Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
XFO-E2024-013 SMP-10.3-F01-2210 Host spare parts.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\XFO-E2024-013 SMP-10.3-F01-2210 Host spare parts.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\UQ63g7r-
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 7
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\XFO-E2024-013 SMP-10.3-F01-2210 Host spare parts.exe
|
"C:\Users\user\Desktop\XFO-E2024-013 SMP-10.3-F01-2210 Host spare parts.exe"
|
|
|
|
C:\Users\user\Desktop\XFO-E2024-013 SMP-10.3-F01-2210 Host spare parts.exe
|
"C:\Users\user\Desktop\XFO-E2024-013 SMP-10.3-F01-2210 Host spare parts.exe"
|
|
|
|
C:\Users\user\Desktop\XFO-E2024-013 SMP-10.3-F01-2210 Host spare parts.exe
|
"C:\Users\user\Desktop\XFO-E2024-013 SMP-10.3-F01-2210 Host spare parts.exe"
|
|
|
|
C:\Program Files (x86)\ANsDTSeNonaranAlTWTJBxNqveGiUgHKsofZTNpMBSOaXyXAJCXyhhDyKURuYJNKTQAfCxLhtTQkawJ\xAbOwtcTtZmjBX.exe
|
"C:\Program Files (x86)\ANsDTSeNonaranAlTWTJBxNqveGiUgHKsofZTNpMBSOaXyXAJCXyhhDyKURuYJNKTQAfCxLhtTQkawJ\xAbOwtcTtZmjBX.exe"
|
|
|
|
C:\Windows\SysWOW64\tzutil.exe
|
"C:\Windows\SysWOW64\tzutil.exe"
|
|
|
|
C:\Program Files (x86)\ANsDTSeNonaranAlTWTJBxNqveGiUgHKsofZTNpMBSOaXyXAJCXyhhDyKURuYJNKTQAfCxLhtTQkawJ\xAbOwtcTtZmjBX.exe
|
"C:\Program Files (x86)\ANsDTSeNonaranAlTWTJBxNqveGiUgHKsofZTNpMBSOaXyXAJCXyhhDyKURuYJNKTQAfCxLhtTQkawJ\xAbOwtcTtZmjBX.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.070001325.xyz/gebt/?Ap=KZH8jfU0&BzI0pR=vv4Z5oAEVW8Fnw5+v3rC78A1apnlABoa7eW6m5kMXrJjwDKHwLvNIdd6hCLbwWC7cjqqbjXxYb26MUHQV2edmwlqePdZlnBGcJVL9hTasAQSXzj69w==
|
161.97.142.144
|
|
|
|
http://www.taxiquynhonnew.click/y49d/?Ap=KZH8jfU0&BzI0pR=m6DqfWTYFUU8GAEJaQ04TZKKVQt9iuan9ImFwYYAXgcLCIKDKHWgUkMantPJ7uipU91pPV1usxBfeqldUzKMcDzO8C+ujqQcrInydaZ/WyC6o7IBrA==
|
13.228.81.39
|
|
|
|
http://www.taxiquynhonnew.click/y49d/
|
13.228.81.39
|
|
|
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://l3filejson4dvd.josyliving.com/favicon.ico
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://login.7
|
unknown
|
||
|
https://connect.facebook.net/en_US/fbevents.js
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
http://tempuri.org/DataSet1.xsd
|
unknown
|
||
|
https://s.yimg.com/wi/ytc.js
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://analytics.tiktok.com/i18n/pixel/events.js
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://dq0ib5xlct7tw.cloudfront.net/
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
http://www.taxiquynhonnew.click
|
unknown
|
||
|
https://www.taxiquynhonnew.click/y49d/?Ap=KZH8jfU0&BzI0pR=m6DqfWTYFUU8GAEJaQ04TZKKVQt9iuan9ImFwYYAXg
|
unknown
|
There are 11 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.expancz.top
|
107.155.56.30
|
|
|
|
www.070001325.xyz
|
161.97.142.144
|
|
|
|
dns.ladipage.com
|
13.228.81.39
|
||
|
s-part-0035.t-0009.t-msedge.net
|
13.107.246.63
|
||
|
www.epitomize.shop
|
unknown
|
||
|
www.taxiquynhonnew.click
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
161.97.142.144
|
www.070001325.xyz
|
United States
|
|
|
|
107.155.56.30
|
www.expancz.top
|
United States
|
|
|
|
13.228.81.39
|
dns.ladipage.com
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4001000
|
trusted library allocation
|
page read and write
|
|
|
|
FF0000
|
unclassified section
|
page execute and read and write
|
|
|
|
F70000
|
trusted library allocation
|
page read and write
|
|
|
|
7480000
|
trusted library section
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
AA0000
|
system
|
page execute and read and write
|
|
|
|
2DF0000
|
unkown
|
page execute and read and write
|
|
|
|
14B0000
|
unclassified section
|
page execute and read and write
|
|
|
|
30C0000
|
trusted library allocation
|
page read and write
|
|
|
|
1060000
|
system
|
page execute and read and write
|
|
|
|
DA0000
|
unkown
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
440000
|
unkown
|
page readonly
|
||
|
C70000
|
unkown
|
page readonly
|
||
|
2DAB000
|
stack
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
7DCC000
|
heap
|
page read and write
|
||
|
7200000
|
trusted library allocation
|
page execute and read and write
|
||
|
10B6000
|
system
|
page execute and read and write
|
||
|
A78000
|
stack
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
2A70000
|
unkown
|
page readonly
|
||
|
1050000
|
unkown
|
page readonly
|
||
|
3270000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
83BE000
|
stack
|
page read and write
|
||
|
1410000
|
trusted library allocation
|
page read and write
|
||
|
1460000
|
unkown
|
page readonly
|
||
|
E71000
|
heap
|
page read and write
|
||
|
54B2000
|
trusted library allocation
|
page read and write
|
||
|
BEB3FF000
|
stack
|
page read and write
|
||
|
C26000
|
heap
|
page read and write
|
||
|
B8D000
|
heap
|
