Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Shipment Dec Orders valves 2024.scr.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Shipment Dec Orders valves 2024.scr.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmp3F67.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\FriQTglEtYKsd.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\FriQTglEtYKsd.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\FriQTglEtYKsd.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2n54hxnj.pkx.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3eddnbio.stk.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_e55z2abn.tv3.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_fj1rvcht.ucs.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_netrxbqp.ea3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qcmkenfl.iej.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_urwigjp0.3fv.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_x4xnogo2.cow.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp51C6.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Shipment Dec Orders valves 2024.scr.exe
|
"C:\Users\user\Desktop\Shipment Dec Orders valves 2024.scr.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\Shipment
Dec Orders valves 2024.scr.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\FriQTglEtYKsd.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\FriQTglEtYKsd" /XML "C:\Users\user\AppData\Local\Temp\tmp3F67.tmp"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\FriQTglEtYKsd.exe
|
C:\Users\user\AppData\Roaming\FriQTglEtYKsd.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\FriQTglEtYKsd" /XML "C:\Users\user\AppData\Local\Temp\tmp51C6.tmp"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://account.dyn.com/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://mail.iaa-airferight.com
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mail.iaa-airferight.com
|
46.175.148.58
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
46.175.148.58
|
mail.iaa-airferight.com
|
Ukraine
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2F1E000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2F3E000
|
trusted library allocation
|
page read and write
|
|
|
|
41FB000
|
trusted library allocation
|
page read and write
|
|
|
|
4129000
|
trusted library allocation
|
page read and write
|
|
|
|
2F27000
|
trusted library allocation
|
page read and write
|
|
|
|
2ED1000
|
trusted library allocation
|
page read and write
|
|
|
|
2F54000
|
trusted library allocation
|
page read and write
|
||
|
C160000
|
heap
|
page read and write
|
||
|
2A50000
|
trusted library allocation
|
page read and write
|
||
|
1690000
|
heap
|
page read and write
|
||
|
4BD000
|
stack
|
page read and write
|
||
|
4FBF000
|
trusted library section
|
page readonly
|
||
|
746E000
|
heap
|
page read and write
|
||
|
617D000
|
stack
|
page read and write
|
||
|
2EC0000
|
trusted library allocation
|
page read and write
|
||
|
CE5000
|
heap
|
page read and write
|
||
|
3A71000
|
trusted library allocation
|
page read and write
|
||
|
5500000
|
trusted library allocation
|
page execute and read and write
|
||
|
3B63000
|
trusted library allocation
|
page read and write
|
||
|
1097000
|
heap
|
page read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
127B000
|
trusted library allocation
|
page read and write
|
||
|
B5BE000
|
stack
|
page read and write
|
||
|
30C0000
|
trusted library allocation
|
page read and write
|
||
|
2C8E000
|
stack
|
page read and write
|
||
|
5A80000
|
trusted library allocation
|
page read and write
|
||
|
AD9E000
|
stack
|
page read and write
|
||
|
2F26000
|
trusted library allocation
|
page read and write
|
||
|
3330000
|
heap
|
page read and write
|
||
|
12D7000
|
heap
|
page read and write
|
||
|
BF0000
|
unkown
|
page readonly
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
3CF5000
|
trusted library allocation
|
page read and write
|
||
|
C70000
|
trusted library allocation
|
page read and write
|
||
|
5980000
|
trusted library allocation
|
page read and write
|
||
|
52B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5290000
|
trusted library allocation
|
page execute and read and write
|
||
|
5460000
|
trusted library allocation
