Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Certificate 11-21AIS.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\F56GKLK7U4
|
SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 2, database pages 56, cookie
0x24, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\autFF01.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\beeish
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Certificate 11-21AIS.exe
|
"C:\Users\user\Desktop\Certificate 11-21AIS.exe"
|
|
|
|
C:\Windows\SysWOW64\svchost.exe
|
"C:\Users\user\Desktop\Certificate 11-21AIS.exe"
|
|
|
|
C:\Program Files (x86)\rieAPwQKXdCLBXZRnXqsuvsqsEMPPoivjWOZkxysEgwfpPHkyk\YpYSxBPTXgWuOtxBGIerqOSW.exe
|
"C:\Program Files (x86)\rieAPwQKXdCLBXZRnXqsuvsqsEMPPoivjWOZkxysEgwfpPHkyk\YpYSxBPTXgWuOtxBGIerqOSW.exe"
|
|
|
|
C:\Windows\SysWOW64\netbtugc.exe
|
"C:\Windows\SysWOW64\netbtugc.exe"
|
|
|
|
C:\Program Files (x86)\rieAPwQKXdCLBXZRnXqsuvsqsEMPPoivjWOZkxysEgwfpPHkyk\YpYSxBPTXgWuOtxBGIerqOSW.exe
|
"C:\Program Files (x86)\rieAPwQKXdCLBXZRnXqsuvsqsEMPPoivjWOZkxysEgwfpPHkyk\YpYSxBPTXgWuOtxBGIerqOSW.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.3xfootball.com/fo8o/?nVb4=q2L0IduHqXQ8JBmp&Ml18S=IhZyPQIGe6uK3zPwzgZotr9BPg6ZX3xlW2eS79Xk6ut4afzj0LiRBEeFtQixSzG192fRs1GD25A478p7nOOn1bCAV966J7ZkoXS5ptBuz2edhBZoh3xN24c=
|
154.215.72.110
|
|
|
|
http://www.empowermedeco.com/fo8o/
|
217.196.55.202
|
|
|
|
http://www.empowermedeco.com/fo8o/?Ml18S=mxnR+iHPFb8HZiaGfeL/C2cRfJ+ne5kRPLEBGwFodGelSqoCQiBwPqu0WU7djgVoJgj4cKk6Pp6Q/yIaSghKfBV1+IPAGotTT7HDcUO7JjOgJKpj6i9KOMs=&nVb4=q2L0IduHqXQ8JBmp
|
217.196.55.202
|
|
|
|
http://www.elettrosistemista.zip/fo8o/?nVb4=q2L0IduHqXQ8JBmp&Ml18S=bO1UBvtoHFNUmlWB4HLJpEjmeTUqQxU1qF418M7UHpKKa2cgLZsmM/SsbGGojtls67Xc6OgTo57aJm1+bsxMLzFMa6Onx1WMpNg/TOHpJ+sdeDHYknqJlyE=
|
195.110.124.133
|
|
|
|
http://www.elettrosistemista.zip/fo8o/
|
195.110.124.133
|
|
|
|
http://www.magmadokum.com/fo8o/
|
85.159.66.93
|
|
|
|
http://www.rssnewscast.com/fo8o/
|
91.195.240.94
|
|
|
|
http://www.goldenjade-travel.com/fo8o/?nVb4=q2L0IduHqXQ8JBmp&Ml18S=LFKqyrcu7g1NCa8bLlrIs+M38ZMJrQSprIMLtaWgKJ9bBKQr4dsnyMPFpMQjJLGR7ieyxupOSpv1HbfUaMaF2zMIkigvi6pIX6i8MuAeXHNrENDnI2WJi/4=
|
116.50.37.244
|
|
|
|
http://www.goldenjade-travel.com/fo8o/
|
116.50.37.244
|
|
|
|
http://www.rssnewscast.com/fo8o/?Ml18S=x3jV/ECx7FuzXOI+5yB0DB/+zmAHn47HyCIVaqWvGMMqpfz0YC5wLsL1wYxwFH1KuInYTmXKqKNNujOvwtdNuo48jXK1aHHk/BJwdjwjaHe/B0IWhwIR9Wc=&nVb4=q2L0IduHqXQ8JBmp
|
91.195.240.94
|
|
|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
http://www.empowermedeco.com
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://www.name.com/domain/renew/rssnewscast.com?utm_source=Sedo_parked_page&utm_medium=button&utm_
|
unknown
|
||
|
https://www.sedo.com/services/parking.php3
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://codepen.io/uzcho_/pens/popular/?grid_type=list
|
unknown
|
||
|
https://codepen.io/uzcho_/pen/eYdmdXw.css
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://www.empowermedeco.com/fo8o/?Ml18S=mxnR
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
http://www.techchains.info/fo8o/
|
66.29.149.46
|
There are 16 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
elettrosistemista.zip
|
195.110.124.133
|
||
|
empowermedeco.com
|
217.196.55.202
|
||
|
www.3xfootball.com
|
154.215.72.110
|
||
|
www.goldenjade-travel.com
|
116.50.37.244
|
||
|
www.rssnewscast.com
|
91.195.240.94
|
||
|
www.techchains.info
|
66.29.149.46
|
||
|
natroredirect.natrocdn.com
|
85.159.66.93
|
||
|
www.magmadokum.com
|
unknown
|
||
|
www.donnavariedades.com
|
unknown
|
||
|
www.660danm.top
|
unknown
|
||
|
www.joyesi.xyz
|
unknown
|
||
|
www.liangyuen528.com
|
unknown
|
||
|
www.kasegitai.tokyo
|
unknown
|
||
|
www.empowermedeco.com
|
unknown
|
||
|
www.k9vyp11no3.cfd
|
unknown
|
||
|
www.elettrosistemista.zip
|
unknown
|
||
|
www.antonio-vivaldi.mobi
|
unknown
|
There are 7 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
91.195.240.94
|
www.rssnewscast.com
|
Germany
|
||
|
154.215.72.110
|
www.3xfootball.com
|
Seychelles
|
||
|
195.110.124.133
|
elettrosistemista.zip
|
Italy
|
||
|
116.50.37.244
|
www.goldenjade-travel.com
|
Taiwan; Republic of China (ROC)
