Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
New order BPD-003777.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\0507P35R
|
SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 2, database pages 56, cookie
0x24, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\proximobuccal
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\New order BPD-003777.exe
|
"C:\Users\user\Desktop\New order BPD-003777.exe"
|
|
|
|
C:\Windows\SysWOW64\svchost.exe
|
"C:\Users\user\Desktop\New order BPD-003777.exe"
|
|
|
|
C:\Program Files (x86)\YCRIsUHDWrNbkRXMzeGcsahUMUSqSnoZrCZzdnRxqtNSRtuRWWmlapICLWWtbkGMMOPQbB\xTzxorEdKnFN.exe
|
"C:\Program Files (x86)\YCRIsUHDWrNbkRXMzeGcsahUMUSqSnoZrCZzdnRxqtNSRtuRWWmlapICLWWtbkGMMOPQbB\xTzxorEdKnFN.exe"
|
|
|
|
C:\Windows\SysWOW64\colorcpl.exe
|
"C:\Windows\SysWOW64\colorcpl.exe"
|
|
|
|
C:\Program Files (x86)\YCRIsUHDWrNbkRXMzeGcsahUMUSqSnoZrCZzdnRxqtNSRtuRWWmlapICLWWtbkGMMOPQbB\xTzxorEdKnFN.exe
|
"C:\Program Files (x86)\YCRIsUHDWrNbkRXMzeGcsahUMUSqSnoZrCZzdnRxqtNSRtuRWWmlapICLWWtbkGMMOPQbB\xTzxorEdKnFN.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.100millionjobs.africa/bdcw/?PZtTT8P0=qaHXDXYx2LkqUhRgEdOOXwktUSYbuju1qW3oIWQPB3qEMr74muRmFAO/aMKpOinIiMZClj3zM1CqZGG9lmLXrV5MIhxFycB6Ix5Y/8KR9paRaaTHbT0ZPxs=&-HT0=eZZx0LUhp4u8Nb7
|
136.243.64.147
|
|
|
|
http://www.jackys.shop/tc4z/
|
217.160.0.207
|
|
|
|
http://www.cikolatasampuan.xyz/sbv2/
|
104.21.32.1
|
|
|
|
http://www.cikolatasampuan.xyz/sbv2/?PZtTT8P0=KCOXl4L0MjZtpt9om/tmYw0VttOad0yMCs4OQKkXNc8VH0itCYxOihExehlokU3aZEnUGvFTmMELvqtU+Kox5tVgQ7KRBTJUg1vzgVjJ1xaulaVtzEKyyvI=&-HT0=eZZx0LUhp4u8Nb7
|
104.21.32.1
|
|
|
|
http://www.l33900.xyz/t4o7/?PZtTT8P0=uJKBo1tKDv7YsektomxAe6xLUzKhSocRURbZYBlCa5gveKZ37rsA10kLqgKMu7eO65AngIyj7yeUeCYZeYghmIfm5PSli+U+Ur1GTnr4eXI8Tij3papz9cQ=&-HT0=eZZx0LUhp4u8Nb7
|
162.218.30.235
|
|
|
|
http://www.jackys.shop/tc4z/?PZtTT8P0=ny3bLW3OcbOKXixzoTTFtaWz9zwbCAlCkXueetxIQf0InYmFA4wH3zQZz5ZeXWajS8kP4gBJ8eOTYb+e2w2GS9Rfuczm284n9HscOXcNPb7iGn3oZX2z0bs=&-HT0=eZZx0LUhp4u8Nb7
|
217.160.0.207
|
|
|
|
http://www.buildfuture.website/brgm/?-HT0=eZZx0LUhp4u8Nb7&PZtTT8P0=zZBAurvGVFID4gQja6K5puo946UQMWfD5PMg/RgwWhmYguwOMej1h7bKFXAKsHPKzWTIbqUmzdTnclHnVVtC51fb9z47H8HhLLvcw9Akuk8AFxTwcor1860=
|
162.0.236.169
|
|
|
|
http://www.buildfuture.website/brgm/
|
162.0.236.169
|
|
|
|
http://www.blockconnect.tech/yrw8/
|
13.248.169.48
|
|
|
|
http://www.blockconnect.tech/yrw8/?PZtTT8P0=RFR6bYZjT9m40Qm+zbryzANOuUFT5Vwsrp8mJhbrSqaa0hAU+0NzQA7l3HeOPbt8HBkBLiHPDpxMijTsjbxyiMcdqRih2VgGUZM/FBv+f3nAi4b7MCsEdgs=&-HT0=eZZx0LUhp4u8Nb7
|
13.248.169.48
|
|
|
|
http://www.l33900.xyz/t4o7/
|
162.218.30.235
|
|
|
|
http://www.6hcwz.info/vslm/
|
172.67.183.191
|
|
|
|
http://www.accusolution.pro/s4sk/?PZtTT8P0=w1z0LxExs9MXILOhkTw/05qIOC9wPz9pW67ass2TZN6sDGg0GyeGaAU8sMVSePVNOj9ELn/nlJfz7v0haQuSr/gZC77LrnvOb7BfL6JpYx8NJq7/9PXIC+k=&-HT0=eZZx0LUhp4u8Nb7
|
185.68.108.243
|
|
|
|
http://www.accusolution.pro/s4sk/
|
185.68.108.243
|
|
|
|
http://www.100millionjobs.africa/bdcw/
|
136.243.64.147
|
|
|
|
http://www.6hcwz.info/vslm/?PZtTT8P0=zC4zMG0SLXGKoOyqUI5Abkx/PzoLDn/S8PthLULLwKSzNefTy4ZudJoNt3Kk74AgS/gmI7rmIyltTNtABG2sKNdnUxIQu/0toq2WPl2/BEOTqysptoicMx8=&-HT0=eZZx0LUhp4u8Nb7
|
172.67.183.191
|
|
|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
http://www.6hcwz.info
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
http://maximumgroup.co.za/bdcw/?PZtTT8P0=qaHXDXYx2LkqUhRgEdOOXwktUSYbuju1qW3oIWQPB3qEMr74muRmFAO/aMK
|
unknown
|
||
|
https://wx.longwaysun.com/app/register.php?site_id=2239&topId=64819/t4o7/
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://jackys.shop/tc4z/?PZtTT8P0=ny3bLW3OcbOKXixzoTTFtaWz9zwbCAlCkXueetxIQf0InYmFA4wH3zQZz5ZeXWajS
|
unknown
|
||
|
http://cikolatasampuan.xyz/
|
unknown
|
||
|
