Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
APPENDIX FORM_N#U00b045013-20241120.com.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\Public\Pictures\pediculofrontal.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, ctime=Sun Dec 31 23:25:52 1600, mtime=Sun
Dec 31 23:25:52 1600, atime=Sun Dec 31 23:25:52 1600, length=0, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bhv2DCB.tmp
|
Extensible storage engine DataBase, version 0x620, checksum 0xc350c1bd, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\hhicqmxmcuubmwccmnspqit
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\nsc44A6.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\nse3C39.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Orkestral\Vaginovesical41\biogeochemistry\Belgians.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Orkestral\Vaginovesical41\biogeochemistry\Hokerer118.Syl
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Orkestral\Vaginovesical41\biogeochemistry\Kontinuiteterne.Aut
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Orkestral\Vaginovesical41\biogeochemistry\Nytaarsforst98.ret
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Orkestral\Vaginovesical41\biogeochemistry\bevbningen\fgterens.bet
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Orkestral\Vaginovesical41\biogeochemistry\bevbningen\kilogram.fla
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Orkestral\Vaginovesical41\biogeochemistry\bevbningen\udfrselstilladelser.elm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Orkestral\Vaginovesical41\biogeochemistry\bevbningen\unwelcomed.mar
|
data
|
dropped
|
There are 5 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\APPENDIX FORM_N#U00b045013-20241120.com.exe
|
"C:\Users\user\Desktop\APPENDIX FORM_N#U00b045013-20241120.com.exe"
|
|
|
|
C:\Users\user\Desktop\APPENDIX FORM_N#U00b045013-20241120.com.exe
|
"C:\Users\user\Desktop\APPENDIX FORM_N#U00b045013-20241120.com.exe"
|
|
|
|
C:\Users\user\Desktop\APPENDIX FORM_N#U00b045013-20241120.com.exe
|
"C:\Users\user\Desktop\APPENDIX FORM_N#U00b045013-20241120.com.exe" /stext "C:\Users\user\AppData\Local\Temp\hhicqmxmcuubmwccmnspqit"
|
|
|
|
C:\Users\user\Desktop\APPENDIX FORM_N#U00b045013-20241120.com.exe
|
"C:\Users\user\Desktop\APPENDIX FORM_N#U00b045013-20241120.com.exe" /stext "C:\Users\user\AppData\Local\Temp\rjnmrfinqcmgocyodymjbnnrmv"
|
|
|
|
C:\Users\user\Desktop\APPENDIX FORM_N#U00b045013-20241120.com.exe
|
"C:\Users\user\Desktop\APPENDIX FORM_N#U00b045013-20241120.com.exe" /stext "C:\Users\user\AppData\Local\Temp\bdsfsxbheketyimsnjzkeaiancxhuh"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://45.133.158.36/cvTLIRXJzBJoApmtjAY235.bin
|
45.133.158.36
|
|
|
|
http://geoplugin.net/json.gp$
|
unknown
|
||
|
https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=P
|
unknown
|
||
|
https://www.office.com/
|
unknown
|
||
|
https://fp-afd.azurefd.us/apc/trans.gif?a2555e10569a45fe03b885d268c50da9
|
unknown
|
||
|
http://www.imvu.comr
|
unknown
|
||
|
http://geoplugin.net/json.gp0G
|
unknown
|
||
|
http://geoplugin.net/json.gpMG
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingth
|
unknown
|
||
|
http://geoplugin.net/json.gp-
|
unknown
|
||
|
http://www.imvu.com
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=wsb
|
unknown
|
||
|
http://www.imvu.comppData
|
unknown
|
||
|
http://www.nirsoft.net
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingaotak
|
unknown
|
||
|
https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Condition/AAehwh2.svg
|
unknown
|
||
|
https://deff.nelreports.net/api/report?cat=msn
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
https://ecfdb90f321c52ef6e93077f63413543.azr.footprintdns.com/apc/trans.gif?c2fcd52267835a3e34f9ac05
|
unknown
|
||
|
https://ecfdb90f321c52ef6e93077f63413543.azr.footprintdns.com/apc/trans.gif?bd78002c55888096ce060c58
|
unknown
|
||
|
http://www.imvu.comhttp://www.ebuddy.comhttps://www.google.com
|
unknown
|
||
|
http://geoplugin.net/json.gpTGu
|
unknown
|
||
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
|
https://www.google.com
|
unknown
|
||
|
http://geoplugin.net/json.gpA
|
unknown
|
||
|
http://nsis.sf.net/NSIS_Error
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingaot
|
unknown
|
||
|
https://fp-afd.azurefd.us/apc/trans.gif?69c749c200c753dfb00f5bc8299ab8eb
|
unknown
|
||
|
https://cxcs.microsoft.net/api/settings/en-GB/xml/settings-tipset?release=20h1&sku=Professional&plat
|
unknown
|
||
|