|
||
|
85.159.66.93
|
natroredirect.natrocdn.com
|
Turkey
|
||
|
66.29.149.46
|
www.techchains.info
|
United States
|
||
|
217.196.55.202
|
empowermedeco.com
|
Norway
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3590000
|
unclassified section
|
page execute and read and write
|
|
|
|
400000
|
system
|
page execute and read and write
|
|
|
|
39E0000
|
unkown
|
page execute and read and write
|
|
|
|
2BA0000
|
system
|
page execute and read and write
|
|
|
|
3030000
|
trusted library allocation
|
page read and write
|
|
|
|
5870000
|
system
|
page execute and read and write
|
|
|
|
3170000
|
trusted library allocation
|
page read and write
|
|
|
|
5200000
|
unclassified section
|
page execute and read and write
|
|
|
|
3A0000
|
unkown
|
page readonly
|
||
|
3221000
|
heap
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
3660000
|
direct allocation
|
page read and write
|
||
|
8C835FE000
|
stack
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
DAB000
|
stack
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
981000
|
unkown
|
page execute read
|
||
|
30F1000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
1340000
|
unkown
|
page readonly
|
||
|
984000
|
unkown
|
page readonly
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
397D000
|
direct allocation
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
27A64830000
|
heap
|
page read and write
|
||
|
3153000
|
heap
|
page read and write
|
||
|
2EE4000
|
heap
|
page read and write
|
||
|
F80000
|
unkown
|
page readonly
|
||
|
3221000
|
heap
|
page read and write
|
||
|
58C1000
|
system
|
page execute and read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3850000
|
direct allocation
|
page read and write
|
||
|
3BAC000
|
unclassified section
|
page read and write
|
||
|
133C000
|
stack
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3223000
|
heap
|
page read and write
|
||
|
25E0000
|
unkown
|
page execute and read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
7DFF000
|
heap
|
page read and write
|
||
|
39CD000
|
direct allocation
|
page read and write
|
||
|
39EE000
|
direct allocation
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3070000
|
unkown
|
page readonly
|
||
|
3700000
|
direct allocation
|
page read and write
|
||
|
18B1000
|
unkown
|
page readonly
|
||
|
2ED0000
|
unkown
|
page readonly
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
7E22000
|
heap
|
page read and write
|
||
|
98E000
|
unkown
|
page readonly
|
||
|
39EC000
|
unclassified section
|
page read and write
|
||
|
45DC000
|
unclassified section
|
page read and write
|
||
|
16B0000
|
unkown
|
page readonly
|
||
|
3221000
|
heap
|
page read and write
|
||
|
310D000
|
heap
|
page read and write
|
||
|
123A000
|
stack
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
179E000
|
stack
|
page read and write
|
||
|
910000
|
unkown
|
page readonly
|
||
|
593C000
|
system
|
page execute and read and write
|
||
|
27A66210000
|
trusted library allocation
|
page read and write
|
||
|
2420000
|
unkown
|
page read and write
|
||
|
3070000
|
unkown
|
page readonly
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
362D000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
1A50000
|
unkown
|
page readonly
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
1360000
|
unkown
|
page readonly
|
||
|
8C1000
|
unkown
|
page execute read
|
||
|
2420000
|
unkown
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
27A64839000
|
heap
|
page read and write
|
||
|
1390000
|
unkown
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
2492C000
|
system
|
page read and write
|
||
|
311E000
|
heap
|
page read and write
|
||
|
36B0000
|
direct allocation
|
page read and write
|
||
|
496A000
|
unkown
|
page read and write
|
||
|
27A6484B000
|
heap
|
page read and write
|
||
|
24D14000
|
system
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
B7F000
|
stack
|
page read and write
|
||
|
11B3000
|
heap
|
page read and write
|
||
|
3101000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
FAA000
|
heap
|
page read and write
|
||
|
340F000
|
stack
|
page read and write
|
||
|
123A000
|
stack
|
page read and write
|
||
|
659000
|
stack