https://wx.longwaysun.com/app/register.php?site_id=2239&topId=64819/t4o7/
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
There are 20 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.l33900.xyz
|
162.218.30.235
|
|
|
|
mraber.dev
|
46.38.243.234
|
|
|
|
www.6hcwz.info
|
172.67.183.191
|
|
|
|
www.jackys.shop
|
217.160.0.207
|
|
|
|
www.buildfuture.website
|
162.0.236.169
|
|
|
|
accusolution.pro
|
185.68.108.243
|
|
|
|
100millionjobs.africa
|
136.243.64.147
|
|
|
|
www.cikolatasampuan.xyz
|
104.21.32.1
|
|
|
|
www.blockconnect.tech
|
13.248.169.48
|
|
|
|
www.100millionjobs.africa
|
unknown
|
||
|
www.mraber.dev
|
unknown
|
||
|
www.accusolution.pro
|
unknown
|
There are 2 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
13.248.169.48
|
www.blockconnect.tech
|
United States
|
|
|
|
104.21.32.1
|
www.cikolatasampuan.xyz
|
United States
|
|
|
|
217.160.0.207
|
www.jackys.shop
|
Germany
|
|
|
|
136.243.64.147
|
100millionjobs.africa
|
Germany
|
|
|
|
162.218.30.235
|
www.l33900.xyz
|
United States
|
|
|
|
185.68.108.243
|
accusolution.pro
|
Spain
|
|
|
|
172.67.183.191
|
www.6hcwz.info
|
United States
|
|
|
|
162.0.236.169
|
www.buildfuture.website
|
Canada
|
|
|
|
46.38.243.234
|
mraber.dev
|
Germany
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2F90000
|
trusted library allocation
|
page read and write
|
|
|
|
2FE0000
|
trusted library allocation
|
page read and write
|
|
|
|
820000
|
system
|
page execute and read and write
|
|
|
|
29B0000
|
system
|
page execute and read and write
|
|
|
|
700000
|
system
|
page execute and read and write
|
|
|
|
2980000
|
unclassified section
|
page execute and read and write
|
|
|
|
3F50000
|
unclassified section
|
page execute and read and write
|
|
|
|
3310000
|
unkown
|
page execute and read and write
|
|
|
|
4801000
|
heap
|
page read and write
|
||
|
7D72000
|
heap
|
page read and write
|
||
|
800000
|
unkown
|
page readonly
|
||
|
4E2D000
|
direct allocation
|
page execute and read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
2E43000
|
heap
|
page read and write
|
||
|
C21000
|
unkown
|
page readonly
|
||
|
2978000
|
stack
|
page read and write
|
||
|
2E17000
|
heap
|
page read and write
|
||
|
9E0000
|
unkown
|
page readonly
|
||
|
2A13000
|
heap
|
page read and write
|
||
|
320000
|
unkown
|
page readonly
|
||
|
2710000
|
heap
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
E30000
|
unkown
|
page readonly
|
||
|
2E2B000
|
heap
|
page read and write
|
||
|
2C12000
|
heap
|
page read and write
|
||
|
3EE9000
|
direct allocation
|
page read and write
|
||
|
C30000
|
unkown
|
page read and write
|
||
|
C40000
|
unkown
|
page read and write
|
||
|
2E24000
|
heap
|
page read and write
|
||
|
2D720C50000
|
trusted library allocation
|
page read and write
|
||
|
1465000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
E4E47FE000
|
stack
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2D720C50000
|
trusted library allocation
|
page read and write
|
||
|
C31000
|
unkown
|
page readonly
|
||
|
38D1000
|
heap
|
page read and write
|
||
|
2C17000
|
heap
|
page read and write
|
||
|
319E000
|
heap
|
page read and write
|
||
|
4EA2000
|
direct allocation
|
page execute and read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
9C0000
|
unkown
|
page readonly
|
||
|
C85000
|
unkown
|
page read and write
|
||
|
DDB000
|
stack
|
page read and write
|
||
|
4A60000
|
trusted library allocation
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2E58000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
7D7E000
|
heap
|
page read and write
|
||
|
2D71F47F000
|
heap
|
page read and write
|
||
|
A30000
|
unkown
|
page readonly
|
||
|
1F7C4000
|
system
|
page read and write
|
||
|
C7E000
|
unkown
|
page readonly
|
||
|
1054000
|
heap
|
page read and write
|