|
page read and write
|
||
|
10C5000
|
heap
|
page read and write
|
||
|
6DAF000
|
heap
|
page read and write
|
||
|
2A40000
|
trusted library allocation
|
page execute and read and write
|
||
|
5324000
|
trusted library allocation
|
page read and write
|
||
|
2C4E000
|
trusted library allocation
|
page read and write
|
||
|
2DFD000
|
stack
|
page read and write
|
||
|
30D0000
|
trusted library allocation
|
page read and write
|
||
|
123E000
|
stack
|
page read and write
|
||
|
697F000
|
stack
|
page read and write
|
||
|
10A4000
|
heap
|
page read and write
|
||
|
73CC000
|
heap
|
page read and write
|
||
|
B0FE000
|
stack
|
page read and write
|
||
|
56A0000
|
trusted library allocation
|
page read and write
|
||
|
1630000
|
trusted library allocation
|
page read and write
|
||
|
30BB000
|
heap
|
page read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
5730000
|
trusted library allocation
|
page execute and read and write
|
||
|
303E000
|
unkown
|
page read and write
|
||
|
2F1C000
|
stack
|
page read and write
|
||
|
307E000
|
trusted library allocation
|
page read and write
|
||
|
4A78000
|
trusted library allocation
|
page read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
B4BE000
|
stack
|
page read and write
|
||
|
54A0000
|
heap
|
page read and write
|
||
|
1443000
|
trusted library allocation
|
page execute and read and write
|
||
|
7406000
|
heap
|
page read and write
|
||
|
1460000
|
trusted library allocation
|
page read and write
|
||
|
AF7000
|
stack
|
page read and write
|
||
|
55E0000
|
trusted library allocation
|
page read and write
|
||
|
5380000
|
heap
|
page read and write
|
||
|
147B000
|
trusted library allocation
|
page execute and read and write
|
||
|
59A0000
|
trusted library allocation
|
page read and write
|
||
|
5A56000
|
trusted library allocation
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
7720000
|
trusted library allocation
|
page read and write
|
||
|
167E000
|
stack
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
53E0000
|
trusted library allocation
|
page read and write
|
||
|
EB2000
|
trusted library allocation
|
page read and write
|
||
|
6D5C000
|
heap
|
page read and write
|
||
|
BD9E000
|
stack
|
page read and write
|
||
|
2F46000
|
trusted library allocation
|
page read and write
|
||
|
6243000
|
heap
|
page read and write
|
||
|
10A0000
|
trusted library allocation
|
page read and write
|
||
|
6B40000
|
heap
|
page read and write
|
||
|
4F80000
|
trusted library allocation
|
page read and write
|
||
|
C8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
C90000
|
trusted library allocation
|
page read and write
|
||
|
539A000
|
heap
|
page read and write
|
||
|
E40000
|
trusted library allocation
|
page read and write
|
||
|
1450000
|
trusted library allocation
|
page read and write
|
||
|
BF1E000
|
stack
|
page read and write
|
||
|
5485000
|
heap
|
page read and write
|
||
|
CB2000
|
trusted library allocation
|
page read and write
|
||
|
FF3000
|
heap
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
6820000
|
heap
|
page read and write
|
||
|
F6A000
|
heap
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
BEB000
|
stack
|
page read and write
|
||
|
2D2D000
|
stack
|
page read and write
|
||
|
57FE000
|
stack
|
page read and write
|
||
|
3ED1000
|
trusted library allocation
|
page read and write
|
||
|
30B0000
|
heap
|
page read and write
|
||
|
53F3000
|
heap
|
page read and write
|
||
|
5230000
|
heap
|
page read and write
|
||
|
B37C000
|
stack
|
page read and write
|
||
|
75B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5700000
|
trusted library section
|
page readonly
|
||
|
10DE000
|
stack
|
page read and write
|
||
|
6A40000
|
heap
|
page read and write
|
||
|
C84000
|
trusted library allocation
|
page read and write
|
||
|
4C0C000
|
stack
|
page read and write
|
||
|
5590000
|
heap
|
page read and write
|
||
|
5A09000
|
trusted library allocation
|
page read and write
|
||
|
2C56000
|
trusted library allocation
|
page read and write
|
||
|
F71000
|
heap
|
page read and write
|
||
|
562E000
|
stack
|
page read and write
|
||
|
3EF1000
|
trusted library allocation
|
page read and write
|
||
|
3F5A000
|
trusted library allocation
|
page read and write
|
||
|
56FB000
|
