Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
file.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_fontdrvhost.exe_d32c824e8915b30da4efd4eabd13e74e4ef8c1_ad0be647_fbe92652-e1d5-43aa-b1a0-14f87479482c\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER686B.tmp.dmp
|
Mini DuMP crash report, 14 streams, Sat Nov 23 18:17:11 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER68CA.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6938.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
|
|
|
C:\Windows\SysWOW64\svchost.exe
|
"C:\Windows\System32\svchost.exe"
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 3668 -s 660
|
||
|
C:\Windows\System32\fontdrvhost.exe
|
"C:\Windows\System32\fontdrvhost.exe"
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 6856 -s 136
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://104.37.175.218:7982/da03ab84e7f8187e6/mrkd3csf.fn5i5
|
|
||
|
https://cloudflare-dns.com/dns-query
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
https://104.37.175.218:7982/da03ab84e7f8187e6/mrkd3csf.fn5i5kernelbasentdllkernel32GetProcessMitigat
|
unknown
|
||
|
https://cloudflare-dns.com/dns-queryPOSTContent-TypeContent-LengthHostapplication/dns-message%dMachi
|
unknown
|
||
|
https://104.37.175.218:7982/da03ab84e7f8187e6/mrkd3csf.fn5i5x
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.37.175.218
|
unknown
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\SibCode
|
sn3
|
||
|
\REGISTRY\A\{f6708b28-8d92-0839-e00b-b30c408c99f3}\Root\InventoryApplicationFile\fontdrvhost.exe|415bd9bd265b6ee3
|
ProgramId
|
||
|
\REGISTRY\A\{f6708b28-8d92-0839-e00b-b30c408c99f3}\Root\InventoryApplicationFile\fontdrvhost.exe|415bd9bd265b6ee3
|
FileId
|
||
|
\REGISTRY\A\{f6708b28-8d92-0839-e00b-b30c408c99f3}\Root\InventoryApplicationFile\fontdrvhost.exe|415bd9bd265b6ee3
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{f6708b28-8d92-0839-e00b-b30c408c99f3}\Root\InventoryApplicationFile\fontdrvhost.exe|415bd9bd265b6ee3
|
LongPathHash
|
||
|
\REGISTRY\A\{f6708b28-8d92-0839-e00b-b30c408c99f3}\Root\InventoryApplicationFile\fontdrvhost.exe|415bd9bd265b6ee3
|
Name
|
||
|
\REGISTRY\A\{f6708b28-8d92-0839-e00b-b30c408c99f3}\Root\InventoryApplicationFile\fontdrvhost.exe|415bd9bd265b6ee3
|
OriginalFileName
|
||
|
\REGISTRY\A\{f6708b28-8d92-0839-e00b-b30c408c99f3}\Root\InventoryApplicationFile\fontdrvhost.exe|415bd9bd265b6ee3
|
Publisher
|
||
|
\REGISTRY\A\{f6708b28-8d92-0839-e00b-b30c408c99f3}\Root\InventoryApplicationFile\fontdrvhost.exe|415bd9bd265b6ee3
|
Version
|
||
|
\REGISTRY\A\{f6708b28-8d92-0839-e00b-b30c408c99f3}\Root\InventoryApplicationFile\fontdrvhost.exe|415bd9bd265b6ee3
|
BinFileVersion
|
||
|
\REGISTRY\A\{f6708b28-8d92-0839-e00b-b30c408c99f3}\Root\InventoryApplicationFile\fontdrvhost.exe|415bd9bd265b6ee3
|
BinaryType
|
||
|
\REGISTRY\A\{f6708b28-8d92-0839-e00b-b30c408c99f3}\Root\InventoryApplicationFile\fontdrvhost.exe|415bd9bd265b6ee3
|
ProductName
|
||
|
\REGISTRY\A\{f6708b28-8d92-0839-e00b-b30c408c99f3}\Root\InventoryApplicationFile\fontdrvhost.exe|415bd9bd265b6ee3
|
ProductVersion
|
||
|
\REGISTRY\A\{f6708b28-8d92-0839-e00b-b30c408c99f3}\Root\InventoryApplicationFile\fontdrvhost.exe|415bd9bd265b6ee3
|
LinkDate
|
||
|
\REGISTRY\A\{f6708b28-8d92-0839-e00b-b30c408c99f3}\Root\InventoryApplicationFile\fontdrvhost.exe|415bd9bd265b6ee3
|
BinProductVersion
|
||
|
\REGISTRY\A\{f6708b28-8d92-0839-e00b-b30c408c99f3}\Root\InventoryApplicationFile\fontdrvhost.exe|415bd9bd265b6ee3
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{f6708b28-8d92-0839-e00b-b30c408c99f3}\Root\InventoryApplicationFile\fontdrvhost.exe|415bd9bd265b6ee3
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{f6708b28-8d92-0839-e00b-b30c408c99f3}\Root\InventoryApplicationFile\fontdrvhost.exe|415bd9bd265b6ee3
|
Size
|
||
|
\REGISTRY\A\{f6708b28-8d92-0839-e00b-b30c408c99f3}\Root\InventoryApplicationFile\fontdrvhost.exe|415bd9bd265b6ee3
|
Language
|
||
|
\REGISTRY\A\{f6708b28-8d92-0839-e00b-b30c408c99f3}\Root\InventoryApplicationFile\fontdrvhost.exe|415bd9bd265b6ee3
|
IsOsComponent
|
||
|
\REGISTRY\A\{f6708b28-8d92-0839-e00b-b30c408c99f3}\Root\InventoryApplicationFile\fontdrvhost.exe|415bd9bd265b6ee3
|
Usn
|
There are 11 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
5E0000
|
direct allocation
|
page read and write
|
|
|
|
4D90000
|
direct allocation
|
page read and write
|
|
|
|
2E00000
|
direct allocation
|
page execute and read and write
|
|
|
|
639000
|
unkown
|
page execute and read and write
|
|
|
|
4FC0000
|
direct allocation
|
page execute and read and write
|
|
|
|
66C000
|
unkown
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
