Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Roahhi.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\IsClosed.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\IsClosed.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IsClosed.vbs
|
ASCII text, with no line terminators
|
dropped
|
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Roahhi.exe
|
"C:\Users\user\Desktop\Roahhi.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe"
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 5168 -s 1144
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://github.com/mgravell/protobuf-net
|
unknown
|
||
|
https://github.com/mgravell/protobuf-neti
|
unknown
|
||
|
https://stackoverflow.com/q/14436606/23354
|
unknown
|
||
|
https://github.com/mgravell/protobuf-netJ
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://stackoverflow.com/q/11564914/23354;
|
unknown
|
||
|
https://stackoverflow.com/q/2152978/23354
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
42B1000
|
trusted library allocation
|
page read and write
|
|
|
|
5FB0000
|
trusted library section
|
page read and write
|
|
|
|
28B1000
|
trusted library allocation
|
page read and write
|
|
|
|
44B8000
|
trusted library allocation
|
page read and write
|
|
|
|
2DA1000
|
trusted library allocation
|
page read and write
|
||
|
2C5F000
|
trusted library allocation
|
page read and write
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
E3E000
|
stack
|
page read and write
|
||
|
502F000
|
stack
|
page read and write
|
||
|
50D0000
|
heap
|
page read and write
|
||
|
2A6B000
|
trusted library allocation
|
page read and write
|
||
|
29E9000
|
trusted library allocation
|
page read and write
|
||
|
2E58000
|
trusted library allocation
|
page read and write
|
||
|
2BFE000
|
trusted library allocation
|
page read and write
|
||
|
544E000
|
stack
|
page read and write
|
||
|
2BFC000
|
trusted library allocation
|
page read and write
|
||
|
2B5D000
|
trusted library allocation
|
page read and write
|
||
|
57C0000
|
trusted library allocation
|
page read and write
|
||
|
4A0E000
|
stack
|
page read and write
|
||
|
2D2C000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
2D3D000
|
trusted library allocation
|
page read and write
|
||
|
2AAB000
|
trusted library allocation
|
page read and write
|
||
|
2E1E000
|
trusted library allocation
|
page read and write
|
||
|
29F3000
|
trusted library allocation
|
page read and write
|
||
|
BC6000
|
trusted library allocation
|
page execute and read and write
|
||
|
BDB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E6B000
|
trusted library allocation
|
page read and write
|
||
|
4D60000
|
heap
|
page read and write
|
||
|
2BC8000
|
trusted library allocation
|
page read and write
|
||
|
2B89000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
2E6F000
|
trusted library allocation
|
page read and write
|
||
|
2C9B000
|
trusted library allocation
|
page read and write
|
||
|
2A90000
|
trusted library allocation
|
page read and write
|
||
|
BAA000
|
heap
|
page read and write
|
||
|
52E0000
|
trusted library allocation
|
page read and write
|
||
|
2BC2000
|
trusted library allocation
|
page read and write
|
||
|
2B67000
|
trusted library allocation
|
page read and write
|
||
|
2C09000
|
trusted library allocation
|
page read and write
|
||
|
2DA5000
|
trusted library allocation
|
page read and write
|
||
|
6380000
|
trusted library allocation
|
page read and write
|
||
|
2E29000
|
trusted library allocation
|
page read and write
|
||
|
D19000
|
heap
|
page read and write
|
||
|
2B6C000
|
trusted library allocation
|
page read and write
|
||
|
2A1D000
|
trusted library allocation
|
page read and write
|
||
|
2A0C000
|
trusted library allocation
|
page read and write
|
||
|
2EF2000
|