stack
|
page read and write
|
||
|
53E6000
|
trusted library allocation
|
page read and write
|
||
|
ED5000
|
trusted library allocation
|
page read and write
|
||
|
2CCC000
|
stack
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
15EE000
|
stack
|
page read and write
|
||
|
6D50000
|
heap
|
page read and write
|
||
|
4F8D000
|
trusted library allocation
|
page read and write
|
||
|
60D0000
|
heap
|
page read and write
|
||
|
EA6000
|
trusted library allocation
|
page read and write
|
||
|
52C0000
|
trusted library allocation
|
page read and write
|
||
|
15F0000
|
trusted library allocation
|
page read and write
|
||
|
2F3C000
|
trusted library allocation
|
page read and write
|
||
|
3081000
|
trusted library allocation
|
page read and write
|
||
|
EA4000
|
trusted library allocation
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
ED0000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
2ED2000
|
trusted library allocation
|
page read and write
|
||
|
1602000
|
trusted library allocation
|
page read and write
|
||
|
E2E000
|
stack
|
page read and write
|
||
|
2D00000
|
heap
|
page execute and read and write
|
||
|
593E000
|
stack
|
page read and write
|
||
|
EA2000
|
trusted library allocation
|
page read and write
|
||
|
56FE000
|
stack
|
page read and write
|
||
|
F9E000
|
stack
|
page read and write
|
||
|
5345000
|
trusted library allocation
|
page read and write
|
||
|
2C36000
|
trusted library allocation
|
page read and write
|
||
|
EB7000
|
trusted library allocation
|
page execute and read and write
|
||
|
F25000
|
heap
|
page read and write
|
||
|
EBB000
|
trusted library allocation
|
page execute and read and write
|
||
|
73D8000
|
heap
|
page read and write
|
||
|
5780000
|
heap
|
page read and write
|
||
|
55EE000
|
stack
|
page read and write
|
||
|
E83000
|
trusted library allocation
|
page execute and read and write
|
||
|
5AF0000
|
trusted library allocation
|
page read and write
|
||
|
EA6000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D48000
|
heap
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
6D9C000
|
heap
|
page read and write
|
||
|
59EE000
|
stack
|
page read and write
|
||
|
2C42000
|
trusted library allocation
|
page read and write
|
||
|
AB9D000
|
stack
|
page read and write
|
||
|
73C8000
|
heap
|
page read and write
|
||
|
5A70000
|
heap
|
page read and write
|
||
|
6D58000
|
heap
|
page read and write
|
||
|
C0E000
|
stack
|
page read and write
|
||
|
732D000
|
stack
|
page read and write
|
||
|
55F0000
|
heap
|
page execute and read and write
|
||
|
E9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
E8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
30E3000
|
heap
|
page read and write
|
||
|
4FCD000
|
stack
|
page read and write
|
||
|
73E0000
|
heap
|
page read and write
|
||
|
6F1E000
|
stack
|
page read and write
|
||
|
1475000
|
trusted library allocation
|
page execute and read and write
|
||
|
308D000
|
trusted library allocation
|
page read and write
|
||
|
742D000
|
heap
|
page read and write
|
||
|
2B80000
|
heap
|
page read and write
|
||
|
15FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
EF8000
|
heap
|
page read and write
|
||
|
54BC000
|
stack
|
page read and write
|
||
|
1084000
|
heap
|
page read and write
|
||
|
5314000
|
trusted library allocation
|
page read and write
|
||
|
1600000
|
trusted library allocation
|
page read and write
|
||
|
BEDE000
|
stack
|
page read and write
|
||
|
73D0000
|
heap
|
page read and write
|
||
|
1680000
|
trusted library allocation
|
page execute and read and write
|
||
|
1477000
|
trusted library allocation
|
page execute and read and write
|
||
|
EA0000
|
trusted library allocation
|
page read and write
|
||
|
6D40000
|
heap
|
page read and write
|
||
|
2A5A000
|
trusted library allocation
|
page read and write
|
||
|
BF2000
|
unkown
|
page readonly
|
||
|
572E000
|
stack
|
page read and write
|
||
|
621E000
|
stack
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
5550000
|
trusted library allocation
|
page execute and read and write
|
||
|
60F1000
|
heap
|
page read and write
|
||
|
FD8000
|
heap
|
page read and write
|
||
|
5280000
|
trusted library allocation
|
page read and write
|
||
|
F1B000
|
heap
|
page read and write
|
||
|
