Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Setup.exe
|
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\Gosse.com
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
modified
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_more.com_372e469ceb5bfc6b28195017a428fae683e4_8dec09d6_f736110d-adc2-45c8-961e-ed549c5547ba\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE90D.tmp.dmp
|
Mini DuMP crash report, 14 streams, Mon Nov 25 14:34:31 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE99B.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE9CA.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7ee79492
|
PNG image data, 3936 x 925, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7fda8a8e
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\xwharpgq
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Setup.exe
|
"C:\Users\user\Desktop\Setup.exe"
|
|
|
|
C:\Windows\SysWOW64\more.com
|
C:\Windows\SysWOW64\more.com
|
|
|
|
C:\Users\user\AppData\Local\Temp\Gosse.com
|
C:\Users\user~1\AppData\Local\Temp\Gosse.com
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 6596 -s 340
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
s1gn1fyh0se.cyou
|
|
||
|
http://www.mylanviewer.com/version2.txt
|
unknown
|
||
|
https://www.mylanviewer.com/home.html
|
unknown
|
||
|
https://www.mylanviewer.com/registers.htmlArialRegistration
|
unknown
|
||
|
http://www.vmware.com/0
|
unknown
|
||
|
http://www.symauth.com/rpa00
|
unknown
|
||
|
https://www.mylanviewer.com/registers.html
|
unknown
|
||
|
http://www.mylanviewer.com/showip.php
|
unknown
|
||
|
http://www.info-zip.org/
|
unknown
|
||
|
http://www.vmware.com/0/
|
unknown
|
||
|
http://%ipFTPftp://%ipPingcmd.exe/K
|
unknown
|
||
|
http://www.mylanviewer.com/myshowip.php
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://www.autoitscript.com/autoit3/X
|
unknown
|
||
|
http://www.mylanviewer.com/myshowip.phpMyLanViewerhttp://www.mylanviewer.com/myshowip.php0
|
unknown
|
||
|
p10tgrace.sbs
|
|||
|
p3ar11fter.sbs
|
|||
|
https://www.autoitscript.com/autoit3/
|
unknown
|
||
|
http://www.symauth.com/cps0(
|
unknown
|
||
|
http://www.mylanviewer.com/showip.phpl
|
unknown
|
||
|
peepburry828.sbs
|
|||
|
processhol.sbs
|
|||
|
https://www.mylanviewer.com/home.htmlopenhttps://www.mylanviewer.com/registers.htmlhttps://www.mylan
|
unknown
|
There are 13 hidden URLs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3290000
|
direct allocation
|
page read and write
|
|
|
|
D57000
|
unkown
|
page execute read
|
||
|
F4E000
|
unkown
|
page execute read
|
||
|
F8C000
|
unkown
|
page execute read
|
||
|
DA7000
|
unkown
|
page execute read
|
||
|
1045000
|
unkown
|
page execute read
|
||
|
6B89000
|
heap
|
page read and write
|
||
|
3FCD000
|
direct allocation
|
page read and write
|
||
|
108D000
|
unkown
|
page execute read
|
||
|
1BDE000
|
stack
|
page read and write
|
||
|
375F000
|
stack
|
page read and write
|
||
|
1057000
|
unkown
|
page execute read
|
||
|
EA2000
|
unkown
|
page execute read
|
||
|
839F000
|
unkown
|
page read and write
|
||
|
DE1000
|
unkown
|
page execute read
|
||
|
FD6000
|
unkown
|
page execute read