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3700000
|
direct allocation
|
page execute and read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3167000
|
heap
|
page read and write
|
||
|
389E000
|
direct allocation
|
page execute and read and write
|
||
|
27A66401000
|
trusted library allocation
|
page read and write
|
||
|
27A64862000
|
heap
|
page read and write
|
||
|
39CD000
|
direct allocation
|
page execute and read and write
|
||
|
981000
|
unkown
|
page execute read
|
||
|
3019000
|
heap
|
page read and write
|
||
|
3134000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
27A66300000
|
trusted library allocation
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3823000
|
direct allocation
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
30E2000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
34FB000
|
heap
|
page read and write
|
||
|
36B0000
|
direct allocation
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
3590000
|
direct allocation
|
page read and write
|
||
|
760000
|
unkown
|
page readonly
|
||
|
910000
|
unkown
|
page readonly
|
||
|
24E4000
|
heap
|
page read and write
|
||
|
382D000
|
direct allocation
|
page execute and read and write
|
||
|
2F60000
|
heap
|
page read and write
|
||
|
997000
|
unkown
|
page readonly
|
||
|
27A664CE000
|
trusted library allocation
|
page read and write
|
||
|
3590000
|
direct allocation
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
97A000
|
unkown
|
page write copy
|
||
|
3221000
|
heap
|
page read and write
|
||
|
59CC000
|
unkown
|
page read and write
|
||
|
1350000
|
unkown
|
page readonly
|
||
|
3221000
|
heap
|
page read and write
|
||
|
7EE0000
|
trusted library allocation
|
page read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
FE2000
|
heap
|
page read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
F90000
|
unkown
|
page readonly
|
||
|
3087000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
73D000
|
stack
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
31B0000
|
trusted library allocation
|
page read and write
|
||
|
30C3000
|
heap
|
page read and write
|
||
|
3700000
|
direct allocation
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
36AD000
|
direct allocation
|
page execute and read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
71D000
|
stack
|
page read and write
|
||
|
3005000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
2EBE000
|
stack
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
343C000
|
unkown
|
page read and write
|
||
|
1376000
|
heap
|
page read and write
|
||
|
7F8000
|
heap
|
page read and write
|
||
|
2E60000
|
unkown
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
7E0000
|
unkown
|
page read and write
|
||
|
FCB000
|
heap
|
page read and write
|
||
|
7DFB000
|
heap
|
page read and write
|
||
|
7ED0000
|
trusted library allocation
|
page read and write
|
||
|
27A64746000
|
system
|
page execute and read and write
|
||
|
3070000
|
heap
|
page read and write
|
||
|
7DEB000
|
heap
|
page read and write
|
||
|
2BB0000
|
heap
|
page read and write
|
||
|
FAE000
|
heap
|
page read and write
|
||
|
3012000
|
heap
|
page read and write
|
||
|
309B000
|
heap
|
page read and write
|
||
|
2E02000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3823000
|
direct allocation
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3005000
|
heap
|
page read and write
|
||
|
5993000
|
unclassified section
|
page execute and read and write
|
||
|
27A6483F000
|
heap
|
page read and write
|
||
|
37D3000
|
direct allocation
|
page read and write
|
||
|
102C000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
1091000
|
heap
|
page read and write
|
||
|
4105000
|
unkown
|
page execute and read and write
|
||
|
FF8000
|
heap
|
page read and write
|
||
|
2ED0000
|
unkown
|
page readonly
|
||
|
1092000
|
heap
|
page read and write
|
||
|
3148000
|
heap
|
page read and write
|
||
|
3222000
|
unkown
|
page read and write
|
||
|
31B0000
|
trusted library allocation
|
page read and write
|
||
|
DEC000
|
stack
|
page read and write
|
||
|
3000000
|
heap
|
page read and write
|
||
|
24E4000
|
heap
|
page read and write
|
||
|
