Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
PmsbthDWFX.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
||
|
C:\Users\user\AppData\Local\FluxSoftware\Flux\flux.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\FluxSoftware\Flux\runtime\flux.preset.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\FluxSoftware\Flux\runtime\flux.psd
|
Adobe Photoshop Image, 1044 x 511, RGB, 3x 8-bit channels
|
dropped
|
||
|
C:\Users\user\AppData\Local\FluxSoftware\Flux\runtime\flux.tre
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsp91D0.tmp\nsProcess.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\PmsbthDWFX.exe
|
"C:\Users\user\Desktop\PmsbthDWFX.exe"
|
||
|
C:\Users\user\AppData\Local\FluxSoftware\Flux\flux.exe
|
"C:\Users\user\AppData\Local\FluxSoftware\Flux\flux.exe" /unlockwingamma
|
||
|
C:\Windows\System32\LogonUI.exe
|
"LogonUI.exe" /flags:0x4 /state0:0xa3f8a055 /state1:0x41c64e6d
|
||
|
C:\Windows\System32\cdd.dll
|
|||
|
C:\Windows\System32\fontdrvhost.exe
|
"fontdrvhost.exe"
|
||
|
C:\Windows\System32\LogonUI.exe
|
"LogonUI.exe" /flags:0x2 /state0:0xa3f96055 /state1:0x41c64e6d
|
||
|
C:\Windows\System32\cdd.dll
|
|||
|
C:\Windows\System32\LogonUI.exe
|
"LogonUI.exe" /flags:0x2 /state0:0xa3f9e855 /state1:0x41c64e6d
|
||
|
C:\Windows\System32\fontdrvhost.exe
|
"fontdrvhost.exe"
|
||
|
C:\Windows\System32\cdd.dll
|
|||
|
C:\Windows\System32\LogonUI.exe
|
"LogonUI.exe" /flags:0x2 /state0:0xa3fae055 /state1:0x41c64e6d
|
||
|
C:\Windows\System32\fontdrvhost.exe
|
"fontdrvhost.exe"
|
||
|
C:\Windows\System32\cdd.dll
|
|||
|
C:\Windows\System32\fontdrvhost.exe
|
"fontdrvhost.exe"
|
||
|
C:\Windows\System32\LogonUI.exe
|
"LogonUI.exe" /flags:0x2 /state0:0xa3fb5855 /state1:0x41c64e6d
|
There are 5 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://apihttps://%d-%d-%s%sauth/reset.postPOSTownersettingssensoractivity%s/auth/create?name=anon%
|
unknown
|
||
|
https://justgetflux.com/windows/watchdog.html/crashflux/cam
|
unknown
|
||
|
https://justgetflux.com/windows/contribute.htmlMake
|
unknown
|
||
|
https://justgetflux.com/windows/forum.htmlVisit
|
unknown
|
||
|
https://discovery.meethue.com/
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
https://justgetflux.com/windows/contribute.html
|
unknown
|
||
|
http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
https://justgetflux.com/windows/watchdog.html
|
unknown
|
||
|
https://justgetflux.com/windows/moreabout.html
|
unknown
|
||
|
https://justgetflux.com/windows/release.htmlRead
|
unknown
|
||
|
https://justgetflux.com/windows/support.htmlRead
|
unknown
|
||
|
https://justgetflux.com/geollUseWinLocation
|
unknown
|
||
|
http://crt.sectigo.com/SectigoPublicCodeSigningCAR36.crt0#
|
unknown
|
||
|
https://fluxometer.com/
|
unknown
|
||
|
https://api.fluxometer.com
|
unknown
|
||
|
http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
https://justgetflux.com/f.lux
|
unknown
|
||
|
https://justgetflux.com/windows/forum.html
|
unknown
|
||
|
https://justgetflux.com/windows/support.html
|
unknown
|
||
|
https://justgetflux.com/windows/moreabout.htmlfluxometer.com:
|
unknown
|
||
|
https://justgetflux.com/
|
unknown
|
||
|
https://justgetflux.com/windows/preset.json
|
unknown
|
||
|
https://justgetflux.com/update/v4/
|
unknown
|
||
|
https://justgetflux.com/crash
|
unknown
|
||
|
https://justgetflux.com/offer/windows.json
|
unknown
|
||
|
http://nsis.sf.net/NSIS_Error
|
unknown
|
||
|
http://crl.sectigo.com/SectigoPublicCodeSigningCAR36.crl0y
|
unknown
|
||
|
https://justgetflux.com/update/v4/windows-beta.jsonhttps://justgetflux.com/update/v4/windows.jsonhtt
|
unknown
|
||
|
https://api.fluxometer.comtruessdp:allPhilips
|
unknown
|
||
|
https://justgetflux.com/windows/release.html
|
unknown
|
||
|
https://justgetflux.com/geo
|
unknown
|
||
|
https://justgetflux.com/winmap.html
|
unknown
|
||
|
https://justgetflux.com/winmap.html%s?lat=%f&lng=%f%s?geo=%sredirlatlngZIP
|
unknown
|
||
|
https://justgetflux.com/windows/lights.html
|
unknown
|
||
|
https://justgetflux.com/crashf.lux
|
unknown
|
||
|
https://discovery.meethue.com/internalipaddresshttp://%s/upnphue//lights/ctbrinot
|
unknown
|
||
|
https://justgetflux.com/windows/lights.htmlalarmhotkeysSurfaceKeysDisableUpdateSlowFadeWideSliderUse
|
unknown
|
||
|
https://justgetflux.com/update/v4/windows.json
|
unknown
|
There are 31 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bg.microsoft.map.fastly.net
|
199.232.214.172
|
||
|
api.msn.com
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\ICM
|
GdiICMGammaRange