page read and write
|
||
|
457000
|
unkown
|
page readonly
|
||
|
E71000
|
heap
|
page read and write
|
||
|
1403000
|
trusted library allocation
|
page execute and read and write
|
||
|
C80000
|
unkown
|
page readonly
|
||
|
FF7000
|
heap
|
page read and write
|
||
|
1030000
|
unkown
|
page readonly
|
||
|
D9E000
|
stack
|
page read and write
|
||
|
1404000
|
trusted library allocation
|
page read and write
|
||
|
B96000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
970000
|
unkown
|
page readonly
|
||
|
29FF000
|
stack
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
7E08000
|
heap
|
page read and write
|
||
|
3D74000
|
unclassified section
|
page read and write
|
||
|
2DF0000
|
heap
|
page execute and read and write
|
||
|
3270000
|
trusted library allocation
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
116E000
|
stack
|
page read and write
|
||
|
1943C670000
|
trusted library allocation
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
1943AD30000
|
heap
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
2EC1000
|
trusted library allocation
|
page read and write
|
||
|
D20000
|
unkown
|
page readonly
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
62E0000
|
trusted library allocation
|
page read and write
|
||
|
1943ADF1000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
970000
|
unkown
|
page readonly
|
||
|
E71000
|
heap
|
page read and write
|
||
|
3110000
|
trusted library allocation
|
page read and write
|
||
|
441000
|
unkown
|
page execute read
|
||
|
7E37000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
1160000
|
unkown
|
page readonly
|
||
|
E71000
|
heap
|
page read and write
|
||
|
117E000
|
stack
|
page read and write
|
||
|
1487000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
737E000
|
stack
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
C6D000
|
heap
|
page read and write
|
||
|
F8E000
|
heap
|
page read and write
|
||
|
1943C903000
|
trusted library allocation
|
page read and write
|
||
|
54A0000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
C80000
|
unkown
|
page readonly
|
||
|
E71000
|
heap
|
page read and write
|
||
|
2B62000
|
unkown
|
page read and write
|
||
|
B9C000
|
heap
|
page read and write
|
||
|
3270000
|
trusted library allocation
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
141D000
|
trusted library allocation
|
page execute and read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
B89000
|
stack
|
page read and write
|
||
|
2EA0000
|
trusted library allocation
|
page read and write
|
||
|
7C90000
|
heap
|
page read and write
|
||
|
7DD8000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
7E3C000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
7DE4000
|
heap
|
page read and write
|
||
|
7DDA000
|
heap
|
page read and write
|
||
|
A85E000
|
stack
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
54C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
5590000
|
heap
|
page read and write
|
||
|
7DC6000
|
heap
|
page read and write
|
||
|
A3A0000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
441000
|
unkown
|
page execute read
|
||
|
E71000
|
heap
|
page read and write
|
||
|
3B244000
|
system
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
36B2000
|
unclassified section
|
page read and write
|
||
|
843E000
|
stack
|
page read and write
|
||
|
1350000
|
unkown
|
page read and write
|
||
|
BED000
|
heap
|
page read and write
|
||
|
5600000
|
heap
|
page read and write
|
||
|
C1C000
|
heap
|
page read and write
|
||
|
46F3000
|
unkown
|
page execute and read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
960000
|
unkown
|
page readonly
|
||
|
140D000
|
trusted library allocation
|
page execute and read and write
|
||
|
C0F000
|
heap
|
page read and write
|
||
|
33B6000
|
unkown
|
page read and write
|
||
|
158E000
|
stack
|
page read and write
|
||
|
54B0000
|
trusted library allocation
|
page read and write
|
||
|
BEBBFE000
|
stack
|
page read and write
|
||
|
1943C670000
|
trusted library allocation
|
page read and write
|
||
|
5980000
|
heap
|
page read and write
|
||
|
100F000
|
heap
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
1050000
|
unkown
|
page readonly
|
||
|
441000
|
unkown
|
page execute read
|
||
|
562E000
|
stack
|
page read and write
|
||
|
2FFE000
|
stack
|
page read and write
|
||
|
7220000
|
trusted library allocation
|
page execute and read and write
|
||
|
FDE000
|
heap
|
page read and write
|
||
|
134E000
|
stack
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
72ED000
|
stack
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
7260000
|
trusted library allocation
|
page read and write
|
||
|
CFC000
|
stack
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
7E38000
|
heap
|
page read and write
|
||
|
837F000
|
stack
|
page read and write
|
||
|
