Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Quotation____________________________________pdf.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Quotation____________________________________pdf.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmp85B3.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\qlOtJNH.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\qlOtJNH.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\qlOtJNH.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2neaqg3y.rqr.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mfuj3qit.beh.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_w4ylfoxl.jok.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xnmlsegf.02g.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp8F48.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\user-PC-user\LogfirelessHrvQSXEgnfSYYboorishly
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\user-PC-user\WebData
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 7
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Quotation____________________________________pdf.exe
|
"C:\Users\user\Desktop\Quotation____________________________________pdf.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\qlOtJNH.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\qlOtJNH" /XML "C:\Users\user\AppData\Local\Temp\tmp85B3.tmp"
|
|
|
|
C:\Users\user\Desktop\Quotation____________________________________pdf.exe
|
"C:\Users\user\Desktop\Quotation____________________________________pdf.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\qlOtJNH.exe
|
C:\Users\user\AppData\Roaming\qlOtJNH.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\qlOtJNH" /XML "C:\Users\user\AppData\Local\Temp\tmp8F48.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\qlOtJNH.exe
|
"C:\Users\user\AppData\Roaming\qlOtJNH.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
|
C:\Windows\sysWOW64\wbem\wmiprvse.exe -secured -Embedding
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.telegram.org/bot
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4D22000
|
trusted library allocation
|
page read and write
|
|
|
|
4CB9000
|
trusted library allocation
|
page read and write
|
|
|
|
401000
|
remote allocation
|
page execute and read and write
|
|
|
|
1400000
|
heap
|
page read and write
|
||
|
67D8000
|
trusted library allocation
|
page read and write
|
||
|
1937000
|
trusted library allocation
|
page execute and read and write
|
||
|
33A0000
|
heap
|
page read and write
|
||
|
175F000
|
heap
|
page read and write
|
||
|
2C54000
|
heap
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
17B6000
|
heap
|
page read and write
|
||
|
2D75000
|
trusted library allocation
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
814D000
|
heap
|
page read and write
|
||
|
140E000
|
stack
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
834F000
|
stack
|
page read and write
|
||
|
2DA0000
|
trusted library allocation
|
page read and write
|
||
|
CDFF000
|
stack
|
page read and write
|
||
|
59C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6810000
|
heap
|
page read and write
|
||
|
B4B000
|
stack
|
page read and write
|
||
|
F2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
9B7E000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
trusted library allocation
|
page execute read
|
||
|
5B6E000
|
stack
|
page read and write
|
||
|
D5B000
|
stack
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
17CB000
|
heap
|
page read and write
|
||
|
7F3A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
191F000
|
stack
|
page read and write
|
||
|
4599000
|
trusted library allocation
|
page read and write
|
||
|
152E000
|
stack
|
page read and write
|
||
|
32E0000
|
heap
|
page execute and read and write
|
||
|
D07C000
|
stack
|
page read and write
|
||
|
2D91000
|
trusted library allocation
|
page read and write
|
||
|
2D6B000
|
stack
|
page read and write
|
||
|
412000
|
remote allocation
|
page execute and read and write
|
||
|
2B1E000
|
stack
|
page read and write
|
||
|
F7B000
|
heap
|
page read and write
|
||
|
5BE0000
|
heap
|
page read and write
|
||
|
7570000
|
heap
|
page read and write
|
||
|
456000
|
remote allocation
|
page execute and read and write
|
||
|
F13000
|
trusted library allocation
|
page execute and read and write
|
||
|
1246000
|
trusted library allocation
