Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Certificate 11-19AIS.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\F56GKLK7U4
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\autBBDF.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\unjust
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Certificate 11-19AIS.exe
|
"C:\Users\user\Desktop\Certificate 11-19AIS.exe"
|
|
|
|
C:\Windows\SysWOW64\svchost.exe
|
"C:\Users\user\Desktop\Certificate 11-19AIS.exe"
|
|
|
|
C:\Program Files (x86)\qjwUrvbCXhnUchtpWXaONmAlxNsulNDCTTNJCecuZgIsyHrx\auecFLppjswMvwfJiAu.exe
|
"C:\Program Files (x86)\qjwUrvbCXhnUchtpWXaONmAlxNsulNDCTTNJCecuZgIsyHrx\auecFLppjswMvwfJiAu.exe"
|
|
|
|
C:\Windows\SysWOW64\netbtugc.exe
|
"C:\Windows\SysWOW64\netbtugc.exe"
|
|
|
|
C:\Program Files (x86)\qjwUrvbCXhnUchtpWXaONmAlxNsulNDCTTNJCecuZgIsyHrx\auecFLppjswMvwfJiAu.exe
|
"C:\Program Files (x86)\qjwUrvbCXhnUchtpWXaONmAlxNsulNDCTTNJCecuZgIsyHrx\auecFLppjswMvwfJiAu.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.elettrosistemista.zip/fo8o/?HpnH2=lZrlsdK8B4Q&zh=bO1UBvtoHFNUmlWGmXL3o3L5Dhw+Vy81qF418M7UHpKKa2cgLZsmM/SsbGGojtls67Xc6OgTo57aJm1+bsxMdSNMaLujgCrTpNg/TOHpJ8V8eDXM6X/ojyE=
|
195.110.124.133
|
|
|
|
http://www.empowermedeco.com/fo8o/
|
217.196.55.202
|
|
|
|
http://www.rssnewscast.com/fo8o/?zh=x3jV/ECx7FuzXOI5niBKCyXhuUkTi7THyCIVaqWvGMMqpfz0YC5wLsL1wYxwFH1KuInYTmXKqKNNujOvwtdN4Jw8jmqxLw67/BJwdjwjaFneB0YC/Adw7Wc=&HpnH2=lZrlsdK8B4Q
|
91.195.240.94
|
|
|
|
http://www.elettrosistemista.zip/fo8o/
|
195.110.124.133
|
|
|
|
http://www.empowermedeco.com/fo8o/?zh=mxnR+iHPFb8HZiaBBOLBDF0OC7azb6MRPLEBGwFodGelSqoCQiBwPqu0WU7djgVoJgj4cKk6Pp6Q/yIaSghKJgd1+5vEXfQMT7HDcUO7Jh3BJK53kSorIMs=&HpnH2=lZrlsdK8B4Q
|
217.196.55.202
|
|
|
|
http://www.magmadokum.com/fo8o/?HpnH2=lZrlsdK8B4Q&zh=qL3nKp+YSjoaTomgQjyPoknaJzFflnvGMW8DXsDTZ4AADrD7Wpn1i04piMS1+AOWgCBMohpgbh6Cuut9PSzjckoJS+lg7OgEaCOx4WcoERsgbN8QHC6pJzk=
|
85.159.66.93
|
|
|
|
http://www.magmadokum.com/fo8o/
|
85.159.66.93
|
|
|
|
http://www.goldenjade-travel.com/fo8o/?HpnH2=lZrlsdK8B4Q&zh=LFKqyrcu7g1NCa8cV1r2tNkohroduT6prIMLtaWgKJ9bBKQr4dsnyMPFpMQjJLGR7ieyxupOSpv1HbfUaMaFgSEIkTArzNUXX6i8MuAeXF0KENTzWGDok/4=
|
116.50.37.244
|
|
|
|
http://www.3xfootball.com/fo8o/?HpnH2=lZrlsdK8B4Q&zh=IhZyPQIGe6uK3zP3twZWsYVeSSeNS0ZlW2eS79Xk6ut4afzj0LiRBEeFtQixSzG192fRs1GD25A478p7nOOnj6KAVMa+YMk7oXS5ptBuz0n8hBJ8/Hksw4c=
|
154.215.72.110
|
|
|
|
http://www.rssnewscast.com/fo8o/
|
91.195.240.94
|
|
|
|
http://www.goldenjade-travel.com/fo8o/
|
116.50.37.244
|
|
|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
http://www.empowermedeco.com
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://www.name.com/domain/renew/rssnewscast.com?utm_source=Sedo_parked_page&utm_medium=button&utm_
|
unknown
|
||
|
https://www.sedo.com/services/parking.php3
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://codepen.io/uzcho_/pens/popular/?grid_type=list
|
unknown
|
||
|
https://codepen.io/uzcho_/pen/eYdmdXw.css
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
http://www.techchains.info/fo8o/
|
66.29.149.46
|
||
|
https://www.empowermedeco.com/fo8o/?zh=mxnR
|
unknown
|
There are 17 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
elettrosistemista.zip
|
195.110.124.133
|
||
|
empowermedeco.com
|
217.196.55.202
|
||
|
www.3xfootball.com
|
154.215.72.110
|
||
|
www.goldenjade-travel.com
|
116.50.37.244
|
||
|
www.rssnewscast.com
|
91.195.240.94
|
||
|
www.techchains.info
|
66.29.149.46
|
||
|
natroredirect.natrocdn.com
|
85.159.66.93
|
||
|
www.magmadokum.com
|
unknown
|
||
|
www.donnavariedades.com
|
unknown
|
||
|
www.660danm.top
|
unknown
|
||
|
www.joyesi.xyz
|
unknown
|
||
|
www.liangyuen528.com
|
unknown
|
||
|
www.kasegitai.tokyo
|
unknown
|
||
|
www.empowermedeco.com
|
unknown
|
||
|
www.k9vyp11no3.cfd
|
unknown
|
||
|
www.elettrosistemista.zip
|
unknown
|
||
|
www.antonio-vivaldi.mobi
|
unknown
|
There are 7 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
91.195.240.94
|
www.rssnewscast.com
|
Germany
|
||
|
154.215.72.110
|
www.3xfootball.com
|
Seychelles
|
||
|
195.110.124.133
|
elettrosistemista.zip
|
Italy
|
||
|
116.50.37.244
|
www.goldenjade-travel.com
|
Taiwan; Republic of China (ROC)
|
||
|
85.159.66.93
|
natroredirect.natrocdn.com
|
Turkey
|
||
|
66.29.149.46
|
www.techchains.info
|
United States
|
||
|
217.196.55.202
|