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ICM
|
GdiICMGammaRange
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI
|
IdleTime
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7DF466561000
|
trusted library allocation
|
page execute read
|
||
|
280CB227000
|
heap
|
page read and write
|
||
|
1C8B6E62000
|
heap
|
page read and write
|
||
|
280C8EE1000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
2801000
|
heap
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
280CB1D2000
|
heap
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
55C000
|
heap
|
page read and write
|
||
|
321D17D000
|
stack
|
page read and write
|
||
|
21899F00000
|
heap
|
page read and write
|
||
|
280CB180000
|
heap
|
page read and write
|
||
|
4E7000
|
heap
|
page read and write
|
||
|
280CD604000
|
heap
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
280CD540000
|
heap
|
page read and write
|
||
|
280C7BF6000
|
heap
|
page read and write
|
||
|
586000
|
heap
|
page read and write
|
||
|
1F168670000
|
heap
|
page read and write
|
||
|
280C8ED7000
|
heap
|
page read and write
|
||
|
280C7C1B000
|
heap
|
page read and write
|
||
|
280C8EE6000
|
heap
|
page read and write
|
||
|
280C8F08000
|
heap
|
page read and write
|
||
|
280CD5BD000
|
heap
|
page read and write
|
||
|
280C7C27000
|
heap
|
page read and write
|
||
|
230DF570000
|
heap
|
page read and write
|
||
|
2240000
|
heap
|
page read and write
|
||
|
280CB1A0000
|
heap
|
page read and write
|
||
|
280C8EA4000
|
heap
|
page read and write
|
||
|
280CD63B000
|
heap
|
page read and write
|
||
|
2813D002000
|
heap
|
page read and write
|
||
|
2806000
|
heap
|
page read and write
|
||
|
161FA4E4000
|
heap
|
page read and write
|
||
|
9795A7E000
|
stack
|
page read and write
|
||
|
280CD5F8000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
230DF280000
|
heap
|
page read and write
|
||
|
2204A1C0000
|
heap
|
page read and write
|
||
|
280CD550000
|
heap
|
page read and write
|
||
|
280CB246000
|
heap
|
page read and write
|
||
|
422000
|
unkown
|
page read and write
|
||
|
280CB27D000
|
heap
|
page read and write
|
||
|
4EE000
|
heap
|
page read and write
|
||
|
280CB21B000
|
heap
|
page read and write
|
||
|
578000
|
heap
|
page read and write
|
||
|
104E000
|
unkown
|
page write copy
|
||
|
9795CFE000
|
unkown
|
page readonly
|
||
|
1052000
|
unkown
|
page write copy
|
||
|
1F168860000
|
heap
|
page read and write
|
||
|
280CD5E3000
|
heap
|
page read and write
|
||
|
280CD60A000
|
heap
|
page read and write
|
||
|
280CD5FF000
|
heap
|
page read and write
|
||
|
280CD5E6000
|
heap
|
page read and write
|
||
|
2200000
|
heap
|
page read and write
|
||
|
9795AFE000
|
unkown
|
page readonly
|
||
|
280CB1F0000
|
heap
|
page read and write
|
||
|
280CD603000
|
heap
|
page read and write
|
||
|
280CD623000
|
heap
|
page read and write
|
||
|
F60000
|
unkown
|
page readonly
|
||
|
161FA547000
|
heap
|
page read and write
|
||
|
280C7C27000
|
heap
|
page read and write
|
||
|
280CB237000
|
heap
|
page read and write
|
||
|
27E167E000
|
stack
|
page read and write
|
||
|
1018000
|
unkown
|
page readonly
|
||
|
280C8E90000
|
heap
|
page read and write
|
||
|
280C7BF8000
|
heap
|
page read and write
|
||
|
2800000
|
heap
|
page read and write
|
||
|
280CB1E9000
|
heap
|
page read and write
|
||
|
9E557E000
|
stack
|
page read and write
|
||
|
105C000
|
unkown
|
page write copy
|
||
|
F960E7E000
|
unkown
|
page readonly
|
||
|
111E000
|
heap
|
page read and write
|
||
|
321CE7E000
|
stack
|
page read and write
|
||
|
979587F000
|
stack
|
page read and write
|
||
|
16E32550000
|
heap
|
page read and write
|
||
|
280CB24B000
|
heap
|
page read and write
|
||
|
2900000
|
heap
|
page read and write
|
||
|
1064000
|
unkown
|
page write copy
|
||
|
F9610FF000
|
stack
|
page read and write
|
||
|
280CB1E5000
|
heap
|
page read and write
|
||
|
280C7C1E000
|
heap
|
page read and write
|
||
|
10C7000
|
unkown
|
page read and write
|
||
|
9708AFE000
|
stack
|
page read and write
|
||
|
2204A261000
|
heap
|
page read and write
|
||
|
49E000
|
stack
|
page read and write
|
||
|
16E327F5000
|
heap
|
page read and write
|
||
|
280CD613000
|
heap
|
page read and write
|
||
|
280C8EDF000
|
heap
|
page read and write
|
||
|
16E3255B000
|
heap
|
page read and write
|
||
|
20DE000
|
stack
|
page read and write
|
||
|
7DF466551000
|
trusted library allocation
|
page execute read
|
||
|
280CB20D000
|
heap
|
page read and write
|
||
|
16E324B0000
|
heap
|
page read and write
|
||
|
10C5000
|
unkown
|
page read and write
|
||
|
350E000
|
stack
|