||
|
7E30000
|
trusted library allocation
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
3A8F000
|
heap
|
page read and write
|
||
|
6FC000
|
stack
|
page read and write
|
||
|
2B84000
|
unkown
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
518C000
|
unclassified section
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
34AA000
|
heap
|
page read and write
|
||
|
4A70000
|
trusted library allocation
|
page read and write
|
||
|
2A13000
|
heap
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
2D720E00000
|
trusted library allocation
|
page read and write
|
||
|
2E24000
|
heap
|
page read and write
|
||
|
4FCC000
|
unclassified section
|
page read and write
|
||
|
2DBD000
|
heap
|
page read and write
|
||
|
3A80000
|
direct allocation
|
page read and write
|
||
|
7AB0000
|
trusted library allocation
|
page read and write
|
||
|
3579000
|
unkown
|
page execute and read and write
|
||
|
2E89000
|
heap
|
page read and write
|
||
|
2DBB000
|
heap
|
page read and write
|
||
|
7FAD000
|
stack
|
page read and write
|
||
|
7D8A000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
22C0000
|
heap
|
page read and write
|
||
|
2580000
|
unkown
|
page read and write
|
||
|
38A000
|
stack
|
page read and write
|
||
|
24C2000
|
unkown
|
page read and write
|
||
|
2A13000
|
heap
|
page read and write
|
||
|
C70000
|
unkown
|
page readonly
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2DCC000
|
heap
|
page read and write
|
||
|
2DD6000
|
heap
|
page read and write
|
||
|
F3D000
|
stack
|
page read and write
|
||
|
7D41000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
8CE000
|
stack
|
page read and write
|
||
|
408D000
|
direct allocation
|
page read and write
|
||
|
2D71F4A0000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2D71F49C000
|
heap
|
page read and write
|
||
|
2D71F3F0000
|
heap
|
page read and write
|
||
|
4C0C000
|
stack
|
page read and write
|
||
|
83FF000
|
stack
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2280000
|
unkown
|
page readonly
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
22C4000
|
heap
|
page read and write
|
||
|
4B1E000
|
stack
|
page read and write
|
||
|
94F000
|
heap
|
page read and write
|
||
|
2D24000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
C7E000
|
unkown
|
page readonly
|
||
|
2E38000
|
heap
|
page read and write
|
||
|
38D1000
|
heap
|
page read and write
|
||
|
40FE000
|
direct allocation
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2D720FA9000
|
trusted library allocation
|
page read and write
|
||
|
3050000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2DC6000
|
heap
|
page read and write
|
||
|
2A13000
|
heap
|
page read and write
|
||
|
22C0000
|
heap
|
page read and write
|
||
|
3F60000
|
direct allocation
|
page read and write
|
||
|
3BA3000
|
direct allocation
|
page read and write
|
||
|
281F000
|
stack
|
page read and write
|
||
|
5EE0000
|
unclassified section
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
883000
|
system
|
page execute and read and write
|
||
|
2634000
|
heap
|
page read and write
|
||
|
873000
|
system
|
page execute and read and write
|
||
|
2A13000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
1C8D000
|
stack
|
page read and write
|
||
|
E6E000
|
stack
|
page read and write
|
||
|
6FC000
|
stack
|
page read and write
|
||
|
7D77000
|
heap
|
page read and write
|
||
|
7D83000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2E53000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
F70000
|
unkown
|
page readonly
|
||
|
843E000
|
stack
|
page read and write
|
||
|
C30000
|
unkown
|
page read and write
|
||
|
3C0000
|
unkown
|
page readonly
|
||
|
9B0000
|
unkown
|
page readonly
|
||
|
310000
|
unkown
|
page readonly
|
||
|
540F000
|
stack
|
page read and write
