Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
jlPBMMQbXC.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\Public\Libraries\Selebzih
|
data
|
dropped
|
|
|
|
C:\Users\Public\Libraries\Selebzih.PIF
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Selebzih.url
|
MS Windows 95 Internet shortcut text (URL=<file:"C:\\Users\\Public\\Libraries\\Selebzih.PIF">), ASCII text, with CRLF line
terminators
|
dropped
|
|
|
|
C:\Users\Public\Libraries\PNO
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\Public\Libraries\hizbeleS.cmd
|
DOS batch file, Unicode text, UTF-8 text, with very long lines (324), with CRLF line terminators
|
dropped
|
||
|
C:\Users\Public\alpha.pif
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF, CR line terminators
|
dropped
|
||
|
\Device\Null
|
ASCII text, with CRLF, CR line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\jlPBMMQbXC.exe
|
"C:\Users\user\Desktop\jlPBMMQbXC.exe"
|
|
|
|
C:\Windows\SysWOW64\esentutl.exe
|
C:\\Windows\\System32\\esentutl /y C:\\Windows\\System32\\cmd.exe /d C:\\Users\\Public\\alpha.pif /o
|
|
|
|
C:\Windows\SysWOW64\esentutl.exe
|
C:\\Windows\\System32\\esentutl.exe /y C:\Users\user\Desktop\jlPBMMQbXC.exe /d C:\\Users\\Public\\Libraries\\Selebzih.PIF
/o
|
|
|
|
C:\Windows\SysWOW64\SndVol.exe
|
C:\Windows\System32\SndVol.exe
|
|
|
|
C:\Users\Public\Libraries\Selebzih.PIF
|
"C:\Users\Public\Libraries\Selebzih.PIF"
|
|
|
|
C:\Windows\SysWOW64\SndVol.exe
|
C:\Windows\System32\SndVol.exe
|
|
|
|
C:\Users\Public\Libraries\Selebzih.PIF
|
"C:\Users\Public\Libraries\Selebzih.PIF"
|
|
|
|
C:\Windows\SysWOW64\colorcpl.exe
|
C:\Windows\System32\colorcpl.exe
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Users\Public\Libraries\hizbeleS.cmd" "
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
pentester0.accesscam.org
|
|
||
|
archived.zapto.org
|
|
||
|
https://alfanar01-my.sharepoint.com/:u:/g/personal/huzaifa_alfanargas_com/EbcBi98Fae9PrYH7LpmiSQMBlK
|
unknown
|
|
|
|
https://alfanar01-my.sharepoint.com/:u:/g/personal/huzaifa_alfanargas_com/EbcBi98Fae9PrYH7LpmiSQMBlKcC8bPaqfGiqmGYrLTf6w?e=8qbxqz&download=1
|
13.107.136.10
|
|
|
|
https://alfanar01-my.sharepoint.com/
|
unknown
|
|
|
|
honeypotresearchteam.duckdns.org
|
|
||
|
https://lightstone.ae/image/233_Selebzihtih
|
162.19.139.102
|
|
|
|
https://lightstone.ae/
|
unknown
|
|
|
|
http://crl.sectigo.com/SectigoPublicCodeSigningCAEVR36.crl0
|
unknown
|
||
|
https://alfanar01-my.sharepoint.com/personal/huzaifa_alfanargas_com/Documents/233_Selebzihtih?ga=1
|
13.107.136.10
|
||
|
https://lightstone.ae/image/233_Selebzihtihv
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
https://lightstone.ae:443/image/233_SelebzihtihzOEROSitPOExnUGlYeGtYV2hLMGY0YTNpZXRqOUJNTWJTWXJiYXBJ
|
unknown
|
||
|
http://crt.sectigo.com/SectigoPublicCodeSigningCAEVR36.crt0#
|
unknown
|
||
|
https://alfanar01-my.sharepoint.com/personal/huzaifa_alfanargas_com/Documents/233_Selebzihtih?ga=1Z
|
unknown
|
||
|
http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#
|
unknown
|
||
|
http://hydros.8k.com
|
unknown
|
||
|
http://geoplugin.net/json.gp
|
unknown
|
||
|
http://geoplugin.net/json.gp/C
|
unknown
|
||
|
https://spo.nel.measure.office.net/api/report?tenantId=91742063-fccc-4cba-b34b-69be54e484e8&desusert
|
unknown
|
||
|
http://www.pmail.com
|
unknown
|
||
|
https://alfanar01-my.sharepoint.com:443/:u:/g/personal/huzaifa_alfanargas_com/EbcBi98Fae9PrYH7LpmiSQ
|
unknown
|
||
|
http://ocsp.sectigo.com0C
|
unknown
|
There are 15 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
lightstone.ae
|
162.19.139.102
|
|
|
|
pentester0.accesscam.org
|
103.186.117.159
|
|
|
|
honeypotresearchteam.duckdns.org
|
103.186.117.159
|
|
|
|
alfanar01-my.sharepoint.com
|
unknown
|
|
|
|
archived.zapto.org
|
unknown
|
|
|
|
dual-spo-0005.spo-msedge.net
|
13.107.136.10
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
162.19.139.102
|
lightstone.ae
|
United States
|
|
|
|
103.186.117.159
|
pentester0.accesscam.org
|
unknown
|
|
|
|
13.107.136.10
|
dual-spo-0005.spo-msedge.net
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Selebzih
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Resignation-X9RTX9