page read and write
|
||
|
27E177F000
|
stack
|
page read and write
|
||
|
280CB1B0000
|
heap
|
page read and write
|
||
|
280C8EF0000
|
heap
|
page read and write
|
||
|
1050000
|
unkown
|
page write copy
|
||
|
280C7C1A000
|
heap
|
page read and write
|
||
|
280C7BDA000
|
heap
|
page read and write
|
||
|
280C7BAA000
|
heap
|
page read and write
|
||
|
1F1686B5000
|
heap
|
page read and write
|
||
|
280CD5FE000
|
heap
|
page read and write
|
||
|
26F7BFE000
|
stack
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
280CB1ED000
|
heap
|
page read and write
|
||
|
280CB1A9000
|
heap
|
page read and write
|
||
|
1042000
|
unkown
|
page write copy
|
||
|
E22807C000
|
stack
|
page read and write
|
||
|
280C7C27000
|
heap
|
page read and write
|
||
|
28FA000
|
heap
|
page read and write
|
||
|
28FE000
|
heap
|
page read and write
|
||
|
280C8ED7000
|
heap
|
page read and write
|
||
|
280C7D33000
|
heap
|
page read and write
|
||
|
280CD5AE000
|
heap
|
page read and write
|
||
|
58C000
|
heap
|
page read and write
|
||
|
2904000
|
heap
|
page read and write
|
||
|
161FA4A0000
|
heap
|
page read and write
|
||
|
280CB27C000
|
heap
|
page read and write
|
||
|
280C8F02000
|
heap
|
page read and write
|
||
|
4E7000
|
heap
|
page read and write
|
||
|
280CD5B5000
|
heap
|
page read and write
|
||
|
C7F9FFC000
|
stack
|
page read and write
|
||
|
2708000
|
heap
|
page read and write
|
||
|
280CB1AA000
|
heap
|
page read and write
|
||
|
2189A0F0000
|
heap
|
page read and write
|
||
|
C7FA17D000
|
stack
|
page read and write
|
||
|
2813CFBB000
|
heap
|
page read and write
|
||
|
280C7BF8000
|
heap
|
page read and write
|
||
|
280CB1F6000
|
heap
|
page read and write
|
||
|
280C8EE1000
|
heap
|
page read and write
|
||
|
2204A3A0000
|
heap
|
page read and write
|
||
|
280CD60F000
|
heap
|
page read and write
|
||
|
3310000
|
trusted library allocation
|
page read and write
|
||
|
280CD58A000
|
heap
|
page read and write
|
||
|
280C7BB5000
|
heap
|
page read and write
|
||
|
280CB1BA000
|
heap
|
page read and write
|
||
|
280C7BBE000
|
heap
|
page read and write
|
||
|
280C8EDC000
|
heap
|
page read and write
|
||
|
280CB231000
|
heap
|
page read and write
|
||
|
4E5000
|
heap
|
page read and write
|
||
|
106A000
|
unkown
|
page write copy
|
||
|
280CB1AF000
|
heap
|
page read and write
|
||
|
280CB246000
|
heap
|
page read and write
|
||
|
280CB21F000
|
heap
|
page read and write
|
||
|
1112000
|
heap
|
page read and write
|
||
|
280CD585000
|
heap
|
page read and write
|
||
|
2204A277000
|
heap
|
page read and write
|
||
|
106C000
|
unkown
|
page write copy
|
||
|
27E127E000
|
stack
|
page read and write
|
||
|
25CE000
|
stack
|
page read and write
|
||
|
280C7D30000
|
heap
|
page read and write
|
||
|
55C000
|
heap
|
page read and write
|
||
|
21899F29000
|
heap
|
page read and write
|
||
|
280CD920000
|
heap
|
page read and write
|
||
|
4E7000
|
heap
|
page read and write
|
||
|
280CD3C0000
|
heap
|
page readonly
|
||
|
2906000
|
heap
|
page read and write
|
||
|
280CD5A4000
|
heap
|
page read and write
|
||
|
280C8EA4000
|
heap
|
page read and write
|
||
|
280C8EE5000
|
heap
|
page read and write
|
||
|
97088FE000
|
stack
|
page read and write
|
||
|
58C000
|
heap
|
page read and write
|
||
|
280CB20D000
|
heap
|
page read and write
|
||
|
280C7C0C000
|
heap
|
page read and write
|
||
|
1C8B7000000
|
heap
|
page read and write
|
||
|
280CD5A8000
|
heap
|
page read and write
|
||
|
280CD5BA000
|
heap
|
page read and write
|
||
|
280CD612000
|
heap
|
page read and write
|
||
|
280C7C10000
|
heap
|
page read and write
|
||
|
970877E000
|
unkown
|
page readonly
|
||
|
280CB1C5000
|
heap
|
page read and write
|
||
|
F61000
|
unkown
|
page execute read
|
||
|
280C8EF2000
|
heap
|
page read and write
|
||
|
1C8B7150000
|
heap
|
page read and write
|
||
|
9E537D000
|
stack
|
page read and write
|
||
|
280CB1EC000
|
heap
|
page read and write
|
||
|
280C8EC4000
|
heap
|
page read and write
|
||
|
280C8EDE000
|
heap
|
page read and write
|
||
|
280CD61F000
|
heap
|
page read and write
|
||
|
1115000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
558000
|
heap
|
page read and write
|
||
|
C7F9B4F000
|
stack
|
page read and write
|
||
|
2802000
|
heap
|
page read and write
|
||
|
51A000
|
heap
|
page read and write
|
||
|
280CB20D000
|
heap
|
page read and write
|
||
|
4DE000
|
stack
|
page read and write
|
||
|
280CD60A000
|
heap
|
page read and write
|
||
|
15F4000
|
heap
|
page read and write
|
||
|
9E567E000
|
stack
|
page read and write
|
||
|
280CB188000
|
heap
|