|
||
|
2E65000
|
heap
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2DC6000
|
heap
|
page read and write
|
||
|
23D0000
|
unkown
|
page readonly
|
||
|
1170000
|
unkown
|
page readonly
|
||
|
3EED000
|
direct allocation
|
page read and write
|
||
|
1F1C2000
|
system
|
page read and write
|
||
|
C87000
|
unkown
|
page readonly
|
||
|
31CC000
|
unkown
|
page read and write
|
||
|
2630000
|
heap
|
page read and write
|
||
|
3DC0000
|
direct allocation
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2D71F170000
|
system
|
page execute and read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
E4E4FFE000
|
stack
|
page read and write
|
||
|
3EE3000
|
direct allocation
|
page read and write
|
||
|
2D720F00000
|
trusted library allocation
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2930000
|
direct allocation
|
page read and write
|
||
|
2C1B000
|
heap
|
page read and write
|
||
|
146F000
|
heap
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
3DC0000
|
direct allocation
|
page read and write
|
||
|
13E3000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
3B23000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2A13000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
7D51000
|
heap
|
page read and write
|
||
|
2D720D00000
|
trusted library allocation
|
page read and write
|
||
|
2D24000
|
heap
|
page read and write
|
||
|
2D71F48C000
|
heap
|
page read and write
|
||
|
2D720FC4000
|
trusted library allocation
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
38D0000
|
heap
|
page read and write
|
||
|
4F72000
|
unclassified section
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
3EE3000
|
direct allocation
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
3E0000
|
unkown
|
page readonly
|
||
|
C50000
|
unkown
|
page readonly
|
||
|
C60000
|
heap
|
page read and write
|
||
|
52CF000
|
stack
|
page read and write
|
||
|
C85000
|
unkown
|
page read and write
|
||
|
2A13000
|
heap
|
page read and write
|
||
|
2E7F000
|
heap
|
page read and write
|
||
|
7D95000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
810000
|
unkown
|
page readonly
|
||
|
147C000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
C7E000
|
unkown
|
page readonly
|
||
|
4801000
|
heap
|
page read and write
|
||
|
9C0000
|
unkown
|
page readonly
|
||
|
A30000
|
unkown
|
page readonly
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2D720E0D000
|
trusted library allocation
|
page read and write
|
||
|
492D000
|
heap
|
page read and write
|
||
|
1447000
|
heap
|
page read and write
|
||
|
3A80000
|
direct allocation
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
5D4E000
|
unclassified section
|
page read and write
|
||
|
2E26000
|
heap
|
page read and write
|
||
|
B0E000
|
stack
|
page read and write
|
||
|
C71000
|
unkown
|
page execute read
|
||
|
428000
|
unkown
|
page read and write
|
||
|
279C000
|
unkown
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4900000
|
trusted library allocation
|
page read and write
|
||
|
C70000
|
unkown
|
page readonly
|
||
|
1F102000
|
system
|
page read and write
|
||
|
F7E000
|
stack
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2910000
|
unkown
|
page execute and read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
891000
|
system
|
page execute and read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
3A80000
|
direct allocation
|
page read and write
|
||
|
7FB0000
|
heap
|
page read and write
|
||
|
3DC0000
|
direct allocation
|
page read and write
|
||
|
3511000
|
unkown
|
page execute and read and write
|
||
|
2D720E21000
|
trusted library allocation
|
page read and write
|
||
|
C87000
|
unkown
|
page readonly
|
||
|
4089000
|
direct allocation
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
4089000
|