5610000
|
unkown
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
42EF000
|
stack
|
page read and write
|
||
|
2DBE000
|
stack
|
page read and write
|
||
|
392E000
|
stack
|
page read and write
|
||
|
4FB000
|
stack
|
page read and write
|
||
|
A82000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
4E90000
|
unkown
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
7B580FE000
|
stack
|
page read and write
|
||
|
33EF000
|
stack
|
page read and write
|
||
|
102B000
|
heap
|
page read and write
|
||
|
C3E000
|
stack
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
578D000
|
unkown
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
5816000
|
unkown
|
page read and write
|
||
|
45AE000
|
stack
|
page read and write
|
||
|
55E0000
|
unkown
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
4EBF000
|
stack
|
page read and write
|
||
|
53C000
|
stack
|
page read and write
|
||
|
4F10000
|
unkown
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
3F6E000
|
stack
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
41EE000
|
stack
|
page read and write
|
||
|
4E13000
|
unkown
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
FB0000
|
direct allocation
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
813000
|
heap
|
page read and write
|
||
|
4F90000
|
direct allocation
|
page execute and read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
54C0000
|
unkown
|
page read and write
|
||
|
802000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
5001000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
3DEF000
|
stack
|
page read and write
|
||
|
3B6F000
|
stack
|
page read and write
|
||
|
2CAE000
|
stack
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
5800000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
8F5000
|
unkown
|
page execute and read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
5100000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
342E000
|
stack
|
page read and write
|
||
|
5600000
|
heap
|
page read and write
|
||
|
FAE000
|
stack
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
4EE0000
|
unkown
|
page read and write
|
||
|
302F000
|
stack
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
4E68000
|
unkown
|
page read and write
|
||
|
5789000
|
unkown
|
page read and write
|
||
|
4950000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
4D90000
|
unkown
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B12000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
4CF0000
|
unkown
|
page read and write
|
||
|
4E10000
|
unkown
|
page read and write
|
||
|
FB0000
|
direct allocation
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
356E000
|
stack
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
4E2E000
|
stack
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
366F000
|
stack
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
53C0000
|
heap
|
page read and write
|
||
|
3E2E000
|
stack
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
2F2E000
|
stack
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
A12000
|
heap
|
page read and write
|
||
|
102C000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
56E0000
|
unkown
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
A53000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
456F000
|
stack
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
55E3000
|
unkown
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
54C0000
|
unkown
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
56B0000
|
unkown
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
57FE000
|
unkown
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
90E000
|
unkown
|
page execute and write copy
|
||
|
B32000
|
heap
|
page read and write
|
||
|
813000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
F6E000
|
heap
|
page read and write
|
||
|
2DEE000
|
stack
|
page read and write
|
||
|
FB0000
|
direct allocation
|
page read and write
|
||
|
5F0000
|
unkown
|
page read and write
|
||
|
4F70000
|
direct allocation
|
page execute and read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
F3E000
|
stack
|
page read and write
|
||
|
5F1000
|
unkown
|
page execute and read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
4F3C000
|
stack
|
page read and write
|
||
|
54C0000
|
unkown
|
page read and write
|
||
|
4A50000
|
trusted library allocation
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
5836000
|
unkown
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
492F000
|
stack
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
3BAE000
|
stack
|
page read and write
|
||
|
5630000
|
unkown
|