empowermedeco.com
|
Norway
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
57B0000
|
system
|
page execute and read and write
|
|
|
|
2D20000
|
trusted library allocation
|
page read and write
|
|
|
|
3A00000
|
unclassified section
|
page execute and read and write
|
|
|
|
400000
|
system
|
page execute and read and write
|
|
|
|
3280000
|
unclassified section
|
page execute and read and write
|
|
|
|
2810000
|
system
|
page execute and read and write
|
|
|
|
2630000
|
unkown
|
page execute and read and write
|
|
|
|
2AB0000
|
trusted library allocation
|
page read and write
|
|
|
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
1E006910000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
870000
|
unkown
|
page read and write
|
||
|
42C2000
|
unclassified section
|
page execute and read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
D77000
|
heap
|
page read and write
|
||
|
E50000
|
unkown
|
page readonly
|
||
|
D77000
|
heap
|
page read and write
|
||
|
39A9000
|
direct allocation
|
page read and write
|
||
|
2B37000
|
heap
|
page read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
78A6000
|
heap
|
page read and write
|
||
|
4330000
|
unclassified section
|
page execute and read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C13000
|
heap
|
page read and write
|
||
|
2B28000
|
heap
|
page read and write
|
||
|
EE4000
|
heap
|
page read and write
|
||
|
6A1C000
|
system
|
page read and write
|
||
|
1E0081B0000
|
trusted library allocation
|
page read and write
|
||
|
3390000
|
heap
|
page read and write
|
||
|
2C13000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2BC4000
|
heap
|
page read and write
|
||
|
3A1E000
|
direct allocation
|
page read and write
|
||
|
785D000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
324D000
|
direct allocation
|
page execute and read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
D1A000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
4624000
|
unclassified section
|
page read and write
|
||
|
FBC000
|
stack
|
page read and write
|
||
|
3400000
|
direct allocation
|
page execute and read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2E17000
|
heap
|
page read and write
|
||
|
961000
|
unkown
|
page readonly
|
||
|
3803000
|
direct allocation
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
36E0000
|
direct allocation
|
page read and write
|
||
|
2C13000
|
heap
|
page read and write
|
||
|
5814000
|
system
|
page execute and read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
405000
|
unkown
|
page read and write
|
||
|
1330000
|
unkown
|
page read and write
|
||
|
2B37000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C13000
|
heap
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
337C000
|
unkown
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
1E0068E0000
|
heap
|
page read and write
|
||
|
1A71000
|
unkown
|
page readonly
|
||
|
3A6E000
|
direct allocation
|
page read and write
|
||
|
1E0068FC000
|
heap
|
page read and write
|
||
|
1E0086BE000
|
trusted library allocation
|
page read and write
|
||
|
450000
|
unkown
|
page readonly
|
||
|
2E1A000
|
heap
|
page read and write
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
D25000
|
heap
|
page read and write
|
||
|
39F9000
|
direct allocation
|
page read and write
|
||
|
24A0000
|
unkown
|
page read and write
|
||
|
35AC000
|
unclassified section
|
page read and write
|
||
|
2480000
|
unkown
|
page readonly
|
||
|
339E000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
998000
|
heap
|
page read and write
|
||
|
B8F000
|
stack
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2E20000
|
heap
|
page read and write
|
||
|
786E000
|
heap
|
page read and write
|
||
|
1E006800000
|
system
|
page execute and read and write
|
||
|
2B2E000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2B9B000
|
heap
|
page read and write
|
||
|
1E00850A000
|
trusted library allocation
|
page read and write
|
||
|
78B0000
|
heap
|
page read and write
|
||
|
D77000
|
heap
|
page read and write
|
||
|
2B4B000
|
heap
|
page read and write
|
||
|
5DE0000
|
trusted library allocation
|
page read and write
|
||
|
359E000
|
direct allocation
|
page execute and read and write
|
||
|
870000
|
unkown
|
page read and write
|
||
|
24A0000
|
unkown
|
page read and write
|
||
|
2A24000
|
heap
|