direct allocation
|
page read and write
|
||
|
C0F000
|
stack
|
page read and write
|
||
|
3DC0000
|
direct allocation
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
E4E57FE000
|
stack
|
page read and write
|
||
|
3BA3000
|
direct allocation
|
page read and write
|
||
|
408D000
|
direct allocation
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
3C0000
|
unkown
|
page readonly
|
||
|
4801000
|
heap
|
page read and write
|
||
|
3682000
|
unkown
|
page read and write
|
||
|
2D720E03000
|
trusted library allocation
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
3BA3000
|
direct allocation
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2D720E14000
|
trusted library allocation
|
page read and write
|
||
|
2630000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
3BA3000
|
direct allocation
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
A20000
|
unkown
|
page read and write
|
||
|
2FFF000
|
stack
|
page read and write
|
||
|
2980000
|
direct allocation
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2DCC000
|
heap
|
page read and write
|
||
|
5BBC000
|
unclassified section
|
page read and write
|
||
|
2D10000
|
heap
|
page read and write
|
||
|
2980000
|
direct allocation
|
page read and write
|
||
|
2580000
|
unkown
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2A13000
|
heap
|
page read and write
|
||
|
41B9000
|
unclassified section
|
page execute and read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2E12000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
5574000
|
unclassified section
|
page read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
332D000
|
direct allocation
|
page execute and read and write
|
||
|
5898000
|
unclassified section
|
page read and write
|
||
|
7D56000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
890000
|
direct allocation
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
2D71F4A3000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
280000
|
unkown
|
page readonly
|
||
|
38D1000
|
heap
|
page read and write
|
||
|
C40000
|
unkown
|
page read and write
|
||
|
335E000
|
unkown
|
page read and write
|
||
|
35A000
|
unkown
|
page execute and read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
3129000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
7D86000
|
heap
|
page read and write
|
||
|
3EED000
|
direct allocation
|
page read and write
|
||
|
97C000
|
stack
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
5A2A000
|
unclassified section
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
24C2000
|
unkown
|
page read and write
|
||
|
38A000
|
stack
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4EB2000
|
unclassified section
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
37E0000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2E83000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
3F5E000
|
direct allocation
|
page read and write
|
||
|
C87000
|
unkown
|
page readonly
|
||
|
4801000
|
heap
|
page read and write
|
||
|
357F000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
3EE9000
|
direct allocation
|
page read and write
|
||
|
4D0C000
|
stack
|
page read and write
|
||
|
4C89000
|
direct allocation
|
page execute and read and write
|
||
|
51CE000
|
stack
|
page read and write
|
||
|
2EFF000
|
stack
|
page read and write
|
||
|
3200000
|
direct allocation
|
page execute and read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
3F5E000
|
direct allocation
|
page read and write
|
||
|
13C4000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
1098000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2DC6000
|
heap
|
page read and write
|
||
|
C70000
|
unkown
|
page readonly
|
||
|
C31000
|
unkown
|
page readonly
|
||
|
F70000
|
unkown
|
page readonly