667E000
|
stack
|
page read and write
|
||
|
14AB000
|
heap
|
page read and write
|
||
|
B33E000
|
stack
|
page read and write
|
||
|
DAA000
|
stack
|
page read and write
|
||
|
294E000
|
stack
|
page read and write
|
||
|
2EE0000
|
heap
|
page execute and read and write
|
||
|
E9C000
|
stack
|
page read and write
|
||
|
2F20000
|
trusted library allocation
|
page read and write
|
||
|
637E000
|
stack
|
page read and write
|
||
|
CF9000
|
stack
|
page read and write
|
||
|
2C3B000
|
trusted library allocation
|
page read and write
|
||
|
5320000
|
trusted library allocation
|
page read and write
|
||
|
77BD000
|
stack
|
page read and write
|
||
|
2F1C000
|
trusted library allocation
|
page read and write
|
||
|
59AF000
|
stack
|
page read and write
|
||
|
5250000
|
trusted library allocation
|
page read and write
|
||
|
1296000
|
trusted library allocation
|
page read and write
|
||
|
4FA000
|
stack
|
page read and write
|
||
|
13EF000
|
stack
|
page read and write
|
||
|
1617000
|
trusted library allocation
|
page execute and read and write
|
||
|
AFBE000
|
stack
|
page read and write
|
||
|
54FB000
|
stack
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
7416000
|
heap
|
page read and write
|
||
|
C05C000
|
stack
|
page read and write
|
||
|
2E3E000
|
stack
|
page read and write
|
||
|
C4E000
|
stack
|
page read and write
|
||
|
72EE000
|
stack
|
page read and write
|
||
|
2CF0000
|
heap
|
page read and write
|
||
|
63BE000
|
stack
|
page read and write
|
||
|
1470000
|
trusted library allocation
|
page read and write
|
||
|
2F1C000
|
trusted library allocation
|
page read and write
|
||
|
C80000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
heap
|
page read and write
|
||
|
4FD3000
|
heap
|
page read and write
|
||
|
52D0000
|
heap
|
page execute and read and write
|
||
|
53F0000
|
heap
|
page read and write
|
||
|
2DB4000
|
trusted library allocation
|
page read and write
|
||
|
5770000
|
trusted library allocation
|
page read and write
|
||
|
FC8000
|
heap
|
page read and write
|
||
|
2C2F000
|
stack
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
160A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C4A000
|
trusted library allocation
|
page read and write
|
||
|
5A90000
|
trusted library allocation
|
page execute and read and write
|
||
|
6B4E000
|
heap
|
page read and write
|
||
|
5470000
|
trusted library allocation
|
page execute and read and write
|
||
|
D95000
|
heap
|
page read and write
|
||
|
B5C0000
|
trusted library allocation
|
page read and write
|
||
|
5A50000
|
trusted library allocation
|
page read and write
|
||
|
58AE000
|
stack
|
page read and write
|
||
|
5750000
|
trusted library section
|
page read and write
|
||
|
2C5D000
|
trusted library allocation
|
page read and write
|
||
|
1697000
|
heap
|
page read and write
|
||
|
13C0000
|
trusted library allocation
|
page read and write
|
||
|
161B000
|
trusted library allocation
|
page execute and read and write
|
||
|
53D0000
|
trusted library allocation
|
page read and write
|
||
|
127D000
|
stack
|
page read and write
|
||
|
4F70000
|
trusted library allocation
|
page read and write
|
||
|
BC9E000
|
stack
|
page read and write
|
||
|
F81000
|
heap
|
page read and write
|
||
|
DEE000
|
stack
|
page read and write
|
||
|
30AF000
|
unkown
|
page read and write
|
||
|
63FE000
|
stack
|
page read and write
|
||
|
524E000
|
stack
|
page read and write
|
||
|
13ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
F28000
|
heap
|
page read and write
|
||
|
3A79000
|
trusted library allocation
|
page read and write
|
||
|
3121000
|
trusted library allocation
|
page read and write
|
||
|
FBB000
|
heap
|
page read and write
|
||
|
2ECE000
|
stack
|
page read and write
|
||
|
815E000
|
stack
|
page read and write
|
||
|
AE9E000
|
stack
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
3060000
|
trusted library allocation
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
BAAE000
|
stack
|
page read and write
|
||
|
CAA000
|
trusted library allocation
|
page execute and read and write
|
||
|
12C8000
|
trusted library allocation
|
page read and write
|
||
|
521C000
|
stack
|
page read and write
|
||
|
CBB000
|
trusted library allocation
|
page execute and read and write
|
||
|
