified
|
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\PO#8329837372938383839238PDF.exe
|
"C:\Users\user\Desktop\PO#8329837372938383839238PDF.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe"
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 4140 -s 904
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
nwamama.ydns.eu
|
|
||
|
https://github.com/mgravell/protobuf-net
|
unknown
|
||
|
https://sierrassinfinusadas.com.ar/rindasq/Karjsfww.vdf
|
167.250.5.91
|
||
|
https://github.com/mgravell/protobuf-neti
|
unknown
|
||
|
https://stackoverflow.com/q/14436606/23354
|
unknown
|
||
|
https://github.com/mgravell/protobuf-netJ
|
unknown
|
||
|
https://sierrassinfinusadas.com.ar
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://stackoverflow.com/q/11564914/23354;
|
unknown
|
||
|
https://stackoverflow.com/q/2152978/23354
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
sierrassinfinusadas.com.ar
|
167.250.5.91
|
||
|
ax-0001.ax-msedge.net
|
150.171.27.10
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
167.250.5.91
|
sierrassinfinusadas.com.ar
|
Argentina
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\PO#8329837372938383839238PDF_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\PO#8329837372938383839238PDF_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\PO#8329837372938383839238PDF_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\PO#8329837372938383839238PDF_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\PO#8329837372938383839238PDF_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\PO#8329837372938383839238PDF_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\PO#8329837372938383839238PDF_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\PO#8329837372938383839238PDF_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\PO#8329837372938383839238PDF_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\PO#8329837372938383839238PDF_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\PO#8329837372938383839238PDF_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\PO#8329837372938383839238PDF_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\PO#8329837372938383839238PDF_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\PO#8329837372938383839238PDF_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
732000
|
remote allocation
|
page execute and read and write
|
|
|
|
4381000
|
trusted library allocation
|
page read and write
|
|
|
|
3752000
|
trusted library allocation
|
page read and write
|
|
|
|
74D0000
|
trusted library section
|
page read and write
|
|
|
|
254D000
|
stack
|
page read and write
|
||
|
7EE2000
|
heap
|
page read and write
|
||
|
511F000
|
stack
|
page read and write
|
||
|
702E000
|
stack
|
page read and write
|
||
|
3B88000
|
trusted library allocation
|
page read and write
|
||
|
17AD000
|
stack
|
page read and write
|
||
|
4B80000
|
heap
|
page read and write
|
||
|
11A7000
|
stack
|
page read and write
|
||
|
3899000
|
trusted library allocation
|
page read and write
|
||
|
4CB0000
|
heap
|
page read and write
|
||
|
38E4000
|
trusted library allocation
|
page read and write
|
||
|
3C87000
|
trusted library allocation
|
page read and write
|
||
|
39C6000
|
trusted library allocation
|
page read and write
|
||
|
7140000
|
trusted library section
|
page read and write
|
||
|
5C1F000
|
stack
|
page read and write
|
||
|
38B8000
|
trusted library allocation
|
page read and write
|
||
|
390B000
|
trusted library allocation
|
page read and write
|
||
|
38B6000
|
trusted library allocation
|
page read and write
|
||
|
38B0000
|
trusted library allocation
|
page read and write
|
||
|
3740000
|
trusted library allocation
|
page read and write
|
||
|
3BD9000
|
trusted library allocation
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
386A000
|
trusted library allocation
|
page read and write
|
||
|
3ACA000
|
trusted library allocation
|
page read and write
|
||
|
3C55000
|
trusted library allocation
|
page read and write
|
||
|
3C8D000
|
trusted library allocation
|
page read and write
|
||
|
3B17000
|
trusted library allocation
|
page read and write
|
||
|
3B69000
|
trusted library allocation
|
page read and write
|
||
|
521E000
|
stack
|
page read and write
|
||
|
6C6E000
|
stack
|
page read and write
|
||
|
3BA1000
|
trusted library allocation
