Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Payroll List.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\283026M3L
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aut8438.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\inhumation
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Payroll List.exe
|
"C:\Users\user\Desktop\Payroll List.exe"
|
|
|
|
C:\Windows\SysWOW64\svchost.exe
|
"C:\Users\user\Desktop\Payroll List.exe"
|
|
|
|
C:\Program Files (x86)\jupCyaZDEYaMktXkMIVVtozRrAPkkVYrNNVAPNAouqQtQmhWwSoqIzjzYYAHZwwQMvInUdlRiRJTXV\eLiCpwzRIeWAs.exe
|
"C:\Program Files (x86)\jupCyaZDEYaMktXkMIVVtozRrAPkkVYrNNVAPNAouqQtQmhWwSoqIzjzYYAHZwwQMvInUdlRiRJTXV\eLiCpwzRIeWAs.exe"
|
|
|
|
C:\Windows\SysWOW64\ktmutil.exe
|
"C:\Windows\SysWOW64\ktmutil.exe"
|
|
|
|
C:\Program Files (x86)\jupCyaZDEYaMktXkMIVVtozRrAPkkVYrNNVAPNAouqQtQmhWwSoqIzjzYYAHZwwQMvInUdlRiRJTXV\eLiCpwzRIeWAs.exe
|
"C:\Program Files (x86)\jupCyaZDEYaMktXkMIVVtozRrAPkkVYrNNVAPNAouqQtQmhWwSoqIzjzYYAHZwwQMvInUdlRiRJTXV\eLiCpwzRIeWAs.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
|
|
C:\Windows\SysWOW64\srdelayed.exe
|
"C:\Windows\SysWOW64\srdelayed.exe"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.migorengya8.click/y3dc/
|
198.252.98.54
|
|
|
|
http://www.futurevision.life/hxmz/?NjHpTfh=xeYt+TVrluKccowhuJaDBktUUZBiwtnijwrYeJgffsaeXHWEwE1YZCbtIyEm+ckVl2hmk1+GOFDMCTsPe0H70ewIeMOmwh+ftSU1XmKvTSoNxNN/QLOdtg9qtYWOUm1ByQ==&1fo=GF14svyhH44dt
|
203.161.49.193
|
|
|
|
http://www.servannto.site/h26k/
|
31.31.196.17
|
|
|
|
http://www.migorengya8.click/y3dc/?NjHpTfh=ihLGZn7rk3oJmiI0qHBJyF4us9aj83dk38RHqm5p8i+Dx9088FhrC90fflTIanmBNHjorQ8RX0lkasPQ9tRERiLp2a4b9y8ndNk9xgL1b55xNz3Mr8JVSoFw+CxXG/tVnA==&1fo=GF14svyhH44dt
|
198.252.98.54
|
|
|
|
http://www.futurevision.life/hxmz/
|
203.161.49.193
|
|
|
|
http://www.klohk.tech/3m3e/
|
103.224.182.242
|
|
|
|
http://www.huiguang.xyz/hv6g/?NjHpTfh=vSitAQgQO9xnWjtJgvvZZsk+23T/NzOm/sAr3nzbW6mT0FGB0/NYbIaPlj7BCWSFPaPgTx5lzENVl3g1chzGP8KkEC54eipAN6+u9bqO0oPPtGBbKuyofNdvdufJOx9cYQ==&1fo=GF14svyhH44dt
|
154.216.76.80
|
|
|
|
http://www.telforce.one/ykhz/
|
64.190.63.222
|
|
|
|
http://www.servannto.site/h26k/?1fo=GF14svyhH44dt&NjHpTfh=3BjO5l4trS+mOtJOU23IMPLHJrJKWDXXfOCWIFV4tkiUomDH7G5wxffcY7A/EhE+G/r5frF5I7R9nf11AZCcJ5+lxyBJff7SJaPEJKSXzAPLDFQjr1SUqUGQs1Ux+2nJpQ==
|
31.31.196.17
|
|
|
|
http://www.beingandbecoming.ltd/79tr/
|
3.33.130.190
|
|
|
|
http://www.beingandbecoming.ltd/79tr/?NjHpTfh=vB4016rwfH0MxtawL3zGYGaXYsIh8iPne8uh+mnoHReWloNmM7dp4Fgr6wtK7PtcWtNvsE0Cpt3tQWtVQrZP8CAmIyANUKvAf3+5N6bOzfwLz/Gtq1ZNC0AtH/TFhPdx4Q==&1fo=GF14svyhH44dt
|
3.33.130.190
|
|
|
|
http://www.mcfunding.org/0598/?1fo=GF14svyhH44dt&NjHpTfh=t68BN09iVeqb/IuLF1oa7LGDO07/W7CFIoocHQs3lozqg6PiE4irZB+dVkRcNKn3qqYTfz+U2KKskdRsvGv4dMSPmSyMXvFwuhBmNF6SR00f5xEMx0RhVmciiGarBUFx9Q==
|
3.33.130.190
|
|
|
|
http://www.d63dm.top/rqnz/
|
154.23.184.218
|
|
|
|
http://www.mcfunding.org/0598/
|
3.33.130.190
|
|
|
|
http://www.d63dm.top/rqnz/?NjHpTfh=76huNjt+Arc+fPcCbUr8ZcsQaHE6oyRuYOqfGZIequmDvyuWFmMJMF1Z7BKJ7tjr9vaKr64/B4AayP3kwCu5tZILeOOALNuMLpp3tbYRhrZPyWqW3RF19Jr1EDacfA/CTw==&1fo=GF14svyhH44dt
|
154.23.184.218
|
|
|
|
http://www.klohk.tech/3m3e/?NjHpTfh=AG8wkc12D4O4qfE3dc2ZpUKPRZyp2gRu+0k6EtFb5UlufQ+lVXFR/9gePpQjCGKa/ZsQJ4MYKcJmAxrfjl4cNftXSlpvpmQYoxqRDgL404wqyKQKR0qu5cYpfr80+FdsRQ==&1fo=GF14svyhH44dt
|
103.224.182.242
|
|
|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://34.92.79.175:19817
|
unknown
|
||
|
http://www.klohk.tech/3m3e/?NjHpTfh=AG8wkc12D4O4qfE3dc2ZpUKPRZyp2gRu
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
http://www.telforce.one
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://hm.baidu.com/hm.js?cf95fa39f4a72ce6b85bbfbe9eadb95a
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
There are 19 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mcfunding.org
|
3.33.130.190
|
|
|
|
d63dm.top
|