|
||
|
39E1000
|
direct allocation
|
page read and write
|
||
|
EBE000
|
unkown
|
page execute read
|
||
|
E45000
|
unkown
|
page execute read
|
||
|
1077000
|
unkown
|
page execute read
|
||
|
6FE000
|
unkown
|
page read and write
|
||
|
ED6000
|
unkown
|
page execute read
|
||
|
E29000
|
unkown
|
page execute read
|
||
|
3997000
|
direct allocation
|
page read and write
|
||
|
DFA000
|
unkown
|
page execute read
|
||
|
6AEE000
|
heap
|
page read and write
|
||
|
1CEE000
|
heap
|
page read and write
|
||
|
D0C000
|
unkown
|
page readonly
|
||
|
110F000
|
unkown
|
page execute read
|
||
|
72ED000
|
trusted library allocation
|
page read and write
|
||
|
84D7000
|
unkown
|
page read and write
|
||
|
3A03000
|
direct allocation
|
page read and write
|
||
|
4060000
|
heap
|
page read and write
|
||
|
F01000
|
unkown
|
page execute read
|
||
|
1C50000
|
heap
|
page read and write
|
||
|
3A73000
|
direct allocation
|
page read and write
|
||
|
10FA000
|
unkown
|
page execute read
|
||
|
1113000
|
unkown
|
page execute read
|
||
|
FB8000
|
unkown
|
page execute read
|
||
|
4C38000
|
heap
|
page read and write
|
||
|
10EB000
|
unkown
|
page execute read
|
||
|
1086000
|
unkown
|
page execute read
|
||
|
D0C000
|
unkown
|
page readonly
|
||
|
1CC1000
|
heap
|
page read and write
|
||
|
1D15000
|
heap
|
page read and write
|
||
|
8119000
|
trusted library allocation
|
page read and write
|
||
|
10AA000
|
unkown
|
page execute read
|
||
|
D15000
|
unkown
|
page execute read
|
||
|
DF1000
|
unkown
|
page execute read
|
||
|
E1C000
|
unkown
|
page execute read
|
||
|
10FC000
|
unkown
|
page execute read
|
||
|
D9A000
|
unkown
|
page execute read
|
||
|
DB0000
|
unkown
|
page execute read
|
||
|
E7F000
|
unkown
|
page execute read
|
||
|
F0C000
|
unkown
|
page execute read
|
||
|
DD8000
|
unkown
|
page execute read
|
||
|
F95000
|
unkown
|
page execute read
|
||
|
D75000
|
unkown
|
page execute read
|
||
|
D51000
|
unkown
|
page execute read
|
||
|
1D4A000
|
heap
|
page read and write
|
||
|
F7C000
|
unkown
|
page execute read
|
||
|
6AF2000
|
heap
|
page read and write
|
||
|
F35000
|
unkown
|
page execute read
|
||
|
397E000
|
direct allocation
|
page read and write
|
||
|
EF2000
|
unkown
|
page execute read
|
||
|
F92000
|
unkown
|
page execute read
|
||
|
735E000
|
trusted library allocation
|
page read and write
|
||
|
E3A000
|
unkown
|
page execute read
|
||
|
3A83000
|
direct allocation
|
page read and write
|
||
|
39CB000
|
direct allocation
|
page read and write
|
||
|
102B000
|
unkown
|
page execute read
|
||
|
3FAD000
|
direct allocation
|
page read and write
|
||
|
1030000
|
unkown
|
page execute read
|
||
|
1042000
|
unkown
|
page execute read
|
||
|
E9E000
|
unkown
|
page execute read
|
||
|
E24000
|
unkown
|
page execute read
|
||
|
635000
|
unkown
|
page readonly
|
||
|
DCA000
|
unkown
|
page execute read
|
||
|
1F40000
|
heap
|
page read and write
|
||
|
109F000
|
unkown
|
page execute read
|
||
|
D93000
|
unkown
|
page execute read
|
||
|
E48000
|
unkown
|
page execute read
|
||
|
4FF1000
|
trusted library allocation
|
page read and write
|
||
|
409F000
|
heap
|
page read and write