page read and write
|
||
|
280C7BF2000
|
heap
|
page read and write
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
280CB210000
|
heap
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
1066000
|
unkown
|
page write copy
|
||
|
105E000
|
unkown
|
page write copy
|
||
|
280C7B30000
|
heap
|
page read and write
|
||
|
280C8F05000
|
heap
|
page read and write
|
||
|
3280000
|
heap
|
page read and write
|
||
|
280CD63B000
|
heap
|
page read and write
|
||
|
280C7C22000
|
heap
|
page read and write
|
||
|
589000
|
heap
|
page read and write
|
||
|
280CD5E9000
|
heap
|
page read and write
|
||
|
1060000
|
unkown
|
page write copy
|
||
|
280CB1ED000
|
heap
|
page read and write
|
||
|
280C8EC4000
|
heap
|
page read and write
|
||
|
27E147E000
|
stack
|
page read and write
|
||
|
280C7C19000
|
heap
|
page read and write
|
||
|
1121000
|
heap
|
page read and write
|
||
|
10004000
|
unkown
|
page readonly
|
||
|
9795D7E000
|
stack
|
page read and write
|
||
|
9E52FF000
|
stack
|
page read and write
|
||
|
4EE000
|
heap
|
page read and write
|
||
|
1F168680000
|
heap
|
page read and write
|
||
|
280CB1E0000
|
heap
|
page read and write
|
||
|
280CB202000
|
heap
|
page read and write
|
||
|
280C81B3000
|
heap
|
page read and write
|
||
|
280CB246000
|
heap
|
page read and write
|
||
|
1058000
|
unkown
|
page write copy
|
||
|
1C8B7600000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
144E000
|
stack
|
page read and write
|
||
|
280CD590000
|
heap
|
page read and write
|
||
|
434000
|
unkown
|
page readonly
|
||
|
280CB1B4000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
161FA390000
|
heap
|
page read and write
|
||
|
21899FC7000
|
heap
|
page read and write
|
||
|
54C000
|
heap
|
page read and write
|
||
|
4E7000
|
heap
|
page read and write
|
||
|
2807000
|
heap
|
page read and write
|
||
|
C7F9F7D000
|
stack
|
page read and write
|
||
|
280C7C20000
|
heap
|
page read and write
|
||
|
4E7000
|
heap
|
page read and write
|
||
|
280C8EA4000
|
heap
|
page read and write
|
||
|
161FA4AB000
|
heap
|
page read and write
|
||
|
9E55FE000
|
stack
|
page read and write
|
||
|
46A0000
|
heap
|
page read and write
|
||
|
1F168E40000
|
heap
|
page read and write
|
||
|
E22837D000
|
stack
|
page read and write
|
||
|
104E000
|
unkown
|
page write copy
|
||
|
280C7BCC000
|
heap
|
page read and write
|
||
|
F960CFE000
|
stack
|
page read and write
|
||
|
16E324D0000
|
heap
|
page read and write
|
||
|
280CB279000
|
heap
|
page read and write
|
||
|
280CD3B0000
|
trusted library allocation
|
page read and write
|
||
|
280CD585000
|
heap
|
page read and write
|
||
|
2813CFB9000
|
heap
|
page read and write
|
||
|
9E527E000
|
stack
|
page read and write
|
||
|
114E000
|
heap
|
page read and write
|
||
|
97086FE000
|
stack
|
page read and write
|
||
|
280CD631000
|
heap
|
page read and write
|
||
|
280C7C1E000
|
heap
|
page read and write
|
||
|
97083AE000
|
stack
|
page read and write
|
||
|
1C8B6E3A000
|
heap
|
page read and write
|
||
|
280CD613000
|
heap
|
page read and write
|
||
|
280C7C1E000
|
heap
|
page read and write
|
||
|
1C8B6E10000
|
heap
|
page read and write
|
||
|
315F000
|
stack
|
page read and write
|
||
|
2245000
|
heap
|
page read and write
|
||
|
2204A214000
|
heap
|
page read and write
|
||
|
4EE000
|
heap
|
page read and write
|
||
|
340C000
|
stack
|
page read and write
|
||
|
2813CFF4000
|
heap
|
page read and write
|
||
|
2204A1D9000
|
heap
|
page read and write
|
||
|
280C7BA9000
|
heap
|
page read and write
|
||
|
280CB246000
|
heap
|
page read and write
|
||
|
280CB271000
|
heap
|
page read and write
|
||
|
280C7D40000
|
heap
|
page read and write
|
||
|
558000
|
heap
|
page read and write
|
||
|
E2282FD000
|
stack
|
page read and write
|
||
|
280CD60A000
|
heap
|
page read and write
|
||
|
280C8EFA000
|
heap
|
page read and write
|
||
|
10BF000
|
unkown
|
page read and write
|
||
|
230DF270000
|
heap
|
page read and write
|
||
|
280C7C22000
|
heap
|
page read and write
|
||
|
280CB27B000
|
heap
|
page read and write
|
||
|
280CB1D2000
|
heap
|
page read and write
|
||
|
280CB18C000
|
heap
|
page read and write
|
||
|
1060000
|
unkown
|
page write copy
|
||
|
280C7BFF000
|
heap
|
page read and write
|
||
|
280CB215000
|
heap
|
page read and write
|
||
|
280CB221000
|
heap
|
page read and write
|
||
|
280CB227000
|
heap
|
page read and write
|
||
|
280C7BFF000
|
heap
|
page read and write
|
||
|
C7F9EFF000
|
stack
|
page read and write
|
||
|
280CD5D3000
|
heap
|
page read and write
|
||
|
280CB246000
|
heap
|
page read and write
|
||
|
2709000
|