|
page read and write
|
||
|
3903000
|
trusted library allocation
|
page read and write
|
||
|
3C3A000
|
trusted library allocation
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
3B52000
|
trusted library allocation
|
page read and write
|
||
|
312E000
|
stack
|
page read and write
|
||
|
3C04000
|
trusted library allocation
|
page read and write
|
||
|
394E000
|
trusted library allocation
|
page read and write
|
||
|
39B1000
|
trusted library allocation
|
page read and write
|
||
|
69D0000
|
heap
|
page read and write
|
||
|
250E000
|
stack
|
page read and write
|
||
|
176F000
|
stack
|
page read and write
|
||
|
3B54000
|
trusted library allocation
|
page read and write
|
||
|
A5F000
|
heap
|
page read and write
|
||
|
3B58000
|
trusted library allocation
|
page read and write
|
||
|
3AAF000
|
trusted library allocation
|
page read and write
|
||
|
3A74000
|
trusted library allocation
|
page read and write
|
||
|
3C4D000
|
trusted library allocation
|
page read and write
|
||
|
3A0A000
|
trusted library allocation
|
page read and write
|
||
|
3AB2000
|
trusted library allocation
|
page read and write
|
||
|
3C51000
|
trusted library allocation
|
page read and write
|
||
|
5C5D000
|
stack
|
page read and write
|
||
|
3BC0000
|
trusted library allocation
|
page read and write
|
||
|
153E000
|
heap
|
page read and write
|
||
|
9C8000
|
heap
|
page read and write
|
||
|
6FED000
|
stack
|
page read and write
|
||
|
3CFF000
|
trusted library allocation
|
page read and write
|
||
|
3C02000
|
trusted library allocation
|
page read and write
|
||
|
3922000
|
trusted library allocation
|
page read and write
|
||
|
3996000
|
trusted library allocation
|
page read and write
|
||
|
3B77000
|
trusted library allocation
|
page read and write
|
||
|
72B1000
|
trusted library allocation
|
page read and write
|
||
|
3B1D000
|
trusted library allocation
|
page read and write
|
||
|
3CA2000
|
trusted library allocation
|
page read and write
|
||
|
30E0000
|
trusted library allocation
|
page read and write
|
||
|
258E000
|
stack
|
page read and write
|
||
|
3C57000
|
trusted library allocation
|
page read and write
|
||
|
60EE000
|
stack
|
page read and write
|
||
|
7450000
|
trusted library allocation
|
page execute and read and write
|
||
|
69D2000
|
heap
|
page read and write
|
||
|
3A5B000
|
trusted library allocation
|
page read and write
|
||
|
3CA0000
|
trusted library allocation
|
page read and write
|
||
|
7EA8000
|
heap
|
page read and write
|
||
|
3C15000
|
trusted library allocation
|
page read and write
|
||
|
3D4C000
|
trusted library allocation
|
page read and write
|
||
|
3C3C000
|
trusted library allocation
|
page read and write
|
||
|
33E6000
|
trusted library allocation
|
page read and write
|
||
|
3C98000
|
trusted library allocation
|
page read and write
|
||
|
391C000
|
trusted library allocation
|
page read and write
|
||
|
7530000
|
trusted library allocation
|
page execute and read and write
|
||
|
3D6B000
|
trusted library allocation
|
page read and write
|
||
|
72C7000
|
trusted library allocation
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
2590000
|
heap
|
page execute and read and write
|
||
|
3D4E000
|
trusted library allocation
|
page read and write
|
||
|
3A55000
|
trusted library allocation
|
page read and write
|
||
|
38EE000
|
trusted library allocation
|
page read and write
|
||
|
3D16000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
unkown
|
page readonly
|
||
|
397D000
|
trusted library allocation
|
page read and write
|
||
|
30B2000
|
trusted library allocation
|
page read and write
|
||
|
38BA000
|
trusted library allocation
|
page read and write
|
||
|
3B07000
|
trusted library allocation
|
page read and write
|
||
|
26B7000
|
trusted library allocation
|
page read and write
|
||
|
1566000
|
heap
|
page read and write
|
||
|
CE5000
|
trusted library allocation
|
page read and write
|
||
|
3B8A000
|
trusted library allocation
|
page read and write
|
||
|
3B11000
|
trusted library allocation
|
page read and write
|
||
|
38FF000
|
trusted library allocation
|
page read and write
|
||
|
3C9C000
|
trusted library allocation
|
page read and write
|
||
|
3B61000
|
trusted library allocation
|
page read and write
|
||
|
3B71000
|
trusted library allocation
|
page read and write
|
||
|