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Resignation-X9RTX9
|
licence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Resignation-X9RTX9
|
time
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\1e\417C44EB
|
@%systemroot%\system32\colorui.dll,-1400
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ICM\ProfileAssociations\Print\Fax
|
UsePerUserProfiles
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
25DD000
|
heap
|
page read and write
|
|
|
|
400000
|
direct allocation
|
page execute and read and write
|
|
|
|
77D0000
|
remote allocation
|
page execute and read and write
|
|
|
|
4420000
|
remote allocation
|
page execute and read and write
|
|
|
|
29130000
|
direct allocation
|
page execute and read and write
|
|
|
|
65E000
|
stack
|
page read and write
|
||
|
3460000
|
heap
|
page read and write
|
||
|
DB8E000
|
stack
|
page read and write
|
||
|
4F1C000
|
heap
|
page read and write
|
||
|
4E7E000
|
stack
|
page read and write
|
||
|
E633000
|
heap
|
page read and write
|
||
|
5420000
|
direct allocation
|
page read and write
|
||
|
24D5000
|
heap
|
page read and write
|
||
|
7F100000
|
direct allocation
|
page read and write
|
||
|
DF3F000
|
stack
|
page read and write
|
||
|
2300000
|
direct allocation
|
page execute and read and write
|
||
|
251F000
|
stack
|
page read and write
|
||
|
7EA70000
|
direct allocation
|
page read and write
|
||
|
2474000
|
direct allocation
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
9FF000
|
stack
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
81E000
|
heap
|
page read and write
|
||
|
4AD9000
|
stack
|
page read and write
|
||
|
4F6B000
|
heap
|
page read and write
|
||
|
B2E000
|
stack
|
page read and write
|
||
|
34A3000
|
heap
|
page read and write
|
||
|
2350000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
EA70000
|
heap
|
page read and write
|
||
|
EA88000
|
heap
|
page read and write
|
||
|
23E1000
|
direct allocation
|
page read and write
|
||
|
E46F000
|
heap
|
page read and write
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
358E000
|
stack
|
page read and write
|
||
|
DCCE000
|
stack
|
page read and write
|
||
|
34A4000
|
heap
|
page read and write
|
||
|
7ECC0000
|
direct allocation
|
page read and write
|
||
|
33FF000
|
heap
|
page read and write
|
||
|
7F9000
|
heap
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
4B1B000
|
stack
|
page read and write
|
||
|
7EADF000
|
direct allocation
|
page read and write
|
||
|
7F2B0000
|
direct allocation
|
page read and write
|
||
|
7EC00000
|
direct allocation
|
page read and write
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
2583000
|
heap
|
page read and write
|
||
|
33D8000
|
heap
|
page read and write
|
||
|
7F230000
|
direct allocation
|
page read and write
|
||
|
E200000
|
remote allocation
|
page read and write
|
||
|
A30000
|
direct allocation
|
page execute and read and write
|
||
|
542B000
|
direct allocation
|
page read and write
|
||
|
23E6000
|
direct allocation
|
page read and write
|
||
|
480000
|
unkown
|
page read and write
|
||
|
47E000
|
unkown
|
page read and write
|
||
|
472000
|
unkown
|
page read and write
|
||
|
2C1B000
|
direct allocation
|
page execute and read and write
|
||
|
34A3000
|
heap
|
page read and write
|
||
|
34A3000
|
heap
|
page read and write
|
||
|
342C000
|
heap
|
page read and write
|
||
|
21B0000
|
heap
|
page read and write
|
||
|
3EDC000
|
stack
|
page read and write
|
||
|
ABC000
|
stack
|
page read and write
|
||
|
4BF0000
|
heap
|
page read and write
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
2CD7000
|
direct allocation
|
page execute and read and write
|
||
|
ED3A000
|
direct allocation
|
page read and write
|
||
|
4EA0000
|
heap
|
page read and write
|
||
|
340A000
|
heap
|
page read and write
|
||
|
7EC000
|
heap
|
page read and write
|
||
|
342D000
|
heap
|
page read and write
|
||
|
34A3000
|
heap
|
page read and write
|
||
|
EDB7000
|
heap
|
page read and write
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
7FB40000
|
direct allocation
|
page read and write
|
||
|
58E000
|
stack
|
page read and write
|
||
|
556D000
|
stack
|