|
||
|
1070000
|
unkown
|
page execute read
|
||
|
17A9000
|
unkown
|
page readonly
|
||
|
3010000
|
direct allocation
|
page read and write
|
||
|
80AF000
|
unkown
|
page read and write
|
||
|
F65000
|
unkown
|
page execute read
|
||
|
1049000
|
unkown
|
page execute read
|
||
|
3960000
|
direct allocation
|
page read and write
|
||
|
F07000
|
unkown
|
page execute read
|
||
|
7745000
|
heap
|
page read and write
|
||
|
113A000
|
unkown
|
page read and write
|
||
|
E59000
|
unkown
|
page execute read
|
||
|
E66000
|
unkown
|
page execute read
|
||
|
3087000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1CCA000
|
heap
|
page read and write
|
||
|
FE2000
|
unkown
|
page execute read
|
||
|
635000
|
unkown
|
page readonly
|
||
|
1021000
|
unkown
|
page execute read
|
||
|
5511000
|
unkown
|
page read and write
|
||
|
DF5000
|
unkown
|
page execute read
|
||
|
10B0000
|
unkown
|
page execute read
|
||
|
EA7000
|
unkown
|
page execute read
|
||
|
DFE000
|
unkown
|
page execute read
|
||
|
1066000
|
unkown
|
page execute read
|
||
|
FA3000
|
unkown
|
page execute read
|
||
|
D9C000
|
unkown
|
page execute read
|
||
|
DA1000
|
unkown
|
page execute read
|
||
|
3991000
|
direct allocation
|
page read and write
|
||
|
D55000
|
unkown
|
page execute read
|
||
|
F90000
|
unkown
|
page execute read
|
||
|
DCD000
|
unkown
|
page execute read
|
||
|
561000
|
unkown
|
page execute read
|
||
|
1C99000
|
heap
|
page read and write
|
||
|
E10000
|
unkown
|
page execute read
|
||
|
1C8A000
|
heap
|
page read and write
|
||
|
110000
|
heap
|
page read and write
|
||
|
6FE000
|
unkown
|
page write copy
|
||
|
1054000
|
unkown
|
page execute read
|
||
|
1F45000
|
heap
|
page read and write
|
||
|
5BBB000
|
heap
|
page read and write
|
||
|
D7D000
|
unkown
|
page execute read
|
||
|
6C1C000
|
heap
|
page read and write
|
||
|
631000
|
unkown
|
page write copy
|
||
|
DEE000
|
unkown
|
page execute read
|
||
|
399D000
|
direct allocation
|
page read and write
|
||
|
6AD1000
|
heap
|
page read and write
|
||
|
1B9E000
|
stack
|
page read and write
|
||
|
F0E000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
D39000
|
unkown
|
page execute read
|
||
|
D02000
|
unkown
|
page read and write
|
||
|
DC4000
|
unkown
|
page execute read
|
||
|
F6D000
|
unkown
|
page execute read
|
||
|
EB3000
|
unkown
|
page execute read
|
||
|
631000
|
unkown
|
page write copy
|
||
|
7FBB0000
|
direct allocation
|
page read and write
|
||
|
E42000
|
unkown
|
page execute read
|
||
|
72E9000
|
trusted library allocation
|
page read and write
|
||
|
1129000
|
unkown
|
page execute read
|
||
|
1137000
|
unkown
|
page execute read
|
||
|
5411000
|
unkown
|
page read and write
|
||
|
1CCA000
|
heap
|
page read and write
|
||
|
3970000
|
direct allocation
|
page read and write
|
||
|
10AE000
|
unkown
|
page execute read
|
||
|
113B000
|
unkown
|
page execute read
|
||
|
1109000
|
unkown
|
page execute read
|
||
|
42B5000
|
heap
|
page read and write
|
||
|
E6F000
|
unkown
|
page execute read
|
||
|
FEC000
|
unkown
|
page execute read
|
||
|
10EE000
|
unkown
|
page execute read
|
||
|
D4B000
|
unkown
|
page execute read
|
||
|