http://geoplugin.net/json.gpN
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingrms
|
unknown
|
||
|
https://www.google.com/accounts/servicelogin
|
unknown
|
||
|
https://login.yahoo.com/config/login
|
unknown
|
||
|
http://www.nirsoft.net/
|
unknown
|
||
|
http://geoplugin.net/json.gp_
|
unknown
|
||
|
https://ecs.nel.measure.office.net?TenantId=ODSP_Sync_Client&DestinationEndpoint=Edge-Prod-LAX31r5c&
|
unknown
|
||
|
http://www.ebuddy.com
|
unknown
|
There are 27 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
geoplugin.net
|
178.237.33.50
|
||
|
s-part-0017.t-0009.t-msedge.net
|
13.107.246.45
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
45.133.158.36
|
unknown
|
Germany
|
|
|
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-CDCZ2K
|
exepath
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-CDCZ2K
|
licence
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-CDCZ2K
|
time
|
|
|
|
HKEY_CURRENT_USER\Rifterne222\Phototrophic\Gruyere
|
udskejende
|
||
|
HKEY_CURRENT_USER\Avisartikelen92\Uninstall\Chlorobenzene\Goidelic188
|
drmt
|
||
|
HKEY_CURRENT_USER\photoionization\grsningens
|
Checkering46
|
||
|
HKEY_CURRENT_USER\problemopfattelsens\Ratter
|
tripelike
|
||
|
HKEY_CURRENT_USER\pseudochromia\Uninstall\paaskedags\mangey
|
Misinference
|
||
|
HKEY_CURRENT_USER\platformed\shutoff\indeklimaindsatses
|
Proletariaterne49
|
||
|
HKEY_CURRENT_USER\Arbejdsmiljlovenes\utvetydigheden
|
noodling
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
28C0000
|
heap
|
page read and write
|
|
|
|
28A2000
|
heap
|
page read and write
|
|
|
|
32D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
28CE000
|
heap
|
page read and write
|
|
|
|
28DE000
|
heap
|
page read and write
|
||
|
2240000
|
direct allocation
|
page read and write
|
||
|
33396000
|
unclassified section
|
page execute and read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
3CD0000
|
direct allocation
|
page execute and read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
28DF000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
28DE000
|
heap
|
page read and write
|
||
|
28EC000
|
heap
|
page read and write
|
||
|
27B0000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
97A000
|
heap
|
page read and write
|
||
|
254E000
|
heap
|
page read and write
|
||
|
33208000
|
heap
|
page read and write
|
||
|
28E2000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
2736000
|
heap
|
page read and write
|
||
|
28E0000
|
heap
|
page read and write
|
||
|
33208000
|
heap
|
page read and write
|
||
|
4450000
|
direct allocation
|
page read and write
|
||
|
98A000
|
heap
|
page read and write
|
||
|
526000
|
heap
|
page read and write
|
||
|
961000
|
heap
|
page read and write
|
||
|
450E000
|
stack
|
page read and write
|
||
|
33204000
|
heap
|
page read and write
|
||
|
482000
|
heap
|
page read and write
|
||
|
978000
|
heap
|
page read and write
|
||
|
21A0000
|
remote allocation
|
page execute and read and write
|
||
|
45D0000
|
heap
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
961000
|
heap
|
page read and write
|
||
|
978000
|
heap
|
page read and write
|
||
|
32C4D000
|
stack
|
page read and write
|
||
|
2860000
|
heap
|
page read and write
|
||
|
17C000
|
stack
|
page read and write
|
||
|
961000
|
heap
|
page read and write
|
||
|
2756000
|
heap
|
page read and write
|
||
|
460000
|
heap
|
page read and write
|
||
|
564000
|
heap
|
page read and write
|
||
|
564000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
2200000
|
direct allocation
|
page read and write
|
||
|
969000
|
heap
|
page read and write
|
||
|
2736000
|
heap
|
page read and write
|
||
|
978000
|
heap
|
page read and write
|
||
|
4490000
|
direct allocation
|
page read and write
|
||
|
32D91000
|
heap
|
page read and write
|
||
|
981000
|
heap
|
page read and write
|
||
|
96F000
|
heap
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
28CF000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
2910000
|
trusted library allocation
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
333B0000
|
unclassified section
|
page execute and read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
33021000
|
heap
|
page read and write
|
||
|
564000
|
heap
|
page read and write
|
||
|
2711000
|
heap
|
page read and write
|
||
|
2717000
|
heap
|
page read and write
|
||
|
473000
|
system
|
page execute and read and write
|
||
|
32E08000
|
heap
|
page read and write
|
||
|
16B0000
|
remote allocation
|
page execute and read and write