page read and write
|
||
|
2115000
|
stack
|
page read and write
|
||
|
31B8000
|
heap
|
page read and write
|
||
|
34A3000
|
heap
|
page read and write
|
||
|
472000
|
unkown
|
page read and write
|
||
|
7F09F000
|
direct allocation
|
page read and write
|
||
|
E63E000
|
heap
|
page read and write
|
||
|
834000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
71E000
|
heap
|
page read and write
|
||
|
77E000
|
heap
|
page read and write
|
||
|
7EB4F000
|
direct allocation
|
page read and write
|
||
|
DB8E000
|
stack
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
2DCE000
|
direct allocation
|
page execute and read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
E0BE000
|
stack
|
page read and write
|
||
|
28D7000
|
heap
|
page read and write
|
||
|
2491000
|
direct allocation
|
page read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
7EFE0000
|
direct allocation
|
page read and write
|
||
|
4BCE000
|
stack
|
page read and write
|
||
|
4EFA000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
4F30000
|
heap
|
page read and write
|
||
|
DDFF000
|
stack
|
page read and write
|
||
|
7E1000
|
heap
|
page read and write
|
||
|
3400000
|
heap
|
page read and write
|
||
|
7EA000
|
heap
|
page read and write
|
||
|
34A4000
|
heap
|
page read and write
|
||
|
7EB70000
|
direct allocation
|
page read and write
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
4F05000
|
heap
|
page read and write
|
||
|
E868000
|
heap
|
page read and write
|
||
|
E200000
|
remote allocation
|
page read and write
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
7F1F0000
|
direct allocation
|
page read and write
|
||
|
2B0F000
|
stack
|
page read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
7F2000
|
heap
|
page read and write
|
||
|
D901000
|
direct allocation
|
page read and write
|
||
|
EDB1000
|
heap
|
page read and write
|
||
|
E3D0000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
385F000
|
stack
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
24C0000
|
heap
|
page read and write
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
829000
|
heap
|
page read and write
|
||
|
DA86000
|
direct allocation
|
page read and write
|
||
|
29D8000
|
heap
|
page read and write
|
||
|
7EC20000
|
direct allocation
|
page read and write
|
||
|
E1D1000
|
heap
|
page read and write
|
||
|
E3E0000
|
heap
|
page read and write
|
||
|
22F0000
|
heap
|
page read and write
|
||
|
7EB00000
|
direct allocation
|
page read and write
|
||
|
22D3000
|
direct allocation
|
page read and write
|
||
|
22BD000
|
direct allocation
|
page read and write
|
||
|
375F000
|
unkown
|
page read and write
|
||
|
E44D000
|
heap
|
page read and write
|
||
|
4BE0000
|
heap
|
page read and write
|
||
|
2960000
|
heap
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
323D000
|
stack
|
page read and write
|
||
|
3429000
|
heap
|
page read and write
|
||
|
DC8F000
|
stack
|
page read and write
|
||
|
ADC000
|
stack
|
page read and write
|
||
|
4F16000
|
heap
|
page read and write
|
||
|
4F6B000
|
heap
|
page read and write
|
||
|
DA0A000
|
stack
|
page read and write
|
||
|
7EB20000
|
direct allocation
|
page read and write
|
||
|
E41E000
|
heap
|
page read and write
|
||
|
34A4000
|
heap
|
page read and write
|
||
|
BB6000
|
heap
|
page read and write
|
||
|
4F4A000
|
heap
|
page read and write
|
||
|
5E5000
|
heap
|
page read and write
|
||
|
7F1F0000
|
direct allocation
|
page read and write
|
||
|
E750000
|
direct allocation
|
page execute and read and write
|
||
|
333D000
|
stack
|
page read and write
|
||
|
7EB4F000
|
direct allocation
|
page read and write
|
||
|
5E7000
|
heap
|
page read and write
|
||
|
3EE7000
|
heap
|
page read and write
|
||
|
40D4000
|
heap
|
page read and write
|
||
|
E477000
|
heap
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
7F970000
|
direct allocation
|
page read and write
|
||
|
DA94000
|
direct allocation
|
page read and write
|
||
|
77A000
|
heap
|
page read and write
|
||
|
638000
|
heap
|
page read and write
|
||
|
2AF5000
|
direct allocation
|
page read and write
|
||
|
7FD02000
|
direct allocation
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