page read and write
|
||
|
2B2F000
|
stack
|
page read and write
|
||
|
46EE000
|
stack
|
page read and write
|
||
|
FB0000
|
direct allocation
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
482E000
|
stack
|
page read and write
|
||
|
523F000
|
stack
|
page read and write
|
||
|
7B581FE000
|
stack
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
4FB0000
|
direct allocation
|
page execute and read and write
|
||
|
B3C000
|
stack
|
page read and write
|
||
|
BA2000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
4F2F000
|
stack
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
38EF000
|
stack
|
page read and write
|
||
|
B9F000
|
heap
|
page read and write
|
||
|
F6A000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
AAA000
|
unkown
|
page execute and read and write
|
||
|
5552000
|
unkown
|
page read and write
|
||
|
4FB9000
|
unkown
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
5052000
|
unkown
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
50F1000
|
unkown
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
FB0000
|
direct allocation
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
FB0000
|
direct allocation
|
page read and write
|
||
|
5500000
|
heap
|
page read and write
|
||
|
32EE000
|
stack
|
page read and write
|
||
|
2DAF000
|
stack
|
page read and write
|
||
|
FB0000
|
direct allocation
|
page read and write
|
||
|
54C0000
|
unkown
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
306E000
|
stack
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
502E000
|
unkown
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
4DE0000
|
direct allocation
|
page read and write
|
||
|
B95000
|
heap
|
page read and write
|
||
|
4E40000
|
unkown
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
FB0000
|
direct allocation
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
570000
|
unkown
|
page execute and read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
5660000
|
unkown
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
4CF0000
|
unkown
|
page read and write
|
||
|
B9F000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
31AE000
|
stack
|
page read and write
|
||
|
5638000
|
unkown
|
page read and write
|
||
|
7F5000
|
unkown
|
page execute and read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
47EF000
|
stack
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
4E60000
|
unkown
|
page read and write
|
||
|
4DE0000
|
direct allocation
|
page read and write
|
||
|
19399C90000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
4F80000
|
direct allocation
|
page execute and read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
5600000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
BA2000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
2B6E000
|
stack
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
4DE0000
|
direct allocation
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
37EE000
|
stack
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
2EEF000
|
stack
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
4F50000
|
direct allocation
|
page execute and read and write
|
||
|
4951000
|
heap
|
page read and write
|
||
|
3A2F000
|
stack
|
page read and write
|
||
|
19399B90000
|
unkown
|
page execute and read and write
|
||
|
66C000
|
unkown
|
page write copy
|
||
|
4E70000
|
unkown
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
1939A013000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
90D000
|
unkown
|
page execute and write copy
|
||
|
B32000
|
heap
|
page read and write
|
||
|
4D3E000
|
stack
|
page read and write
|
||
|
BA2000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
432E000
|
stack
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
4CF0000
|
unkown
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
8D2000
|
unkown
|
page execute and read and write
|
||
|
90D000
|
unkown
|
page execute and read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
4E7E000
|
stack
|
page read and write
|
||
|
3F2F000
|
stack
|
page read and write
|
||
|
4951000
|
heap
|
page read and write
|
||
|
32AF000
|
stack
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
19399CB0000
|
unkown
|
page execute and read and write
|
||
|
442F000
|
stack
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
4EFC000
|
stack
|
page read and write
|
||
|
4CF0000
|
unkown
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
40AE000
|
stack
|
page read and write
|
||
|
639000
|
unkown
|
page execute and read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
4DA0000
|
unkown
|
page read and write
|
||
|
3CAF000
|
stack
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