154.23.184.218
|
|
|
|
www.servannto.site
|
31.31.196.17
|
|
|
|
www.telforce.one
|
64.190.63.222
|
|
|
|
beingandbecoming.ltd
|
3.33.130.190
|
|
|
|
migorengya8.click
|
198.252.98.54
|
|
|
|
schedulemassage.xyz
|
3.33.130.190
|
|
|
|
www.schedulemassage.xyz
|
unknown
|
|
|
|
www.huiguang.xyz
|
154.216.76.80
|
||
|
www.klohk.tech
|
103.224.182.242
|
||
|
www.futurevision.life
|
203.161.49.193
|
||
|
www.beingandbecoming.ltd
|
unknown
|
||
|
www.migorengya8.click
|
unknown
|
||
|
www.mcfunding.org
|
unknown
|
||
|
www.d63dm.top
|
unknown
|
There are 5 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
31.31.196.17
|
www.servannto.site
|
Russian Federation
|
|
|
|
198.252.98.54
|
migorengya8.click
|
Canada
|
|
|
|
64.190.63.222
|
www.telforce.one
|
United States
|
|
|
|
154.23.184.218
|
d63dm.top
|
United States
|
|
|
|
3.33.130.190
|
mcfunding.org
|
United States
|
|
|
|
203.161.49.193
|
www.futurevision.life
|
Malaysia
|
||
|
103.224.182.242
|
www.klohk.tech
|
Australia
|
||
|
154.216.76.80
|
www.huiguang.xyz
|
Seychelles
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3760000
|
unclassified section
|
page execute and read and write
|
|
|
|
400000
|
system
|
page execute and read and write
|
|
|
|
4FB0000
|
unkown
|
page execute and read and write
|
|
|
|
2900000
|
trusted library allocation
|
page read and write
|
|
|
|
400000
|
system
|
page execute and read and write
|
|
|
|
680000
|
trusted library allocation
|
page read and write
|
|
|
|
5260000
|
system
|
page execute and read and write
|
|
|
|
5E00000
|
unclassified section
|
page execute and read and write
|
|
|
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
7638000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
610000
|
unkown
|
page readonly
|
||
|
A2E000
|
stack
|
page read and write
|
||
|
14A0000
|
unkown
|
page read and write
|
||
|
765D000
|
heap
|
page read and write
|
||
|
28DC000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2DA0000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
281C000
|
heap
|
page read and write
|
||
|
3013000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
61E000
|
unkown
|
page readonly
|
||
|
2701000
|
heap
|
page read and write
|
||
|
36F3000
|
direct allocation
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
F42F7FE000
|
stack
|
page read and write
|
||
|
611000
|
unkown
|
page execute read
|
||
|
28BC000
|
heap
|
page read and write
|
||
|
262A5750000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
1480000
|
unkown
|
page read and write
|
||
|
5240000
|
unkown
|
page execute and read and write
|
||
|
3234000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
3710000
|
direct allocation
|
page read and write
|
||
|
3205000
|
heap
|
page read and write
|
||
|
3899000
|
direct allocation
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
9CC000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
3C6A000
|
unclassified section
|
page read and write
|
||
|
2CCC000
|
stack
|
page read and write
|
||
|
3BD1000
|
direct allocation
|
page execute and read and write
|
||
|
F42EFFE000
|
stack
|
page read and write
|
||
|
76CC000
|
heap
|
page read and write
|
||
|
2822000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
1AD0000
|
unkown
|
page readonly
|
||
|
2E2C000
|
unkown
|
page read and write
|
||
|
FEA000
|
stack
|
page read and write
|
||
|
36A3000
|
direct allocation
|
page read and write
|
||
|
28B7000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
281C000
|
heap
|
page read and write
|
||
|
7693000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
3760000
|
direct allocation
|
page read and write
|
||
|
3212000
|
heap
|
page read and write
|
||
|
287C000
|
heap
|
page read and write
|
||
|
DBF000
|
heap
|
page read and write
|
||
|
3013000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
3EA4000
|
unkown
|
page read and write
|
||
|
2B52000
|
unkown