7EC20000
|
direct allocation
|
page read and write
|
||
|
7EB4F000
|
direct allocation
|
page read and write
|
||
|
DAB1000
|
direct allocation
|
page read and write
|
||
|
215C000
|
stack
|
page read and write
|
||
|
763000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
47E000
|
unkown
|
page read and write
|
||
|
259B000
|
heap
|
page read and write
|
||
|
7EBF0000
|
direct allocation
|
page read and write
|
||
|
3430000
|
heap
|
page read and write
|
||
|
4EE0000
|
heap
|
page read and write
|
||
|
4050000
|
heap
|
page read and write
|
||
|
D9F7000
|
direct allocation
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
3490000
|
heap
|
page read and write
|
||
|
4F16000
|
heap
|
page read and write
|
||
|
E24E000
|
stack
|
page read and write
|
||
|
DF3E000
|
stack
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
DA0E000
|
stack
|
page execute and read and write
|
||
|
7EAE0000
|
direct allocation
|
page read and write
|
||
|
DA78000
|
direct allocation
|
page read and write
|
||
|
D8CF000
|
direct allocation
|
page read and write
|
||
|
5210000
|
heap
|
page read and write
|
||
|
DDCF000
|
stack
|
page read and write
|
||
|
730000
|
direct allocation
|
page execute and read and write
|
||
|
7E9E0000
|
direct allocation
|
page read and write
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
DCFE000
|
stack
|
page read and write
|
||
|
D8FA000
|
direct allocation
|
page read and write
|
||
|
22E1000
|
direct allocation
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
4F1C000
|
heap
|
page read and write
|
||
|
7F2C0000
|
direct allocation
|
page read and write
|
||
|
33F4000
|
heap
|
page read and write
|
||
|
DAB8000
|
direct allocation
|
page read and write
|
||
|
D9E0000
|
direct allocation
|
page read and write
|
||
|
23E8000
|
direct allocation
|
page read and write
|
||
|
7F9000
|
heap
|
page read and write
|
||
|
2C50000
|
direct allocation
|
page readonly
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
E41C000
|
heap
|
page read and write
|
||
|
4F6B000
|
heap
|
page read and write
|
||
|
2C9C000
|
stack
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
4EE8000
|
heap
|
page read and write
|
||
|
7EB70000
|
direct allocation
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
7FC70000
|
direct allocation
|
page read and write
|
||
|
E47D000
|
heap
|
page read and write
|
||
|
342E000
|
heap
|
page read and write
|
||
|
27CA0000
|
trusted library allocation
|
page read and write
|
||
|
2392000
|
direct allocation
|
page read and write
|
||
|
7F4B0000
|
direct allocation
|
page read and write
|
||
|
7FDB0000
|
direct allocation
|
page read and write
|
||
|
4F1C000
|
heap
|
page read and write
|
||
|
478000
|
direct allocation
|
page execute and read and write
|
||
|
2C7E000
|
direct allocation
|
page read and write
|
||
|
E07E000
|
stack
|
page read and write
|
||
|
2C51000
|
direct allocation
|
page execute read
|
||
|
4F1C000
|
heap
|
page read and write
|
||
|
34A3000
|
heap
|
page read and write
|
||
|
22DA000
|
direct allocation
|
page read and write
|
||
|
7F388000
|
direct allocation
|
page read and write
|
||
|
343F000
|
heap
|
page read and write
|
||
|
21FE000
|
stack
|
page read and write
|
||
|
D8D6000
|
direct allocation
|
page read and write
|
||
|
362A000
|
heap
|
page read and write
|
||
|
2AF5000
|
direct allocation
|
page read and write
|
||
|
23D3000
|
direct allocation
|
page read and write
|
||
|
DE3E000
|
stack
|
page read and write
|
||
|
D8DF000
|
direct allocation
|
page read and write
|
||
|
7FF000
|
heap
|
page read and write
|
||
|
E1D0000
|
heap
|
page read and write
|
||
|
247C000
|
direct allocation
|
page read and write
|
||
|
291C0000
|
heap
|
page read and write
|
||
|
2823000
|
heap
|
page read and write
|
||
|
DA4E000
|
stack
|
page read and write
|
||
|
5800000
|
trusted library allocation
|
page read and write
|
||
|
E61E000
|
stack
|
page read and write
|
||
|
D9B0000
|
direct allocation
|
page read and write
|
||
|
4F1C000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
DA8D000
|
direct allocation
|
page read and write
|
||
|
E0BE000
|
stack
|
page read and write
|
||
|
7EA4F000
|
direct allocation