B9F000
|
heap
|
page read and write
|
||
|
4FDE000
|
stack
|
page read and write
|
||
|
4FA0000
|
direct allocation
|
page execute and read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
4F40000
|
direct allocation
|
page execute and read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
7B57DDC000
|
stack
|
page read and write
|
||
|
37AF000
|
stack
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
316F000
|
stack
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
66F000
|
unkown
|
page execute and read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
352F000
|
stack
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
19399D5A000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
5570000
|
unkown
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
4FE0000
|
heap
|
page read and write
|
||
|
2C6F000
|
stack
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
A24000
|
heap
|
page read and write
|
||
|
5136000
|
heap
|
page read and write
|
||
|
36AE000
|
stack
|
page read and write
|
||
|
4930000
|
heap
|
page read and write
|
||
|
5066000
|
unkown
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
FCE000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B3D000
|
heap
|
page read and write
|
||
|
FB0000
|
direct allocation
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
FB0000
|
direct allocation
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
5240000
|
direct allocation
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
FCA000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
5640000
|
unkown
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
4951000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B9F000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
F6C000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
8FE000
|
unkown
|
page execute and read and write
|
||
|
5046000
|
unkown
|
page read and write
|
||
|
3A6E000
|
stack
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
542E000
|
heap
|
page read and write
|
||
|
58A7000
|
unkown
|
page read and write
|
||
|
C40000
|
direct allocation
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
E01000
|
stack
|
page read and write
|
||
|
FB0000
|
direct allocation
|
page read and write
|
||
|
5F0000
|
direct allocation
|
page read and write
|
||
|
3CEE000
|
stack
|
page read and write
|
||
|
B53000
|
heap
|
page read and write
|
||
|
406F000
|
stack
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
FB0000
|
direct allocation
|
page read and write
|
||
|
813000
|
heap
|
page read and write
|
||
|
2DFF000
|
stack
|
page read and write
|
||
|
5822000
|
unkown
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
4D82000
|
unkown
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
F67000
|
heap
|
page read and write
|
||
|
128F000
|
stack
|
page read and write
|
||
|
FB0000
|
direct allocation
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
5560000
|
unkown
|
page read and write
|
||
|
5101000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
50D7000
|
unkown
|
page read and write
|
||
|
41AF000
|
stack
|
page read and write
|
||
|
19399D50000
|
heap
|
page read and write
|
||
|
B43000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
5136000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
4DF0000
|
direct allocation
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
46AF000
|
stack
|
page read and write
|
||
|
58C1000
|
unkown
|
page read and write
|
||
|
4951000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
FB0000
|
direct allocation
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
446E000
|
stack
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
B32000
|
heap
|
page read and write
|
||
|
4E38000
|
direct allocation
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
5F0000
|
unkown
|
page readonly
|
||
|
B32000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
4FBD000
|
unkown
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
4E3F000
|
stack
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
629000
|
unkown
|
page execute and read and write
|
||
|
A6D000
|
heap
|
page read and write
|
||
|
4F60000
|
direct allocation
|
page execute and read and write
|
||
|
4DA0000
|
direct allocation
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
19399BB0000
|
heap
|
page read and write
|
||
|
19399CC0000
|
heap
|
page readonly
|
||
|
B32000
|
heap
|
page read and write
|
||
|
5F1000
|
unkown
|
page execute and write copy
|
||
|
B0C000
|
heap
|
page read and write
|
||
|
2D7F000
|
stack
|
page read and write
|
There are 437 hidden memdumps, click here to show them.