Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
S#U0130PAR#U0130#U015e No.112024-pdf.bat.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\k8457414
|
SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 2, database pages 56, cookie
0x24, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsu92B7.tmp\LangDLL.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsu92B7.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\vaporarium\immunoassay\overniceness\Bubblebow\Bekld.Int
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\vaporarium\immunoassay\overniceness\Bubblebow\frtr.jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 2000x2000,
components 3
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\vaporarium\immunoassay\overniceness\Bubblebow\lukkedagenes.fli
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\vaporarium\immunoassay\overniceness\Bubblebow\opisthocomine.nit
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\vaporarium\immunoassay\overniceness\Prestigebyggeriet.Hou
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\vaporarium\immunoassay\overniceness\defencives.pol
|
data
|
dropped
|
||
|
C:\Windows\Resources\0809\mysterist.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\S#U0130PAR#U0130#U015e No.112024-pdf.bat.exe
|
"C:\Users\user\Desktop\S#U0130PAR#U0130#U015e No.112024-pdf.bat.exe"
|
|
|
|
C:\Users\user\Desktop\S#U0130PAR#U0130#U015e No.112024-pdf.bat.exe
|
"C:\Users\user\Desktop\S#U0130PAR#U0130#U015e No.112024-pdf.bat.exe"
|
|
|
|
C:\Program Files (x86)\ozObaRMfFumKTnOmrEagnJLnBDKeXBGEgZVLimeITxshNaSucROpJhI\cXGDMXIloFhOE.exe
|
"C:\Program Files (x86)\ozObaRMfFumKTnOmrEagnJLnBDKeXBGEgZVLimeITxshNaSucROpJhI\cXGDMXIloFhOE.exe"
|
|
|
|
C:\Windows\SysWOW64\sdchange.exe
|
"C:\Windows\SysWOW64\sdchange.exe"
|
|
|
|
C:\Program Files (x86)\ozObaRMfFumKTnOmrEagnJLnBDKeXBGEgZVLimeITxshNaSucROpJhI\cXGDMXIloFhOE.exe
|
"C:\Program Files (x86)\ozObaRMfFumKTnOmrEagnJLnBDKeXBGEgZVLimeITxshNaSucROpJhI\cXGDMXIloFhOE.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.officinadelpasso.shop/vlg0/?s42t_Nbx=qomJeF/TtZ0QUZ/lu9XGw5rEDKlC0VH3n7TxRqREffWgONqaapTJswa8a+ti36YSjfwaEcz7GfWHOzY8D/KxwVpCEXfXsdPRTHALBjA15rmVzjOLWJp7K7s=&F0vD=qVTlJB1hk6Wd
|
195.110.124.133
|
|
|
|
http://www.vayui.top/4twy/
|
104.21.95.160
|
|
|
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
http://www.w3c.org/TR/1999/REC-html401-19991224/frameset.dtd
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
http://enechado.ru.com/tk.binJ
|
unknown
|
||
|
https://inference.location.live.net/inferenceservice/v21/Pox/GetLocationUsingFingerprinte1e71f6b-214
|
unknown
|
||
|
http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://enechado.ru.com/tk.bin
|
103.83.194.50
|
||
|
http://www.ftp.ftp://ftp.gopher.