heap
|
page read and write
|
||
|
280C8EF8000
|
heap
|
page read and write
|
||
|
434000
|
unkown
|
page readonly
|
||
|
280C7BB6000
|
heap
|
page read and write
|
||
|
280C7C20000
|
heap
|
page read and write
|
||
|
280CB1B3000
|
heap
|
page read and write
|
||
|
280C7C1E000
|
heap
|
page read and write
|
||
|
280CB216000
|
heap
|
page read and write
|
||
|
2204A1DB000
|
heap
|
page read and write
|
||
|
C7FA1FF000
|
stack
|
page read and write
|
||
|
280C7BFC000
|
heap
|
page read and write
|
||
|
280C7D35000
|
heap
|
page read and write
|
||
|
280C7C27000
|
heap
|
page read and write
|
||
|
280CB27B000
|
heap
|
page read and write
|
||
|
16E3257F000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
305E000
|
stack
|
page read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
21DF000
|
stack
|
page read and write
|
||
|
10E8000
|
heap
|
page read and write
|
||
|
280C7C1E000
|
heap
|
page read and write
|
||
|
280C8EE8000
|
heap
|
page read and write
|
||
|
280CB18A000
|
heap
|
page read and write
|
||
|
F960DFE000
|
stack
|
page read and write
|
||
|
280CB234000
|
heap
|
page read and write
|
||
|
280C7BCB000
|
heap
|
page read and write
|
||
|
2813CFB0000
|
heap
|
page read and write
|
||
|
16E32585000
|
heap
|
page read and write
|
||
|
280C8F05000
|
heap
|
page read and write
|
||
|
161FA470000
|
heap
|
page read and write
|
||
|
280C8EDE000
|
heap
|
page read and write
|
||
|
26F7B7D000
|
stack
|
page read and write
|
||
|
97089FE000
|
stack
|
page read and write
|
||
|
1054000
|
unkown
|
page write copy
|
||
|
27E16FE000
|
unkown
|
page readonly
|
||
|
280C7BDA000
|
heap
|
page read and write
|
||
|
979553C000
|
stack
|
page read and write
|
||
|
C7F9E7D000
|
stack
|
page read and write
|
||
|
280CD5E9000
|
heap
|
page read and write
|
||
|
280C7C0A000
|
heap
|
page read and write
|
||
|
280C7C22000
|
heap
|
page read and write
|
||
|
230DF28B000
|
heap
|
page read and write
|
||
|
280CB22D000
|
heap
|
page read and write
|
||
|
1052000
|
unkown
|
page write copy
|
||
|
280CB182000
|
heap
|
page read and write
|
||
|
26F7AFE000
|
stack
|
page read and write
|
||
|
280C7BE6000
|
heap
|
page read and write
|
||
|
280CB1A6000
|
heap
|
page read and write
|
||
|
280CB1D2000
|
heap
|
page read and write
|
||
|
280CD5E8000
|
heap
|
page read and write
|
||
|
28EB000
|
heap
|
page read and write
|
||
|
280CB20F000
|
heap
|
page read and write
|
||
|
280C7BAB000
|
heap
|
page read and write
|
||
|
280C8EF7000
|
heap
|
page read and write
|
||
|
970887E000
|
unkown
|
page readonly
|
||
|
F9608DD000
|
stack
|
page read and write
|
||
|
9708A7E000
|
unkown
|
page readonly
|
||
|
280C81B0000
|
heap
|
page read and write
|
||
|
280CD5BC000
|
heap
|
page read and write
|
||
|
230DF575000
|
heap
|
page read and write
|
||
|
16E327F0000
|
heap
|
page read and write
|
||
|
2908000
|
heap
|
page read and write
|
||
|
E22827E000
|
stack
|
page read and write
|
||
|
280CB1FF000
|
heap
|
page read and write
|
||
|
280CB258000
|
heap
|
page read and write
|
||
|
42A000
|
unkown
|
page read and write
|
||
|
E39000
|
stack
|
page read and write
|
||
|
280CB246000
|
heap
|
page read and write
|
||
|
280C7C27000
|
heap
|
page read and write
|
||
|
4E7000
|
heap
|
page read and write
|
||
|
280CB1A6000
|
heap
|
page read and write
|
||
|
1056000
|
unkown
|
page write copy
|
||
|
161FA4F2000
|
heap
|
page read and write
|
||
|
321CF7F000
|
stack
|
page read and write
|
||
|
2204A222000
|
heap
|
page read and write
|
||
|
280CD622000
|
heap
|
page read and write
|
||
|
280C7C0A000
|
heap
|
page read and write
|
||
|
280C8ED7000
|
heap
|
page read and write
|
||
|
15A0000
|
heap
|
page read and write
|
||
|
280CD595000
|
heap
|
page read and write
|
||
|
1C8B6E30000
|
heap
|
page read and write
|
||
|
280C7C0F000
|
heap
|
page read and write
|
||
|
280B000
|
heap
|
page read and write
|
||
|
280CB27D000
|
heap
|
page read and write
|
||
|
280C7B3B000
|
heap
|
page read and write
|
||
|
1062000
|
unkown
|
page write copy
|
||
|
280CB1A8000
|
heap
|
page read and write
|
||
|
280C7C2D000
|
heap
|
page read and write
|
||
|
280C7C08000
|
heap
|
page read and write
|
||
|
4EE000
|
heap
|
page read and write
|
||
|
280C8EA4000
|
heap
|
page read and write
|
||
|
280CB24C000
|
heap
|
page read and write
|
||
|
280C7C08000
|
heap
|
page read and write
|
||
|
21899F20000
|
heap
|
page read and write
|
||
|
321D0FF000
|
stack
|
page read and write
|
||
|
280C7C08000
|
heap
|
page read and write
|
||
|
2803000
|
heap
|
page read and write
|
||
|
26F7A7D000
|
stack
|
page read and write
|
||