page read and write
|
||
|
1E008521000
|
trusted library allocation
|
page read and write
|
||
|
DFD000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
D24000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2E90000
|
unkown
|
page read and write
|
||
|
D77000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2A24000
|
heap
|
page read and write
|
||
|
6E04000
|
system
|
page read and write
|
||
|
D24000
|
heap
|
page read and write
|
||
|
78A2000
|
heap
|
page read and write
|
||
|
1E0081B0000
|
trusted library allocation
|
page read and write
|
||
|
2E12000
|
heap
|
page read and write
|
||
|
1E006912000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2B37000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
86F000
|
unkown
|
page write copy
|
||
|
D77000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
30A2000
|
unkown
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
3DAC000
|
unkown
|
page read and write
|
||
|
2EFF000
|
heap
|
page read and write
|
||
|
43F4000
|
unkown
|
page read and write
|
||
|
4BA000
|
stack
|
page read and write
|
||
|
1E0086C4000
|
trusted library allocation
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
6AE000
|
stack
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
D23000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
15A0000
|
unkown
|
page readonly
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2540000
|
unkown
|
page readonly
|
||
|
30FF000
|
stack
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
83D000
|
unkown
|
page readonly
|
||
|
1E006912000
|
heap
|
page read and write
|
||
|
1350000
|
unkown
|
page readonly
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
D5EE5FE000
|
stack
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
149E000
|
stack
|
page read and write
|
||
|
2C07000
|
heap
|
page read and write
|
||
|
2EA0000
|
trusted library allocation
|
page read and write
|
||
|
3880000
|
direct allocation
|
page read and write
|
||
|
3CB8000
|
unclassified section
|
page read and write
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
7B1000
|
unkown
|
page execute read
|
||
|
D5EDDFB000
|
stack
|
page read and write
|
||
|
1E0068EF000
|
heap
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
1E008517000
|
trusted library allocation
|
page read and write
|
||
|
9AB000
|
unkown
|
page read and write
|
||
|
7B0000
|
unkown
|
page readonly
|
||
|
85E000
|
unkown
|
page readonly
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2F74000
|
heap
|
page read and write
|
||
|
4ADA000
|
unclassified section
|
page read and write
|
||
|
2530000
|
heap
|
page read and write
|
||
|
405000
|
unkown
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2BCE000
|
stack
|
page read and write
|
||
|
3880000
|
direct allocation
|
page read and write
|
||
|
2C12000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
3280000
|
direct allocation
|
page read and write
|
||
|
1E0067B0000
|
system
|
page execute and read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C13000
|
heap
|
page read and write
|
||
|
3742000
|
direct allocation
|
page execute and read and write
|
||
|
2C13000
|
heap
|
page read and write
|
||
|
3880000
|
direct allocation
|
page read and write
|
||
|
598C000
|
unkown
|
page read and write
|
||
|
1E00850E000
|
trusted library allocation
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2A3A000
|
stack
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
970000
|
unkown
|
page read and write
|
||
|
247F000
|
stack
|
page read and write
|
||
|
39AD000
|
direct allocation
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
3392000
|
unclassified section
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2FA0000
|
heap
|
page read and write
|
||
|
3AA000
|
stack
|
page read and write
|
||
|
2B90000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
39FD000
|
direct allocation
|
page read and write
|
||
|
430000
|
unkown
|
page readonly
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
7B1000
|
unkown
|
page execute read
|
||
|
38D0000
|
direct allocation
|
page read and write
|
||
|
313E000
|
stack
|
page read and write
|
||
|
450000
|
unkown
|
page readonly
|
||
|
19AE000
|
stack
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2A20000
|
heap
|
page read and write
|
||
|
3F0000
|
unkown
|
page readonly
|
||
|
2E90000
|
unkown
|