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
http://www.vayui.top
|
unknown
|
There are 9 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.vayui.top
|
104.21.95.160
|
|
|
|
officinadelpasso.shop
|
195.110.124.133
|
|
|
|
enechado.ru.com
|
103.83.194.50
|
||
|
www.officinadelpasso.shop
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
195.110.124.133
|
officinadelpasso.shop
|
Italy
|
|
|
|
104.21.95.160
|
www.vayui.top
|
United States
|
|
|
|
103.83.194.50
|
enechado.ru.com
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
ED0000
|
trusted library allocation
|
page read and write
|
|
|
|
33050000
|
unclassified section
|
page execute and read and write
|
|
|
|
7E0000
|
system
|
page execute and read and write
|
|
|
|
25E0000
|
unkown
|
page execute and read and write
|
|
|
|
640000
|
system
|
page execute and read and write
|
|
|
|
4C51000
|
direct allocation
|
page execute and read and write
|
|
|
|
F20000
|
trusted library allocation
|
page read and write
|
|
|
|
329F0000
|
unclassified section
|
page execute and read and write
|
|
|
|
329A0000
|
direct allocation
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
91E000
|
heap
|
page read and write
|
||
|
3A0000
|
unkown
|
page readonly
|
||
|
7761000
|
heap
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
224F000
|
stack
|
page read and write
|
||
|
93C000
|
heap
|
page read and write
|
||
|
326BF000
|
stack
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
24A04CAC000
|
trusted library allocation
|
page read and write
|
||
|
95A000
|
heap
|
page read and write
|
||
|
89F000
|
heap
|
page read and write
|
||
|
815000
|
heap
|
page read and write
|
||
|
450000
|
unkown
|
page readonly
|
||
|
A01000
|
heap
|
page read and write
|
||
|
2F6A000
|
unkown
|
page execute and read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
2C5E000
|
stack
|
page read and write
|
||
|
775E000
|
heap
|
page read and write
|
||
|
896000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
830000
|
unkown
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
93C000
|
heap
|
page read and write
|
||
|
8E4000
|
heap
|
page read and write
|
||
|
2430000
|
heap
|
page read and write
|
||
|
EE1000
|
unkown
|
page execute read
|
||
|
422000
|
unkown
|
page read and write
|
||
|
8F8000
|
heap
|
page read and write
|
||
|
A0000
|
unkown
|
page readonly
|
||
|
A01000
|
heap
|
page read and write
|
||
|
835000
|
system
|
page execute and read and write
|
||
|
7772000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
8F3000
|
heap
|
page read and write
|
||
|
24A049B0000
|
trusted library allocation
|
page read and write
|
||
|
2D30000
|
direct allocation
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
24A04910000
|
heap
|
page read and write
|
||
|
2F82000
|
system
|
page read and write
|
||
|
32B57000
|
heap
|
page read and write
|
||
|
357DA000
|
unclassified section
|
page execute and read and write
|
||
|
7761000
|
heap
|
page read and write
|
||
|
35A000
|
stack
|
page read and write
|
||
|
F7F9DFF000
|
stack
|
page read and write
|
||
|
803000
|
heap
|
page read and write
|
||
|
F7F85FC000
|
stack
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
EF5000
|
unkown
|
page read and write
|
||
|
24A04B00000
|
trusted library allocation
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
89F000
|
heap
|
page read and write
|
||
|
803000
|
heap
|
page read and write
|
||
|
24A04B03000
|
trusted library allocation
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
2D9C000
|
heap
|
page read and write
|
||
|
3289C000
|
stack
|
page read and write
|
||
|
6FBC3000
|
unkown
|
page readonly
|
||
|
EF7000
|
unkown
|
page readonly
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
649000
|
unkown
|
page write copy
|
||
|
7761000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
7F2000
|
heap
|
page read and write
|
||
|
8F8000
|
heap
|
page read and write
|
||
|
7860000
|
trusted library allocation
|
page read and write
|
||
|
8E4000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
32D00000
|
direct allocation
|
page execute and read and write
|
||
|
2F0000
|
unkown
|
page readonly
|
||
|
803000
|
heap
|