3AB82000
|
system
|
page read and write
|
||
|
BF2000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
BFA000
|
heap
|
page read and write
|
||
|
10C6000
|
system
|
page execute and read and write
|
||
|
142D000
|
direct allocation
|
page execute and read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
1943C90F000
|
trusted library allocation
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
C1F000
|
heap
|
page read and write
|
||
|
B96000
|
heap
|
page read and write
|
||
|
10AD000
|
system
|
page execute and read and write
|
||
|
3349000
|
heap
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
DA0000
|
unkown
|
page read and write
|
||
|
14A8000
|
direct allocation
|
page execute and read and write
|
||
|
CD4000
|
heap
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
362D000
|
direct allocation
|
page execute and read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
34FE000
|
direct allocation
|
page execute and read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
DFC000
|
stack
|
page read and write
|
||
|
847F000
|
stack
|
page read and write
|
||
|
AEE000
|
unkown
|
page readonly
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
44E000
|
unkown
|
page readonly
|
||
|
E71000
|
heap
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
A81E000
|
stack
|
page read and write
|
||
|
1943C921000
|
trusted library allocation
|
page read and write
|
||
|
56B0000
|
heap
|
page read and write
|
||
|
5440000
|
trusted library allocation
|
page read and write
|
||
|
BE3000
|
heap
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
7802000
|
trusted library allocation
|
page read and write
|
||
|
CF8000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
441000
|
unkown
|
page execute read
|
||
|
7F7C000
|
stack
|
page read and write
|
||
|
1460000
|
unkown
|
page readonly
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
311A000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
32EE000
|
stack
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
7C00000
|
trusted library section
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
2A64000
|
heap
|
page read and write
|
||
|
A71E000
|
stack
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
7F3C000
|
stack
|
page read and write
|
||
|
56D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
55EF000
|
stack
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
1004000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
1191000
|
unkown
|
page readonly
|
||
|
19B3000
|
unclassified section
|
page execute and read and write
|
||
|
11E0000
|
unkown
|
page readonly
|
||
|
1943C900000
|
trusted library allocation
|
page read and write
|
||
|
7DD5000
|
heap
|
page read and write
|
||
|
1030000
|
unkown
|
page readonly
|
||
|
7FDF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1943CAA5000
|
trusted library allocation
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
440000
|
unkown
|
page readonly
|
||
|
108B000
|
heap
|
page read and write
|
||
|
7E42000
|
heap
|
page read and write
|
||
|
DB1000
|
unkown
|
page readonly
|
||
|
C04000
|
heap
|
page read and write
|
||
|
F68000
|
heap
|
page read and write
|
||
|
50FC000
|
stack
|
page read and write
|
||
|
59B0000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
7210000
|
trusted library allocation
|
page read and write
|
||
|
B97000
|
heap
|
page read and write
|
||
|
C90000
|
unkown
|
page readonly
|
||
|
1411000
|
direct allocation
|
page execute and read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
C04000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
1289000
|
direct allocation
|
page execute and read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
455000
|
unkown
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
A95E000
|
stack
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
1160000
|
unkown
|
page readonly
|
||
|
1943ADEA000
|
heap
|
page read and write
|
||
|
1943AC95000
|
system
|
page execute and read and write
|
||
|
B96000
|
heap
|
page read and write
|
||
|
9EA000
|
stack
|
page read and write
|
||
|
54D0000
|
trusted library allocation
|
page read and write
|
||
|
1420000
|
trusted library allocation
|
page read and write
|
||
|
11AE000
|
stack
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
B87000
|
heap
|
page read and write
|
||
|
572F000
|
stack
|
page read and write
|
||
|
1460000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
17F1000
|
unkown
|
page readonly
|
||
|
2EC6000
|
trusted library allocation
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
2ECD000
|
trusted library allocation
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
1943CA01000
|
trusted library allocation
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
9EA000
|
stack
|
page read and write
|
||
|
72AE000
|
stack
|
page read and write