page read and write
|
||
|
2BB9000
|
heap
|
page read and write
|
||
|
2D60000
|
trusted library allocation
|
page read and write
|
||
|
4262000
|
unkown
|
page read and write
|
||
|
3162000
|
unkown
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
EF0000
|
heap
|
page execute and read and write
|
||
|
FBC000
|
stack
|
page read and write
|
||
|
6742000
|
system
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
3853000
|
direct allocation
|
page read and write
|
||
|
D5D000
|
heap
|
page read and write
|
||
|
3F3E000
|
unkown
|
page read and write
|
||
|
3F1000
|
unkown
|
page execute read
|
||
|
874000
|
unkown
|
page readonly
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
3280000
|
direct allocation
|
page read and write
|
||
|
1E0086CE000
|
trusted library allocation
|
page read and write
|
||
|
2E17000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
3803000
|
direct allocation
|
page read and write
|
||
|
783D000
|
heap
|
page read and write
|
||
|
2C13000
|
heap
|
page read and write
|
||
|
1300000
|
unkown
|
page read and write
|
||
|
EF1000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
7BC0000
|
heap
|
page read and write
|
||
|
48AA000
|
unkown
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
36D1000
|
direct allocation
|
page execute and read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C13000
|
heap
|
page read and write
|
||
|
2B37000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C13000
|
heap
|
page read and write
|
||
|
1E0068EA000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
998000
|
heap
|
page read and write
|
||
|
3730000
|
direct allocation
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
416E000
|
unclassified section
|
page read and write
|
||
|
2A50000
|
heap
|
page read and write
|
||
|
EBA000
|
stack
|
page read and write
|
||
|
2B9E000
|
heap
|
page read and write
|
||
|
2A24000
|
heap
|
page read and write
|
||
|
F05000
|
heap
|
page read and write
|
||
|
237E000
|
stack
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
DEB000
|
heap
|
page read and write
|
||
|
2C22000
|
heap
|
page read and write
|
||
|
15AE000
|
stack
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
30A9000
|
direct allocation
|
page execute and read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2BCB000
|
heap
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
259B000
|
stack
|
page read and write
|
||
|
2FB0000
|
unkown
|
page readonly
|
||
|
2C13000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
EAE000
|
heap
|
page read and write
|
||
|
6802000
|
system
|
page read and write
|
||
|
2DD6000
|
heap
|
page read and write
|
||
|
78A8000
|
heap
|
page read and write
|
||
|
810000
|
unkown
|
page readonly
|
||
|
EF1000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2F1E000
|
stack
|
page read and write
|
||
|
D24000
|
heap
|
page read and write
|
||
|
1122000
|
unkown
|
page read and write
|
||
|
3F1000
|
unkown
|
page execute read
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
DEB000
|
heap
|
page read and write
|
||
|
38D0000
|
direct allocation
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
CEE000
|
heap
|
page read and write
|
||
|
D77000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
5877000
|
system
|
page execute and read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
2BBE000
|
heap
|
page read and write
|
||
|
2F60000
|
unkown
|
page execute and read and write
|
||
|
2BD4000
|
heap
|
page read and write
|
||
|
3F1000
|
unkown
|
page execute read
|
||
|
F21000
|
unkown
|
page readonly
|
||
|
136E000
|
heap
|
page read and write
|
||
|
2FA0000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
86E000
|
stack
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
1E008510000
|
trusted library allocation
|
page read and write
|
||
|
39F9000
|
direct allocation
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
E50000
|
unkown
|
page readonly
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2B8A000
|
heap
|
page read and write
|
||
|
E30000
|
unkown
|
page readonly
|
||
|
810000
|
unkown
|
page readonly
|
||
|
3730000
|
direct allocation
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2BCE000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2F80000
|
direct allocation
|
page execute and read and write
|
||
|