page read and write
|
||
|
7775000
|
heap
|
page read and write
|
||
|
7ED000
|
heap
|
page read and write
|
||
|
7ED000
|
heap
|
page read and write
|
||
|
92F000
|
heap
|
page read and write
|
||
|
2D6F000
|
heap
|
page read and write
|
||
|
160000
|
unkown
|
page readonly
|
||
|
7761000
|
heap
|
page read and write
|
||
|
33042000
|
direct allocation
|
page execute and read and write
|
||
|
EF5000
|
unkown
|
page read and write
|
||
|
5A5000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
972000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
803000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
368C000
|
stack
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
955000
|
heap
|
page read and write
|
||
|
436A000
|
unkown
|
page execute and read and write
|
||
|
7ED000
|
heap
|
page read and write
|
||
|
180000
|
unkown
|
page readonly
|
||
|
A01000
|
heap
|
page read and write
|
||
|
3F0000
|
unkown
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
8E0000
|
unkown
|
page readonly
|
||
|
3E1000
|
unkown
|
page readonly
|
||
|
A01000
|
heap
|
page read and write
|
||
|
450000
|
unkown
|
page readonly
|
||
|
42D000
|
unkown
|
page read and write
|
||
|
2AFF000
|
stack
|
page read and write
|
||
|
7761000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
62F000
|
heap
|
page read and write
|
||
|
F10000
|
unkown
|
page readonly
|
||
|
329A4000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
2460000
|
direct allocation
|
page read and write
|
||
|
27D7000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
4A52000
|
direct allocation
|
page execute and read and write
|
||
|
8E0000
|
unkown
|
page readonly
|
||
|
2CB0000
|
direct allocation
|
page read and write
|
||
|
2B44000
|
heap
|
page read and write
|
||
|
2CD0000
|
direct allocation
|
page read and write
|
||
|
24F0000
|
unkown
|
page readonly
|
||
|
929000
|
heap
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
12A000
|
stack
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
5F2000
|
unkown
|
page write copy
|
||
|
91C000
|
heap
|
page read and write
|
||
|
7D5F000
|
stack
|
page read and write
|
||
|
7F6000
|
heap
|
page read and write
|
||
|
2DB7000
|
heap
|
page read and write
|
||
|
24A03042000
|
heap
|
page read and write
|
||
|
7761000
|
heap
|
page read and write
|
||
|
2B44000
|
heap
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
301E000
|
stack
|
page read and write
|
||
|
45F0000
|
trusted library allocation
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
EF7000
|
unkown
|
page readonly
|
||
|
6FC000
|
stack
|
page read and write
|
||
|
7760000
|
heap
|
page read and write
|
||
|
8A5000
|
heap
|
page read and write
|
||
|
262C000
|
unkown
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
EE0000
|
unkown
|
page readonly
|
||
|
A01000
|
heap
|
page read and write
|
||
|
3B0000
|
unkown
|
page readonly
|
||
|
4710000
|
direct allocation
|
page execute and read and write
|
||
|
905000
|
heap
|
page read and write
|
||
|
7F2000
|
heap
|
page read and write
|
||
|
2284000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
31D0000
|
direct allocation
|
page read and write
|
||
|
170000
|
unkown
|
page readonly
|
||
|
2A70000
|
heap
|
page read and write
|
||
|
710000
|
unkown
|
page readonly
|
||
|
A01000
|
heap
|
page read and write
|
||
|
32FD1000
|
direct allocation
|
page execute and read and write
|
||
|
24A04CBE000
|
trusted library allocation
|
page read and write
|
||
|
92F000
|
heap
|
page read and write
|
||
|
500000
|
unkown
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
8E4000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
2DBB000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
EE0000
|
unkown
|
page readonly
|
||
|
710000
|
unkown
|
page readonly
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
24A02F30000
|
system
|
page execute and read and write
|
||
|
5EC000
|
stack
|
page read and write
|
||
|
530000
|
unkown
|
page read and write
|
||
|
190000
|
heap
|
page read and write
|
||
|
466E000
|
stack
|
page read and write
|
||
|
EEE000
|
unkown
|
page readonly
|
||
|
6FBC1000
|
unkown
|
page execute read
|
||
|
3E1000
|
unkown
|
page readonly
|