trusted library allocation
|
page read and write
|
||
|
2B7A000
|
trusted library allocation
|
page read and write
|
||
|
2A69000
|
trusted library allocation
|
page read and write
|
||
|
2F6B000
|
trusted library allocation
|
page read and write
|
||
|
2D0B000
|
trusted library allocation
|
page read and write
|
||
|
2EC7000
|
trusted library allocation
|
page read and write
|
||
|
C29000
|
heap
|
page read and write
|
||
|
2B85000
|
trusted library allocation
|
page read and write
|
||
|
D1B000
|
heap
|
page read and write
|
||
|
551E000
|
stack
|
page read and write
|
||
|
2EC3000
|
trusted library allocation
|
page read and write
|
||
|
2900000
|
heap
|
page execute and read and write
|
||
|
5260000
|
trusted library allocation
|
page read and write
|
||
|
2D13000
|
trusted library allocation
|
page read and write
|
||
|
2A21000
|
trusted library allocation
|
page read and write
|
||
|
29DA000
|
trusted library allocation
|
page read and write
|
||
|
2740000
|
trusted library allocation
|
page read and write
|
||
|
2C32000
|
trusted library allocation
|
page read and write
|
||
|
2F69000
|
trusted library allocation
|
page read and write
|
||
|
6078000
|
trusted library allocation
|
page read and write
|
||
|
2CD5000
|
trusted library allocation
|
page read and write
|
||
|
2CB2000
|
trusted library allocation
|
page read and write
|
||
|
2C5D000
|
trusted library allocation
|
page read and write
|
||
|
C47000
|
heap
|
page read and write
|
||
|
BC2000
|
trusted library allocation
|
page read and write
|
||
|
2C84000
|
trusted library allocation
|
page read and write
|
||
|
2CD3000
|
trusted library allocation
|
page read and write
|
||
|
2D6C000
|
trusted library allocation
|
page read and write
|
||
|
265E000
|
stack
|
page read and write
|
||
|
2B42000
|
trusted library allocation
|
page read and write
|
||
|
C2F000
|
heap
|
page read and write
|
||
|
5270000
|
trusted library allocation
|
page read and write
|
||
|
D27000
|
heap
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
2DD5000
|
trusted library allocation
|
page read and write
|
||
|
2CA0000
|
trusted library allocation
|
page read and write
|
||
|
2E22000
|
trusted library allocation
|
page read and write
|
||
|
2A08000
|
trusted library allocation
|
page read and write
|
||
|
B90000
|
trusted library allocation
|
page read and write
|
||
|
2E20000
|
trusted library allocation
|
page read and write
|
||
|
4E5E000
|
stack
|
page read and write
|
||
|
2A27000
|
trusted library allocation
|
page read and write
|
||
|
2C8D000
|
trusted library allocation
|
page read and write
|
||
|
2D91000
|
trusted library allocation
|
page read and write
|
||
|
60A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
DBB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A71000
|
trusted library allocation
|
page read and write
|
||
|
2720000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C6B000
|
trusted library allocation
|
page read and write
|
||
|
271D000
|
stack
|
page read and write
|
||
|
2A94000
|
trusted library allocation
|
page read and write
|
||
|
2D6E000
|
trusted library allocation
|
page read and write
|
||
|
2A4A000
|
trusted library allocation
|
page read and write
|
||
|
2C65000
|
trusted library allocation
|
page read and write
|
||
|
2B8B000
|
trusted library allocation
|
page read and write
|
||
|
2BE3000
|
trusted library allocation
|
page read and write
|
||
|
2D15000
|
trusted library allocation
|
page read and write
|
||
|
2C97000
|
trusted library allocation
|
page read and write
|
||
|
57E2000
|
trusted library allocation
|
page read and write
|
||
|
2B83000
|
trusted library allocation
|
page read and write
|
||
|
2C95000
|
trusted library allocation
|
page read and write
|
||
|
6310000
|
trusted library allocation
|
page read and write