1A60000
|
trusted library allocation
|
page read and write
|
||
|
38F9000
|
trusted library allocation
|
page read and write
|
||
|
3D44000
|
trusted library allocation
|
page read and write
|
||
|
3B75000
|
trusted library allocation
|
page read and write
|
||
|
3BC2000
|
trusted library allocation
|
page read and write
|
||
|
356F000
|
trusted library allocation
|
page read and write
|
||
|
3D01000
|
trusted library allocation
|
page read and write
|
||
|
395C000
|
trusted library allocation
|
page read and write
|
||
|
3B56000
|
trusted library allocation
|
page read and write
|
||
|
3C7F000
|
trusted library allocation
|
page read and write
|
||
|
1500000
|
heap
|
page read and write
|
||
|
3994000
|
trusted library allocation
|
page read and write
|
||
|
38B4000
|
trusted library allocation
|
page read and write
|
||
|
30A0000
|
trusted library allocation
|
page read and write
|
||
|
39CE000
|
trusted library allocation
|
page read and write
|
||
|
6B1D000
|
stack
|
page read and write
|
||
|
6C20000
|
heap
|
page read and write
|
||
|
7295000
|
trusted library allocation
|
page read and write
|
||
|
3BA3000
|
trusted library allocation
|
page read and write
|
||
|
6A87000
|
heap
|
page read and write
|
||
|
3AF0000
|
trusted library allocation
|
page read and write
|
||
|
3B6D000
|
trusted library allocation
|
page read and write
|
||
|
3BC6000
|
trusted library allocation
|
page read and write
|
||
|
3B84000
|
trusted library allocation
|
page read and write
|
||
|
5B1E000
|
stack
|
page read and write
|
||
|
5E1E000
|
stack
|
page read and write
|
||
|
30C2000
|
trusted library allocation
|
page read and write
|
||
|
3C06000
|
trusted library allocation
|
page read and write
|
||
|
30B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
386C000
|
trusted library allocation
|
page read and write
|
||
|
3D1E000
|
trusted library allocation
|
page read and write
|
||
|
3B34000
|
trusted library allocation
|
page read and write
|
||
|
3B1B000
|
trusted library allocation
|
page read and write
|
||
|
3BF4000
|
trusted library allocation
|
page read and write
|
||
|
17B0000
|
heap
|
page read and write
|
||
|
6EED000
|
stack
|
page read and write
|
||
|
3B50000
|
trusted library allocation
|
page read and write
|
||
|
6EAD000
|
stack
|
page read and write
|
||
|
3C76000
|
trusted library allocation
|
page read and write
|
||
|
3A23000
|
trusted library allocation
|
page read and write
|
||
|
83D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5C9F000
|
stack
|
page read and write
|
||
|
3ADD000
|
trusted library allocation
|
page read and write
|
||
|
3350000
|
trusted library allocation
|
page read and write
|
||
|
3CC6000
|
trusted library allocation
|
page read and write
|
||
|
3A10000
|
trusted library allocation
|
page read and write
|
||
|
3AC8000
|
trusted library allocation
|
page read and write
|
||
|
3B5B000
|
trusted library allocation
|
page read and write
|
||
|
3C9E000
|
trusted library allocation
|
page read and write
|
||
|
7590000
|
trusted library allocation
|
page execute and read and write
|
||
|
672E000
|
stack
|
page read and write
|
||
|
3CFB000
|
trusted library allocation
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
775E000
|
stack
|
page read and write
|
||
|
9FA000
|
heap
|
page read and write
|
||
|
7610000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A12000
|
trusted library allocation
|
page read and write
|
||
|
3BA8000
|
trusted library allocation
|
page read and write
|
||
|
39CA000
|
trusted library allocation
|
page read and write
|
||
|
3A3C000
|
trusted library allocation
|
page read and write
|
||
|
7540000
|
trusted library allocation
|
page read and write
|
||
|
3BDD000
|
trusted library allocation
|
page read and write
|
||
|
9F2000
|
heap
|
page read and write
|
||
|
7250000
|
trusted library allocation
|
page read and write
|
||
|
D10000
|
remote allocation
|
page read and write
|
||
|
3C74000
|
trusted library allocation
|
page read and write
|
||
|
3A7E000
|
trusted library allocation
|
page read and write
|
||
|
1A77000
|
heap
|
page read and write
|
||
|
7560000
|
trusted library allocation
|
page read and write
|
||
|
38D4000
|
trusted library allocation
|
page read and write
|
||
|
374E000
|
trusted library allocation
|
page read and write
|
||
|
3CC8000
|