31B4000
|
heap
|
page read and write
|
||
|
3977000
|
direct allocation
|
page read and write
|
||
|
31B4000
|
heap
|
page read and write
|
||
|
2D9B000
|
stack
|
page read and write
|
||
|
1C20000
|
heap
|
page read and write
|
||
|
F38000
|
unkown
|
page execute read
|
||
|
7737000
|
heap
|
page read and write
|
||
|
100B000
|
unkown
|
page execute read
|
||
|
406000
|
unkown
|
page execute read
|
||
|
1123000
|
unkown
|
page execute read
|
||
|
FE9000
|
unkown
|
page execute read
|
||
|
1C33000
|
heap
|
page read and write
|
||
|
6E17000
|
heap
|
page read and write
|
||
|
3FEC000
|
direct allocation
|
page read and write
|
||
|
518D000
|
direct allocation
|
page read and write
|
||
|
80E000
|
unkown
|
page read and write
|
||
|
EE3000
|
unkown
|
page execute read
|
||
|
400A000
|
direct allocation
|
page read and write
|
||
|
FDF000
|
unkown
|
page execute read
|
||
|
E0D000
|
unkown
|
page execute read
|
||
|
5411000
|
unkown
|
page read and write
|
||
|
1052000
|
unkown
|
page execute read
|
||
|
39AA000
|
direct allocation
|
page read and write
|
||
|
1CBC000
|
heap
|
page read and write
|
||
|
F12000
|
unkown
|
page execute read
|
||
|
621000
|
unkown
|
page readonly
|
||
|
FAD000
|
unkown
|
page execute read
|
||
|
FF6000
|
unkown
|
page execute read
|
||
|
ECC000
|
unkown
|
page execute read
|
||
|
104F000
|
unkown
|
page execute read
|
||
|
1033000
|
unkown
|
page execute read
|
||
|
10D9000
|
unkown
|
page execute read
|
||
|
EA0000
|
unkown
|
page execute read
|
||
|
395F000
|
stack
|
page read and write
|
||
|
10AC000
|
unkown
|
page execute read
|
||
|
10CA000
|
unkown
|
page execute read
|
||
|
EDE000
|
unkown
|
page execute read
|
||
|
D1F000
|
unkown
|
page execute read
|
||
|
3FB9000
|
direct allocation
|
page read and write
|
||
|
3A91000
|
direct allocation
|
page read and write
|
||
|
62D000
|
unkown
|
page write copy
|
||
|
41BC000
|
stack
|
page read and write
|
||
|
1C30000
|
heap
|
page read and write
|
||
|
2D5C000
|
stack
|
page read and write
|
||
|
65BB000
|
heap
|
page read and write
|
||
|
39A4000
|
direct allocation
|
page read and write
|
||
|
111C000
|
unkown
|
page execute read
|
||
|
1120000
|
unkown
|
page execute read
|
||
|
1097000
|
unkown
|
page execute read
|
||
|
DC6000
|
unkown
|
page execute read
|
||
|
39B0000
|
direct allocation
|
page read and write
|
||
|
71C0000
|
trusted library allocation
|
page read and write
|
||
|
5FD000
|
unkown
|
page readonly
|
||
|
ED8000
|
unkown
|
page execute read
|
||
|
62D000
|
unkown
|
page write copy
|
||
|
1094000
|
unkown
|
page execute read
|
||
|
560000
|
unkown
|
page readonly
|
||
|
3FC0000
|
direct allocation
|
page read and write
|
||
|
FA1000
|
unkown
|
page execute read
|
||
|
3A8A000
|
direct allocation
|
page read and write
|
||
|
3F7B000
|
direct allocation
|
page read and write
|
||
|
1CE5000
|
heap
|
page read and write
|
||
|
560000
|
unkown
|
page readonly
|
||
|
1B4C000
|
stack
|
page read and write
|
||
|
D62000
|
unkown
|
page execute read
|
||
|
D4E000
|
unkown
|
page execute read
|
||
|
3F81000
|
direct allocation
|
page read and write
|
||
|
EED000
|
unkown
|
page execute read
|
||