|
||
|
28E2000
|
heap
|
page read and write
|
||
|
33208000
|
heap
|
page read and write
|
||
|
9B8000
|
heap
|
page read and write
|
||
|
86D000
|
heap
|
page read and write
|
||
|
2736000
|
heap
|
page read and write
|
||
|
2856000
|
heap
|
page read and write
|
||
|
3321D000
|
heap
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
86D000
|
heap
|
page read and write
|
||
|
2717000
|
heap
|
page read and write
|
||
|
2718000
|
heap
|
page read and write
|
||
|
96F000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
A5A000
|
heap
|
page read and write
|
||
|
3318B000
|
heap
|
page read and write
|
||
|
5F3000
|
heap
|
page read and write
|
||
|
5FC000
|
heap
|
page read and write
|
||
|
564000
|
heap
|
page read and write
|
||
|
28E0000
|
heap
|
page read and write
|
||
|
2716000
|
heap
|
page read and write
|
||
|
2716000
|
heap
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
965000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
25CF000
|
stack
|
page read and write
|
||
|
2732000
|
heap
|
page read and write
|
||
|
3320B000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
7EF000
|
stack
|
page read and write
|
||
|
2250000
|
direct allocation
|
page read and write
|
||
|
961000
|
heap
|
page read and write
|
||
|
271C000
|
heap
|
page read and write
|
||
|
564000
|
heap
|
page read and write
|
||
|
96D000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
2719000
|
heap
|
page read and write
|
||
|
3284B000
|
stack
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
96F000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
32E08000
|
heap
|
page read and write
|
||
|
4540000
|
heap
|
page read and write
|
||
|
9A3000
|
heap
|
page read and write
|
||
|
978000
|
heap
|
page read and write
|
||
|
661000
|
heap
|
page read and write
|
||
|
18F000
|
stack
|
page read and write
|
||
|
2731000
|
heap
|
page read and write
|
||
|
615000
|
heap
|
page read and write
|
||
|
969000
|
heap
|
page read and write
|
||
|
272D000
|
heap
|
page read and write
|
||
|
2719000
|
heap
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
2776000
|
heap
|
page read and write
|
||
|
10003000
|
unkown
|
page readonly
|
||
|
96E000
|
heap
|
page read and write
|
||
|
96F000
|
heap
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
3320B000
|
heap
|
page read and write
|
||
|
2611000
|
heap
|
page read and write
|
||
|
50E000
|
stack
|
page read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
96D000
|
heap
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
2611000
|
heap
|
page read and write
|
||
|
41B000
|
system
|
page execute and read and write
|
||
|
564000
|
heap
|
page read and write
|
||
|
978000
|
heap
|
page read and write
|
||
|
564000
|
heap
|
page read and write
|
||
|
33333000
|
unclassified section
|
page execute and read and write
|
||
|
961000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2910000
|
trusted library allocation
|
page read and write
|
||
|
28EC000
|
heap
|
page read and write
|
||
|
5AA000
|
heap
|
page read and write
|
||
|
96A000
|
heap
|
page read and write
|
||
|
4EA000
|
heap
|
page read and write
|
||
|
2910000
|
trusted library allocation
|
page read and write
|
||
|
2731000
|
heap
|
page read and write
|
||
|
2230000
|
direct allocation
|
page read and write
|
||
|
32E82000
|
heap
|
page read and write
|
||
|
274E000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
333F6000
|
direct allocation
|
page execute and read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
2736000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
27E8000
|
heap
|
page read and write
|
||
|
2611000
|
heap
|
page read and write
|
||
|
43E000
|
unkown
|
page read and write
|
||
|
449000
|
unkown
|
page readonly
|
||
|
2736000
|
heap
|
page read and write
|
||
|
421000
|
unkown
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
A5A000
|
heap
|
page read and write
|
||
|
2100000
|
heap
|
page read and write
|
||
|
33021000
|
heap
|
page read and write
|
||
|
3298F000
|
stack
|
page read and write
|
||
|
32D90000
|
heap
|
page read and write
|
||
|
33113000
|
heap
|
page read and write
|
||
|
2280000
|
heap
|
page read and write
|
||
|
96F000
|
heap
|
page read and write
|
||
|
564000
|
heap
|
page read and write
|
||
|
83F000
|
stack
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
27CF000
|
stack
|
page read and write
|
||
|
564000
|
heap
|
page read and write
|
||
|
3322A000
|
heap
|
page read and write
|
||
|
177000
|