trusted library allocation
|
page read and write
|
||
|
7E40000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A44000
|
trusted library allocation
|
page read and write
|
||
|
3A2B000
|
trusted library allocation
|
page read and write
|
||
|
38E2000
|
trusted library allocation
|
page read and write
|
||
|
39A3000
|
trusted library allocation
|
page read and write
|
||
|
3A53000
|
trusted library allocation
|
page read and write
|
||
|
586E000
|
stack
|
page read and write
|
||
|
3CF5000
|
trusted library allocation
|
page read and write
|
||
|
7580000
|
trusted library allocation
|
page execute and read and write
|
||
|
389F000
|
trusted library allocation
|
page read and write
|
||
|
6A29000
|
heap
|
page read and write
|
||
|
64ED000
|
stack
|
page read and write
|
||
|
385E000
|
trusted library allocation
|
page read and write
|
||
|
3D6D000
|
trusted library allocation
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page execute and read and write
|
||
|
5910000
|
heap
|
page execute and read and write
|
||
|
3992000
|
trusted library allocation
|
page read and write
|
||
|
15C9000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
38EC000
|
trusted library allocation
|
page read and write
|
||
|
3C89000
|
trusted library allocation
|
page read and write
|
||
|
3B19000
|
trusted library allocation
|
page read and write
|
||
|
3B9F000
|
trusted library allocation
|
page read and write
|
||
|
39AB000
|
trusted library allocation
|
page read and write
|
||
|
3ADF000
|
trusted library allocation
|
page read and write
|
||
|
3C4B000
|
trusted library allocation
|
page read and write
|
||
|
393D000
|
trusted library allocation
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
38F0000
|
trusted library allocation
|
page read and write
|
||
|
3BBA000
|
trusted library allocation
|
page read and write
|
||
|
7340000
|
trusted library allocation
|
page read and write
|
||
|
3BCD000
|
trusted library allocation
|
page read and write
|
||
|
3CBB000
|
trusted library allocation
|
page read and write
|
||
|
3BC4000
|
trusted library allocation
|
page read and write
|
||
|
3AC2000
|
trusted library allocation
|
page read and write
|
||
|
3D14000
|
trusted library allocation
|
page read and write
|
||
|
960000
|
trusted library allocation
|
page read and write
|
||
|
3BDB000
|
trusted library allocation
|
page read and write
|
||
|
3D61000
|
trusted library allocation
|
page read and write
|
||
|
845000
|
heap
|
page read and write
|
||
|
3AF8000
|
trusted library allocation
|
page read and write
|
||
|
531F000
|
stack
|
page read and write
|
||
|
30C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
3AAB000
|
trusted library allocation
|
page read and write
|
||
|
39F7000
|
trusted library allocation
|
page read and write
|
||
|
3C53000
|
trusted library allocation
|
page read and write
|
||
|
3C25000
|
trusted library allocation
|
page read and write
|
||
|
398C000
|
trusted library allocation
|
page read and write
|
||
|
39B3000
|
trusted library allocation
|
page read and write
|
||
|
820000
|
trusted library allocation
|
page read and write
|
||
|
3901000
|
trusted library allocation
|
page read and write
|
||
|
30AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
58AE000
|
stack
|
page read and write
|
||
|
3CBF000
|
trusted library allocation
|
page read and write
|
||
|
3138000
|
trusted library allocation
|
page read and write
|
||
|
3B05000
|
trusted library allocation
|
page read and write
|
||
|
3B6B000
|
trusted library allocation
|
page read and write
|
||
|
5FED000
|
stack
|
page read and write
|
||
|
3A64000
|
trusted library allocation
|
page read and write
|
||
|
11F5000
|
heap
|
page read and write
|
||
|
3D42000
|
trusted library allocation
|
page read and write
|
||
|
3C4F000
|
trusted library allocation
|
page read and write
|
||
|
3D46000
|
trusted library allocation
|
page read and write
|
||
|
3AFF000
|
trusted library allocation
|
page read and write
|
||
|
3B9D000
|
trusted library allocation
|
page read and write
|
||
|
3C19000
|
trusted library allocation
|
page read and write
|
||
|
3D6F000
|
trusted library allocation
|
page read and write
|
||
|
3CB5000
|
trusted library allocation
|
page read and write
|
||
|
3A5F000
|
trusted library allocation
|
page read and write
|
||
|
626D000
|
stack
|