30E7000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
997000
|
unkown
|
page readonly
|
||
|
327C000
|
unkown
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
301A000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
31B0000
|
trusted library allocation
|
page read and write
|
||
|
371E000
|
direct allocation
|
page execute and read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3A3E000
|
direct allocation
|
page read and write
|
||
|
58E5000
|
system
|
page execute and read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
30FA000
|
heap
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
3992000
|
unclassified section
|
page read and write
|
||
|
3017000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3700000
|
direct allocation
|
page read and write
|
||
|
FA0000
|
unkown
|
page readonly
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
27A66321000
|
trusted library allocation
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
B80000
|
unkown
|
page readonly
|
||
|
16AF000
|
stack
|
page read and write
|
||
|
4A92000
|
unclassified section
|
page read and write
|
||
|
7DE1000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
98E000
|
unkown
|
page readonly
|
||
|
307C000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
380000
|
unkown
|
page readonly
|
||
|
343C000
|
unkown
|
page read and write
|
||
|
27A646C0000
|
system
|
page execute and read and write
|
||
|
2BE0000
|
heap
|
page read and write
|
||
|
308D000
|
heap
|
page read and write
|
||
|
307C000
|
heap
|
page read and write
|
||
|
3A3E000
|
direct allocation
|
page read and write
|
||
|
1340000
|
unkown
|
page readonly
|
||
|
11B1000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3083000
|
heap
|
page read and write
|
||
|
4C24000
|
unclassified section
|
page read and write
|
||
|
8C82DFD000
|
stack
|
page read and write
|
||
|
307E000
|
heap
|
page read and write
|
||
|
3B48000
|
unkown
|
page read and write
|
||
|
984000
|
unkown
|
page readonly
|
||
|
3221000
|
heap
|
page read and write
|
||
|
4322000
|
unkown
|
page read and write
|
||
|
F10000
|
unkown
|
page readonly
|
||
|
3423000
|
heap
|
page read and write
|
||
|
15AE000
|
stack
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
27A66400000
|
trusted library allocation
|
page read and write
|
||
|
42B8000
|
unclassified section
|
page read and write
|
||
|
27A6485F000
|
heap
|
page read and write
|
||
|
7F8000
|
heap
|
page read and write
|
||
|
476E000
|
unclassified section
|
page read and write
|
||
|
34DE000
|
stack
|
page read and write
|
||
|
24652000
|
system
|
page read and write
|
||
|
97F000
|
unkown
|
page write copy
|
||
|
38C2000
|
direct allocation
|
page execute and read and write
|
||
|
7DDC000
|
heap
|
page read and write
|
||
|
44B4000
|
unkown
|
page read and write
|
||
|
3088000
|
heap
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
2F00000
|
unkown
|
page read and write
|
||
|
8C83DFF000
|
stack
|
page read and write
|
||
|
58D9000
|
system
|
page execute and read and write
|
||
|
3FFE000
|
unkown
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
75E000
|
stack
|
page read and write
|
||
|
13CA000
|
heap
|
page read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
36B0000
|
direct allocation
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
11B2000
|
heap
|
page execute and read and write
|
||
|
33C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
30E2000
|
heap
|
page read and write
|
||
|
2EE4000
|
heap
|
page read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
241F000
|
stack
|
page read and write
|
||
|
2B68000
|
stack
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3823000
|
direct allocation
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
96E000
|
unkown
|
page readonly
|
||
|
3221000
|
heap
|
page read and write
|
||
|
DCB000
|
stack
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
349E000
|
stack
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3851000
|
direct allocation
|
page execute and read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
27A66200000
|
heap
|
page read and write
|
||
|
981000
|
unkown
|
page execute read
|
||
|
3221000
|
heap
|
page read and write