|
page read and write
|
||
|
53F0000
|
heap
|
page read and write
|
||
|
7FBD0000
|
direct allocation
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
2912B000
|
stack
|
page read and write
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
7F1000
|
heap
|
page read and write
|
||
|
5CE000
|
stack
|
page read and write
|
||
|
2567000
|
heap
|
page read and write
|
||
|
D980000
|
direct allocation
|
page read and write
|
||
|
25DD000
|
heap
|
page read and write
|
||
|
53AF000
|
stack
|
page read and write
|
||
|
E444000
|
heap
|
page read and write
|
||
|
7FCDF000
|
direct allocation
|
page read and write
|
||
|
7F060000
|
direct allocation
|
page read and write
|
||
|
E51E000
|
stack
|
page read and write
|
||
|
2DCB000
|
direct allocation
|
page execute and read and write
|
||
|
845000
|
heap
|
page read and write
|
||
|
83E000
|
heap
|
page read and write
|
||
|
2ACE000
|
direct allocation
|
page read and write
|
||
|
7E9BF000
|
direct allocation
|
page read and write
|
||
|
54B0000
|
direct allocation
|
page read and write
|
||
|
34A3000
|
heap
|
page read and write
|
||
|
480000
|
unkown
|
page read and write
|
||
|
22A0000
|
direct allocation
|
page read and write
|
||
|
E07D000
|
stack
|
page read and write
|
||
|
4B50000
|
heap
|
page read and write
|
||
|
E200000
|
remote allocation
|
page read and write
|
||
|
7FBAF000
|
direct allocation
|
page read and write
|
||
|
90F000
|
stack
|
page read and write
|
||
|
4EA4000
|
heap
|
page read and write
|
||
|
EF5E000
|
heap
|
page read and write
|
||
|
23BD000
|
direct allocation
|
page read and write
|
||
|
2483000
|
direct allocation
|
page read and write
|
||
|
7F0D0000
|
direct allocation
|
page read and write
|
||
|
2B24000
|
direct allocation
|
page read and write
|
||
|
DAA3000
|
direct allocation
|
page read and write
|
||
|
32C5000
|
heap
|
page read and write
|
||
|
4B80000
|
heap
|
page read and write
|
||
|
7EC70000
|
direct allocation
|
page read and write
|
||
|
7FB20000
|
direct allocation
|
page read and write
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
7EA50000
|
direct allocation
|
page read and write
|
||
|
342C000
|
heap
|
page read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
A93000
|
heap
|
page read and write
|
||
|
7FC90000
|
direct allocation
|
page read and write
|
||
|
7F040000
|
direct allocation
|
page read and write
|
||
|
6C7000
|
heap
|
page read and write
|
||
|
7ECBA000
|
direct allocation
|
page read and write
|
||
|
E1C0000
|
heap
|
page read and write
|
||
|
4B19000
|
stack
|
page read and write
|
||
|
4F55000
|
heap
|
page read and write
|
||
|
4F38000
|
heap
|
page read and write
|
||
|
291A8000
|
direct allocation
|
page execute and read and write
|
||
|
2292000
|
direct allocation
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
34A4000
|
heap
|
page read and write
|
||
|
DA69000
|
direct allocation
|
page read and write
|
||
|
474000
|
direct allocation
|
page execute and read and write
|
||
|
2822000
|
heap
|
page read and write
|
||
|
7FD10000
|
direct allocation
|
page read and write
|
||
|
69E000
|
stack
|
page read and write
|
||
|
822000
|
heap
|
page read and write
|
||
|
DC8F000
|
stack
|
page read and write
|
||
|
33D0000
|
heap
|
page read and write
|
||
|
2ACE000
|
direct allocation
|
page read and write
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
7CB000
|
heap
|
page read and write
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
3120000
|
heap
|
page read and write
|
||
|
7EC40000
|
direct allocation
|
page read and write
|
||
|
57E000
|
stack
|
page read and write
|
||
|
DA9C000
|
direct allocation
|
page read and write
|
||
|
DF3F000
|
stack
|
page read and write
|
||
|
6AD0000
|
trusted library allocation
|
page read and write
|
||
|
4B9E000
|
stack
|
page read and write
|
||
|
40D0000
|
heap
|
page read and write
|
||
|
24D0000
|
heap
|
page read and write
|
||
|
DAAA000
|
direct allocation
|
page read and write
|
||
|
4E60000
|
heap
|
page read and write
|
||
|
5DE000
|
stack
|
page read and write
|
||
|
2822000
|
heap
|
page read and write
|
||
|
7F2C0000
|
direct allocation
|
page read and write
|
||
|
2B1B000
|