|
||
|
2B4C000
|
trusted library allocation
|
page read and write
|
||
|
2B48000
|
trusted library allocation
|
page read and write
|
||
|
C49000
|
heap
|
page read and write
|
||
|
D84000
|
trusted library allocation
|
page read and write
|
||
|
2E3B000
|
trusted library allocation
|
page read and write
|
||
|
A4E000
|
stack
|
page read and write
|
||
|
2DD7000
|
trusted library allocation
|
page read and write
|
||
|
5700000
|
heap
|
page read and write
|
||
|
2750000
|
heap
|
page execute and read and write
|
||
|
2E54000
|
trusted library allocation
|
page read and write
|
||
|
C87000
|
heap
|
page read and write
|
||
|
2B99000
|
trusted library allocation
|
page read and write
|
||
|
2B02000
|
trusted library allocation
|
page read and write
|
||
|
52F0000
|
trusted library allocation
|
page read and write
|
||
|
BA3000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F9E000
|
stack
|
page read and write
|
||
|
2A54000
|
trusted library allocation
|
page read and write
|
||
|
2AE5000
|
trusted library allocation
|
page read and write
|
||
|
2CA2000
|
trusted library allocation
|
page read and write
|
||
|
57C4000
|
trusted library allocation
|
page read and write
|
||
|
2CFA000
|
trusted library allocation
|
page read and write
|
||
|
2AFC000
|
trusted library allocation
|
page read and write
|
||
|
2CB0000
|
trusted library allocation
|
page read and write
|
||
|
57F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C7A000
|
trusted library allocation
|
page read and write
|
||
|
2AC0000
|
trusted library allocation
|
page read and write
|
||
|
2F12000
|
trusted library allocation
|
page read and write
|
||
|
2A04000
|
trusted library allocation
|
page read and write
|
||
|
2AE7000
|
trusted library allocation
|
page read and write
|
||
|
5672000
|
heap
|
page read and write
|
||
|
2A74000
|
trusted library allocation
|
page read and write
|
||
|
2A1F000
|
trusted library allocation
|
page read and write
|
||
|
2B9B000
|
trusted library allocation
|
page read and write
|
||
|
2C19000
|
trusted library allocation
|
page read and write
|
||
|
2A06000
|
trusted library allocation
|
page read and write
|
||
|
BA2000
|
heap
|
page read and write
|
||
|
2A4C000
|
trusted library allocation
|
page read and write
|
||
|
2F84000
|
trusted library allocation
|
page read and write
|
||
|
2C1B000
|
trusted library allocation
|
page read and write
|
||
|
2CFC000
|
trusted library allocation
|
page read and write
|
||
|
2BC4000
|
trusted library allocation
|
page read and write
|
||
|
2B4A000
|
trusted library allocation
|
page read and write
|
||
|
2D49000
|
trusted library allocation
|
page read and write
|
||
|
2E79000
|
trusted library allocation
|
page read and write
|
||
|
2AC8000
|
trusted library allocation
|
page read and write
|
||
|
2CFE000
|
trusted library allocation
|
page read and write
|
||
|
2D1F000
|
trusted library allocation
|
page read and write
|
||
|
2E93000
|
trusted library allocation
|
page read and write
|
||
|
2B2F000
|
trusted library allocation
|
page read and write
|
||
|
46E000
|
remote allocation
|
page execute and read and write
|
||
|
402000
|
remote allocation
|
page execute and read and write
|
||
|
2D4D000
|
trusted library allocation
|
page read and write
|
||
|
B78000
|
heap
|
page read and write
|
||
|
2EE1000
|
trusted library allocation
|
page read and write
|
||
|
2C91000
|
trusted library allocation
|
page read and write
|
||
|
2D53000
|
trusted library allocation
|
page read and write
|
||
|
2BDF000
|
trusted library allocation
|
page read and write
|
||
|
2CCD000
|
trusted library allocation
|
page read and write
|
||
|
2E45000
|
trusted library allocation
|
page read and write
|
||
|
49AD000
|
stack
|
page read and write
|
||
|
B6F000
|
stack
|
page read and write
|