|
||
|
457000
|
unkown
|
page readonly
|
||
|
1432000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
unkown
|
page readonly
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
D30000
|
unkown
|
page readonly
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
B96000
|
heap
|
page read and write
|
||
|
11A0000
|
unkown
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
2DB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C48000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
457000
|
unkown
|
page readonly
|
||
|
E71000
|
heap
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
112E000
|
stack
|
page read and write
|
||
|
2D6E000
|
stack
|
page read and write
|
||
|
1943ABF0000
|
system
|
page execute and read and write
|
||
|
23B3000
|
unclassified section
|
page execute and read and write
|
||
|
FEF000
|
stack
|
page read and write
|
||
|
BDE000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
B9C000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
BEABFF000
|
stack
|
page read and write
|
||
|
F30000
|
unkown
|
page read and write
|
||
|
BE3000
|
heap
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
398C000
|
unclassified section
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
11D4000
|
heap
|
page read and write
|
||
|
7E4B000
|
heap
|
page read and write
|
||
|
11E0000
|
trusted library allocation
|
page read and write
|
||
|
7DFF000
|
heap
|
page read and write
|
||
|
2A64000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
B8D000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
3548000
|
unkown
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
DC0000
|
unkown
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
7DC0000
|
heap
|
page read and write
|
||
|
1160000
|
direct allocation
|
page execute and read and write
|
||
|
3AE5C000
|
system
|
page read and write
|
||
|
7E1E000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
A59E000
|
stack
|
page read and write
|
||
|
2FF8000
|
heap
|
page read and write
|
||
|
2A70000
|
unkown
|
page readonly
|
||
|
7100000
|
heap
|
page read and write
|
||
|
7E8E000
|
stack
|
page read and write
|
||
|
B0E000
|
stack
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
11A0000
|
unkown
|
page read and write
|
||
|
2CFF000
|
stack
|
page read and write
|
||
|
98B000
|
stack
|
page read and write
|
||
|
2B62000
|
unkown
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
2FF7000
|
heap
|
page read and write
|
||
|
1943AD50000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
C4E000
|
heap
|
page read and write
|
||
|
F70000
|
trusted library allocation
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
2DC0000
|
trusted library allocation
|
page read and write
|
||
|
7CA3000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
DFC000
|
stack
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
BDE000
|
heap
|
page read and write
|
||
|
7266000
|
trusted library allocation
|
page read and write
|
||
|
F68000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
7FBE000
|
stack
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
130F000
|
stack
|
page read and write
|
||
|
3001000
|
trusted library allocation
|
page read and write
|
||
|
10D5000
|
system
|
page execute and read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
1943ADDC000
|
heap
|
page read and write
|
||
|
56A0000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
2A3C000
|
stack
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
3046000
|
trusted library allocation
|
page read and write
|
||
|
7DC1000
|
heap
|
page read and write
|
||
|
56C0000
|
heap
|
page read and write
|
||
|
1040000
|
unkown
|
page readonly
|
||
|
2EA4000
|
trusted library allocation
|
page read and write
|
||
|
D40000
|
unkown
|
page readonly
|
||
|
1943AD80000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
13FE000
|
stack
|
page read and write
|
||
|
2E3C000
|
unkown
|
page read and write
|
||
|
348D000
|
direct allocation
|
page execute and read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
536C000
|
stack
|
page read and write
|
||
|
7D13000
|
heap
|
page read and write
|
||
|
37CC000
|
unclassified section
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
2D00000
|
unkown
|
page readonly
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
440000
|
unkown
|
page readonly
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
2DB3000
|
unclassified section
|
page execute and read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
D30000
|
unkown
|
page readonly
|
||
|
1943CABE000
|
trusted library allocation
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
455000
|
unkown
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
17F1000
|
unkown
|
page readonly
|
||
|
A30000
|
unkown
|
page readonly
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