heap
|
page read and write
|
||
|
294C0000
|
heap
|
page read and write
|
||
|
E7DF000
|
trusted library allocation
|
page read and write
|
||
|
7EB00000
|
direct allocation
|
page read and write
|
||
|
EA7E000
|
heap
|
page read and write
|
||
|
341B000
|
heap
|
page read and write
|
||
|
842000
|
heap
|
page read and write
|
||
|
2B0E000
|
stack
|
page execute and read and write
|
||
|
7FC90000
|
direct allocation
|
page read and write
|
||
|
472000
|
unkown
|
page read and write
|
||
|
4F66000
|
heap
|
page read and write
|
||
|
354E000
|
stack
|
page read and write
|
||
|
291A4000
|
direct allocation
|
page execute and read and write
|
||
|
7E9D0000
|
direct allocation
|
page read and write
|
||
|
34A3000
|
heap
|
page read and write
|
||
|
DB4F000
|
stack
|
page read and write
|
||
|
2921D000
|
stack
|
page read and write
|
||
|
E1D2000
|
heap
|
page read and write
|
||
|
3860000
|
heap
|
page read and write
|
||
|
2B26000
|
direct allocation
|
page read and write
|
||
|
22CC000
|
direct allocation
|
page read and write
|
||
|
4E3F000
|
stack
|
page read and write
|
||
|
7F34F000
|
direct allocation
|
page read and write
|
||
|
51AF000
|
stack
|
page read and write
|
||
|
7E950000
|
direct allocation
|
page read and write
|
||
|
7E850000
|
direct allocation
|
page read and write
|
||
|
290ED000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
81A000
|
heap
|
page read and write
|
||
|
34A4000
|
heap
|
page read and write
|
||
|
DA4E000
|
stack
|
page read and write
|
||
|
47C000
|
unkown
|
page write copy
|
||
|
7F4B0000
|
direct allocation
|
page read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
E86F000
|
heap
|
page read and write
|
||
|
248A000
|
direct allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
7F0AF000
|
direct allocation
|
page read and write
|
||
|
2B27000
|
direct allocation
|
page execute and read and write
|
||
|
E473000
|
heap
|
page read and write
|
||
|
47E000
|
unkown
|
page read and write
|
||
|
34A4000
|
heap
|
page read and write
|
||
|
357CF000
|
trusted library allocation
|
page read and write
|
||
|
7EC00000
|
direct allocation
|
page read and write
|
||
|
327B000
|
stack
|
page read and write
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
E081000
|
heap
|
page read and write
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
7E7000
|
heap
|
page read and write
|
||
|
E08B000
|
heap
|
page read and write
|
||
|
7EE000
|
heap
|
page read and write
|
||
|
2824000
|
heap
|
page read and write
|
||
|
23C4000
|
direct allocation
|
page read and write
|
||
|
4F00000
|
heap
|
page read and write
|
||
|
2560000
|
heap
|
page read and write
|
||
|
3190000
|
heap
|
page read and write
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
7F1A0000
|
direct allocation
|
page read and write
|
||
|
7EC70000
|
direct allocation
|
page read and write
|
||
|
7F170000
|
direct allocation
|
page read and write
|
||
|
2B27000
|
direct allocation
|
page execute and read and write
|
||
|
802000
|
heap
|
page read and write
|
||
|
7EC40000
|
direct allocation
|
page read and write
|
||
|
E620000
|
heap
|
page read and write
|
||
|
23A0000
|
direct allocation
|
page read and write
|
||
|
846000
|
heap
|
page read and write
|
||
|
6C5000
|
heap
|
page read and write
|
||
|
4F55000
|
heap
|
page read and write
|
||
|
34A3000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
4A9D000
|
stack
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
D8F3000
|
direct allocation
|
page read and write
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
296A000
|
heap
|
page read and write
|
||
|
294A0000
|
heap
|
page read and write
|
||
|
DE3E000
|
stack
|
page read and write
|
||
|
587000
|
heap
|
page read and write
|
||
|
3626000
|
heap
|
page read and write
|
||
|
2B23000
|
direct allocation
|
page read and write
|
||
|
4F16000
|
heap
|
page read and write
|
||
|
96F000
|
stack
|
page read and write
|
||
|
EDB0000
|
heap
|
page read and write
|
||
|
7F30F000
|
direct allocation
|
page read and write
|
||
|
294D0000
|
heap
|
page read and write
|
||
|
34A3000
|
heap
|
page read and write
|
||
|
2CDD000
|
stack
|
page read and write
|
||
|
3430000
|