|
1060000
|
unkown
|
page execute read
|
||
|
F18000
|
unkown
|
page execute read
|
||
|
805000
|
unkown
|
page read and write
|
||
|
3A1C000
|
direct allocation
|
page read and write
|
||
|
10A1000
|
unkown
|
page execute read
|
||
|
7432000
|
heap
|
page read and write
|
||
|
3360000
|
heap
|
page read and write
|
||
|
F49000
|
unkown
|
page execute read
|
||
|
5410000
|
unkown
|
page read and write
|
||
|
44BE000
|
stack
|
page read and write
|
||
|
107C000
|
unkown
|
page execute read
|
||
|
E04000
|
unkown
|
page execute read
|
||
|
E61000
|
unkown
|
page execute read
|
||
|
F75000
|
unkown
|
page execute read
|
||
|
FB1000
|
unkown
|
page execute read
|
||
|
561000
|
unkown
|
page execute read
|
||
|
1CD3000
|
heap
|
page read and write
|
||
|
10BC000
|
unkown
|
page execute read
|
||
|
112B000
|
unkown
|
page execute read
|
||
|
D41000
|
unkown
|
page execute read
|
||
|
FC3000
|
unkown
|
page execute read
|
||
|
F04000
|
unkown
|
page execute read
|
||
|
EC1000
|
unkown
|
page execute read
|
||
|
F1C000
|
unkown
|
page execute read
|
||
|
1B47000
|
stack
|
page read and write
|
||
|
3FC7000
|
direct allocation
|
page read and write
|
||
|
4EB9000
|
trusted library allocation
|
page read and write
|
||
|
E91000
|
unkown
|
page execute read
|
||
|
3000000
|
heap
|
page read and write
|
||
|
1019000
|
unkown
|
page execute read
|
||
|
4B15000
|
heap
|
page read and write
|
||
|
FF8000
|
unkown
|
page execute read
|
||
|
EBA000
|
unkown
|
page execute read
|
||
|
3FDB000
|
direct allocation
|
page read and write
|
||
|
E4E000
|
unkown
|
page execute read
|
||
|
DA3000
|
unkown
|
page execute read
|
||
|
D29000
|
unkown
|
page execute read
|
||
|
D6A000
|
unkown
|
page execute read
|
||
|
760D000
|
heap
|
page read and write
|
||
|
4E70000
|
trusted library allocation
|
page read and write
|
||
|
E18000
|
unkown
|
page execute read
|
||
|
4080000
|
heap
|
page read and write
|
||
|
F51000
|
unkown
|
page execute read
|
||
|
1832000
|
unkown
|
page readonly
|
||
|
7029000
|
heap
|
page read and write
|
||
|
ED0000
|
unkown
|
page execute read
|
||
|
EBC000
|
unkown
|
page execute read
|
||
|
D88000
|
unkown
|
page execute read
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
1CD0000
|
heap
|
page read and write
|
||
|
39C4000
|
direct allocation
|
page read and write
|
||
|
1082000
|
unkown
|
page execute read
|
||
|
10DE000
|
unkown
|
page execute read
|
||
|
1036000
|
unkown
|
page execute read
|
||
|
1004000
|
unkown
|
page execute read
|
||
|
FF3000
|
unkown
|
page execute read
|
||
|
E12000
|
unkown
|
page execute read
|
||
|
E6C000
|
unkown
|
page execute read
|
||
|
FB3000
|
unkown
|
page execute read
|
||
|
3964000
|
direct allocation
|
page read and write
|
||
|
1797000
|
unkown
|
page readonly
|
||
|
39E8000
|
direct allocation
|
page read and write
|
||
|
1100000
|
unkown
|
page execute read
|
||
|
FD2000
|
unkown
|
page execute read
|
||
|
10CE000
|
unkown
|
page execute read
|
||
|
621000
|
unkown
|
page readonly
|
||
|
107A000
|
unkown
|
page execute read
|
||
|
F5A000
|
unkown
|
page execute read
|
||
|
F88000
|
unkown
|
page execute read
|
||
|
D81000
|
unkown
|