|
page read and write
|
||
|
7BEC000
|
stack
|
page read and write
|
||
|
E0D000
|
heap
|
page read and write
|
||
|
286D000
|
heap
|
page read and write
|
||
|
28B2000
|
heap
|
page read and write
|
||
|
611000
|
unkown
|
page execute read
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
262A57BC000
|
heap
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
2A60000
|
unkown
|
page readonly
|
||
|
76B0000
|
heap
|
page read and write
|
||
|
28EC000
|
heap
|
page read and write
|
||
|
28DC000
|
heap
|
page read and write
|
||
|
27A0000
|
unkown
|
page read and write
|
||
|
2950000
|
trusted library allocation
|
page read and write
|
||
|
3946000
|
unclassified section
|
page read and write
|
||
|
7BAC000
|
stack
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
3090000
|
heap
|
page read and write
|
||
|
3500000
|
heap
|
page read and write
|
||
|
3AD8000
|
unclassified section
|
page read and write
|
||
|
38BE000
|
direct allocation
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
610000
|
unkown
|
page readonly
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
3D12000
|
unkown
|
page read and write
|
||
|
5400000
|
unclassified section
|
page execute and read and write
|
||
|
3013000
|
heap
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
3090000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2811000
|
heap
|
page read and write
|
||
|
281C000
|
unkown
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
D4E000
|
stack
|
page read and write
|
||
|
52E3000
|
system
|
page execute and read and write
|
||
|
3899000
|
direct allocation
|
page read and write
|
||
|
3A9E000
|
direct allocation
|
page execute and read and write
|
||
|
14A0000
|
unkown
|
page read and write
|
||
|
2AF0000
|
trusted library allocation
|
page read and write
|
||
|
3013000
|
heap
|
page read and write
|
||
|
2822000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
D56000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
1AD0000
|
unkown
|
page readonly
|
||
|
2701000
|
heap
|
page read and write
|
||
|
76C0000
|
heap
|
page read and write
|
||
|
D4E000
|
stack
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
1320000
|
unkown
|
page readonly
|
||
|
320C000
|
unclassified section
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
DF8000
|
heap
|
page read and write
|
||
|
A3D000
|
stack
|
page read and write
|
||
|
D1E000
|
heap
|
page read and write
|
||
|
3BB0000
|
unkown
|
page execute and read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
3899000
|
direct allocation
|
page read and write
|
||
|
3770000
|
direct allocation
|
page read and write
|
||
|
7683000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
28AE000
|
heap
|
page read and write
|
||
|
3900000
|
direct allocation
|
page execute and read and write
|
||
|
3013000
|
heap
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
262A7050000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2EC9000
|
direct allocation
|
page execute and read and write
|
||
|
8CA000
|
stack
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2954000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
173F000
|
stack
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
30B0000
|
heap
|
page read and write
|
||
|
38BE000
|
direct allocation
|
page read and write
|
||
|
120000
|
unkown
|
page readonly
|
||
|
2ECD000
|
direct allocation
|
page execute and read and write
|
||
|
2954000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
D54000
|
heap
|
page execute and read and write
|
||
|
1380000
|
unkown
|
page readonly
|
||
|
2701000
|
heap
|
page read and write
|
||
|
1DA000
|
unkown
|
page read and write
|
||
|
2950000
|
heap
|
page read and write
|
||
|
286D000
|
heap
|
page read and write
|
||
|
A1B000
|
stack
|
page read and write
|
||
|
3760000
|
direct allocation
|
page read and write
|
||
|
1500000
|
unkown
|
page readonly
|
||
|