heap
|
page read and write
|
||
|
24D0000
|
heap
|
page read and write
|
||
|
35D0000
|
heap
|
page read and write
|
||
|
2435000
|
direct allocation
|
page read and write
|
||
|
E090000
|
heap
|
page read and write
|
||
|
E7D0000
|
trusted library allocation
|
page read and write
|
||
|
2925F000
|
stack
|
page read and write
|
||
|
DBBF000
|
stack
|
page read and write
|
||
|
34A3000
|
heap
|
page read and write
|
||
|
A6E000
|
stack
|
page read and write
|
||
|
3407000
|
heap
|
page read and write
|
||
|
4ADB000
|
stack
|
page read and write
|
||
|
DE3E000
|
stack
|
page read and write
|
||
|
7F030000
|
direct allocation
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
67C000
|
heap
|
page read and write
|
||
|
552C000
|
stack
|
page read and write
|
||
|
487000
|
unkown
|
page readonly
|
||
|
710000
|
heap
|
page read and write
|
||
|
316E000
|
stack
|
page read and write
|
||
|
4040000
|
heap
|
page read and write
|
||
|
713000
|
heap
|
page read and write
|
||
|
7F330000
|
direct allocation
|
page read and write
|
||
|
482000
|
unkown
|
page write copy
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
DDCF000
|
stack
|
page read and write
|
||
|
66A000
|
heap
|
page read and write
|
||
|
7EBF0000
|
direct allocation
|
page read and write
|
||
|
D8FA000
|
direct allocation
|
page read and write
|
||
|
E47C000
|
heap
|
page read and write
|
||
|
B7E000
|
stack
|
page read and write
|
||
|
7EBE9000
|
direct allocation
|
page read and write
|
||
|
8FF000
|
stack
|
page read and write
|
||
|
259B000
|
heap
|
page read and write
|
||
|
4F55000
|
heap
|
page read and write
|
||
|
D908000
|
direct allocation
|
page read and write
|
||
|
4F05000
|
heap
|
page read and write
|
||
|
84A000
|
heap
|
page read and write
|
||
|
34A4000
|
heap
|
page read and write
|
||
|
DA0F000
|
stack
|
page read and write
|
||
|
7EB00000
|
direct allocation
|
page read and write
|
||
|
3EE0000
|
heap
|
page read and write
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
33EE000
|
unkown
|
page read and write
|
||
|
3430000
|
heap
|
page read and write
|
||
|
7F2B0000
|
direct allocation
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
536E000
|
stack
|
page read and write
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
7EBF0000
|
direct allocation
|
page read and write
|
||
|
33A0000
|
heap
|
page read and write
|
||
|
E3E1000
|
heap
|
page read and write
|
||
|
2B0A000
|
stack
|
page read and write
|
||
|
DDD0000
|
trusted library allocation
|
page read and write
|
||
|
2DCE000
|
stack
|
page read and write
|
||
|
F0F0000
|
direct allocation
|
page execute and read and write
|
||
|
DDDF000
|
trusted library allocation
|
page read and write
|
||
|
E44F000
|
heap
|
page read and write
|
||
|
E2D0000
|
trusted library allocation
|
page read and write
|
||
|
4F66000
|
heap
|
page read and write
|
||
|
3235000
|
stack
|
page read and write
|
||
|
DF7E000
|
stack
|
page read and write
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
7F260000
|
direct allocation
|
page read and write
|
||
|
DF7E000
|
stack
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
D8E4000
|
direct allocation
|
page read and write
|
||
|
D908000
|
direct allocation
|
page read and write
|
||
|
24D3000
|
heap
|
page read and write
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
E080000
|
heap
|
page read and write
|
||
|
2C1B000
|
direct allocation
|
page execute and read and write
|
||
|
22C4000
|
direct allocation
|
page read and write
|
||
|
D8F3000
|
direct allocation
|
page read and write
|
||
|
7EE50000
|
direct allocation
|
page read and write
|
||
|
34A3000
|
heap
|
page read and write
|
||
|
E861000
|
heap
|
page read and write
|
||
|
7E7000
|
heap
|
page read and write
|
||
|
33FF000
|
heap
|
page read and write
|
||
|
4F4A000
|
heap
|
page read and write
|
||
|
83D000
|
heap
|
page read and write
|
||
|
ECA1000
|
heap
|
page read and write
|
||
|
7EC70000
|
direct allocation
|
page read and write
|
||
|
357C0000
|
trusted library allocation
|
page read and write
|
||
|
4BDF000
|
stack
|
page read and write
|
||
|
2520000
|
heap
|
page read and write
|
||
|
E868000
|
heap
|
page read and write