page execute read
|
||
|
D32000
|
unkown
|
page execute read
|
||
|
F3F000
|
unkown
|
page execute read
|
||
|
3A64000
|
direct allocation
|
page read and write
|
||
|
E52000
|
unkown
|
page execute read
|
||
|
E14000
|
unkown
|
page execute read
|
||
|
39F2000
|
direct allocation
|
page read and write
|
||
|
4005000
|
direct allocation
|
page read and write
|
||
|
1040000
|
unkown
|
page execute read
|
||
|
3080000
|
heap
|
page read and write
|
||
|
4081000
|
heap
|
page read and write
|
||
|
97000
|
stack
|
page read and write
|
||
|
E54000
|
unkown
|
page execute read
|
||
|
18CE000
|
unkown
|
page readonly
|
||
|
EB5000
|
unkown
|
page execute read
|
||
|
F62000
|
unkown
|
page execute read
|
||
|
EC3000
|
unkown
|
page execute read
|
||
|
112F000
|
unkown
|
page execute read
|
||
|
42B2000
|
heap
|
page read and write
|
||
|
1595000
|
unkown
|
page readonly
|
||
|
F7000
|
heap
|
page read and write
|
||
|
8250000
|
unkown
|
page read and write
|
||
|
192A000
|
unkown
|
page readonly
|
||
|
1837000
|
unkown
|
page readonly
|
||
|
D8F000
|
unkown
|
page execute read
|
||
|
F56000
|
unkown
|
page execute read
|
||
|
42B0000
|
heap
|
page read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
D30000
|
unkown
|
page execute read
|
||
|
82CA000
|
unkown
|
page read and write
|
||
|
4081000
|
heap
|
page read and write
|
||
|
3A48000
|
direct allocation
|
page read and write
|
||
|
3FE7000
|
direct allocation
|
page read and write
|
||
|
D6C000
|
unkown
|
page execute read
|
||
|
1014000
|
unkown
|
page execute read
|
||
|
6F10000
|
heap
|
page read and write
|
||
|
5511000
|
unkown
|
page read and write
|
||
|
D43000
|
unkown
|
page execute read
|
||
|
10BF000
|
unkown
|
page execute read
|
||
|
1CEE000
|
heap
|
page read and write
|
||
|
E01000
|
unkown
|
page execute read
|
||
|
100F000
|
unkown
|
page execute read
|
||
|
5060000
|
direct allocation
|
page read and write
|
||
|
3A0D000
|
direct allocation
|
page read and write
|
||
|
104B000
|
unkown
|
page execute read
|
||
|
1102000
|
unkown
|
page execute read
|
||
|
3A39000
|
direct allocation
|
page read and write
|
||
|
1090000
|
unkown
|
page execute read
|
||
|
103D000
|
unkown
|
page execute read
|
||
|
396B000
|
direct allocation
|
page read and write
|
||
|
1C60000
|
direct allocation
|
page execute and read and write
|
||
|
1016000
|
unkown
|
page execute read
|
||
|
E3D000
|
unkown
|
page execute read
|
||
|
3A24000
|
direct allocation
|
page read and write
|
||
|
109A000
|
unkown
|
page execute read
|
||
|
F5000
|
heap
|
page read and write
|
||
|
6A85000
|
heap
|
page read and write
|
||
|
3FF7000
|
direct allocation
|
page read and write
|
||
|
3A2B000
|
direct allocation
|
page read and write
|
||
|
FCD000
|
unkown
|
page execute read
|
||
|
F9A000
|
unkown
|
page execute read
|
||
|
42B5000
|
heap
|
page read and write
|
||
|
101E000
|
unkown
|
page execute read
|
||
|
E37000
|
unkown
|
page execute read
|
||
|
D8D000
|
unkown
|
page execute read
|
||
|
EF9000
|
unkown
|
page execute read
|
||
|
10B5000
|
unkown
|
page execute read
|
||
|
1038000
|
unkown
|
page execute read
|
||
|
DE8000
|
unkown
|
page execute read