||
|
2EC5000
|
trusted library allocation
|
page read and write
|
||
|
2E73000
|
trusted library allocation
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
2F55000
|
trusted library allocation
|
page read and write
|
||
|
2C07000
|
trusted library allocation
|
page read and write
|
||
|
2A39000
|
trusted library allocation
|
page read and write
|
||
|
2C7C000
|
trusted library allocation
|
page read and write
|
||
|
BBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
D8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E88000
|
trusted library allocation
|
page read and write
|
||
|
2C80000
|
trusted library allocation
|
page read and write
|
||
|
5620000
|
heap
|
page read and write
|
||
|
2B5F000
|
trusted library allocation
|
page read and write
|
||
|
2A4E000
|
trusted library allocation
|
page read and write
|
||
|
2E26000
|
trusted library allocation
|
page read and write
|
||
|
2D1B000
|
trusted library allocation
|
page read and write
|
||
|
6110000
|
trusted library allocation
|
page execute and read and write
|
||
|
CE7000
|
heap
|
page read and write
|
||
|
2B27000
|
trusted library allocation
|
page read and write
|
||
|
C82000
|
heap
|
page read and write
|
||
|
2CB8000
|
trusted library allocation
|
page read and write
|
||
|
2A50000
|
trusted library allocation
|
page read and write
|
||
|
2F10000
|
trusted library allocation
|
page read and write
|
||
|
6070000
|
trusted library allocation
|
page read and write
|
||
|
2CAE000
|
trusted library allocation
|
page read and write
|
||
|
3BF5000
|
trusted library allocation
|
page read and write
|
||
|
5820000
|
remote allocation
|
page read and write
|
||
|
2AB9000
|
trusted library allocation
|
page read and write
|
||
|
2D68000
|
trusted library allocation
|
page read and write
|
||
|
BC0000
|
trusted library allocation
|
page read and write
|
||
|
2D21000
|
trusted library allocation
|
page read and write
|
||
|
2E77000
|
trusted library allocation
|
page read and write
|
||
|
2A25000
|
trusted library allocation
|
page read and write
|
||
|
2F6F000
|
trusted library allocation
|
page read and write
|
||
|
29EB000
|
trusted library allocation
|
page read and write
|
||
|
27A9000
|
heap
|
page read and write
|
||
|
BB8000
|
heap
|
page read and write
|
||
|
5760000
|
trusted library allocation
|
page read and write
|
||
|
2B46000
|
trusted library allocation
|
page read and write
|
||
|
2B29000
|
trusted library allocation
|
page read and write
|
||
|
2750000
|
heap
|
page read and write
|
||
|
2BC6000
|
trusted library allocation
|
page read and write
|
||
|
2D9F000
|
trusted library allocation
|
page read and write
|
||
|
2ACE000
|
trusted library allocation
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
6350000
|
trusted library allocation
|
page execute and read and write
|
||
|
67A3000
|
trusted library allocation
|
page read and write
|
||
|
2B4F000
|
trusted library allocation
|
page read and write
|
||
|
2F63000
|
trusted library allocation
|
page read and write
|
||
|
2A8E000
|
trusted library allocation
|
page read and write
|
||
|
2A23000
|
trusted library allocation
|
page read and write
|
||
|
57BA000
|
trusted library allocation
|
page read and write
|
||
|
2E6D000
|
trusted library allocation
|
page read and write
|
||
|
2D1D000
|
trusted library allocation
|
page read and write
|
||
|
29EF000
|
trusted library allocation
|
page read and write
|
||
|
2A22000
|
trusted library allocation
|
page read and write
|
||
|
2D19000
|
trusted library allocation
|
page read and write
|
||
|
2E37000
|
trusted library allocation
|
page read and write
|
||
|
2F67000
|
trusted library allocation
|
page read and write
|
||
|
F2E000
|
stack
|
page read and write
|
||
|
2B95000
|
trusted library allocation
|
page read and write
|
||
|