|
280C7C27000
|
heap
|
page read and write
|
||
|
280C7BB9000
|
heap
|
page read and write
|
||
|
E2280FF000
|
stack
|
page read and write
|
||
|
280C8EE0000
|
heap
|
page read and write
|
||
|
E22847C000
|
stack
|
page read and write
|
||
|
280CB22D000
|
heap
|
page read and write
|
||
|
280CD5EC000
|
heap
|
page read and write
|
||
|
10002000
|
unkown
|
page readonly
|
||
|
F960F7E000
|
unkown
|
page readonly
|
||
|
280C8EDC000
|
heap
|
page read and write
|
||
|
280CD5D3000
|
heap
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
1050000
|
unkown
|
page write copy
|
||
|
C7FA37E000
|
stack
|
page read and write
|
||
|
970897E000
|
unkown
|
page readonly
|
||
|
280CD5D3000
|
heap
|
page read and write
|
||
|
280CB1AA000
|
heap
|
page read and write
|
||
|
4EE000
|
heap
|
page read and write
|
||
|
280C7C27000
|
heap
|
page read and write
|
||
|
280C8EE2000
|
heap
|
page read and write
|
||
|
27E15FE000
|
unkown
|
page readonly
|
||
|
1126000
|
heap
|
page read and write
|
||
|
280CB216000
|
heap
|
page read and write
|
||
|
110B000
|
heap
|
page read and write
|
||
|
280CB27B000
|
heap
|
page read and write
|
||
|
1056000
|
unkown
|
page write copy
|
||
|
F960EFE000
|
stack
|
page read and write
|
||
|
F960FFE000
|
stack
|
page read and write
|
||
|
1054000
|
unkown
|
page write copy
|
||
|
280CB246000
|
heap
|
page read and write
|
||
|
9E54FD000
|
stack
|
page read and write
|
||
|
3810000
|
trusted library allocation
|
page read and write
|
||
|
280C8EDC000
|
heap
|
page read and write
|
||
|
280C8F06000
|
heap
|
page read and write
|
||
|
1058000
|
unkown
|
page write copy
|
||
|
280C8ED7000
|
heap
|
page read and write
|
||
|
148E000
|
stack
|
page read and write
|
||
|
1F168890000
|
heap
|
page read and write
|
||
|
7DF000
|
stack
|
page read and write
|
||
|
280CB1F8000
|
heap
|
page read and write
|
||
|
27E137E000
|
stack
|
page read and write
|
||
|
280CD631000
|
heap
|
page read and write
|
||
|
290A000
|
heap
|
page read and write
|
||
|
F96107E000
|
unkown
|
page readonly
|
||
|
280C7C2E000
|
heap
|
page read and write
|
||
|
2813CF10000
|
heap
|
page read and write
|
||
|
280C7BD5000
|
heap
|
page read and write
|
||
|
280CB1AA000
|
heap
|
page read and write
|
||
|
105A000
|
unkown
|
page write copy
|
||
|
1042000
|
unkown
|
page read and write
|
||
|
2902000
|
heap
|
page read and write
|
||
|
280C7BFF000
|
heap
|
page read and write
|
||
|
280CB21F000
|
heap
|
page read and write
|
||
|
C7F9BCE000
|
stack
|
page read and write
|
||
|
280C7BDA000
|
heap
|
page read and write
|
||
|
280C7C1A000
|
heap
|
page read and write
|
||
|
F61000
|
unkown
|
page execute read
|
||
|
9E53FF000
|
stack
|
page read and write
|
||
|
280CD590000
|
heap
|
page read and write
|
||
|
280CB1FF000
|
heap
|
page read and write
|
||
|
4EE000
|
heap
|
page read and write
|
||
|
280C8F07000
|
heap
|
page read and write
|
||
|
321D07E000
|
stack
|
page read and write
|
||
|
280C7D3E000
|
heap
|
page read and write
|
||
|
280CB200000
|
heap
|
page read and write
|
||
|
1064000
|
unkown
|
page write copy
|
||
|
F9609DF000
|
stack
|
page read and write
|
||
|
105E000
|
unkown
|
page write copy
|
||
|
280C8F05000
|
heap
|
page read and write
|
||
|
4E7000
|
heap
|
page read and write
|
||
|
280C8EF1000
|
heap
|
page read and write
|
||
|
97087FE000
|
stack
|
page read and write
|
||
|
E22817E000
|
stack
|
page read and write
|
||
|
230DF1E0000
|
heap
|
page read and write
|
||
|
2249000
|
heap
|
page read and write
|
||
|
280CB227000
|
heap
|
page read and write
|
||
|
1F168870000
|
heap
|
page read and write
|
||
|
280C7BCB000
|
heap
|
page read and write
|
||
|
1C8B6E00000
|
heap
|
page read and write
|
||
|
280C8F05000
|
heap
|
page read and write
|
||
|
280CD607000
|
heap
|
page read and write
|
||
|
26F7C7E000
|
stack
|
page read and write
|
||
|
280CB1F9000
|
heap
|
page read and write
|
||
|
21899F2B000
|
heap
|
page read and write
|
||
|
1121000
|
heap
|
page read and write
|
||
|
97959FE000
|
unkown
|
page readonly
|
||
|
280CD5ED000
|
heap
|
page read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
9E547E000
|
stack
|
page read and write
|
||
|
1F16868B000
|
heap
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
280C8EDE000
|
heap
|
page read and write
|
||
|
280CD5E9000
|
heap
|
page read and write
|
||
|
280CB1D2000
|
heap
|
page read and write
|
||
|
1062000
|
unkown
|
page write copy
|
||
|
280CB222000
|
heap
|
page read and write
|
||
|
280C7C2A000
|
heap
|
page read and write
|
||
|
1600000
|
heap
|
page read and write
|
||
|
280CD5A0000
|
heap
|