|
||
|
F0000
|
heap
|
page read and write
|
||
|
105A000
|
unkown
|
page execute read
|
||
|
FA6000
|
unkown
|
page execute read
|
||
|
7EA0000
|
trusted library allocation
|
page read and write
|
||
|
F43000
|
unkown
|
page execute read
|
||
|
EE1000
|
unkown
|
page execute read
|
||
|
1BF0000
|
heap
|
page read and write
|
||
|
F3B000
|
unkown
|
page execute read
|
||
|
EAB000
|
unkown
|
page execute read
|
||
|
5510000
|
unkown
|
page read and write
|
||
|
D00000
|
unkown
|
page read and write
|
||
|
6D3F000
|
heap
|
page read and write
|
||
|
6BE5000
|
heap
|
page read and write
|
||
|
E2F000
|
unkown
|
page execute read
|
||
|
6A52000
|
heap
|
page read and write
|
||
|
5FD000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
10F8000
|
unkown
|
page execute read
|
||
|
FFC000
|
unkown
|
page execute read
|
||
|
3FFE000
|
direct allocation
|
page read and write
|
||
|
1C80000
|
heap
|
page read and write
|
||
|
107F000
|
unkown
|
page execute read
|
||
|
3F51000
|
direct allocation
|
page read and write
|
||
|
E5B000
|
unkown
|
page execute read
|
||
|
8356000
|
unkown
|
page read and write
|
||
|
FC9000
|
unkown
|
page execute read
|
||
|
6A63000
|
heap
|
page read and write
|
||
|
F28000
|
unkown
|
page execute read
|
||
|
DD4000
|
unkown
|
page execute read
|
||
|
1106000
|
unkown
|
page execute read
|
||
|
3FD4000
|
direct allocation
|
page read and write
|
||
|
F2B000
|
unkown
|
page execute read
|
||
|
D13000
|
unkown
|
page execute read
|
||
|
EE8000
|
unkown
|
page execute read
|
||
|
4FE2000
|
trusted library allocation
|
page read and write
|
||
|
39B5000
|
direct allocation
|
page read and write
|
||
|
3A32000
|
direct allocation
|
page read and write
|
||
|
F80000
|
unkown
|
page execute read
|
||
|
D3B000
|
unkown
|
page execute read
|
||
|
10D3000
|
unkown
|
page execute read
|
||
|
398C000
|
direct allocation
|
page read and write
|
||
|
39BD000
|
direct allocation
|
page read and write
|
||
|
5189000
|
direct allocation
|
page read and write
|
||
|
105E000
|
unkown
|
page execute read
|
||
|
F2E000
|
unkown
|
page execute read
|
||
|
10F2000
|
unkown
|
page execute read
|
||
|
3FB3000
|
direct allocation
|
page read and write
|
||
|
3FA7000
|
direct allocation
|
page read and write
|
||
|
51FE000
|
direct allocation
|
page read and write
|
||
|
F1F000
|
unkown
|
page execute read
|
||
|
EB0000
|
unkown
|
page execute read
|
||
|
F7000
|
heap
|
page read and write
|
||
|
3A4F000
|
direct allocation
|
page read and write
|
||
|
82BA000
|
trusted library allocation
|
page read and write
|
||
|
3FF2000
|
direct allocation
|
page read and write
|
||
|
D17000
|
unkown
|
page execute read
|
||
|
E7C000
|
unkown
|
page execute read
|
||
|
106E000
|
unkown
|
page execute read
|
||
|
1CE6000
|
heap
|
page read and write
|
||
|
FBB000
|
unkown
|
page execute read
|
||
|
F84000
|
unkown
|
page execute read
|
||
|
103B000
|
unkown
|
page execute read
|
||
|
E26000
|
unkown
|
page execute read
|
||
|
E79000
|
unkown
|
page execute read
|
||
|
F60000
|
unkown
|
page execute read
|
||
|
DDE000
|
unkown
|
page execute read
|
There are 417 hidden memdumps, click here to show them.