|
||
|
37D3000
|
direct allocation
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
30F4000
|
heap
|
page read and write
|
||
|
24712000
|
system
|
page read and write
|
||
|
63A000
|
stack
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
980000
|
unkown
|
page readonly
|
||
|
313F000
|
heap
|
page read and write
|
||
|
995000
|
unkown
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
24F0000
|
unkown
|
page readonly
|
||
|
3010000
|
heap
|
page read and write
|
||
|
390000
|
unkown
|
page readonly
|
||
|
750000
|
unkown
|
page readonly
|
||
|
3570000
|
heap
|
page read and write
|
||
|
3346000
|
heap
|
page read and write
|
||
|
314F000
|
heap
|
page read and write
|
||
|
27A66210000
|
trusted library allocation
|
page read and write
|
||
|
3087000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
FA0000
|
unkown
|
page readonly
|
||
|
F90000
|
unkown
|
page readonly
|
||
|
3221000
|
heap
|
page read and write
|
||
|
2F64000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
7E25000
|
heap
|
page read and write
|
||
|
30F4000
|
heap
|
page read and write
|
||
|
1A50000
|
unkown
|
page readonly
|
||
|
3979000
|
direct allocation
|
page read and write
|
||
|
39C9000
|
direct allocation
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3087000
|
heap
|
page read and write
|
||
|
2B5A000
|
stack
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
344E000
|
stack
|
page read and write
|
||
|
3010000
|
trusted library allocation
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
3159000
|
heap
|
page read and write
|
||
|
50DA000
|
unclassified section
|
page read and write
|
||
|
2B1C000
|
stack
|
page read and write
|
||
|
39D1000
|
direct allocation
|
page execute and read and write
|
||
|
27A64800000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
1B9E000
|
stack
|
page read and write
|
||
|
96E000
|
stack
|
page read and write
|
||
|
980000
|
unkown
|
page readonly
|
||
|
3221000
|
heap
|
page read and write
|
||
|
7E19000
|
heap
|
page read and write
|
||
|
3580000
|
direct allocation
|
page execute and read and write
|
||
|
63B0000
|
trusted library allocation
|
page read and write
|
||
|
11B3000
|
heap
|
page read and write
|
||
|
3629000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3850000
|
direct allocation
|
page read and write
|
||
|
30F1000
|
heap
|
page read and write
|
||
|
11B7000
|
heap
|
page read and write
|
||
|
94D000
|
unkown
|
page readonly
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
7E1D000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
997000
|
unkown
|
page readonly
|
||
|
27A647E0000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
39C9000
|
direct allocation
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
4173000
|
unkown
|
page execute and read and write
|
||
|
3000000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
27A664BE000
|
trusted library allocation
|
page read and write
|
||
|
2E10000
|
heap
|
page read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
58C9000
|
system
|
page execute and read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
33D2000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
7D1000
|
unkown
|
page readonly
|
||
|
8050000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
7E16000
|
heap
|
page read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
3078000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
105C000
|
unkown
|
page read and write
|
||
|
2E9F000
|
stack
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3121000
|
heap
|
page read and write
|
||
|
997000
|
unkown
|
page readonly
|
||
|
864000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
384D000
|
direct allocation
|
page execute and read and write
|
||
|
27A6630E000
|
trusted library allocation
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
FE3000
|
heap
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3107000
|
heap
|
page read and write
|
||
|
5925000
|
unclassified section
|
page execute and read and write
|
||
|
97A000
|
unkown
|
page read and write
|
||
|
FDB000
|
heap
|
page read and write
|
||
|
3112000
|
heap
|
page read and write
|
||
|
981000
|
unkown
|
page execute read