12EE000
|
stack
|
page read and write
|
||
|
5490000
|
heap
|
page read and write
|
||
|
30B0000
|
trusted library allocation
|
page read and write
|
||
|
EC0000
|
trusted library allocation
|
page read and write
|
||
|
2ED6000
|
trusted library allocation
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
B1FF000
|
stack
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
586E000
|
stack
|
page read and write
|
||
|
5270000
|
trusted library allocation
|
page execute and read and write
|
||
|
B8B0000
|
heap
|
page read and write
|
||
|
6245000
|
heap
|
page read and write
|
||
|
2EBE000
|
stack
|
page read and write
|
||
|
ED0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
740A000
|
heap
|
page read and write
|
||
|
5070000
|
trusted library allocation
|
page read and write
|
||
|
57CE000
|
stack
|
page read and write
|
||
|
6D8F000
|
heap
|
page read and write
|
||
|
3EF9000
|
trusted library allocation
|
page read and write
|
||
|
30A0000
|
trusted library allocation
|
page read and write
|
||
|
F7D000
|
heap
|
page read and write
|
||
|
4FD0000
|
heap
|
page read and write
|
||
|
3100000
|
trusted library allocation
|
page read and write
|
||
|
3086000
|
trusted library allocation
|
page read and write
|
||
|
EE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3ED9000
|
trusted library allocation
|
page read and write
|
||
|
657E000
|
stack
|
page read and write
|
||
|
4F90000
|
trusted library allocation
|
page read and write
|
||
|
6D82000
|
heap
|
page read and write
|
||
|
29D0000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
2CBC000
|
stack
|
page read and write
|
||
|
4FC0000
|
heap
|
page read and write
|
||
|
1440000
|
trusted library allocation
|
page read and write
|
||
|
4121000
|
trusted library allocation
|
page read and write
|
||
|
C39E000
|
stack
|
page read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
5710000
|
heap
|
page read and write
|
||
|
13F8000
|
heap
|
page read and write
|
||
|
687E000
|
stack
|
page read and write
|
||
|
5A30000
|
trusted library allocation
|
page read and write
|
||
|
CA0000
|
trusted library allocation
|
page read and write
|
||
|
57D0000
|
trusted library allocation
|
page read and write
|
||
|
3ACA000
|
trusted library allocation
|
page read and write
|
||
|
3D74000
|
trusted library allocation
|
page read and write
|
||
|
144D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5020000
|
heap
|
page read and write
|
||
|
C9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
554D000
|
stack
|
page read and write
|
||
|
1418000
|
heap
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
2DB0000
|
trusted library allocation
|
page read and write
|
||
|
2CD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DB6000
|
trusted library allocation
|
page read and write
|
||
|
12A5000
|
heap
|
page read and write
|
||
|
2E48000
|
trusted library allocation
|
page read and write
|
||
|
E80000
|
trusted library allocation
|
page read and write
|
||
|
6240000
|
heap
|
page read and write
|
||
|
2C3E000
|
trusted library allocation
|
page read and write
|
||
|
57E0000
|
heap
|
page execute and read and write
|
||
|
6060000
|
heap
|
page read and write
|
||
|
5A60000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F3B000
|
trusted library allocation
|
page read and write
|
||
|
3BEC000
|
trusted library allocation
|
page read and write
|
||
|
1612000
|
trusted library allocation
|
page read and write
|
||
|
EE8000
|
heap
|
page read and write
|
||
|
6D3F000
|
stack
|
page read and write
|
||
|
5260000
|
heap
|
page read and write
|
||
|
5030000
|
trusted library allocation
|
page execute and read and write
|
||
|
FEA000
|
heap
|
page read and write
|
||
|
3F19000
|
trusted library allocation
|
page read and write
|
||
|
5AB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5339000
|
trusted library allocation
|
page read and write
|
||
|
C93000
|
trusted library allocation
|
page read and write
|
||
|
2C30000
|
trusted library allocation
|
page read and write
|
||
|
29EF000
|
stack
|
page read and write
|
||
|
501C000
|
stack
|
page read and write
|
||
|
3ED5000
|
trusted library allocation
|
page read and write
|
||
|
106C000
|
stack
|
page read and write
|
||
|
740D000
|
heap
|
page read and write