page read and write
|
||
|
4D3E000
|
stack
|
page read and write
|
||
|
754D000
|
trusted library allocation
|
page read and write
|
||
|
38F7000
|
trusted library allocation
|
page read and write
|
||
|
3D1C000
|
trusted library allocation
|
page read and write
|
||
|
399B000
|
trusted library allocation
|
page read and write
|
||
|
3CD4000
|
trusted library allocation
|
page read and write
|
||
|
3943000
|
trusted library allocation
|
page read and write
|
||
|
30BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1530000
|
heap
|
page read and write
|
||
|
3857000
|
trusted library allocation
|
page read and write
|
||
|
372A000
|
trusted library allocation
|
page read and write
|
||
|
3AC0000
|
trusted library allocation
|
page read and write
|
||
|
385C000
|
trusted library allocation
|
page read and write
|
||
|
3A42000
|
trusted library allocation
|
page read and write
|
||
|
3ACC000
|
trusted library allocation
|
page read and write
|
||
|
3A61000
|
trusted library allocation
|
page read and write
|
||
|
3D69000
|
trusted library allocation
|
page read and write
|
||
|
39AF000
|
trusted library allocation
|
page read and write
|
||
|
FE2000
|
unkown
|
page readonly
|
||
|
3A7A000
|
trusted library allocation
|
page read and write
|
||
|
15F8000
|
heap
|
page read and write
|
||
|
3B2E000
|
trusted library allocation
|
page read and write
|
||
|
3BFE000
|
trusted library allocation
|
page read and write
|
||
|
391E000
|
trusted library allocation
|
page read and write
|
||
|
3A83000
|
trusted library allocation
|
page read and write
|
||
|
3FB000
|
stack
|
page read and write
|
||
|
7230000
|
trusted library allocation
|
page read and write
|
||
|
3A2D000
|
trusted library allocation
|
page read and write
|
||
|
57D0000
|
trusted library allocation
|
page read and write
|
||
|
A4B000
|
heap
|
page read and write
|
||
|
17B7000
|
heap
|
page read and write
|
||
|
3C81000
|
trusted library allocation
|
page read and write
|
||
|
3C6C000
|
trusted library allocation
|
page read and write
|
||
|
69CC000
|
stack
|
page read and write
|
||
|
3B90000
|
trusted library allocation
|
page read and write
|
||
|
39F3000
|
trusted library allocation
|
page read and write
|
||
|
39F5000
|
trusted library allocation
|
page read and write
|
||
|
6A19000
|
heap
|
page read and write
|
||
|
3C5A000
|
trusted library allocation
|
page read and write
|
||
|
3D03000
|
trusted library allocation
|
page read and write
|
||
|
3D2D000
|
trusted library allocation
|
page read and write
|
||
|
39D2000
|
trusted library allocation
|
page read and write
|
||
|
65EC000
|
stack
|
page read and write
|
||
|
3CAB000
|
trusted library allocation
|
page read and write
|
||
|
3BB8000
|
trusted library allocation
|
page read and write
|
||
|
5DD9000
|
stack
|
page read and write
|
||
|
64AC000
|
stack
|
page read and write
|
||
|
3A40000
|
trusted library allocation
|
page read and write
|
||
|
3B0D000
|
trusted library allocation
|
page read and write
|
||
|
CC0000
|
trusted library allocation
|
page read and write
|
||
|
396F000
|
trusted library allocation
|
page read and write
|
||
|
3A46000
|
trusted library allocation
|
page read and write
|
||
|
3945000
|
trusted library allocation
|
page read and write
|
||
|
463E000
|
trusted library allocation
|
page read and write
|
||
|
3C21000
|
trusted library allocation
|
page read and write
|
||
|
3C0C000
|
trusted library allocation
|
page read and write
|
||
|
3B15000
|
trusted library allocation
|
page read and write
|
||
|
34AD000
|
trusted library allocation
|
page read and write
|
||
|
3C6A000
|
trusted library allocation
|
page read and write
|
||
|
39F9000
|
trusted library allocation
|
page read and write
|
||
|
38CD000
|
trusted library allocation
|
page read and write
|
||
|
39A5000
|
trusted library allocation
|
page read and write
|
||
|
3330000
|
heap
|
page read and write
|
||
|
678D000
|
stack
|
page read and write
|
||
|
68CD000
|
stack
|
page read and write
|
||
|
3895000
|
trusted library allocation
|
page read and write
|
||
|
97A000
|
trusted library allocation
|
page execute and read and write
|
||
|
3B0F000
|
trusted library allocation
|
page read and write
|
||
|
33B2000
|
trusted library allocation
|
page read and write
|
||
|
3090000
|
trusted library allocation
|
page read and write
|
||
|