||
|
5CE000
|
stack
|
page read and write
|
||
|
23E0000
|
heap
|
page read and write
|
||
|
95A000
|
heap
|
page read and write
|
||
|
EF5000
|
unkown
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
2DB7000
|
heap
|
page read and write
|
||
|
45F0000
|
trusted library allocation
|
page read and write
|
||
|
12A000
|
stack
|
page read and write
|
||
|
CEE000
|
stack
|
page read and write
|
||
|
2D96000
|
heap
|
page read and write
|
||
|
EE1000
|
unkown
|
page execute read
|
||
|
845000
|
system
|
page execute and read and write
|
||
|
2B20000
|
direct allocation
|
page read and write
|
||
|
24A03050000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
EEE000
|
unkown
|
page readonly
|
||
|
77A5000
|
heap
|
page read and write
|
||
|
926000
|
heap
|
page read and write
|
||
|
2D0000
|
unkown
|
page readonly
|
||
|
7761000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
7D1E000
|
stack
|
page read and write
|
||
|
44CF000
|
heap
|
page read and write
|
||
|
27D3000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
F7F95FE000
|
stack
|
page read and write
|
||
|
7E1000
|
heap
|
page read and write
|
||
|
24F0000
|
unkown
|
page readonly
|
||
|
450000
|
unkown
|
page readonly
|
||
|
5EE000
|
unkown
|
page write copy
|
||
|
3F0000
|
unkown
|
page read and write
|
||
|
89F000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
24A04B0F000
|
trusted library allocation
|
page read and write
|
||
|
94F000
|
heap
|
page read and write
|
||
|
3160000
|
direct allocation
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
7761000
|
heap
|
page read and write
|
||
|
89F000
|
heap
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
1DE000
|
unkown
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
390000
|
unkown
|
page readonly
|
||
|
EF7000
|
unkown
|
page readonly
|
||
|
7761000
|
heap
|
page read and write
|
||
|
5651000
|
direct allocation
|
page execute and read and write
|
||
|
49DD000
|
direct allocation
|
page execute and read and write
|
||
|
728000
|
heap
|
page read and write
|
||
|
2D9C000
|
heap
|
page read and write
|
||
|
3170000
|
direct allocation
|
page read and write
|
||
|
2420000
|
unkown
|
page readonly
|
||
|
8DC000
|
heap
|
page read and write
|
||
|
EE1000
|
unkown
|
page execute read
|
||
|
A01000
|
heap
|
page read and write
|
||
|
7750000
|
trusted library allocation
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
2DB2000
|
heap
|
page read and write
|
||
|
830000
|
unkown
|
page read and write
|
||
|
3C3000
|
unkown
|
page read and write
|
||
|
917000
|
heap
|
page read and write
|
||
|
77A1000
|
heap
|
page read and write
|
||
|
343DA000
|
unclassified section
|
page execute and read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
27D1000
|
heap
|
page read and write
|
||
|
3180000
|
direct allocation
|
page read and write
|
||
|
7F2000
|
heap
|
page read and write
|
||
|
6FC000
|
stack
|
page read and write
|
||
|
33967000
|
unclassified section
|
page execute and read and write
|
||
|
91C000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
EEE000
|
unkown
|
page readonly
|
||
|
94F000
|
heap
|
page read and write
|
||
|
7761000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
27D5000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
4E1E000
|
stack
|
page read and write
|
||
|
24A04C01000
|
trusted library allocation
|
page read and write
|
||
|
35A000
|
stack
|
page read and write
|
||
|
4FC000
|
stack
|
page read and write
|
||
|
4FC000
|
stack
|
page read and write
|
||
|
2512000
|
unkown
|
page read and write
|
||
|
45F0000
|
trusted library allocation
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
230E000
|
stack
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
2DA8000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
7E1000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
329A0000
|
direct allocation
|
page read and write
|
||
|
8F3000
|
heap
|
page read and write
|
||
|
24A04CCE000
|
trusted library allocation
|
page read and write
|
||
|
4B22000
|
unclassified section
|
page read and write
|
||
|
F11000
|
unkown
|
page readonly
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
190000
|
heap