|
page execute and read and write
|
||
|
11FE000
|
heap
|
page read and write
|
||
|
59D0000
|
trusted library allocation
|
page read and write
|
||
|
46DA000
|
trusted library allocation
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
7619000
|
heap
|
page read and write
|
||
|
1420000
|
heap
|
page read and write
|
||
|
2AC0000
|
heap
|
page read and write
|
||
|
3390000
|
trusted library allocation
|
page read and write
|
||
|
54AE000
|
stack
|
page read and write
|
||
|
124A000
|
trusted library allocation
|
page execute and read and write
|
||
|
A37F000
|
trusted library allocation
|
page read and write
|
||
|
5916000
|
trusted library allocation
|
page read and write
|
||
|
44B1000
|
trusted library allocation
|
page read and write
|
||
|
1A60000
|
heap
|
page read and write
|
||
|
4906000
|
trusted library allocation
|
page read and write
|
||
|
37CF000
|
stack
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
BE5000
|
heap
|
page read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
17B1000
|
heap
|
page read and write
|
||
|
1703000
|
trusted library allocation
|
page execute and read and write
|
||
|
123F000
|
stack
|
page read and write
|
||
|
2A39000
|
heap
|
page read and write
|
||
|
2C60000
|
trusted library allocation
|
page read and write
|
||
|
115E000
|
stack
|
page read and write
|
||
|
1460000
|
trusted library allocation
|
page read and write
|
||
|
F3E000
|
heap
|
page read and write
|
||
|
5922000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
trusted library allocation
|
page read and write
|
||
|
5810000
|
heap
|
page read and write
|
||
|
7860000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B90000
|
heap
|
page read and write
|
||
|
1762000
|
heap
|
page read and write
|
||
|
156E000
|
stack
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
2D2E000
|
stack
|
page read and write
|
||
|
1920000
|
trusted library allocation
|
page read and write
|
||
|
4602000
|
trusted library allocation
|
page read and write
|
||
|
52D0000
|
heap
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
306E000
|
trusted library allocation
|
page read and write
|
||
|
6820000
|
heap
|
page read and write
|
||
|
32F0000
|
trusted library allocation
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
14E0000
|
heap
|
page read and write
|
||
|
5911000
|
trusted library allocation
|
page read and write
|
||
|
36CF000
|
stack
|
page read and write
|
||
|
425000
|
remote allocation
|
page execute and read and write
|
||
|
1440000
|
heap
|
page read and write
|
||
|
5330000
|
trusted library allocation
|
page execute and read and write
|
||
|
32A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B23000
|
heap
|
page read and write
|
||
|
54F0000
|
heap
|
page read and write
|
||
|
2BB0000
|
heap
|
page read and write
|
||
|
7528000
|
trusted library allocation
|
page read and write
|
||
|
5BBB000
|
stack
|
page read and write
|
||
|
7A10000
|
trusted library section
|
page read and write
|
||
|
8154000
|
heap
|
page read and write
|
||
|
172E000
|
heap
|
page read and write
|
||
|
7200000
|
heap
|
page read and write
|
||
|
5ECE000
|
stack
|
page read and write
|
||
|
527B000
|
trusted library allocation
|
page read and write
|
||
|
1464000
|
trusted library allocation
|
page read and write
|
||
|
7023F000
|
unkown
|
page readonly
|
||
|
7AC0000
|
trusted library allocation
|
page read and write
|
||
|
58FB000
|
trusted library allocation
|
page read and write
|
||
|
6065000
|
heap
|
page read and write
|
||
|
122F000
|
heap
|
page read and write
|
||
|
5BC0000
|
trusted library section
|
page readonly
|
||
|
6800000
|
heap
|
page read and write
|
||
|
600E000
|
stack
|
page read and write
|
||
|
3310000
|
trusted library allocation
|
page read and write
|
||
|
6010000
|
trusted library allocation
|
page execute and read and write
|
||
|
5920000
|
trusted library allocation
|
page read and write
|
||
|
5E4F000
|
stack
|
page read and write
|
||
|
1950000
|
heap
|
page read and write
|
||
|
17EC000
|
heap
|
page read and write
|
||
|
5945000
|
trusted library allocation
|
page read and write
|
||
|
1A5F000
|
stack
|
page read and write
|
||
|
428000
|
remote allocation
|
page execute and read and write
|
||
|
44B9000
|
trusted library allocation
|
page read and write
|
||
|
C62F000
|
stack
|
page read and write
|
||
|
120B000
|
heap
|
page read and write