stack
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
3274E000
|
stack
|
page read and write
|
||
|
978000
|
heap
|
page read and write
|
||
|
96D000
|
heap
|
page read and write
|
||
|
21C0000
|
direct allocation
|
page read and write
|
||
|
2740000
|
heap
|
page read and write
|
||
|
468000
|
heap
|
page read and write
|
||
|
271C000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
2210000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
571000
|
heap
|
page read and write
|
||
|
33113000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
7BE000
|
stack
|
page read and write
|
||
|
3320B000
|
heap
|
page read and write
|
||
|
961000
|
heap
|
page read and write
|
||
|
4AE000
|
stack
|
page read and write
|
||
|
96F000
|
heap
|
page read and write
|
||
|
A5E000
|
heap
|
page read and write
|
||
|
2118000
|
heap
|
page read and write
|
||
|
2220000
|
direct allocation
|
page read and write
|
||
|
976000
|
heap
|
page read and write
|
||
|
446000
|
unkown
|
page read and write
|
||
|
459000
|
system
|
page execute and read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
57A000
|
heap
|
page read and write
|
||
|
26CE000
|
stack
|
page read and write
|
||
|
2721000
|
heap
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
331CB000
|
heap
|
page read and write
|
||
|
2718000
|
heap
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
A2E000
|
stack
|
page read and write
|
||
|
33208000
|
heap
|
page read and write
|
||
|
975000
|
heap
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
969000
|
heap
|
page read and write
|
||
|
3320B000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
77F000
|
stack
|
page read and write
|
||
|
271C000
|
heap
|
page read and write
|
||
|
A5C000
|
heap
|
page read and write
|
||
|
2714000
|
heap
|
page read and write
|
||
|
33112000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
965000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
2080000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
2718000
|
heap
|
page read and write
|
||
|
55A000
|
heap
|
page read and write
|
||
|
2716000
|
heap
|
page read and write
|
||
|
2830000
|
direct allocation
|
page read and write
|
||
|
96F000
|
heap
|
page read and write
|
||
|
2731000
|
heap
|
page read and write
|
||
|
976000
|
heap
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
975000
|
heap
|
page read and write
|
||
|
96D000
|
heap
|
page read and write
|
||
|
2A30000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
971000
|
heap
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
2711000
|
heap
|
page read and write
|
||
|
331BC000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
970000
|
heap
|
page read and write
|
||
|
564000
|
heap
|
page read and write
|
||
|
28D7000
|
heap
|
page read and write
|
||
|
2738000
|
heap
|
page read and write
|
||
|
19F000
|
stack
|
page read and write
|
||
|
32D91000
|
heap
|
page read and write
|
||
|
969000
|
heap
|
page read and write
|
||
|
58E000
|
stack
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
2610000
|
heap
|
page read and write
|
||
|
32D8F000
|
stack
|
page read and write
|
||
|
331BB000
|
heap
|
page read and write
|
||
|
32E82000
|
heap
|
page read and write
|
||
|
214E000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
21A0000
|
heap
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
4440000
|
direct allocation
|
page read and write
|
||
|
978000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
93F000
|
stack
|
page read and write
|
||
|
2561000
|
heap
|
page read and write
|
||
|
2736000
|
heap
|
page read and write
|
||
|
2615000
|
heap
|
page read and write
|
||
|
2711000
|
heap
|
page read and write
|
||
|
586000
|
heap
|
page read and write
|
||
|
971000
|
heap
|
page read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
449000
|
unkown
|
page readonly
|
||
|
524000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
9B8000
|
heap
|
page read and write
|
||
|
4430000
|
direct allocation
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
33319000
|
unclassified section
|
page execute and read and write
|
||
|
274E000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
10012000
|
trusted library allocation
|
page read and write
|
||
|
21E0000
|
direct allocation
|
page read and write
|
||
|
33020000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
19C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
96D000
|
heap
|
page read and write
|
||
|
460000
|
heap
|