CC0000
|
direct allocation
|
page read and write
|
||
|
F70000
|
unkown
|
page readonly
|
||
|
120000
|
unkown
|
page readonly
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
12FC000
|
stack
|
page read and write
|
||
|
42B2000
|
unclassified section
|
page read and write
|
||
|
460000
|
heap
|
page read and write
|
||
|
3849000
|
direct allocation
|
page read and write
|
||
|
3013000
|
heap
|
page read and write
|
||
|
765B000
|
heap
|
page read and write
|
||
|
C00000
|
unkown
|
page readonly
|
||
|
2BF6000
|
heap
|
page read and write
|
||
|
35D0000
|
direct allocation
|
page read and write
|
||
|
28C9000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
76C4000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
D59000
|
heap
|
page read and write
|
||
|
3000000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
7646000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
D4B000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
DA2000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
7748000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
1548000
|
heap
|
page read and write
|
||
|
7658000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
262A57CB000
|
heap
|
page read and write
|
||
|
F42E7FE000
|
stack
|
page read and write
|
||
|
4120000
|
unclassified section
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
D80000
|
unkown
|
page read and write
|
||
|
36F3000
|
direct allocation
|
page read and write
|
||
|
C3E000
|
stack
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
384D000
|
direct allocation
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
262A7200000
|
trusted library allocation
|
page read and write
|
||
|
680000
|
trusted library allocation
|
page read and write
|
||
|
28BC000
|
heap
|
page read and write
|
||
|
2A60000
|
unkown
|
page readonly
|
||
|
2D90000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
281C000
|
heap
|
page read and write
|
||
|
3770000
|
direct allocation
|
page read and write
|
||
|
625000
|
unkown
|
page read and write
|
||
|
262A74BE000
|
trusted library allocation
|
page read and write
|
||
|
389D000
|
direct allocation
|
page read and write
|
||
|
1480000
|
unkown
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2886000
|
heap
|
page read and write
|
||
|
E0E000
|
heap
|
page read and write
|
||
|
5DA0000
|
trusted library allocation
|
page read and write
|
||
|
D55000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
384D000
|
direct allocation
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
3BCD000
|
direct allocation
|
page execute and read and write
|
||
|
2A30000
|
heap
|
page read and write
|
||
|
3F8E000
|
unclassified section
|
page read and write
|
||
|
287C000
|
heap
|
page read and write
|
||
|
3E01000
|
heap
|
page read and write
|
||
|
1DF000
|
unkown
|
page write copy
|
||
|
36A3000
|
direct allocation
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2B6E000
|
stack
|
page read and write
|
||
|
D3B000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
DF8000
|
heap
|
page read and write
|
||
|
FEF000
|
stack
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2950000
|
heap
|
page read and write
|
||
|
262A7321000
|
trusted library allocation
|
page read and write
|
||
|
1740000
|
unkown
|
page readonly
|
||
|
36CA000
|
unkown
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
61E000
|
unkown
|
page readonly
|
||
|
1E4000
|
unkown
|
page readonly
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2872000
|
heap
|
page read and write
|
||
|
1491000
|
unkown
|
page readonly
|
||
|
281C000
|
heap
|
page read and write
|
||
|
2869000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
F80000
|
unkown
|
page readonly
|
||
|
FF0000
|
unkown
|
page readonly
|
||
|
2860000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
306D000
|
direct allocation
|
page execute and read and write
|
||
|