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
C10000
|
unkown
|
page read and write
|
||
|
1311000
|
heap
|
page read and write
|
||
|
2C17000
|
heap
|
page read and write
|
||
|
40FE000
|
direct allocation
|
page read and write
|
||
|
2980000
|
direct allocation
|
page read and write
|
||
|
C71000
|
unkown
|
page execute read
|
||
|
25DC000
|
unkown
|
page read and write
|
||
|
2D720E0F000
|
trusted library allocation
|
page read and write
|
||
|
4CFE000
|
direct allocation
|
page execute and read and write
|
||
|
9B0000
|
unkown
|
page readonly
|
||
|
5F0000
|
unkown
|
page readonly
|
||
|
1E20000
|
direct allocation
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2820000
|
unkown
|
page readonly
|
||
|
2F23000
|
heap
|
page read and write
|
||
|
421000
|
unkown
|
page execute and read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
3A8B000
|
heap
|
page read and write
|
||
|
2C1A000
|
heap
|
page read and write
|
||
|
93F000
|
heap
|
page read and write
|
||
|
39D2000
|
heap
|
page read and write
|
||
|
DBF000
|
stack
|
page read and write
|
||
|
C7E000
|
unkown
|
page readonly
|
||
|
2A02000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
3F5E000
|
direct allocation
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
3001000
|
heap
|
page read and write
|
||
|
4A60000
|
trusted library allocation
|
page read and write
|
||
|
2A00000
|
heap
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
2710000
|
heap
|
page read and write
|
||
|
2E21000
|
heap
|
page read and write
|
||
|
49B9000
|
heap
|
page read and write
|
||
|
816000
|
heap
|
page read and write
|
||
|
1F3DC000
|
system
|
page read and write
|
||
|
810000
|
unkown
|
page readonly
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2D16000
|
unkown
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
928000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
7D8B000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
3E0000
|
unkown
|
page readonly
|
||
|
E78000
|
heap
|
page read and write
|
||
|
2D71F380000
|
heap
|
page read and write
|
||
|
3D0000
|
unkown
|
page readonly
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2820000
|
unkown
|
page readonly
|
||
|
847F000
|
stack
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
68C000
|
stack
|
page read and write
|
||
|
480A000
|
heap
|
page read and write
|
||
|
2A13000
|
heap
|
page read and write
|
||
|
88F000
|
system
|
page execute and read and write
|
||
|
2D720FCE000
|
trusted library allocation
|
page read and write
|
||
|
2E12000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
530E000
|
stack
|
page read and write
|
||
|
8E6000
|
system
|
page execute and read and write
|
||
|
7D7A000
|
heap
|
page read and write
|
||
|
2E6F000
|
heap
|
page read and write
|
||
|
2E07000
|
heap
|
page read and write
|
||
|
DEF000
|
stack
|
page read and write
|
||
|
2582000
|
unkown
|
page read and write
|
||
|
38D1000
|
heap
|
page read and write
|
||
|
40FE000
|
direct allocation
|
page read and write
|
||
|
2280000
|
unkown
|
page readonly
|
||
|
22C4000
|
heap
|
page read and write
|
||
|
312D000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
34F0000
|
unkown
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
C71000
|
unkown
|
page execute read
|
||
|
2D01000
|
heap
|
page read and write
|
||
|
408D000
|
direct allocation
|
page read and write
|
||
|
90E000
|
stack
|
page read and write
|
||
|
3542000
|
direct allocation
|
page execute and read and write
|
||
|
9E0000
|
unkown
|
page readonly
|
||
|
3F60000
|
direct allocation
|
page read and write
|
||
|
C87000
|
unkown
|
page readonly
|
||
|
188E000
|
stack
|
page read and write
|
||
|
2D720F01000
|
trusted library allocation
|
page read and write
|
||
|
34CD000
|
direct allocation
|