BF7000
|
heap
|
page read and write
|
||
|
4098000
|
unclassified section
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
10E5000
|
heap
|
page read and write
|
||
|
1943AC93000
|
system
|
page execute and read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
1943ADC0000
|
heap
|
page read and write
|
||
|
CFA000
|
stack
|
page read and write
|
||
|
32D4000
|
heap
|
page read and write
|
||
|
C2A000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
56B5000
|
heap
|
page read and write
|
||
|
7DD2000
|
heap
|
page read and write
|
||
|
747E000
|
stack
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
7DF9000
|
heap
|
page read and write
|
||
|
F30000
|
unkown
|
page read and write
|
||
|
72F0000
|
trusted library allocation
|
page read and write
|
||
|
B91000
|
heap
|
page read and write
|
||
|
31C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
980000
|
unkown
|
page readonly
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
1180000
|
unkown
|
page read and write
|
||
|
D40000
|
unkown
|
page readonly
|
||
|
E71000
|
heap
|
page read and write
|
||
|
7E3C000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
10D2000
|
system
|
page execute and read and write
|
||
|
980000
|
unkown
|
page readonly
|
||
|
31AB000
|
heap
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
3224000
|
unkown
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
36A2000
|
direct allocation
|
page execute and read and write
|
||
|
2EAB000
|
trusted library allocation
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
A6DE000
|
stack
|
page read and write
|
||
|
1191000
|
unkown
|
page readonly
|
||
|
BFA000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
7E0A000
|
heap
|
page read and write
|
||
|
11E0000
|
unkown
|
page readonly
|
||
|
2DE0000
|
trusted library allocation
|
page read and write
|
||
|
56E0000
|
heap
|
page execute and read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
B9E000
|
heap
|
page read and write
|
||
|
1437000
|
trusted library allocation
|
page execute and read and write
|
||
|
597E000
|
stack
|
page read and write
|
||
|
12FE000
|
stack
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
7E26000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
1426000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF0000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
83FF000
|
stack
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
142A000
|
trusted library allocation
|
page execute and read and write
|
||
|
332E000
|
stack
|
page read and write
|
||
|
CD4000
|
heap
|
page read and write
|
||
|
1368000
|
heap
|
page read and write
|
||
|
DC0000
|
unkown
|
page read and write
|
||
|
457000
|
unkown
|
page readonly
|
||
|
128D000
|
direct allocation
|
page execute and read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
5B40000
|
trusted library allocation
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
7E04000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
7310000
|
trusted library allocation
|
page execute and read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
1943ADEF000
|
heap
|
page read and write
|
||
|
A5DE000
|
stack
|
page read and write
|
||
|
B4E000
|
stack
|
page read and write
|
||
|
84BE000
|
stack
|
page read and write
|
||
|
2ED2000
|
trusted library allocation
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
1350000
|
unkown
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
2EE0000
|
trusted library allocation
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
1180000
|
unkown
|
page read and write
|
||
|
7E45000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
B8B000
|
heap
|
page read and write
|
||
|
F7F000
|
heap
|
page read and write
|
||
|
84FF000
|
stack
|
page read and write
|
||
|
A3B000
|
stack
|
page read and write
|
||
|
1943ADC9000
|
heap
|
page read and write
|
||
|
32D8000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
55FC000
|
stack
|
page read and write
|
||
|
B92000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
1430000
|
trusted library allocation
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
CFA000
|
stack
|
page read and write
|
||
|
14F1000
|
unkown
|
page readonly
|
||
|
BED000
|
heap
|
page read and write
|
||
|
A32000
|
unkown
|
page readonly
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
2EF0000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
DF0000
|
unkown
|
page readonly
|
||
|
7D04000
|
heap
|
page read and write
|
||
|
3360000
|
direct allocation
|
page execute and read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
143B000
|
trusted library allocation
|
page execute and read and write
|
||
|
E16000
|
heap
|
page read and write
|
||
|
E30000
|
heap
|
page read and write
|
||
|
1943C913000
|
trusted library allocation
|
page read and write