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
48AE000
|
direct allocation
|
page execute and read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
EF5000
|
unkown
|
page read and write
|
||
|
3150000
|
direct allocation
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
3B0000
|
unkown
|
page readonly
|
||
|
A01000
|
heap
|
page read and write
|
||
|
7761000
|
heap
|
page read and write
|
||
|
EE0000
|
unkown
|
page readonly
|
||
|
803000
|
heap
|
page read and write
|
||
|
2280000
|
heap
|
page read and write
|
||
|
955000
|
heap
|
page read and write
|
||
|
EE1000
|
unkown
|
page execute read
|
||
|
E04000
|
heap
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
2BD4000
|
unkown
|
page read and write
|
||
|
46AE000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7E3E000
|
stack
|
page read and write
|
||
|
7784000
|
heap
|
page read and write
|
||
|
8F3000
|
heap
|
page read and write
|
||
|
5EC000
|
unkown
|
page write copy
|
||
|
A01000
|
heap
|
page read and write
|
||
|
8A8000
|
system
|
page execute and read and write
|
||
|
6FBC0000
|
unkown
|
page readonly
|
||
|
3584000
|
system
|
page read and write
|
||
|
329F0000
|
direct allocation
|
page read and write
|
||
|
27DD000
|
heap
|
page read and write
|
||
|
24A02F7B000
|
system
|
page execute and read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
926000
|
heap
|
page read and write
|
||
|
71000
|
heap
|
page read and write
|
||
|
427000
|
unkown
|
page read and write
|
||
|
82C000
|
system
|
page execute and read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
80E000
|
stack
|
page read and write
|
||
|
7778000
|
heap
|
page read and write
|
||
|
3267E000
|
stack
|
page read and write
|
||
|
3CB000
|
stack
|
page read and write
|
||
|
170000
|
unkown
|
page readonly
|
||
|
27D9000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
1660000
|
remote allocation
|
page execute and read and write
|
||
|
327CE000
|
stack
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
31A0000
|
direct allocation
|
page read and write
|
||
|
7761000
|
heap
|
page read and write
|
||
|
896000
|
heap
|
page read and write
|
||
|
7ED000
|
heap
|
page read and write
|
||
|
7761000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
7761000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
483D000
|
direct allocation
|
page execute and read and write
|
||
|
7761000
|
heap
|
page read and write
|
||
|
EE0000
|
unkown
|
page readonly
|
||
|
2D20000
|
direct allocation
|
page read and write
|
||
|
7761000
|
heap
|
page read and write
|
||
|
3280E000
|
stack
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
7761000
|
heap
|
page read and write
|
||
|
EF7000
|
unkown
|
page readonly
|
||
|
630000
|
heap
|
page read and write
|
||
|
2B00000
|
heap
|
page read and write
|
||
|
2480000
|
heap
|
page read and write
|
||
|
778E000
|
heap
|
page read and write
|
||
|
7F6000
|
heap
|
page read and write
|
||
|
2F0000
|
unkown
|
page readonly
|
||
|
4D1C000
|
stack
|
page read and write
|
||
|
470C000
|
stack
|
page read and write
|
||
|
435000
|
unkown
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
8A5000
|
heap
|
page read and write
|
||
|
A0000
|
unkown
|
page readonly
|
||
|
905000
|
heap
|
page read and write
|
||
|
4A70000
|
direct allocation
|
page execute and read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
7770000
|
heap
|
page read and write
|
||
|
825000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
93C000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
520000
|
unkown
|
page read and write
|
||
|
A70000
|
unkown
|
page readonly
|
||
|
23E4000
|
heap
|
page read and write
|
||
|
B0000
|
unkown
|
page readonly
|
||
|
CAE000
|
stack
|
page read and write
|
||
|
4F1F000
|
stack
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
339DA000
|
unclassified section
|
page execute and read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
752000
|
heap
|
page read and write
|
||
|
638000
|
stack
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
580000
|
unkown
|
page read and write
|
||
|
2B44000
|
heap
|
page read and write
|
||
|
24A03140000
|
heap
|
page read and write
|
||
|