page execute and read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
39D8000
|
heap
|
page read and write
|
||
|
7D4B000
|
heap
|
page read and write
|
||
|
DCF000
|
stack
|
page read and write
|
||
|
83BE000
|
stack
|
page read and write
|
||
|
2E26000
|
heap
|
page read and write
|
||
|
C10000
|
unkown
|
page read and write
|
||
|
2DA8000
|
heap
|
page read and write
|
||
|
2240000
|
unkown
|
page read and write
|
||
|
3EED000
|
direct allocation
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
C85000
|
unkown
|
page read and write
|
||
|
E78000
|
heap
|
page read and write
|
||
|
3DC0000
|
direct allocation
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
E4E5FFE000
|
stack
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4A60000
|
trusted library allocation
|
page read and write
|
||
|
2E38000
|
heap
|
page read and write
|
||
|
4ADD000
|
stack
|
page read and write
|
||
|
2DC6000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
87A000
|
stack
|
page read and write
|
||
|
6CB000
|
stack
|
page read and write
|
||
|
928000
|
heap
|
page read and write
|
||
|
2A13000
|
heap
|
page read and write
|
||
|
3F60000
|
direct allocation
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4AE2000
|
heap
|
page read and write
|
||
|
2C2F000
|
heap
|
page read and write
|
||
|
2DC1000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2D720E12000
|
trusted library allocation
|
page read and write
|
||
|
7D3A000
|
heap
|
page read and write
|
||
|
3D0000
|
unkown
|
page readonly
|
||
|
2D71F20E000
|
system
|
page execute and read and write
|
||
|
2C05000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
7D5B000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
7D81000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
23D0000
|
unkown
|
page readonly
|
||
|
4801000
|
heap
|
page read and write
|
||
|
1E80000
|
heap
|
page read and write
|
||
|
281000
|
unkown
|
page execute and read and write
|
||
|
4B60000
|
direct allocation
|
page execute and read and write
|
||
|
2D71F4A3000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2D71F20A000
|
system
|
page execute and read and write
|
||
|
79A000
|
stack
|
page read and write
|
||
|
2D71F470000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2DA0000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2A13000
|
heap
|
page read and write
|
||
|
1F21C000
|
system
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
3DC0000
|
direct allocation
|
page read and write
|
||
|
3EED000
|
direct allocation
|
page read and write
|
||
|
910000
|
unkown
|
page read and write
|
||
|
3A80000
|
direct allocation
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
22A0000
|
unkown
|
page read and write
|
||
|
C21000
|
unkown
|
page readonly
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
34C000
|
unkown
|
page execute and read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
3CB000
|
unkown
|
page execute and write copy
|
||
|
2DC6000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
C71000
|
unkown
|
page execute read
|
||
|
1090000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2F70000
|
trusted library allocation
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
49B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C30000
|
heap
|
page read and write
|
||
|
3DC0000
|
direct allocation
|
page read and write
|
||
|
303A000
|
unkown
|
page read and write
|
||
|
2DBB000
|
heap
|
page read and write
|
||
|
2DC1000
|
heap
|
page read and write
|
||
|
300000
|
unkown
|
page readonly
|
||
|
4801000
|
heap
|
page read and write
|
||
|
3000000
|
heap
|
page read and write
|
||
|
2E79000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4E31000
|
direct allocation
|
page execute and read and write
|
||
|
3329000
|
direct allocation
|