|
||
|
2C7C000
|
unkown
|
page read and write
|
||
|
1943C670000
|
trusted library allocation
|
page read and write
|
||
|
1450000
|
trusted library allocation
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
2DD0000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
unkown
|
page readonly
|
||
|
7D00000
|
trusted library allocation
|
page read and write
|
||
|
1422000
|
trusted library allocation
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
C53000
|
heap
|
page read and write
|
||
|
EF0000
|
unkown
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
7E33000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
44E000
|
unkown
|
page readonly
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
7E33000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
CD4000
|
heap
|
page read and write
|
||
|
C59000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
1012000
|
heap
|
page read and write
|
||
|
D20000
|
unkown
|
page readonly
|
||
|
7BF0000
|
trusted library allocation
|
page read and write
|
||
|
B96000
|
heap
|
page read and write
|
||
|
7E2D000
|
heap
|
page read and write
|
||
|
7DB0000
|
trusted library allocation
|
page read and write
|
||
|
960000
|
unkown
|
page readonly
|
||
|
C70000
|
direct allocation
|
page read and write
|
||
|
1129000
|
system
|
page execute and read and write
|
||
|
440000
|
unkown
|
page readonly
|
||
|
2E3C000
|
unkown
|
page read and write
|
||
|
2C22000
|
unkown
|
page read and write
|
||
|
14F1000
|
unkown
|
page readonly
|
||
|
3772000
|
unclassified section
|
page read and write
|
||
|
BEA3FC000
|
stack
|
page read and write
|
||
|
B91000
|
heap
|
page read and write
|
||
|
F00000
|
unkown
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
455000
|
unkown
|
page read and write
|
||
|
1943C90B000
|
trusted library allocation
|
page read and write
|
||
|
11D4000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
455000
|
unkown
|
page read and write
|
||
|
5593000
|
heap
|
page read and write
|
||
|
EEF000
|
stack
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
7DCB000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
3AC42000
|
system
|
page read and write
|
||
|
1943C800000
|
trusted library allocation
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
3631000
|
direct allocation
|
page execute and read and write
|
||
|
3CF3000
|
unkown
|
page execute and read and write
|
||
|
1391000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
BF7000
|
heap
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
5610000
|
trusted library section
|
page readonly
|
||
|
E71000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
5460000
|
trusted library allocation
|
page read and write
|
||
|
7E20000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
DB1000
|
unkown
|
page readonly
|
||
|
5990000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
B8B000
|
heap
|
page read and write
|
||
|
3489000
|
direct allocation
|
page execute and read and write
|
||
|
12FE000
|
direct allocation
|
page execute and read and write
|
||
|
1943CAC4000
|
trusted library allocation
|
page read and write
|
||
|
BF2000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
C15000
|
heap
|
page read and write
|
||
|
C70000
|
unkown
|
page readonly
|
||
|
1400000
|
trusted library allocation
|
page read and write
|
||
|
32F3000
|
unkown
|
page execute and read and write
|
||
|
EF7000
|
stack
|
page read and write
|
||
|
7DD0000
|
heap
|
page read and write
|
||
|
C90000
|
unkown
|
page readonly
|
||
|
E71000
|
heap
|
page read and write
|
||
|
44E000
|
unkown
|
page readonly
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
CFC000
|
stack
|
page read and write
|
||
|
C33000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
54EE000
|
stack
|
page read and write
|
||
|
3F06000
|
unclassified section
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
1040000
|
unkown
|
page readonly
|
||
|
E71000
|
heap
|
page read and write
|
||
|
88C000
|
stack
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
7E45000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
1943C7C0000
|
heap
|
page read and write
|
||
|
2EBE000
|
trusted library allocation
|
page read and write
|
||
|
2E08000
|
trusted library allocation
|
page read and write
|
||
|
2EE5000
|
trusted library allocation
|
page read and write
|
||
|
7E40000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
44E000
|
unkown
|
page readonly
|
||
|
E71000
|
heap
|
page read and write
|
||
|
1426000
|
direct allocation
|
page execute and read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
1368000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
D17000
|
heap
|
page read and write
|
||
|
E71000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
There are 673 hidden memdumps, click here to show them.