91E000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
4688000
|
heap
|
page read and write
|
||
|
7761000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
2DB7000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
24A04C00000
|
trusted library allocation
|
page read and write
|
||
|
618000
|
heap
|
page read and write
|
||
|
89A000
|
heap
|
page read and write
|
||
|
3190000
|
direct allocation
|
page read and write
|
||
|
2DAE000
|
heap
|
page read and write
|
||
|
24A0303B000
|
heap
|
page read and write
|
||
|
89F000
|
heap
|
page read and write
|
||
|
91C000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
455B000
|
heap
|
page read and write
|
||
|
390000
|
unkown
|
page readonly
|
||
|
A01000
|
heap
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
2C9F000
|
stack
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
2D85000
|
heap
|
page read and write
|
||
|
8D3000
|
heap
|
page read and write
|
||
|
7DDF000
|
stack
|
page read and write
|
||
|
95A000
|
heap
|
page read and write
|
||
|
71000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
3299C000
|
stack
|
page read and write
|
||
|
F7F8DFD000
|
stack
|
page read and write
|
||
|
560000
|
unkown
|
page readonly
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
89B000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
C0000
|
unkown
|
page readonly
|
||
|
2450000
|
direct allocation
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
809000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
5F0000
|
unkown
|
page write copy
|
||
|
8F8000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
22C5000
|
heap
|
page read and write
|
||
|
24A02F77000
|
system
|
page execute and read and write
|
||
|
4A62000
|
unclassified section
|
page read and write
|
||
|
B0000
|
unkown
|
page readonly
|
||
|
23E0000
|
heap
|
page read and write
|
||
|
160000
|
unkown
|
page readonly
|
||
|
2D94000
|
heap
|
page read and write
|
||
|
F11000
|
unkown
|
page readonly
|
||
|
3A0000
|
unkown
|
page readonly
|
||
|
8D8000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
8EF000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
7E7F000
|
stack
|
page read and write
|
||
|
2B30000
|
direct allocation
|
page read and write
|
||
|
77AF000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
728000
|
heap
|
page read and write
|
||
|
3D0000
|
unkown
|
page read and write
|
||
|
73F000
|
stack
|
page read and write
|
||
|
7DF000
|
heap
|
page read and write
|
||
|
7F2000
|
heap
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
43AC000
|
heap
|
page read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
7761000
|
heap
|
page read and write
|
||
|
972000
|
heap
|
page read and write
|
||
|
888000
|
heap
|
page read and write
|
||
|
5EA000
|
unkown
|
page write copy
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
27D7000
|
heap
|
page read and write
|
||
|
44A000
|
unkown
|
page read and write
|
||
|
9AF000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
84E000
|
stack
|
page read and write
|
||
|
500000
|
unkown
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
8EF000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
24A03010000
|
heap
|
page read and write
|
||
|
7F6000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
5E8000
|
unkown
|
page write copy
|
||
|
A01000
|
heap
|
page read and write
|
||
|
E04000
|
heap
|
page read and write
|
||
|
240F000
|
stack
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
2D48000
|
heap
|
page read and write
|
||
|
3273E000
|
stack
|
page read and write
|
||
|
777A000
|
heap
|
page read and write
|
||
|
24A049A0000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
3D0000
|
unkown
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
19A000
|
stack
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
9FE000
|
stack
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
79E000
|
stack
|
page read and write
|
||
|
917000
|
heap
|
page read and write
|
||
|
24A04B15000
|
trusted library allocation
|
page read and write
|
||
|
7D9E000
|
stack
|
page read and write
|
||
|
803000
|
heap
|
page read and write
|
||
|
851000
|
system
|