28E6000
|
heap
|
page read and write
|
||
|
1340000
|
unkown
|
page readonly
|
||
|
28B7000
|
heap
|
page read and write
|
||
|
61E000
|
unkown
|
page readonly
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
382D000
|
heap
|
page read and write
|
||
|
389D000
|
direct allocation
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
28C9000
|
heap
|
page read and write
|
||
|
1540000
|
heap
|
page read and write
|
||
|
C10000
|
unkown
|
page readonly
|
||
|
524000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
3013000
|
heap
|
page read and write
|
||
|
625000
|
unkown
|
page read and write
|
||
|
2B52000
|
unkown
|
page read and write
|
||
|
255F2000
|
system
|
page read and write
|
||
|
2BAE000
|
stack
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
262A7300000
|
trusted library allocation
|
page read and write
|
||
|
287C000
|
heap
|
page read and write
|
||
|
6090000
|
unclassified section
|
page execute and read and write
|
||
|
2860000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
16B000
|
stack
|
page read and write
|
||
|
3217000
|
heap
|
page read and write
|
||
|
D60000
|
unkown
|
page read and write
|
||
|
3B80000
|
unkown
|
page read and write
|
||
|
3013000
|
heap
|
page read and write
|
||
|
627000
|
unkown
|
page readonly
|
||
|
2881000
|
heap
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
28E6000
|
heap
|
page read and write
|
||
|
2DA0000
|
direct allocation
|
page execute and read and write
|
||
|
2811000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
30B0000
|
heap
|
page read and write
|
||
|
C00000
|
unkown
|
page readonly
|
||
|
2701000
|
heap
|
page read and write
|
||
|
F42FFFE000
|
stack
|
page read and write
|
||
|
147E000
|
stack
|
page read and write
|
||
|
C20000
|
unkown
|
page readonly
|
||
|
45B0000
|
unkown
|
page execute and read and write
|
||
|
B4F000
|
unkown
|
page read and write
|
||
|
262A56B1000
|
system
|
page execute and read and write
|
||
|
3013000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
1CE000
|
unkown
|
page readonly
|
||
|
FEA000
|
stack
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
262A74AD000
|
trusted library allocation
|
page read and write
|
||
|
262A5770000
|
heap
|
page read and write
|
||
|
C10000
|
unkown
|
page readonly
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
659000
|
stack
|
page read and write
|
||
|
625000
|
unkown
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
258CC000
|
system
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
262A7120000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
28A4000
|
heap
|
page read and write
|
||
|
3301000
|
heap
|
page read and write
|
||
|
14FE000
|
stack
|
page read and write
|
||
|
281C000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
9CC000
|
stack
|
page read and write
|
||
|
1E4000
|
unkown
|
page readonly
|
||
|
2701000
|
heap
|
page read and write
|
||
|
52F3000
|
system
|
page execute and read and write
|
||
|
F70000
|
unkown
|
page readonly
|
||
|
5356000
|
system
|
page execute and read and write
|
||
|
1340000
|
unkown
|
page readonly
|
||
|
860000
|
unkown
|
page readonly
|
||
|
3013000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
F80000
|
unkown
|
page readonly
|
||
|
E0F000
|
heap
|
page read and write
|
||
|
860000
|
unkown
|
page readonly
|
||
|
2893000
|
heap
|
page read and write
|
||
|
2D90000
|
heap
|
page read and write
|
||
|
3849000
|
direct allocation
|
page read and write
|
||
|
4444000
|
unclassified section
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
627000
|
unkown
|
page readonly
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2813000
|
heap
|
page read and write
|
||
|
D1A000
|
heap
|
page read and write
|
||
|
3219000
|
heap
|
page read and write
|
||
|
D71000
|
unkown
|
page readonly
|
||
|
611000
|
unkown
|
page execute read
|
||
|
610000
|
unkown
|
page readonly
|
||
|