page read and write
|
||
|
997000
|
heap
|
page read and write
|
||
|
96F000
|
stack
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
32ACD000
|
stack
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2776000
|
heap
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
28DE000
|
heap
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
648000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
2270000
|
direct allocation
|
page read and write
|
||
|
961000
|
heap
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
21D0000
|
direct allocation
|
page read and write
|
||
|
45CD000
|
stack
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
2711000
|
heap
|
page read and write
|
||
|
31E0000
|
direct allocation
|
page execute and read and write
|
||
|
2868000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
3309A000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
45C000
|
system
|
page execute and read and write
|
||
|
4600000
|
heap
|
page read and write
|
||
|
63E000
|
stack
|
page read and write
|
||
|
28E2000
|
heap
|
page read and write
|
||
|
28DD000
|
heap
|
page read and write
|
||
|
4460000
|
direct allocation
|
page read and write
|
||
|
76F000
|
stack
|
page read and write
|
||
|
2731000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
2721000
|
heap
|
page read and write
|
||
|
96F000
|
heap
|
page read and write
|
||
|
2800000
|
heap
|
page read and write
|
||
|
273E000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
4470000
|
direct allocation
|
page read and write
|
||
|
978000
|
heap
|
page read and write
|
||
|
425000
|
unkown
|
page read and write
|
||
|
4420000
|
direct allocation
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
2719000
|
heap
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
978000
|
heap
|
page read and write
|
||
|
218E000
|
stack
|
page read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
A59000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
96F000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
333E1000
|
direct allocation
|
page execute and read and write
|
||
|
2710000
|
trusted library allocation
|
page read and write
|
||
|
28CF000
|
heap
|
page read and write
|
||
|
2756000
|
heap
|
page read and write
|
||
|
333CB000
|
unclassified section
|
page execute and read and write
|
||
|
778000
|
heap
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
98E000
|
heap
|
page read and write
|
||
|
971000
|
heap
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
332C0000
|
unclassified section
|
page execute and read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
2540000
|
trusted library allocation
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
9E000
|
stack
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
564000
|
heap
|
page read and write
|
||
|
96E000
|
heap
|
page read and write
|
||
|
28CF000
|
heap
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
271C000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
2910000
|
trusted library allocation
|
page read and write
|
||
|
33219000
|
heap
|
page read and write
|
||
|
272E000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
96F000
|
heap
|
page read and write
|
||
|
28DE000
|
heap
|
page read and write
|
||
|
33340000
|
unclassified section
|
page execute and read and write
|
||
|
978000
|
heap
|
page read and write
|
||
|
45D000
|
system
|
page execute and read and write
|
||
|
564000
|
heap
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
2731000
|
heap
|
page read and write
|
||
|
271C000
|
heap
|
page read and write
|
||
|
978000
|
heap
|
page read and write
|
||
|
2731000
|
heap
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2710000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
21F0000
|
direct allocation
|
page read and write
|
||
|
978000
|
heap
|
page read and write
|
||
|
449000
|
unkown
|
page readonly
|
||
|
564000
|
heap
|
page read and write
|
||
|
96F000
|
heap
|
page read and write
|
||
|
961000
|
heap
|
page read and write
|
||
|
2744000
|
heap
|
page read and write
|
||
|
976000
|
heap
|
page read and write
|
||
|
2719000
|
heap
|
page read and write
|
||
|
564000
|
heap
|
page read and write
|
||
|
331FB000
|
heap
|
page read and write
|
||
|
193000
|
stack
|
page read and write
|
||
|
96F000
|
heap
|
page read and write
|
||
|
2718000
|
heap
|
page read and write
|
||
|
969000
|
heap
|
page read and write
|
||
|
288E000
|
heap
|
page read and write
|
||
|
96F000
|
heap
|
page read and write