page execute and read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
91E000
|
heap
|
page read and write
|
||
|
6FBC5000
|
unkown
|
page readonly
|
||
|
A01000
|
heap
|
page read and write
|
||
|
2DBD000
|
heap
|
page read and write
|
||
|
2EC2000
|
system
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
24A04A00000
|
trusted library allocation
|
page read and write
|
||
|
929000
|
heap
|
page read and write
|
||
|
7F6000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
8A5000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
7F6000
|
heap
|
page read and write
|
||
|
24A03042000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
3C0000
|
heap
|
page read and write
|
||
|
F10000
|
unkown
|
page readonly
|
||
|
24A0301A000
|
heap
|
page read and write
|
||
|
5124000
|
unclassified section
|
page read and write
|
||
|
2DAE000
|
heap
|
page read and write
|
||
|
7761000
|
heap
|
page read and write
|
||
|
24A04CC4000
|
trusted library allocation
|
page read and write
|
||
|
2EF7000
|
unkown
|
page execute and read and write
|
||
|
7E1000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
4839000
|
direct allocation
|
page execute and read and write
|
||
|
7ED000
|
heap
|
page read and write
|
||
|
560000
|
unkown
|
page readonly
|
||
|
34DDA000
|
unclassified section
|
page execute and read and write
|
||
|
1841000
|
remote allocation
|
page execute and read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
7766000
|
heap
|
page read and write
|
||
|
7761000
|
heap
|
page read and write
|
||
|
325BF000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2241000
|
remote allocation
|
page execute and read and write
|
||
|
24A04B11000
|
trusted library allocation
|
page read and write
|
||
|
7ED000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
9BE000
|
stack
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
32E9E000
|
direct allocation
|
page execute and read and write
|
||
|
89A000
|
heap
|
page read and write
|
||
|
2E0000
|
unkown
|
page readonly
|
||
|
A01000
|
heap
|
page read and write
|
||
|
396A000
|
unkown
|
page execute and read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
24A0302C000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
31B0000
|
direct allocation
|
page read and write
|
||
|
32C84000
|
heap
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
2CC0000
|
direct allocation
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
70000
|
heap
|
page read and write
|
||
|
779A000
|
heap
|
page read and write
|
||
|
2CE0000
|
direct allocation
|
page read and write
|
||
|
32AC7000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
92F000
|
heap
|
page read and write
|
||
|
4550000
|
trusted library allocation
|
page execute and read and write
|
||
|
8EF000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
2420000
|
unkown
|
page readonly
|
||
|
32FCD000
|
direct allocation
|
page execute and read and write
|
||
|
7761000
|
heap
|
page read and write
|
||
|
EEE000
|
unkown
|
page readonly
|
||
|
A01000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
5E6000
|
unkown
|
page write copy
|
||
|
241F000
|
unkown
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
7E1000
|
heap
|
page read and write
|
||
|
61E000
|
stack
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
2ABE000
|
stack
|
page read and write
|
||
|
2D10000
|
direct allocation
|
page read and write
|
||
|
2D00000
|
direct allocation
|
page read and write
|
||
|
2B40000
|
heap
|
page read and write
|
||
|
378D000
|
stack
|
page read and write
|
||
|
89F000
|
heap
|
page read and write
|
||
|
329F0000
|
direct allocation
|
page read and write
|
||
|
926000
|
heap
|
page read and write
|
||
|
2D0000
|
unkown
|
page readonly
|
||
|
180000
|
unkown
|
page readonly
|
||
|
A01000
|
heap
|
page read and write
|
||
|
95F000
|
heap
|
page read and write
|
||
|
32E2D000
|
direct allocation
|
page execute and read and write
|
||
|
32C80000
|
heap
|
page read and write
|
||
|
7761000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
A01000
|
heap
|
page read and write
|
||
|
32CF5000
|
heap
|
page read and write
|
||
|
972000
|
heap
|
page read and write
|
||
|
44B0000
|
trusted library allocation