262A7401000
|
trusted library allocation
|
page read and write
|
||
|
C20000
|
unkown
|
page readonly
|
||
|
1350000
|
heap
|
page read and write
|
||
|
2D94000
|
heap
|
page read and write
|
||
|
3720000
|
direct allocation
|
page read and write
|
||
|
262A7130000
|
trusted library allocation
|
page read and write
|
||
|
190F000
|
stack
|
page read and write
|
||
|
7651000
|
heap
|
page read and write
|
||
|
2AF0000
|
trusted library allocation
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
545C000
|
unkown
|
page read and write
|
||
|
37B4000
|
unclassified section
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
1350000
|
heap
|
page read and write
|
||
|
E0D000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
1740000
|
unkown
|
page readonly
|
||
|
2701000
|
heap
|
page read and write
|
||
|
51CE000
|
unkown
|
page execute and read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
76B6000
|
heap
|
page read and write
|
||
|
36A3000
|
direct allocation
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
524000
|
heap
|
page read and write
|
||
|
2C12000
|
unkown
|
page read and write
|
||
|
3700000
|
heap
|
page read and write
|
||
|
30C0000
|
unkown
|
page readonly
|
||
|
2701000
|
heap
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
262A57AA000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
30E2000
|
direct allocation
|
page execute and read and write
|
||
|
121000
|
unkown
|
page execute read
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
1320000
|
unkown
|
page readonly
|
||
|
2886000
|
heap
|
page read and write
|
||
|
7DAE000
|
stack
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
262A7130000
|
trusted library allocation
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2A40000
|
trusted library allocation
|
page execute and read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
3760000
|
direct allocation
|
page read and write
|
||
|
2850000
|
heap
|
page read and write
|
||
|
28E2000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
262A7315000
|
trusted library allocation
|
page read and write
|
||
|
3720000
|
direct allocation
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
7656000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
256B2000
|
system
|
page read and write
|
||
|
4000000
|
unclassified section
|
page execute and read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
3720000
|
direct allocation
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
3013000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
76C9000
|
heap
|
page read and write
|
||
|
3230000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
DE0000
|
unkown
|
page readonly
|
||
|
2701000
|
heap
|
page read and write
|
||
|
3013000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
D68000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
28E2000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
7689000
|
heap
|
page read and write
|
||
|
2872000
|
heap
|
page read and write
|
||
|
12FC000
|
stack
|
page read and write
|
||
|
D59000
|
heap
|
page read and write
|
||
|
2E2C000
|
unkown
|
page read and write
|
||
|
27C0000
|
unkown
|
page read and write
|
||
|
2C6C000
|
unkown
|
page read and write
|
||
|
282D000
|
heap
|
page read and write
|
||
|
3094000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
1520000
|
unkown
|
page read and write
|
||
|
7730000
|
trusted library allocation
|
page read and write
|
||
|
384D000
|
direct allocation
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
850000
|
unkown
|
page readonly
|
||
|
262A730E000
|
trusted library allocation
|
page read and write
|
||
|
52DA000
|
system
|
page execute and read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2DB0000
|
direct allocation
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2808000
|
heap
|
page read and write
|
||
|
390E000
|
direct allocation
|