2C00000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
D1B000
|
heap
|
page read and write
|
||
|
DEB000
|
heap
|
page read and write
|
||
|
2C09000
|
heap
|
page read and write
|
||
|
2F03000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
3FE000
|
unkown
|
page readonly
|
||
|
2BFD000
|
heap
|
page read and write
|
||
|
961000
|
unkown
|
page readonly
|
||
|
3123000
|
heap
|
page read and write
|
||
|
3251000
|
direct allocation
|
page execute and read and write
|
||
|
2C13000
|
heap
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
2C13000
|
heap
|
page read and write
|
||
|
CDC000
|
stack
|
page read and write
|
||
|
7875000
|
heap
|
page read and write
|
||
|
2B90000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
39A9000
|
direct allocation
|
page read and write
|
||
|
1210000
|
unkown
|
page readonly
|
||
|
2B2C000
|
heap
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
EF1000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
3FE000
|
unkown
|
page readonly
|
||
|
2C01000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
30AD000
|
direct allocation
|
page execute and read and write
|
||
|
2E05000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
5BC000
|
stack
|
page read and write
|
||
|
3853000
|
direct allocation
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
D36000
|
heap
|
page read and write
|
||
|
36E0000
|
direct allocation
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
18DF000
|
stack
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
7893000
|
heap
|
page read and write
|
||
|
FF0000
|
unkown
|
page readonly
|
||
|
2EA0000
|
unkown
|
page read and write
|
||
|
2D45000
|
heap
|
page read and write
|
||
|
39AD000
|
direct allocation
|
page read and write
|
||
|
2534000
|
heap
|
page read and write
|
||
|
7858000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
323F000
|
stack
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
D77000
|
heap
|
page read and write
|
||
|
2B38000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
E40000
|
unkown
|
page readonly
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
D77000
|
heap
|
page read and write
|
||
|
5F0000
|
unkown
|
page readonly
|
||
|
2F01000
|
heap
|
page read and write
|
||
|
1E0086B1000
|
trusted library allocation
|
page read and write
|
||
|
1E008320000
|
heap
|
page read and write
|
||
|
2BA4000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
25D8000
|
stack
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2EA0000
|
trusted library allocation
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2E05000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
3310000
|
direct allocation
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
2FB0000
|
unkown
|
page readonly
|
||
|
2B3D000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
CEA000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2540000
|
unkown
|
page readonly
|
||
|
1AC0000
|
heap
|
page read and write
|
||
|
3730000
|
direct allocation
|
page read and write
|
||
|
2C13000
|
heap
|
page read and write
|
||
|
2EEC000
|
unkown
|
page read and write
|
||
|
78B5000
|
heap
|
page read and write
|
||
|
1E008400000
|
trusted library allocation
|
page read and write
|
||
|
970000
|
unkown
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
159F000
|
stack
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
3F1000
|
unkown
|
page execute read
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
32D2000
|
unclassified section
|
page read and write
|
||
|
784B000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2B90000
|
direct allocation
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
2C13000
|
heap
|
page read and write
|
||
|
3FE000
|
unkown
|
page readonly
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
9B9000
|
unkown
|
page read and write
|
||
|
39A9000
|
direct allocation
|
page read and write
|
||
|
2B7F000
|
heap
|
page read and write
|
||
|
36CD000
|
direct allocation
|
page execute and read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
D77000
|
heap
|
page read and write
|
||
|
3A1E000
|
direct allocation
|
page read and write
|
||
|
2C13000
|
heap
|
page read and write
|
||
|
B90000
|
unkown
|
page readonly
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
57FA000
|
system
|
page execute and read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