|
||
|
4DC2000
|
trusted library allocation
|
page read and write
|
||
|
F37000
|
heap
|
page read and write
|
||
|
390F000
|
stack
|
page read and write
|
||
|
17DB000
|
heap
|
page read and write
|
||
|
4DC0000
|
trusted library allocation
|
page read and write
|
||
|
58F0000
|
trusted library allocation
|
page read and write
|
||
|
664E000
|
stack
|
page read and write
|
||
|
5BD0000
|
heap
|
page read and write
|
||
|
13BF000
|
stack
|
page read and write
|
||
|
F6F000
|
heap
|
page read and write
|
||
|
494B000
|
trusted library allocation
|
page read and write
|
||
|
7023D000
|
unkown
|
page read and write
|
||
|
116E000
|
stack
|
page read and write
|
||
|
3210000
|
trusted library allocation
|
page read and write
|
||
|
5343000
|
trusted library allocation
|
page read and write
|
||
|
2CDE000
|
stack
|
page read and write
|
||
|
70221000
|
unkown
|
page execute read
|
||
|
15E0000
|
trusted library allocation
|
page read and write
|
||
|
654F000
|
stack
|
page read and write
|
||
|
2C29000
|
heap
|
page read and write
|
||
|
C3ED000
|
stack
|
page read and write
|
||
|
A8D0000
|
trusted library section
|
page read and write
|
||
|
5800000
|
heap
|
page read and write
|
||
|
2DDC000
|
trusted library allocation
|
page read and write
|
||
|
5940000
|
trusted library allocation
|
page read and write
|
||
|
7A30000
|
trusted library allocation
|
page read and write
|
||
|
1700000
|
trusted library allocation
|
page read and write
|
||
|
544E000
|
stack
|
page read and write
|
||
|
1720000
|
heap
|
page read and write
|
||
|
5BF0000
|
heap
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
15F6000
|
heap
|
page read and write
|
||
|
46B1000
|
trusted library allocation
|
page read and write
|
||
|
458000
|
remote allocation
|
page execute and read and write
|
||
|
4CEF000
|
trusted library allocation
|
page read and write
|
||
|
45F8000
|
trusted library allocation
|
page read and write
|
||
|
1487000
|
heap
|
page read and write
|
||
|
101E000
|
stack
|
page read and write
|
||
|
70236000
|
unkown
|
page readonly
|
||
|
5270000
|
trusted library allocation
|
page read and write
|
||
|
6060000
|
heap
|
page read and write
|
||
|
528E000
|
trusted library allocation
|
page read and write
|
||
|
426000
|
remote allocation
|
page execute and read and write
|
||
|
4804000
|
trusted library allocation
|
page read and write
|
||
|
5C00000
|
trusted library allocation
|
page execute and read and write
|
||
|
427000
|
remote allocation
|
page execute and read and write
|
||
|
5B1E000
|
stack
|
page read and write
|
||
|
C52E000
|
stack
|
page read and write
|
||
|
2C0E000
|
stack
|
page read and write
|
||
|
52B0000
|
trusted library allocation
|
page read and write
|
||
|
1470000
|
trusted library allocation
|
page read and write
|
||
|
45D000
|
remote allocation
|
page execute and read and write
|
||
|
52E0000
|
trusted library allocation
|
page read and write
|
||
|
15AE000
|
stack
|
page read and write
|
||
|
459000
|
remote allocation
|
page execute and read and write
|
||
|
15F0000
|
heap
|
page read and write
|
||
|
172B000
|
heap
|
page read and write
|
||
|
2A40000
|
heap
|
page read and write
|
||
|
75E9000
|
heap
|
page read and write
|
||
|
1811000
|
heap
|
page read and write
|
||
|
EF7000
|
stack
|
page read and write
|
||
|
6805000
|
heap
|
page read and write
|
||
|
71FE000
|
heap
|
page read and write
|
||
|
380E000
|
stack
|
page read and write
|
||
|
1932000
|
trusted library allocation
|
page read and write
|
||
|
2B90000
|
heap
|
page read and write
|
||
|
13A7000
|
trusted library allocation
|
page execute and read and write
|
||
|
52D3000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
C5B000
|
stack
|
page read and write
|
||
|
79AE000
|
stack
|
page read and write
|
||
|
529D000
|
trusted library allocation
|
page read and write
|
||
|
F4E000
|
heap
|
page read and write
|
||
|
76AE000
|
stack
|
page read and write
|
||
|
2D70000
|
trusted library allocation
|
page read and write
|
||
|
C76C000
|
stack
|
page read and write
|
||
|
1213000
|
heap
|
page read and write
|
||
|
45A000
|
remote allocation
|
page execute and read and write
|
||
|
757E000
|
heap
|
page read and write
|
||
|
FA1000
|
heap
|
page read and write
|
||
|
34B1000
|
trusted library allocation
|
page read and write
|
||
|
139E000
|
stack
|
page read and write
|
||
|