|
page read and write
|
||
|
7761000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
94F000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
46F9000
|
heap
|
page read and write
|
||
|
5E4000
|
unkown
|
page write copy
|
||
|
B30000
|
heap
|
page read and write
|
||
|
49E1000
|
direct allocation
|
page execute and read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
2470000
|
direct allocation
|
page read and write
|
||
|
1049000
|
unkown
|
page write copy
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
43AF000
|
heap
|
page read and write
|
||
|
894000
|
heap
|
page read and write
|
||
|
7CDD000
|
stack
|
page read and write
|
||
|
1E0000
|
unkown
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
4B7C000
|
unclassified section
|
page read and write
|
||
|
7F6000
|
heap
|
page read and write
|
||
|
3C0000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
25D2000
|
unkown
|
page read and write
|
||
|
894000
|
heap
|
page read and write
|
||
|
27EC000
|
unkown
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
1E0000
|
unkown
|
page read and write
|
||
|
2E0000
|
unkown
|
page readonly
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
7795000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
24A04B21000
|
trusted library allocation
|
page read and write
|
||
|
32E29000
|
direct allocation
|
page execute and read and write
|
||
|
2D9C000
|
heap
|
page read and write
|
||
|
1F1000
|
unkown
|
page readonly
|
||
|
A01000
|
heap
|
page read and write
|
||
|
27DD000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
23E4000
|
heap
|
page read and write
|
||
|
7E1000
|
heap
|
page read and write
|
||
|
4D6A000
|
unkown
|
page execute and read and write
|
||
|
854000
|
system
|
page execute and read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
7F6000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
27EC000
|
unkown
|
page read and write
|
||
|
917000
|
heap
|
page read and write
|
||
|
7F2000
|
heap
|
page read and write
|
||
|
3277F000
|
stack
|
page read and write
|
||
|
325FD000
|
stack
|
page read and write
|
||
|
27DC000
|
heap
|
page read and write
|
||
|
2CA0000
|
direct allocation
|
page read and write
|
||
|
7B8000
|
heap
|
page read and write
|
||
|
815000
|
heap
|
page read and write
|
||
|
2DAE000
|
heap
|
page read and write
|
||
|
2DA8000
|
heap
|
page read and write
|
||
|
24A049B0000
|
trusted library allocation
|
page read and write
|
||
|
329F0000
|
direct allocation
|
page read and write
|
||
|
618000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
4600000
|
heap
|
page read and write
|
||
|
1F1000
|
unkown
|
page readonly
|
||
|
4D3C000
|
unclassified section
|
page read and write
|
||
|
22C0000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
580000
|
unkown
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
905000
|
heap
|
page read and write
|
||
|
929000
|
heap
|
page read and write
|
||
|
803000
|
heap
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
403000
|
unkown
|
page write copy
|
||
|
2440000
|
heap
|
page read and write
|
||
|
C0000
|
unkown
|
page readonly
|
||
|
955000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
95F000
|
heap
|
page read and write
|
||
|
31C0000
|
direct allocation
|
page read and write
|
||
|
A70000
|
unkown
|
page readonly
|
||
|
776B000
|
heap
|
page read and write
|
||
|
7E1000
|
heap
|
page read and write
|
||
|
7F2000
|
heap
|
page read and write
|
||
|
4684000
|
heap
|
page read and write
|
||
|
7F2000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
2D94000
|
heap
|
page read and write
|
||
|
3263B000
|
stack
|
page read and write
|
||
|
2DA8000
|
heap
|
page read and write
|
||
|
ED0000
|
trusted library allocation
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
319C000
|
system
|
page read and write
|
||
|
2512000
|
unkown
|
page read and write
|
||
|
2CF0000
|
direct allocation
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
95F000
|
heap
|
page read and write
|
||
|
7ED000
|
heap
|
page read and write
|
||
|
626000
|
unkown
|
page write copy
|
||
|
7761000
|
heap
|
page read and write
|
There are 723 hidden memdumps, click here to show them.