|
||
|
F22000
|
heap
|
page read and write
|
||
|
102E000
|
stack
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
5A00000
|
trusted library allocation
|
page read and write
|
||
|
290F000
|
unkown
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
FDE000
|
heap
|
page read and write
|
||
|
25A0000
|
heap
|
page read and write
|
||
|
13E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
6251000
|
heap
|
page read and write
|
||
|
2A71000
|
trusted library allocation
|
page read and write
|
||
|
EA0000
|
trusted library allocation
|
page read and write
|
||
|
66FE000
|
stack
|
page read and write
|
||
|
55DC000
|
stack
|
page read and write
|
||
|
5370000
|
heap
|
page execute and read and write
|
||
|
73DC000
|
heap
|
page read and write
|
||
|
7FC60000
|
trusted library allocation
|
page execute and read and write
|
||
|
1466000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E7E000
|
stack
|
page read and write
|
||
|
25EE000
|
unkown
|
page read and write
|
||
|
2D6A000
|
stack
|
page read and write
|
||
|
2EF1000
|
trusted library allocation
|
page read and write
|
||
|
3B05000
|
trusted library allocation
|
page read and write
|
||
|
298F000
|
stack
|
page read and write
|
||
|
F9C000
|
heap
|
page read and write
|
||
|
F61000
|
heap
|
page read and write
|
||
|
54D0000
|
heap
|
page read and write
|
||
|
CD0000
|
trusted library allocation
|
page read and write
|
||
|
73C0000
|
heap
|
page read and write
|
||
|
BC4E000
|
stack
|
page read and write
|
||
|
1434000
|
heap
|
page read and write
|
||
|
1364000
|
trusted library allocation
|
page read and write
|
||
|
2F29000
|
trusted library allocation
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
BDDE000
|
stack
|
page read and write
|
||
|
2CF0000
|
trusted library allocation
|
page read and write
|
||
|
1444000
|
trusted library allocation
|
page read and write
|
||
|
3110000
|
heap
|
page execute and read and write
|
||
|
B23E000
|
stack
|
page read and write
|
||
|
2C51000
|
trusted library allocation
|
page read and write
|
||
|
2EC9000
|
trusted library allocation
|
page read and write
|
||
|
73BE000
|
stack
|
page read and write
|
||
|
576E000
|
stack
|
page read and write
|
||
|
5720000
|
heap
|
page read and write
|
||
|
7FA10000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CE0000
|
trusted library allocation
|
page read and write
|
||
|
146A000
|
trusted library allocation
|
page execute and read and write
|
||
|
30C5000
|
trusted library allocation
|
page read and write
|
||
|
5A75000
|
heap
|
page read and write
|
||
|
FEA000
|
heap
|
page read and write
|
||
|
E30000
|
trusted library allocation
|
page execute and read and write
|
||
|
5AA0000
|
trusted library allocation
|
page read and write
|
||
|
3CA5000
|
trusted library allocation
|
page read and write
|
||
|
5B00000
|
trusted library allocation
|
page read and write
|
||
|
E70000
|
trusted library allocation
|
page read and write
|
||
|
EB5000
|
trusted library allocation
|
page execute and read and write
|
||
|
32BE000
|
stack
|
page read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
4FB0000
|
trusted library section
|
page readonly
|
||
|
4F50000
|
trusted library allocation
|
page execute and read and write
|
||
|
52A0000
|
trusted library allocation
|
page read and write
|
||
|
1462000
|
trusted library allocation
|
page read and write
|
||
|
5987000
|
trusted library allocation
|
page read and write
|
||
|
1291000
|
trusted library allocation
|
page read and write
|
||
|
2C62000
|
trusted library allocation
|
page read and write
|
||
|
13E0000
|
trusted library allocation
|
page read and write
|
||
|
7530000
|
trusted library section
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
55C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
F16000
|
heap
|
page read and write
|
||
|
1370000
|
trusted library allocation
|
page read and write
|
||
|
2EFC000
|
trusted library allocation
|
page read and write
|
||
|
5480000
|
heap
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
2B8A000
|
heap
|
page read and write
|
||
|
55FD000
|
trusted library allocation
|
page read and write
|
||
|
10F7000
|
stack
|
page read and write
|
||
|
771E000
|
stack
|
page read and write
|
||
|
66BE000
|
stack
|