4DA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A67000
|
heap
|
page read and write
|
||
|
1922000
|
trusted library allocation
|
page read and write
|
||
|
7598000
|
heap
|
page read and write
|
||
|
325E000
|
stack
|
page read and write
|
||
|
1466000
|
trusted library allocation
|
page read and write
|
||
|
11DC000
|
heap
|
page read and write
|
||
|
1242000
|
trusted library allocation
|
page read and write
|
||
|
F14000
|
trusted library allocation
|
page read and write
|
||
|
C4EE000
|
stack
|
page read and write
|
||
|
7AD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1099000
|
stack
|
page read and write
|
||
|
5C50000
|
heap
|
page execute and read and write
|
||
|
7523000
|
trusted library allocation
|
page read and write
|
||
|
57F0000
|
trusted library section
|
page readonly
|
||
|
EFB000
|
stack
|
page read and write
|
||
|
57EE000
|
stack
|
page read and write
|
||
|
1930000
|
trusted library allocation
|
page read and write
|
||
|
77AE000
|
stack
|
page read and write
|
||
|
CF7C000
|
stack
|
page read and write
|
||
|
45C000
|
remote allocation
|
page execute and read and write
|
||
|
457000
|
remote allocation
|
page execute and read and write
|
||
|
11C8000
|
heap
|
page read and write
|
||
|
38CF000
|
stack
|
page read and write
|
||
|
70220000
|
unkown
|
page readonly
|
||
|
CCFE000
|
stack
|
page read and write
|
||
|
411000
|
remote allocation
|
page execute and read and write
|
||
|
193B000
|
trusted library allocation
|
page execute and read and write
|
||
|
CCBE000
|
stack
|
page read and write
|
||
|
2A30000
|
heap
|
page read and write
|
||
|
1410000
|
trusted library allocation
|
page execute and read and write
|
||
|
16FF000
|
stack
|
page read and write
|
||
|
674E000
|
stack
|
page read and write
|
||
|
2D90000
|
heap
|
page read and write
|
||
|
1240000
|
trusted library allocation
|
page read and write
|
||
|
4760000
|
trusted library allocation
|
page read and write
|
||
|
FA2000
|
heap
|
page read and write
|
||
|
3D99000
|
trusted library allocation
|
page read and write
|
||
|
F85000
|
heap
|
page read and write
|
||
|
5320000
|
heap
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
192A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1450000
|
trusted library allocation
|
page read and write
|
||
|
6020000
|
trusted library allocation
|
page read and write
|
||
|
7520000
|
trusted library allocation
|
page read and write
|
||
|
7023D000
|
unkown
|
page read and write
|
||
|
13C0000
|
trusted library allocation
|
page read and write
|
||
|
E15000
|
heap
|
page read and write
|
||
|
493A000
|
trusted library allocation
|
page read and write
|
||
|
4D90000
|
trusted library allocation
|
page read and write
|
||
|
5930000
|
trusted library allocation
|
page read and write
|
||
|
1926000
|
trusted library allocation
|
page execute and read and write
|
||
|
52A2000
|
trusted library allocation
|
page read and write
|
||
|
1056000
|
heap
|
page read and write
|
||
|
34E8000
|
trusted library allocation
|
page read and write
|
||
|
112F000
|
stack
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
368F000
|
stack
|
page read and write
|
||
|
5970000
|
trusted library allocation
|
page read and write
|
||
|
1160000
|
trusted library allocation
|
page execute read
|
||
|
F10000
|
unkown
|
page readonly
|
||
|
413000
|
remote allocation
|
page execute and read and write
|
||
|
527E000
|
trusted library allocation
|
page read and write
|
||
|
BFE000
|
stack
|
page read and write
|
||
|
5291000
|
trusted library allocation
|
page read and write
|
||
|
5B20000
|
heap
|
page read and write
|
||
|
2D50000
|
heap
|
page read and write
|
||
|
F1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5C10000
|
trusted library allocation
|
page read and write
|
||
|
2AB0000
|
heap
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
E0E000
|
stack
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
7910000
|
heap
|
page read and write
|
||
|
791E000
|
heap
|
page read and write
|
||
|
7C1E000
|
stack
|
page read and write
|
||
|
56EE000
|
stack
|
page read and write
|
||
|
45E000
|
remote allocation
|
page execute and read and write
|
||
|
2BA0000
|
heap
|
page read and write
|
||
|
55AC000
|
stack
|
page read and write
|
||
|
591D000
|
trusted library allocation
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
424000
|
remote allocation