3B30000
|
trusted library allocation
|
page read and write
|
||
|
3BD5000
|
trusted library allocation
|
page read and write
|
||
|
3A76000
|
trusted library allocation
|
page read and write
|
||
|
582E000
|
stack
|
page read and write
|
||
|
398A000
|
trusted library allocation
|
page read and write
|
||
|
3960000
|
trusted library allocation
|
page read and write
|
||
|
38D2000
|
trusted library allocation
|
page read and write
|
||
|
3979000
|
trusted library allocation
|
page read and write
|
||
|
6A9D000
|
heap
|
page read and write
|
||
|
3BD7000
|
trusted library allocation
|
page read and write
|
||
|
395E000
|
trusted library allocation
|
page read and write
|
||
|
6F7000
|
stack
|
page read and write
|
||
|
A07000
|
heap
|
page read and write
|
||
|
7320000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A0E000
|
trusted library allocation
|
page read and write
|
||
|
63AC000
|
stack
|
page read and write
|
||
|
3AC4000
|
trusted library allocation
|
page read and write
|
||
|
3D67000
|
trusted library allocation
|
page read and write
|
||
|
3C85000
|
trusted library allocation
|
page read and write
|
||
|
3AFA000
|
trusted library allocation
|
page read and write
|
||
|
3A78000
|
trusted library allocation
|
page read and write
|
||
|
98B000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C0A000
|
trusted library allocation
|
page read and write
|
||
|
331E000
|
stack
|
page read and write
|
||
|
389B000
|
trusted library allocation
|
page read and write
|
||
|
320C000
|
stack
|
page read and write
|
||
|
CE0000
|
trusted library allocation
|
page read and write
|
||
|
547E000
|
stack
|
page read and write
|
||
|
976000
|
trusted library allocation
|
page execute and read and write
|
||
|
3909000
|
trusted library allocation
|
page read and write
|
||
|
3897000
|
trusted library allocation
|
page read and write
|
||
|
3D51000
|
trusted library allocation
|
page read and write
|
||
|
394B000
|
trusted library allocation
|
page read and write
|
||
|
3977000
|
trusted library allocation
|
page read and write
|
||
|
834000
|
trusted library allocation
|
page read and write
|
||
|
4ED0000
|
heap
|
page execute and read and write
|
||
|
3CA8000
|
trusted library allocation
|
page read and write
|
||
|
39C4000
|
trusted library allocation
|
page read and write
|
||
|
3A21000
|
trusted library allocation
|
page read and write
|
||
|
73C000
|
remote allocation
|
page execute and read and write
|
||
|
75B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3B99000
|
trusted library allocation
|
page read and write
|
||
|
622E000
|
stack
|
page read and write
|
||
|
7400000
|
trusted library section
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
3ADB000
|
trusted library allocation
|
page read and write
|
||
|
3A57000
|
trusted library allocation
|
page read and write
|
||
|
18BF000
|
stack
|
page read and write
|
||
|
398E000
|
trusted library allocation
|
page read and write
|
||
|
3BB0000
|
trusted library allocation
|
page read and write
|
||
|
3CB9000
|
trusted library allocation
|
page read and write
|
||
|
3AD9000
|
trusted library allocation
|
page read and write
|
||
|
36A1000
|
trusted library allocation
|
page read and write
|
||
|
3859000
|
trusted library allocation
|
page read and write
|
||
|
636E000
|
stack
|
page read and write
|
||
|
7E90000
|
trusted library allocation
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
3947000
|
trusted library allocation
|
page read and write
|
||
|
3B8E000
|
trusted library allocation
|
page read and write
|
||
|
3A8D000
|
trusted library allocation
|
page read and write
|
||
|
3AE3000
|
trusted library allocation
|
page read and write
|
||
|
6A23000
|
heap
|
page read and write
|
||
|
3B32000
|
trusted library allocation
|
page read and write
|
||
|
3BBE000
|
trusted library allocation
|
page read and write
|
||
|
3BE0000
|
trusted library allocation
|
page read and write
|
||
|
3B37000
|
trusted library allocation
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
1574000
|
heap
|
page read and write
|
||
|
3A3A000
|
trusted library allocation
|
page read and write
|
||
|
3AE1000
|
trusted library allocation
|
page read and write
|
||
|
39B7000
|
trusted library allocation
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
754A000
|
trusted library allocation