page read and write
|
||
|
3EF9000
|
trusted library allocation
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
71C0000
|
heap
|
page read and write
|
||
|
10A6000
|
heap
|
page read and write
|
||
|
749000
|
stack
|
page read and write
|
||
|
EEE000
|
heap
|
page read and write
|
||
|
129D000
|
trusted library allocation
|
page read and write
|
||
|
613C000
|
stack
|
page read and write
|
||
|
E84000
|
trusted library allocation
|
page read and write
|
||
|
1606000
|
trusted library allocation
|
page execute and read and write
|
||
|
CB7000
|
trusted library allocation
|
page execute and read and write
|
||
|
5990000
|
trusted library allocation
|
page read and write
|
||
|
2AD4000
|
trusted library allocation
|
page read and write
|
||
|
1472000
|
trusted library allocation
|
page read and write
|
||
|
2A60000
|
heap
|
page execute and read and write
|
||
|
128E000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
C83000
|
trusted library allocation
|
page execute and read and write
|
||
|
129F000
|
stack
|
page read and write
|
||
|
55A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
15F3000
|
trusted library allocation
|
page read and write
|
||
|
60C0000
|
heap
|
page read and write
|
||
|
3040000
|
heap
|
page read and write
|
||
|
13E4000
|
trusted library allocation
|
page read and write
|
||
|
EF8000
|
stack
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
7E9E000
|
stack
|
page read and write
|
||
|
959000
|
stack
|
page read and write
|
||
|
CA6000
|
trusted library allocation
|
page execute and read and write
|
||
|
12B0000
|
trusted library allocation
|
page read and write
|
||
|
2A30000
|
heap
|
page read and write
|
||
|
2ED0000
|
trusted library allocation
|
page read and write
|
||
|
1360000
|
trusted library allocation
|
page read and write
|
||
|
5A60000
|
trusted library allocation
|
page execute and read and write
|
||
|
CA2000
|
trusted library allocation
|
page read and write
|
||
|
32FF000
|
stack
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
2A52000
|
trusted library allocation
|
page read and write
|
||
|
13FE000
|
heap
|
page read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
1034000
|
heap
|
page read and write
|
||
|
303E000
|
stack
|
page read and write
|
||
|
104E000
|
heap
|
page read and write
|
||
|
CDE000
|
unkown
|
page readonly
|
||
|
C49E000
|
stack
|
page read and write
|
||
|
13AE000
|
stack
|
page read and write
|
||
|
29F0000
|
trusted library allocation
|
page read and write
|
||
|
2EDC000
|
trusted library allocation
|
page read and write
|
||
|
60C5000
|
heap
|
page read and write
|
||
|
EAA000
|
trusted library allocation
|
page execute and read and write
|
||
|
6830000
|
trusted library allocation
|
page execute and read and write
|
||
|
25F0000
|
heap
|
page read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
3B4B000
|
trusted library allocation
|
page read and write
|
||
|
55B2000
|
trusted library allocation
|
page read and write
|
||
|
58FE000
|
stack
|
page read and write
|
||
|
2A80000
|
heap
|
page read and write
|
||
|
3B40000
|
trusted library allocation
|
page read and write
|
||
|
1430000
|
trusted library allocation
|
page read and write
|
||
|
3C6B000
|
trusted library allocation
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
1490000
|
trusted library allocation
|
page read and write
|
||
|
C01E000
|
stack
|
page read and write
|
||
|
C15C000
|
stack
|
page read and write
|
||
|
1610000
|
trusted library allocation
|
page read and write
|
||
|
53DD000
|
stack
|
page read and write
|
||
|
60B2000
|
heap
|
page read and write
|
||
|
59DE000
|
stack
|
page read and write
|
||
|
B47C000
|
stack
|
page read and write
|
||
|
2D18000
|
trusted library allocation
|
page read and write
|
||
|
55F0000
|
trusted library allocation
|
page read and write
|
||
|
5A3C000
|
trusted library allocation
|
page read and write
|
||
|
78C2000
|
trusted library allocation
|
page read and write
|
||
|
3184000
|
trusted library allocation
|
page read and write
|
||
|
F25000
|
heap
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
B0BE000
|
stack
|
page read and write
|
||
|
306B000
|
trusted library allocation
|
page read and write
|
There are 513 hidden memdumps, click here to show them.