|
||
|
442000
|
unkown
|
page read and write
|
||
|
97A000
|
heap
|
page read and write
|
||
|
28CF000
|
heap
|
page read and write
|
||
|
564000
|
heap
|
page read and write
|
||
|
33208000
|
heap
|
page read and write
|
||
|
28E2000
|
heap
|
page read and write
|
||
|
971000
|
heap
|
page read and write
|
||
|
A56000
|
heap
|
page read and write
|
||
|
32E0A000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
2850000
|
heap
|
page read and write
|
||
|
971000
|
heap
|
page read and write
|
||
|
2260000
|
direct allocation
|
page read and write
|
||
|
53B000
|
heap
|
page read and write
|
||
|
969000
|
heap
|
page read and write
|
||
|
2820000
|
direct allocation
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
4480000
|
direct allocation
|
page read and write
|
||
|
3288E000
|
stack
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
545000
|
heap
|
page read and write
|
||
|
4EE000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
28E2000
|
heap
|
page read and write
|
||
|
27D0000
|
heap
|
page read and write
|
||
|
564000
|
heap
|
page read and write
|
||
|
449000
|
unkown
|
page readonly
|
||
|
2747000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
4410000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
59B000
|
heap
|
page read and write
|
||
|
2560000
|
heap
|
page read and write
|
||
|
33219000
|
heap
|
page read and write
|
||
|
2561000
|
heap
|
page read and write
|
||
|
458E000
|
stack
|
page read and write
|
||
|
449000
|
unkown
|
page readonly
|
||
|
2776000
|
heap
|
page read and write
|
||
|
976000
|
heap
|
page read and write
|
||
|
67E000
|
stack
|
page read and write
|
||
|
329CE000
|
stack
|
page read and write
|
||
|
333E0000
|
direct allocation
|
page read and write
|
||
|
271C000
|
heap
|
page read and write
|
||
|
271C000
|
heap
|
page read and write
|
||
|
2716000
|
heap
|
page read and write
|
||
|
3320B000
|
heap
|
page read and write
|
||
|
78C000
|
heap
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
292F000
|
heap
|
page read and write
|
||
|
272E000
|
heap
|
page read and write
|
||
|
10005000
|
unkown
|
page readonly
|
||
|
65D000
|
heap
|
page read and write
|
||
|
978000
|
heap
|
page read and write
|
||
|
28EC000
|
heap
|
page read and write
|
||
|
975000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
274A000
|
heap
|
page read and write
|
||
|
564000
|
heap
|
page read and write
|
||
|
32B4C000
|
stack
|
page read and write
|
||
|
3264F000
|
stack
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
4CE000
|
stack
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
B2F000
|
stack
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
17A0000
|
remote allocation
|
page execute and read and write
|
||
|
3331D000
|
unclassified section
|
page execute and read and write
|
||
|
997000
|
heap
|
page read and write
|
||
|
3318B000
|
heap
|
page read and write
|
||
|
2910000
|
trusted library allocation
|
page read and write
|
||
|
449000
|
unkown
|
page readonly
|
||
|
456000
|
system
|
page execute and read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
2776000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
961000
|
heap
|
page read and write
|
||
|
96E000
|
heap
|
page read and write
|
||
|
96F000
|
heap
|
page read and write
|
||
|
28E2000
|
heap
|
page read and write
|
||
|
33208000
|
heap
|
page read and write
|
||
|
292F000
|
heap
|
page read and write
|
||
|
2210000
|
heap
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
975000
|
heap
|
page read and write
|
||
|
449000
|
unkown
|
page readonly
|
||
|
429000
|
unkown
|
page read and write
|
||
|
969000
|
heap
|
page read and write
|
||
|
2729000
|
heap
|
page read and write
|
||
|
2840000
|
direct allocation
|
page read and write
|
||
|
96D000
|
heap
|
page read and write
|
||
|
5FC000
|
heap
|
page read and write
|
||
|
3320B000
|
heap
|
page read and write
|
||
|
32C8E000
|
stack
|
page read and write
|
||
|
2729000
|
heap
|
page read and write
|
||
|
3339C000
|
unclassified section
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2910000
|
trusted library allocation
|
page read and write
|
||
|
96F000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
17D000
|
stack
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
28DE000
|
heap
|
page read and write
|
||
|
5A8000
|
heap
|
page read and write
|
||
|
564000
|
heap
|
page read and write
|
||
|
28E2000
|
heap
|
page read and write
|
There are 511 hidden memdumps, click here to show them.