3F0000
|
unkown
|
page readonly
|
||
|
39F9000
|
direct allocation
|
page read and write
|
||
|
3529000
|
direct allocation
|
page execute and read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
3994000
|
unclassified section
|
page read and write
|
||
|
7FAF000
|
stack
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2B80000
|
heap
|
page read and write
|
||
|
800000
|
unkown
|
page readonly
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
311E000
|
direct allocation
|
page execute and read and write
|
||
|
2534000
|
heap
|
page read and write
|
||
|
7B0000
|
unkown
|
page readonly
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
1E0081B0000
|
trusted library allocation
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
5F0000
|
unkown
|
page readonly
|
||
|
7930000
|
trusted library allocation
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2E19000
|
heap
|
page read and write
|
||
|
2B8A000
|
heap
|
page read and write
|
||
|
17DE000
|
stack
|
page read and write
|
||
|
3FE000
|
unkown
|
page readonly
|
||
|
33EC000
|
unclassified section
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2BF7000
|
heap
|
page read and write
|
||
|
2C13000
|
heap
|
page read and write
|
||
|
D5EEDFE000
|
stack
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
3853000
|
direct allocation
|
page read and write
|
||
|
2880000
|
heap
|
page read and write
|
||
|
7843000
|
heap
|
page read and write
|
||
|
3280000
|
direct allocation
|
page read and write
|
||
|
3FDC000
|
unclassified section
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
789B000
|
heap
|
page read and write
|
||
|
405000
|
unkown
|
page read and write
|
||
|
2B33000
|
heap
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
2C13000
|
heap
|
page read and write
|
||
|
3A88000
|
unkown
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
1E00690B000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C13000
|
heap
|
page read and write
|
||
|
1200000
|
unkown
|
page readonly
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
5823000
|
system
|
page execute and read and write
|
||
|
1A71000
|
unkown
|
page readonly
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
5820000
|
system
|
page execute and read and write
|
||
|
785F000
|
heap
|
page read and write
|
||
|
1350000
|
unkown
|
page readonly
|
||
|
2EF2000
|
unkown
|
page execute and read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2B2C000
|
heap
|
page read and write
|
||
|
57FC000
|
system
|
page execute and read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
1200000
|
unkown
|
page readonly
|
||
|
1389000
|
heap
|
page read and write
|
||
|
2C20000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
3000000
|
heap
|
page read and write
|
||
|
E40000
|
unkown
|
page readonly
|
||
|
83D000
|
unkown
|
page readonly
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
D6F000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
39AD000
|
direct allocation
|
page read and write
|
||
|
136E000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
30A2000
|
unkown
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
31BC000
|
unkown
|
page read and write
|
||
|
3A6E000
|
direct allocation
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
2C13000
|
heap
|
page read and write
|
||
|
86A000
|
unkown
|
page write copy
|
||
|
3A1E000
|
direct allocation
|
page read and write
|
||
|
787F000
|
heap
|
page read and write
|
||
|
EBA000
|
stack
|
page read and write
|
||
|
2B2E000
|
heap
|
page read and write
|
||
|
9B8000
|
heap
|
page read and write
|
||
|
3F0000
|
unkown
|
page readonly
|
||
|
337C000
|
unkown
|
page read and write
|
||
|
430000
|
unkown
|
page readonly
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
E30000
|
unkown
|
page readonly
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
1E0068B0000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
85E000
|
unkown
|
page readonly
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
5804000
|
system
|
page execute and read and write
|
||
|
440000
|
unkown
|
page readonly
|
||
|
2B3D000
|
heap
|
page read and write
|
||
|
2C13000
|
heap
|
page read and write
|
||
|
32C2000
|
direct allocation
|
page execute and read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
D77000
|
heap
|
page read and write