page read and write
|
||
|
765F000
|
heap
|
page read and write
|
||
|
262A57D2000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
3013000
|
heap
|
page read and write
|
||
|
3C42000
|
direct allocation
|
page execute and read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
625000
|
unkown
|
page read and write
|
||
|
27A0000
|
unkown
|
page read and write
|
||
|
2893000
|
heap
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
262A74C4000
|
trusted library allocation
|
page read and write
|
||
|
3013000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
262A57CF000
|
heap
|
page read and write
|
||
|
27B0000
|
unkown
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
3580000
|
direct allocation
|
page read and write
|
||
|
2AF0000
|
trusted library allocation
|
page read and write
|
||
|
2F3E000
|
direct allocation
|
page execute and read and write
|
||
|
2893000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2D0B000
|
stack
|
page read and write
|
||
|
3580000
|
direct allocation
|
page read and write
|
||
|
3205000
|
heap
|
page read and write
|
||
|
850000
|
unkown
|
page readonly
|
||
|
3829000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
121000
|
unkown
|
page execute read
|
||
|
2701000
|
heap
|
page read and write
|
||
|
3094000
|
heap
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
610000
|
unkown
|
page readonly
|
||
|
2701000
|
heap
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
1DA000
|
unkown
|
page write copy
|
||
|
2701000
|
heap
|
page read and write
|
||
|
EE3000
|
heap
|
page read and write
|
||
|
25CB4000
|
system
|
page read and write
|
||
|
3013000
|
heap
|
page read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
1380000
|
unkown
|
page readonly
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
35D0000
|
direct allocation
|
page read and write
|
||
|
8CA000
|
stack
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
1CE000
|
unkown
|
page readonly
|
||
|
2B67000
|
heap
|
page read and write
|
||
|
D71000
|
unkown
|
page readonly
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
BFE000
|
stack
|
page read and write
|
||
|
1548000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
36F3000
|
direct allocation
|
page read and write
|
||
|
360E000
|
stack
|
page read and write
|
||
|
38BE000
|
direct allocation
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
7744000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
3DFC000
|
unclassified section
|
page read and write
|
||
|
3849000
|
direct allocation
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
DDE000
|
stack
|
page read and write
|
||
|
F61000
|
heap
|
page read and write
|
||
|
389D000
|
direct allocation
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2A44000
|
heap
|
page read and write
|
||
|
31B0000
|
unkown
|
page execute and read and write
|
||
|
3A2D000
|
direct allocation
|
page execute and read and write
|
||
|
262A74CE000
|
trusted library allocation
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2800000
|
heap
|
page read and write
|
||
|
5302000
|
system
|
page execute and read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
627000
|
unkown
|
page readonly
|
||
|
840000
|
unkown
|
page readonly
|
||
|
3623000
|
heap
|
page read and write
|
||
|
2D1F000
|
heap
|
page read and write
|
||
|
76BB000
|
heap
|
page read and write
|
||
|
F60000
|
unkown
|
page readonly
|
||
|
F60000
|
unkown
|
page readonly
|
||
|
3013000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2A5F000
|
stack
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
30C0000
|
unkown
|
page readonly
|
||
|
31B2000
|
unclassified section
|
page read and write
|
||
|
1500000
|
unkown
|
page readonly
|
||
|
3217000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
262A57A0000
|
heap
|
page read and write
|
||
|
39EE000
|
unkown
|
page read and write
|
||
|
2FDF000
|
stack