|
||
|
27A664A6000
|
trusted library allocation
|
page read and write
|
||
|
27A64862000
|
heap
|
page read and write
|
||
|
FE3000
|
heap
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
3979000
|
direct allocation
|
page read and write
|
||
|
3850000
|
direct allocation
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
330E000
|
stack
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
11B7000
|
heap
|
page read and write
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
63A000
|
stack
|
page read and write
|
||
|
7C0000
|
unkown
|
page read and write
|
||
|
DBE000
|
stack
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
24E0000
|
heap
|
page read and write
|
||
|
27A66310000
|
trusted library allocation
|
page read and write
|
||
|
750000
|
unkown
|
page readonly
|
||
|
2F60000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3A0000
|
unkown
|
page readonly
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
995000
|
unkown
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
38A0000
|
direct allocation
|
page read and write
|
||
|
1390000
|
unkown
|
page read and write
|
||
|
7E20000
|
heap
|
page read and write
|
||
|
3590000
|
direct allocation
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
397D000
|
direct allocation
|
page read and write
|
||
|
7E0A000
|
heap
|
page read and write
|
||
|
2EE4000
|
heap
|
page read and write
|
||
|
3E00000
|
unclassified section
|
page execute and read and write
|
||
|
84DE000
|
stack
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
39C9000
|
direct allocation
|
page read and write
|
||
|
98E000
|
unkown
|
page readonly
|
||
|
96E000
|
unkown
|
page readonly
|
||
|
38D2000
|
unclassified section
|
page read and write
|
||
|
995000
|
unkown
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
13A8000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
27A66317000
|
trusted library allocation
|
page read and write
|
||
|
133C000
|
stack
|
page read and write
|
||
|
27A66303000
|
trusted library allocation
|
page read and write
|
||
|
39EE000
|
direct allocation
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
7D1000
|
unkown
|
page readonly
|
||
|
3221000
|
heap
|
page read and write
|
||
|
73D000
|
stack
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
27A664C4000
|
trusted library allocation
|
page read and write
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
2E60000
|
unkown
|
page read and write
|
||
|
3979000
|
direct allocation
|
page read and write
|
||
|
2B2B000
|
stack
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
4800000
|
unclassified section
|
page execute and read and write
|
||
|
27A660E0000
|
heap
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
380000
|
unkown
|
page readonly
|
||
|
27A6630A000
|
trusted library allocation
|
page read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
1091000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
15AE000
|
stack
|
page read and write
|
||
|
7E29000
|
heap
|
page read and write
|
||
|
7DF8000
|
heap
|
page read and write
|
||
|
27A66100000
|
trusted library allocation
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
7DFD000
|
heap
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
1360000
|
unkown
|
page readonly
|
||
|
308D000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
307E000
|
heap
|
page read and write
|
||
|
F80000
|
unkown
|
page readonly
|
||
|
18B1000
|
unkown
|
page readonly
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3300000
|
heap
|
page read and write
|
||
|
3500000
|
heap
|
page read and write
|
||
|
1350000
|
unkown
|
page readonly
|
||
|
2F64000
|
heap
|
page read and write
|
||
|
7C0000
|
unkown
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3829000
|
direct allocation
|
page execute and read and write
|
||
|
5ACC000
|
unkown
|
page read and write
|
||
|
8C1000
|
unkown
|
page execute read
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
38A0000
|
direct allocation
|
page read and write
|
||
|
7E2D000
|
heap
|
page read and write
|
||
|
390000
|
unkown
|
page readonly
|
||
|
3221000
|
heap
|
page read and write
|
||
|
37D3000
|
direct allocation
|
page read and write
|