|
||
|
1311000
|
unkown
|
page readonly
|
||
|
7940000
|
trusted library allocation
|
page read and write
|
||
|
EF1000
|
heap
|
page read and write
|
||
|
78AB000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
7F6E000
|
stack
|
page read and write
|
||
|
7846000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
352D000
|
direct allocation
|
page execute and read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
785A000
|
heap
|
page read and write
|
||
|
B90000
|
unkown
|
page readonly
|
||
|
2F14000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2BE1000
|
heap
|
page read and write
|
||
|
27DC000
|
stack
|
page read and write
|
||
|
D77000
|
heap
|
page read and write
|
||
|
7850000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
1E008503000
|
trusted library allocation
|
page read and write
|
||
|
1E008601000
|
trusted library allocation
|
page read and write
|
||
|
3803000
|
direct allocation
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
1300000
|
unkown
|
page read and write
|
||
|
2AA0000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
15A0000
|
unkown
|
page readonly
|
||
|
D77000
|
heap
|
page read and write
|
||
|
4492000
|
unclassified section
|
page read and write
|
||
|
2F5E000
|
stack
|
page read and write
|
||
|
38D0000
|
direct allocation
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
CAF000
|
stack
|
page read and write
|
||
|
3A6E000
|
direct allocation
|
page read and write
|
||
|
332D000
|
heap
|
page read and write
|
||
|
3764000
|
unkown
|
page read and write
|
||
|
86A000
|
unkown
|
page read and write
|
||
|
7855000
|
heap
|
page read and write
|
||
|
1210000
|
unkown
|
page readonly
|
||
|
407000
|
unkown
|
page readonly
|
||
|
2530000
|
heap
|
page read and write
|
||
|
D77000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
39FD000
|
direct allocation
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
3329000
|
heap
|
page read and write
|
||
|
4BA000
|
stack
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2F10000
|
heap
|
page read and write
|
||
|
2AB0000
|
trusted library allocation
|
page read and write
|
||
|
E1C000
|
heap
|
page read and write
|
||
|
D24000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
C9B000
|
stack
|
page read and write
|
||
|
1330000
|
unkown
|
page read and write
|
||
|
D61000
|
heap
|
page read and write
|
||
|
D77000
|
heap
|
page read and write
|
||
|
2EA0000
|
trusted library allocation
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
2B9B000
|
heap
|
page read and write
|
||
|
3F0000
|
unkown
|
page readonly
|
||
|
1E008500000
|
trusted library allocation
|
page read and write
|
||
|
2F14000
|
heap
|
page read and write
|
||
|
2480000
|
unkown
|
page readonly
|
||
|
36E0000
|
direct allocation
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
7879000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
1311000
|
unkown
|
page readonly
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
1E008190000
|
heap
|
page read and write
|
||
|
1E006890000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
78B7000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2B9E000
|
heap
|
page read and write
|
||
|
39FD000
|
direct allocation
|
page read and write
|
||
|
3394000
|
heap
|
page read and write
|
||
|
D5EF5FF000
|
stack
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2F10000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
800000
|
unkown
|
page readonly
|
||
|
405000
|
unkown
|
page read and write
|
||
|
D77000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2BA4000
|
heap
|
page read and write
|
||
|
440000
|
unkown
|
page readonly
|
||
|
1360000
|
heap
|
page read and write
|
||
|
66D000
|
stack
|
page read and write
|
||
|
2B37000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
5BC000
|
stack
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
F20000
|
unkown
|
page readonly
|
||
|
FF0000
|
unkown
|
page readonly
|
||
|
2A70000
|
heap
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
3240000
|
direct allocation
|
page read and write
|
||
|
874000
|
unkown
|
page readonly
|
||
|
327D000
|
heap
|
page read and write
|
||
|
CBB000
|
stack
|
page read and write
|
||
|
2C21000
|
heap
|
page read and write
|
||
|
2C02000
|
heap
|
page read and write
|
There are 689 hidden memdumps, click here to show them.