|
page execute and read and write
|
||
|
71F0000
|
heap
|
page read and write
|
||
|
7FB90000
|
trusted library allocation
|
page execute and read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
2B94000
|
heap
|
page read and write
|
||
|
329C000
|
stack
|
page read and write
|
||
|
36CE000
|
stack
|
page read and write
|
||
|
2DD8000
|
trusted library allocation
|
page read and write
|
||
|
435000
|
remote allocation
|
page execute and read and write
|
||
|
5950000
|
trusted library allocation
|
page read and write
|
||
|
FD9000
|
heap
|
page read and write
|
||
|
113E000
|
stack
|
page read and write
|
||
|
81C3000
|
heap
|
page read and write
|
||
|
590E000
|
trusted library allocation
|
page read and write
|
||
|
78AE000
|
stack
|
page read and write
|
||
|
52A0000
|
trusted library allocation
|
page read and write
|
||
|
48A7000
|
trusted library allocation
|
page read and write
|
||
|
1197000
|
stack
|
page read and write
|
||
|
129E000
|
stack
|
page read and write
|
||
|
100C000
|
heap
|
page read and write
|
||
|
6080000
|
heap
|
page read and write
|
||
|
C86C000
|
stack
|
page read and write
|
||
|
1710000
|
trusted library allocation
|
page read and write
|
||
|
3D91000
|
trusted library allocation
|
page read and write
|
||
|
819F000
|
heap
|
page read and write
|
||
|
34FE000
|
trusted library allocation
|
page read and write
|
||
|
5F0B000
|
stack
|
page read and write
|
||
|
59B0000
|
heap
|
page read and write
|
||
|
2D80000
|
heap
|
page execute and read and write
|
||
|
414000
|
remote allocation
|
page execute and read and write
|
||
|
F23000
|
trusted library allocation
|
page read and write
|
||
|
4F2C000
|
stack
|
page read and write
|
||
|
1713000
|
trusted library allocation
|
page read and write
|
||
|
8110000
|
heap
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
171D000
|
trusted library allocation
|
page execute and read and write
|
||
|
58FE000
|
trusted library allocation
|
page read and write
|
||
|
7B1E000
|
stack
|
page read and write
|
||
|
7023D000
|
unkown
|
page read and write
|
||
|
13A2000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
trusted library allocation
|
page read and write
|
||
|
F71000
|
heap
|
page read and write
|
||
|
7850000
|
trusted library allocation
|
page read and write
|
||
|
32B0000
|
heap
|
page read and write
|
||
|
126F000
|
stack
|
page read and write
|
||
|
58F4000
|
trusted library allocation
|
page read and write
|
||
|
F3A000
|
heap
|
page read and write
|
||
|
170D000
|
trusted library allocation
|
page execute and read and write
|
||
|
45B000
|
remote allocation
|
page execute and read and write
|
||
|
5296000
|
trusted library allocation
|
page read and write
|
||
|
824E000
|
stack
|
page read and write
|
||
|
F64000
|
heap
|
page read and write
|
||
|
7595000
|
heap
|
page read and write
|
||
|
13AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7023D000
|
unkown
|
page read and write
|
||
|
378E000
|
trusted library allocation
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
5ADE000
|
stack
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
33A0000
|
heap
|
page read and write
|
||
|
CBBE000
|
stack
|
page read and write
|
||
|
34AF000
|
stack
|
page read and write
|
||
|
3300000
|
trusted library allocation
|
page execute and read and write
|
||
|
54EE000
|
stack
|
page read and write
|
||
|
34F4000
|
trusted library allocation
|
page read and write
|
||
|
67D0000
|
trusted library allocation
|
page read and write
|
||
|
7560000
|
trusted library allocation
|
page read and write
|
||
|
2C20000
|
heap
|
page read and write
|
||
|
5A80000
|
trusted library allocation
|
page read and write
|
||
|
6070000
|
heap
|
page read and write
|
||
|
2DC8000
|
trusted library allocation
|
page read and write
|
||
|
5460000
|
heap
|
page execute and read and write
|
||
|
13A0000
|
trusted library allocation
|
page read and write
|
||
|
1704000
|
trusted library allocation
|
page read and write
|
||
|
F12000
|
unkown
|
page readonly
|
||
|
5340000
|
trusted library allocation
|
page read and write
|
||
|
B39000
|
stack
|
page read and write
|
||
|
5274000
|
trusted library allocation
|
page read and write
|
||
|
53F0000
|
trusted library allocation
|
page read and write
|
||
|
3313000
|
trusted library allocation
|
page read and write
|
There are 363 hidden memdumps, click here to show them.