|
||
|
E07F000
|
stack
|
page read and write
|
||
|
22E8000
|
direct allocation
|
page read and write
|
||
|
2AA1000
|
direct allocation
|
page execute read
|
||
|
7FCA0000
|
direct allocation
|
page read and write
|
||
|
2498000
|
direct allocation
|
page read and write
|
||
|
7F160000
|
direct allocation
|
page read and write
|
||
|
32C0000
|
heap
|
page read and write
|
||
|
4E40000
|
heap
|
page read and write
|
||
|
340D000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
34A3000
|
heap
|
page read and write
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
7EC70000
|
direct allocation
|
page read and write
|
||
|
DCCE000
|
stack
|
page read and write
|
||
|
DA0F000
|
stack
|
page read and write
|
||
|
7E6F0000
|
direct allocation
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
4E70000
|
heap
|
page read and write
|
||
|
B06000
|
heap
|
page read and write
|
||
|
7EC00000
|
direct allocation
|
page read and write
|
||
|
DA0E000
|
stack
|
page execute and read and write
|
||
|
7F9EB000
|
direct allocation
|
page read and write
|
||
|
350E000
|
stack
|
page read and write
|
||
|
753000
|
heap
|
page read and write
|
||
|
DF7E000
|
stack
|
page read and write
|
||
|
7F2B0000
|
direct allocation
|
page read and write
|
||
|
23DA000
|
direct allocation
|
page read and write
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
E180000
|
trusted library allocation
|
page read and write
|
||
|
245F000
|
stack
|
page read and write
|
||
|
3F2D000
|
stack
|
page read and write
|
||
|
34A3000
|
heap
|
page read and write
|
||
|
4EFA000
|
heap
|
page read and write
|
||
|
DA0A000
|
stack
|
page read and write
|
||
|
3620000
|
heap
|
page read and write
|
||
|
34A3000
|
heap
|
page read and write
|
||
|
344E000
|
stack
|
page read and write
|
||
|
5870000
|
trusted library allocation
|
page read and write
|
||
|
DB4F000
|
stack
|
page read and write
|
||
|
349C000
|
heap
|
page read and write
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
851000
|
heap
|
page read and write
|
||
|
4ADD000
|
stack
|
page read and write
|
||
|
7E880000
|
direct allocation
|
page read and write
|
||
|
D85A000
|
direct allocation
|
page read and write
|
||
|
D8DD000
|
direct allocation
|
page read and write
|
||
|
E1BF000
|
stack
|
page read and write
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
34BD000
|
heap
|
page read and write
|
||
|
719000
|
heap
|
page read and write
|
||
|
7EC20000
|
direct allocation
|
page read and write
|
||
|
34A4000
|
heap
|
page read and write
|
||
|
249C000
|
stack
|
page read and write
|
||
|
7E7C0000
|
direct allocation
|
page read and write
|
||
|
23CC000
|
direct allocation
|
page read and write
|
||
|
E34F000
|
stack
|
page read and write
|
||
|
34CF000
|
heap
|
page read and write
|
||
|
246D000
|
direct allocation
|
page read and write
|
||
|
2D8E000
|
stack
|
page read and write
|
||
|
7E950000
|
direct allocation
|
page read and write
|
||
|
7FCEF000
|
direct allocation
|
page read and write
|
||
|
35CE000
|
stack
|
page read and write
|
||
|
4B10000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
53B0000
|
direct allocation
|
page read and write
|
||
|
DCBF000
|
stack
|
page read and write
|
||
|
585000
|
heap
|
page read and write
|
||
|
4EB0000
|
heap
|
page read and write
|
||
|
472000
|
unkown
|
page write copy
|
||
|
720000
|
heap
|
page read and write
|
||
|
34A4000
|
heap
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
DA7F000
|
direct allocation
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
E750000
|
trusted library allocation
|
page read and write
|
||
|
814000
|
heap
|
page read and write
|
||
|
33F4000
|
heap
|
page read and write
|
||
|
D8CF000
|
direct allocation
|
page read and write
|
||
|
7F970000
|
direct allocation
|
page read and write
|
||
|
7E8D0000
|
direct allocation
|
page read and write
|
||
|
E1BD000
|
stack
|
page read and write
|
||
|
2450000
|
direct allocation
|
page read and write
|
||
|
7FAA0000
|
direct allocation
|
page read and write
|
||
|
4F16000
|
heap
|
page read and write
|
||
|
34BD000
|
heap
|
page read and write
|
There are 591 hidden memdumps, click here to show them.