|
page read and write
|
||
|
3CFD000
|
trusted library allocation
|
page read and write
|
||
|
3998000
|
trusted library allocation
|
page read and write
|
||
|
4CFE000
|
stack
|
page read and write
|
||
|
3B6F000
|
trusted library allocation
|
page read and write
|
||
|
39B5000
|
trusted library allocation
|
page read and write
|
||
|
38EA000
|
trusted library allocation
|
page read and write
|
||
|
3CD2000
|
trusted library allocation
|
page read and write
|
||
|
3A7C000
|
trusted library allocation
|
page read and write
|
||
|
3094000
|
trusted library allocation
|
page read and write
|
||
|
3C8B000
|
trusted library allocation
|
page read and write
|
||
|
3C6E000
|
trusted library allocation
|
page read and write
|
||
|
3BA5000
|
trusted library allocation
|
page read and write
|
||
|
399D000
|
trusted library allocation
|
page read and write
|
||
|
3B13000
|
trusted library allocation
|
page read and write
|
||
|
3A59000
|
trusted library allocation
|
page read and write
|
||
|
3C27000
|
trusted library allocation
|
page read and write
|
||
|
26A1000
|
trusted library allocation
|
page read and write
|
||
|
3AA7000
|
trusted library allocation
|
page read and write
|
||
|
393F000
|
trusted library allocation
|
page read and write
|
||
|
7350000
|
trusted library allocation
|
page read and write
|
||
|
6DAE000
|
stack
|
page read and write
|
||
|
3BBC000
|
trusted library allocation
|
page read and write
|
||
|
3B2C000
|
trusted library allocation
|
page read and write
|
||
|
3A30000
|
trusted library allocation
|
page read and write
|
||
|
3CA4000
|
trusted library allocation
|
page read and write
|
||
|
1601000
|
heap
|
page read and write
|
||
|
3A08000
|
trusted library allocation
|
page read and write
|
||
|
38E6000
|
trusted library allocation
|
page read and write
|
||
|
72D0000
|
trusted library allocation
|
page read and write
|
||
|
3C00000
|
trusted library allocation
|
page read and write
|
||
|
A33000
|
heap
|
page read and write
|
||
|
38E8000
|
trusted library allocation
|
page read and write
|
||
|
3A4B000
|
trusted library allocation
|
page read and write
|
||
|
10AC000
|
stack
|
page read and write
|
||
|
964000
|
trusted library allocation
|
page read and write
|
||
|
612E000
|
stack
|
page read and write
|
||
|
3C34000
|
trusted library allocation
|
page read and write
|
||
|
3905000
|
trusted library allocation
|
page read and write
|
||
|
3949000
|
trusted library allocation
|
page read and write
|
||
|
3A15000
|
trusted library allocation
|
page read and write
|
||
|
3C70000
|
trusted library allocation
|
page read and write
|
||
|
3D12000
|
trusted library allocation
|
page read and write
|
||
|
3360000
|
trusted library allocation
|
page read and write
|
||
|
3C83000
|
trusted library allocation
|
page read and write
|
||
|
15BA000
|
heap
|
page read and write
|
||
|
3AF4000
|
trusted library allocation
|
page read and write
|
||
|
3AE5000
|
trusted library allocation
|
page read and write
|
||
|
4590000
|
trusted library allocation
|
page read and write
|
||
|
5A1E000
|
stack
|
page read and write
|
||
|
309D000
|
trusted library allocation
|
page execute and read and write
|
||
|
483E000
|
stack
|
page read and write
|
||
|
730000
|
remote allocation
|
page execute and read and write
|
||
|
662E000
|
stack
|
page read and write
|
||
|
30C0000
|
trusted library allocation
|
page read and write
|
||
|
987000
|
trusted library allocation
|
page execute and read and write
|
||
|
7550000
|
trusted library allocation
|
page read and write
|
||
|
712E000
|
stack
|
page read and write
|
||
|
6D6E000
|
stack
|
page read and write
|
||
|
1A70000
|
heap
|
page read and write
|
||
|
3920000
|
trusted library allocation
|
page read and write
|
||
|
3C08000
|
trusted library allocation
|
page read and write
|
||
|
3855000
|
trusted library allocation
|
page read and write
|
||
|
3A25000
|
trusted library allocation
|
page read and write
|
||
|
3093000
|
trusted library allocation
|
page execute and read and write
|
||
|
3AC6000
|
trusted library allocation
|
page read and write
|
||
|
269E000
|
stack
|
page read and write
|
||
|
6AD0000
|
heap
|
page read and write
|
||
|
3C90000
|
trusted library allocation
|
page read and write
|
||
|
3887000
|
trusted library allocation
|
page read and write
|
||
|
3941000
|