page read and write
|
||
|
2813D057000
|
heap
|
page read and write
|
||
|
280C7C29000
|
heap
|
page read and write
|
||
|
280CD5A3000
|
heap
|
page read and write
|
||
|
280CD5E4000
|
heap
|
page read and write
|
||
|
280CD5D3000
|
heap
|
page read and write
|
||
|
27E157E000
|
stack
|
page read and write
|
||
|
9795C7E000
|
stack
|
page read and write
|
||
|
280CD5F7000
|
heap
|
page read and write
|
||
|
589000
|
heap
|
page read and write
|
||
|
280CB1FF000
|
heap
|
page read and write
|
||
|
4E7000
|
heap
|
page read and write
|
||
|
280C8EDE000
|
heap
|
page read and write
|
||
|
280C7C20000
|
heap
|
page read and write
|
||
|
280CB18E000
|
heap
|
page read and write
|
||
|
280C7C22000
|
heap
|
page read and write
|
||
|
296F000
|
heap
|
page read and write
|
||
|
280CB22D000
|
heap
|
page read and write
|
||
|
21F0000
|
heap
|
page read and write
|
||
|
2813CF20000
|
heap
|
page read and write
|
||
|
1147000
|
heap
|
page read and write
|
||
|
27E0F1D000
|
stack
|
page read and write
|
||
|
8DF000
|
stack
|
page read and write
|
||
|
2700000
|
heap
|
page read and write
|
||
|
280CD5A7000
|
heap
|
page read and write
|
||
|
280CD5D3000
|
heap
|
page read and write
|
||
|
158E000
|
stack
|
page read and write
|
||
|
21F4000
|
heap
|
page read and write
|
||
|
280CB210000
|
heap
|
page read and write
|
||
|
26F76AC000
|
stack
|
page read and write
|
||
|
280CB272000
|
heap
|
page read and write
|
||
|
280CD62F000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
280C7BDC000
|
heap
|
page read and write
|
||
|
280CB27B000
|
heap
|
page read and write
|
||
|
280C7BF3000
|
heap
|
page read and write
|
||
|
280CD604000
|
heap
|
page read and write
|
||
|
280CB230000
|
heap
|
page read and write
|
||
|
21899F72000
|
heap
|
page read and write
|
||
|
1018000
|
unkown
|
page readonly
|
||
|
280CD5F4000
|
heap
|
page read and write
|
||
|
15C0000
|
heap
|
page read and write
|
||
|
51E000
|
heap
|
page read and write
|
||
|
280CB213000
|
heap
|
page read and write
|
||
|
C7FA07B000
|
stack
|
page read and write
|
||
|
230DF200000
|
heap
|
page read and write
|
||
|
230DF1D0000
|
heap
|
page read and write
|
||
|
10CA000
|
unkown
|
page readonly
|
||
|
280C7C19000
|
heap
|
page read and write
|
||
|
280C8EDC000
|
heap
|
page read and write
|
||
|
280CB231000
|
heap
|
page read and write
|
||
|
280C8EF2000
|
heap
|
page read and write
|
||
|
280CB278000
|
heap
|
page read and write
|
||
|
280C7BB8000
|
heap
|
page read and write
|
||
|
28FC000
|
heap
|
page read and write
|
||
|
280C7BFC000
|
heap
|
page read and write
|
||
|
321CFFD000
|
stack
|
page read and write
|
||
|
9E4FFC000
|
stack
|
page read and write
|
||
|
280CB255000
|
heap
|
page read and write
|
||
|
21899FB3000
|
heap
|
page read and write
|
||
|
1068000
|
unkown
|
page write copy
|
||
|
105C000
|
unkown
|
page write copy
|
||
|
F60000
|
unkown
|
page readonly
|
||
|
280CB233000
|
heap
|
page read and write
|
||
|
280C8EDE000
|
heap
|
page read and write
|
||
|
280C8E93000
|
heap
|
page read and write
|
||
|
280CB27B000
|
heap
|
page read and write
|
||
|
26F772F000
|
stack
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
280CB247000
|
heap
|
page read and write
|
||
|
280CD5E9000
|
heap
|
page read and write
|
||
|
280CD630000
|
heap
|
page read and write
|
||
|
26CF000
|
stack
|
page read and write
|
||
|
280CD621000
|
heap
|
page read and write
|
||
|
280CB236000
|
heap
|
page read and write
|
||
|
105A000
|
unkown
|
page write copy
|
||
|
280CB246000
|
heap
|
page read and write
|
||
|
280CD5B4000
|
heap
|
page read and write
|
||
|
321CEFD000
|
stack
|
page read and write
|
||
|
C7F9ACB000
|
stack
|
page read and write
|
||
|
280CD5F4000
|
heap
|
page read and write
|
||
|
280C7C12000
|
heap
|
page read and write
|
||
|
26F77AF000
|
stack
|
page read and write
|
||
|
280CD5B5000
|
heap
|
page read and write
|
||
|
1125000
|
heap
|
page read and write
|
||
|
280C8EF2000
|
heap
|
page read and write
|
||
|
280C8EF2000
|
heap
|
page read and write
|
||
|
3270000
|
heap
|
page read and write
|
||
|
1235000
|
heap
|
page read and write
|
||
|
1115000
|
heap
|
page read and write
|
||
|
9795DFE000
|
unkown
|
page readonly
|
||
|
280CB1D2000
|
heap
|
page read and write
|
||
|
280C7D00000
|
heap
|
page read and write
|
||
|
280CD5F2000
|
heap
|
page read and write
|
||
|
280C7BD4000
|
heap
|
page read and write
|
||
|
280CD63B000
|
heap
|
page read and write
|
||
|
280C7BCB000
|
heap
|
page read and write
|
||
|
1044000
|
unkown
|
page write copy
|
||
|
280C7C27000
|
heap
|
page read and write
|