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
A5C000
|
stack
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
611000
|
unkown
|
page execute read
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
D60000
|
unkown
|
page read and write
|
||
|
2818000
|
heap
|
page read and write
|
||
|
3214000
|
unkown
|
page read and write
|
||
|
30F2000
|
unclassified section
|
page read and write
|
||
|
764B000
|
heap
|
page read and write
|
||
|
35D0000
|
direct allocation
|
page read and write
|
||
|
150E000
|
stack
|
page read and write
|
||
|
E1B000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2D23000
|
heap
|
page read and write
|
||
|
7643000
|
heap
|
page read and write
|
||
|
385C000
|
unkown
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
390E000
|
direct allocation
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
1330000
|
unkown
|
page readonly
|
||
|
2701000
|
heap
|
page read and write
|
||
|
3A29000
|
direct allocation
|
page execute and read and write
|
||
|
D80000
|
unkown
|
page read and write
|
||
|
FF0000
|
unkown
|
page readonly
|
||
|
281C000
|
heap
|
page read and write
|
||
|
28B2000
|
heap
|
page read and write
|
||
|
262A7400000
|
trusted library allocation
|
page read and write
|
||
|
4A00000
|
unclassified section
|
page execute and read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
77E0000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
unkown
|
page readonly
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
1AD000
|
unkown
|
page readonly
|
||
|
389E000
|
heap
|
page read and write
|
||
|
61E000
|
unkown
|
page readonly
|
||
|
C30000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
262A730A000
|
trusted library allocation
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
33CC000
|
unclassified section
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
28A8000
|
heap
|
page read and write
|
||
|
2813000
|
heap
|
page read and write
|
||
|
3002000
|
heap
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
52FF000
|
system
|
page execute and read and write
|
||
|
2700000
|
heap
|
page read and write
|
||
|
F42DFFB000
|
stack
|
page read and write
|
||
|
2886000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
7DEF000
|
stack
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
2DEE000
|
stack
|
page read and write
|
||
|
766A000
|
heap
|
page read and write
|
||
|
33A6000
|
unkown
|
page read and write
|
||
|
370F000
|
stack
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
262A5660000
|
system
|
page execute and read and write
|
||
|
1540000
|
heap
|
page read and write
|
||
|
28EC000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
1330000
|
unkown
|
page readonly
|
||
|
768E000
|
heap
|
page read and write
|
||
|
FEF000
|
stack
|
page read and write
|
||
|
1A8000
|
stack
|
page read and write
|
||
|
840000
|
unkown
|
page readonly
|
||
|
601E000
|
unclassified section
|
page execute and read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
1AD000
|
unkown
|
page readonly
|
||
|
2701000
|
heap
|
page read and write
|
||
|
627000
|
unkown
|
page readonly
|
||
|
3538000
|
unkown
|
page read and write
|
||
|
262A7303000
|
trusted library allocation
|
page read and write
|
||
|
1491000
|
unkown
|
page readonly
|
||
|
3580000
|
direct allocation
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
3770000
|
direct allocation
|
page read and write
|
||
|
76A8000
|
heap
|
page read and write
|
||
|
35CF000
|
stack
|
page read and write
|
||
|
2872000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
3071000
|
direct allocation
|
page execute and read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
390E000
|
direct allocation
|
page read and write
|
||
|
262A7310000
|
trusted library allocation
|
page read and write
|
||
|
1520000
|
unkown
|
page read and write
|
There are 671 hidden memdumps, click here to show them.