page execute and read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4C8D000
|
direct allocation
|
page execute and read and write
|
||
|
1170000
|
unkown
|
page readonly
|
||
|
2A13000
|
heap
|
page read and write
|
||
|
7D6A000
|
heap
|
page read and write
|
||
|
310000
|
unkown
|
page readonly
|
||
|
3EE3000
|
direct allocation
|
page read and write
|
||
|
2C00000
|
heap
|
page read and write
|
||
|
2A13000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2A13000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
3EE9000
|
direct allocation
|
page read and write
|
||
|
4B57000
|
heap
|
page read and write
|
||
|
2DC6000
|
heap
|
page read and write
|
||
|
2A13000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
2EA8000
|
unkown
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
97C000
|
stack
|
page read and write
|
||
|
320000
|
unkown
|
page readonly
|
||
|
3EE9000
|
direct allocation
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
22A0000
|
unkown
|
page read and write
|
||
|
7F6C000
|
stack
|
page read and write
|
||
|
4089000
|
direct allocation
|
page read and write
|
||
|
2D71F3C0000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2C05000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
6072000
|
unclassified section
|
page read and write
|
||
|
2E4E000
|
heap
|
page read and write
|
||
|
C85000
|
unkown
|
page read and write
|
||
|
427000
|
unkown
|
page execute and write copy
|
||
|
800000
|
unkown
|
page readonly
|
||
|
2634000
|
heap
|
page read and write
|
||
|
2E2B000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
3B43000
|
heap
|
page read and write
|
||
|
2C19000
|
heap
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
3550000
|
unclassified section
|
page execute and read and write
|
||
|
279C000
|
unkown
|
page read and write
|
||
|
3C44000
|
heap
|
page read and write
|
||
|
300000
|
unkown
|
page readonly
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2E17000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
3F5E000
|
direct allocation
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
A20000
|
unkown
|
page read and write
|
||
|
339E000
|
direct allocation
|
page execute and read and write
|
||
|
342000
|
unkown
|
page execute and read and write
|
||
|
146B000
|
heap
|
page execute and read and write
|
||
|
1425000
|
heap
|
page read and write
|
||
|
87A000
|
stack
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
34A6000
|
heap
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
4151000
|
unclassified section
|
page execute and read and write
|
||
|
5F0000
|
unkown
|
page readonly
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2A13000
|
heap
|
page read and write
|
||
|
293B000
|
stack
|
page read and write
|
||
|
4800000
|
heap
|
page read and write
|
||
|
DFF000
|
stack
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
E4E3FFC000
|
stack
|
page read and write
|
||
|
5706000
|
unclassified section
|
page read and write
|
||
|
2D720FBE000
|
trusted library allocation
|
page read and write
|
||
|
2D24000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
E30000
|
unkown
|
page readonly
|
||
|
34D1000
|
direct allocation
|
page execute and read and write
|
||
|
428000
|
unkown
|
page write copy
|
||
|
4AE6000
|
heap
|
page read and write
|
||
|
C70000
|
unkown
|
page readonly
|
||
|
4801000
|
heap
|
page read and write
|
||
|
2D20000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
2D71F477000
|
heap
|
page read and write
|
||
|
2E21000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
280000
|
unkown
|
page readonly
|
||
|
4801000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
C50000
|
unkown
|
page readonly
|
||
|
2D71F2A0000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
There are 622 hidden memdumps, click here to show them.