||
|
F3C000
|
stack
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
2709000
|
heap
|
page read and write
|
||
|
280CD58F000
|
heap
|
page read and write
|
||
|
321CB1C000
|
stack
|
page read and write
|
||
|
15F0000
|
heap
|
page read and write
|
||
|
1066000
|
unkown
|
page write copy
|
||
|
280C8EC4000
|
heap
|
page read and write
|
||
|
280CD5F0000
|
heap
|
page read and write
|
||
|
27E14FE000
|
unkown
|
page readonly
|
||
|
280CD58A000
|
heap
|
page read and write
|
||
|
280CB20D000
|
heap
|
page read and write
|
||
|
230DF2B8000
|
heap
|
page read and write
|
||
|
280CB22D000
|
heap
|
page read and write
|
||
|
16E32B20000
|
heap
|
page read and write
|
||
|
1F1686BB000
|
heap
|
page read and write
|
||
|
280CD4D0000
|
trusted library allocation
|
page read and write
|
||
|
21899F64000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
26F7CFC000
|
stack
|
page read and write
|
||
|
280CD63B000
|
heap
|
page read and write
|
||
|
134D000
|
stack
|
page read and write
|
||
|
E2283FF000
|
stack
|
page read and write
|
||
|
280CB1E2000
|
heap
|
page read and write
|
||
|
280C7BE6000
|
heap
|
page read and write
|
||
|
280CD60A000
|
heap
|
page read and write
|
||
|
280C7C19000
|
heap
|
page read and write
|
||
|
583000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
106A000
|
unkown
|
page write copy
|
||
|
106C000
|
unkown
|
page write copy
|
||
|
1C8B7155000
|
heap
|
page read and write
|
||
|
1605000
|
heap
|
page read and write
|
||
|
280CB227000
|
heap
|
page read and write
|
||
|
280C8E92000
|
heap
|
page read and write
|
||
|
280CB237000
|
heap
|
page read and write
|
||
|
161FA4A9000
|
heap
|
page read and write
|
||
|
10CA000
|
unkown
|
page readonly
|
||
|
280C8EE1000
|
heap
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
31E0000
|
heap
|
page read and write
|
||
|
280C7B20000
|
heap
|
page read and write
|
||
|
280CD63B000
|
heap
|
page read and write
|
||
|
F960D7E000
|
unkown
|
page readonly
|
||
|
280C8ED7000
|
heap
|
page read and write
|
||
|
280C8EE2000
|
heap
|
page read and write
|
||
|
280CB21F000
|
heap
|
page read and write
|
||
|
16E323D0000
|
heap
|
page read and write
|
||
|
280C7C22000
|
heap
|
page read and write
|
||
|
280C8EC4000
|
heap
|
page read and write
|
||
|
280CB27D000
|
heap
|
page read and write
|
||
|
280CB237000
|
heap
|
page read and write
|
||
|
280CB1F1000
|
heap
|
page read and write
|
||
|
97082AC000
|
stack
|
page read and write
|
||
|
280CB1BA000
|
heap
|
page read and write
|
||
|
280C8EF2000
|
heap
|
page read and write
|
||
|
280CB1BA000
|
heap
|
page read and write
|
||
|
1068000
|
unkown
|
page write copy
|
||
|
280CD5A4000
|
heap
|
page read and write
|
||
|
230DF2B6000
|
heap
|
page read and write
|
||
|
280C8F05000
|
heap
|
page read and write
|
||
|
280CD5AF000
|
heap
|
page read and write
|
||
|
280CB1E9000
|
heap
|
page read and write
|
||
|
4EE000
|
heap
|
page read and write
|
||
|
280CB1ED000
|
heap
|
page read and write
|
||
|
280C8EFE000
|
heap
|
page read and write
|
||
|
280CB21F000
|
heap
|
page read and write
|
||
|
321CB9F000
|
stack
|
page read and write
|
||
|
280CB21F000
|
heap
|
page read and write
|
||
|
280CB249000
|
heap
|
page read and write
|
||
|
280C8EDC000
|
heap
|
page read and write
|
||
|
280C7C20000
|
heap
|
page read and write
|
||
|
1F168865000
|
heap
|
page read and write
|
||
|
280C7D3D000
|
heap
|
page read and write
|
||
|
280CB1C6000
|
heap
|
page read and write
|
||
|
110F000
|
heap
|
page read and write
|
||
|
27E13FE000
|
unkown
|
page readonly
|
||
|
979597E000
|
stack
|
page read and write
|
||
|
280C7BDA000
|
heap
|
page read and write
|
||
|
280CB246000
|
heap
|
page read and write
|
||
|
280CD5E4000
|
heap
|
page read and write
|
||
|
280C7C22000
|
heap
|
page read and write
|
||
|
280CB21F000
|
heap
|
page read and write
|
||
|
280C8EEB000
|
heap
|
page read and write
|
||
|
280CD60A000
|
heap
|
page read and write
|
||
|
584000
|
heap
|
page read and write
|
||
|
280CD910000
|
trusted library allocation
|
page read and write
|
||
|
280C7C27000
|
heap
|
page read and write
|
||
|
110B000
|
heap
|
page read and write
|
||
|
280C8190000
|
heap
|
page read and write
|
||
|
280C7C20000
|
heap
|
page read and write
|
||
|
280CD5BD000
|
heap
|
page read and write
|
||
|
2204A1D0000
|
heap
|
page read and write
|
||
|
E2281FD000
|
stack
|
page read and write
|
||
|
4EE000
|
heap
|
page read and write
|
||
|
9795B7F000
|
stack
|
page read and write
|
||
|
280C8EC4000
|
heap
|
page read and write
|
There are 674 hidden memdumps, click here to show them.