trusted library allocation
|
page read and write
|
||
|
3381000
|
trusted library allocation
|
page read and write
|
||
|
3370000
|
heap
|
page execute and read and write
|
||
|
3B73000
|
trusted library allocation
|
page read and write
|
||
|
30CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
3AE7000
|
trusted library allocation
|
page read and write
|
||
|
3AAD000
|
trusted library allocation
|
page read and write
|
||
|
3A27000
|
trusted library allocation
|
page read and write
|
||
|
6C1D000
|
stack
|
page read and write
|
||
|
3A81000
|
trusted library allocation
|
page read and write
|
||
|
75C0000
|
trusted library section
|
page read and write
|
||
|
3962000
|
trusted library allocation
|
page read and write
|
||
|
3853000
|
trusted library allocation
|
page read and write
|
||
|
3A5D000
|
trusted library allocation
|
page read and write
|
||
|
39AD000
|
trusted library allocation
|
page read and write
|
||
|
3C41000
|
trusted library allocation
|
page read and write
|
||
|
34A7000
|
trusted library allocation
|
page read and write
|
||
|
3D65000
|
trusted library allocation
|
page read and write
|
||
|
3CF7000
|
trusted library allocation
|
page read and write
|
||
|
46FD000
|
trusted library allocation
|
page read and write
|
||
|
6A83000
|
heap
|
page read and write
|
||
|
3AF6000
|
trusted library allocation
|
page read and write
|
||
|
3AA9000
|
trusted library allocation
|
page read and write
|
||
|
3CC1000
|
trusted library allocation
|
page read and write
|
||
|
166E000
|
stack
|
page read and write
|
||
|
7330000
|
trusted library allocation
|
page read and write
|
||
|
3A29000
|
trusted library allocation
|
page read and write
|
||
|
39BA000
|
trusted library allocation
|
page read and write
|
||
|
72E0000
|
trusted library allocation
|
page read and write
|
||
|
3B8C000
|
trusted library allocation
|
page read and write
|
||
|
3964000
|
trusted library allocation
|
page read and write
|
||
|
3C1B000
|
trusted library allocation
|
page read and write
|
||
|
833000
|
trusted library allocation
|
page execute and read and write
|
||
|
389D000
|
trusted library allocation
|
page read and write
|
||
|
3AD5000
|
trusted library allocation
|
page read and write
|
||
|
5CDD000
|
stack
|
page read and write
|
||
|
3C1F000
|
trusted library allocation
|
page read and write
|
||
|
3CBD000
|
trusted library allocation
|
page read and write
|
||
|
3D48000
|
trusted library allocation
|
page read and write
|
||
|
1420000
|
heap
|
page read and write
|
||
|
7240000
|
trusted library allocation
|
page read and write
|
||
|
7620000
|
heap
|
page read and write
|
||
|
72DA000
|
trusted library allocation
|
page read and write
|
||
|
3A0C000
|
trusted library allocation
|
page read and write
|
||
|
38CF000
|
trusted library allocation
|
page read and write
|
||
|
3A8F000
|
trusted library allocation
|
page read and write
|
||
|
39CC000
|
trusted library allocation
|
page read and write
|
||
|
688C000
|
stack
|
page read and write
|
||
|
5E5F000
|
stack
|
page read and write
|
||
|
153A000
|
heap
|
page read and write
|
||
|
A54000
|
heap
|
page read and write
|
||
|
9B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3CA6000
|
trusted library allocation
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
3CF9000
|
trusted library allocation
|
page read and write
|
||
|
3C23000
|
trusted library allocation
|
page read and write
|
||
|
30B0000
|
trusted library allocation
|
page read and write
|
||
|
39C8000
|
trusted library allocation
|
page read and write
|
||
|
3C72000
|
trusted library allocation
|
page read and write
|
||
|
9ED000
|
heap
|
page read and write
|
||
|
819E000
|
stack
|
page read and write
|
||
|
7EA0000
|
heap
|
page read and write
|
||
|
397B000
|
trusted library allocation
|
page read and write
|
||
|
3907000
|
trusted library allocation
|
page read and write
|
||
|
38A1000
|
trusted library allocation
|
page read and write
|
||
|
3D63000
|
trusted library allocation
|
page read and write
|
||
|
3D4A000
|
trusted library allocation
|
page read and write
|
||
|
38BD000
|
trusted library allocation
|
page read and write
|
||
|
72A0000
|
trusted library allocation
|
page read and write
|
||
|
3AFC000
|
trusted library allocation
|
page read and write
|
There are 520 hidden memdumps, click here to show them.