||
|
3220000
|
heap
|
page read and write
|
||
|
7DE6000
|
heap
|
page read and write
|
||
|
16B0000
|
unkown
|
page readonly
|
||
|
80C000
|
unkown
|
page read and write
|
||
|
114E000
|
heap
|
page read and write
|
||
|
11B7000
|
heap
|
page read and write
|
||
|
94D000
|
unkown
|
page readonly
|
||
|
3E6C000
|
unkown
|
page read and write
|
||
|
3C01000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
740000
|
unkown
|
page readonly
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
354F000
|
stack
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
98E000
|
unkown
|
page readonly
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
980000
|
unkown
|
page readonly
|
||
|
3221000
|
heap
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
7E2A000
|
heap
|
page read and write
|
||
|
38A0000
|
direct allocation
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
2FE0000
|
unkown
|
page execute and read and write
|
||
|
16AF000
|
stack
|
page read and write
|
||
|
3F94000
|
unclassified section
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
8C0000
|
unkown
|
page readonly
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
2EF0000
|
unkown
|
page read and write
|
||
|
FE3000
|
heap
|
page read and write
|
||
|
3017000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
306F000
|
stack
|
page read and write
|
||
|
34FF000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
2F10000
|
unkown
|
page read and write
|
||
|
F10000
|
unkown
|
page readonly
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3550000
|
direct allocation
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
2EF0000
|
unkown
|
page read and write
|
||
|
30FA000
|
heap
|
page read and write
|
||
|
3A42000
|
direct allocation
|
page execute and read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
7DF1000
|
heap
|
page read and write
|
||
|
39CD000
|
direct allocation
|
page read and write
|
||
|
FE3000
|
heap
|
page read and write
|
||
|
995000
|
unkown
|
page read and write
|
||
|
7E0000
|
unkown
|
page read and write
|
||
|
980000
|
unkown
|
page readonly
|
||
|
3221000
|
heap
|
page read and write
|
||
|
760000
|
unkown
|
page readonly
|
||
|
740000
|
unkown
|
page readonly
|
||
|
397D000
|
direct allocation
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
2E13000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
1024000
|
heap
|
page read and write
|
||
|
39CD000
|
direct allocation
|
page read and write
|
||
|
27A6485B000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
8C825FB000
|
stack
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
24F0000
|
unkown
|
page readonly
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3A3E000
|
direct allocation
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
1206000
|
heap
|
page read and write
|
||
|
13A8000
|
heap
|
page read and write
|
||
|
851F000
|
stack
|
page read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
3087000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
8C0000
|
unkown
|
page readonly
|
||
|
30D6000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3162000
|
unkown
|
page read and write
|
||
|
2B90000
|
heap
|
page read and write
|
||
|
3162000
|
unkown
|
page read and write
|
||
|
B80000
|
unkown
|
page readonly
|
||
|
24E0000
|
heap
|
page read and write
|
||
|
32D0000
|
direct allocation
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
7DF6000
|
heap
|
page read and write
|
||
|
11B3000
|
heap
|
page read and write
|
||
|
3087000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
7BE000
|
stack
|
page read and write
|
||
|
3824000
|
unkown
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
369E000
|
heap
|
page read and write
|
||
|
39EE000
|
direct allocation
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3107000
|
heap
|
page read and write
|
||
|
3127000
|
heap
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
30E7000
|
heap
|
page read and write
|
||
|
36A9000
|
direct allocation
|
page execute and read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
2E5E000
|
stack
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
There are 654 hidden memdumps, click here to show them.