2C1D000
|
trusted library allocation
|
page read and write
|
||
|
2DC0000
|
trusted library allocation
|
page read and write
|
||
|
2D51000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
trusted library allocation
|
page read and write
|
||
|
2F18000
|
trusted library allocation
|
page read and write
|
||
|
64AA000
|
trusted library allocation
|
page read and write
|
||
|
2AE9000
|
trusted library allocation
|
page read and write
|
||
|
6134000
|
trusted library allocation
|
page read and write
|
||
|
2740000
|
trusted library allocation
|
page read and write
|
||
|
2C36000
|
trusted library allocation
|
page read and write
|
||
|
2F80000
|
trusted library allocation
|
page read and write
|
||
|
C43000
|
heap
|
page read and write
|
||
|
2CB4000
|
trusted library allocation
|
page read and write
|
||
|
2AAD000
|
trusted library allocation
|
page read and write
|
||
|
2BF6000
|
trusted library allocation
|
page read and write
|
||
|
2D32000
|
trusted library allocation
|
page read and write
|
||
|
2C61000
|
trusted library allocation
|
page read and write
|
||
|
C30000
|
trusted library allocation
|
page read and write
|
||
|
968000
|
stack
|
page read and write
|
||
|
BD2000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
trusted library allocation
|
page read and write
|
||
|
2E8C000
|
trusted library allocation
|
page read and write
|
||
|
2C15000
|
trusted library allocation
|
page read and write
|
||
|
2A3D000
|
trusted library allocation
|
page read and write
|
||
|
4E9E000
|
stack
|
page read and write
|
||
|
47A3000
|
trusted library allocation
|
page read and write
|
||
|
52C6000
|
trusted library allocation
|
page read and write
|
||
|
2F42000
|
trusted library allocation
|
page read and write
|
||
|
2B57000
|
trusted library allocation
|
page read and write
|
||
|
BA4000
|
trusted library allocation
|
page read and write
|
||
|
2B5B000
|
trusted library allocation
|
page read and write
|
||
|
2BCC000
|
trusted library allocation
|
page read and write
|
||
|
2DD9000
|
trusted library allocation
|
page read and write
|
||
|
4888000
|
trusted library allocation
|
page read and write
|
||
|
2B31000
|
trusted library allocation
|
page read and write
|
||
|
3911000
|
trusted library allocation
|
page read and write
|
||
|
2D4F000
|
trusted library allocation
|
page read and write
|
||
|
2DC4000
|
trusted library allocation
|
page read and write
|
||
|
2E97000
|
trusted library allocation
|
page read and write
|
||
|
2C13000
|
trusted library allocation
|
page read and write
|
||
|
2E0B000
|
trusted library allocation
|
page read and write
|
||
|
2ADF000
|
trusted library allocation
|
page read and write
|
||
|
2F6D000
|
trusted library allocation
|
page read and write
|
||
|
55B000
|
stack
|
page read and write
|
||
|
2C82000
|
trusted library allocation
|
page read and write
|
||
|
6280000
|
trusted library allocation
|
page execute and read and write
|
||
|
BA0000
|
trusted library allocation
|
page read and write
|
||
|
2F8B000
|
trusted library allocation
|
page read and write
|
||
|
2B76000
|
trusted library allocation
|
page read and write
|
||
|
2DFC000
|
trusted library allocation
|
page read and write
|
||
|
2EEF000
|
trusted library allocation
|
page read and write
|
||
|
57A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C75000
|
heap
|
page read and write
|
||
|
2DF2000
|
trusted library allocation
|
page read and write
|
||
|
568E000
|
stack
|
page read and write
|
||
|
BAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CB6000
|
trusted library allocation
|
page read and write
|
||
|
2BE9000
|
trusted library allocation
|
page read and write
|
||
|
2C02000
|
trusted library allocation
|
page read and write
|
||
|
2B2D000
|
trusted library allocation
|
page read and write
|
||
|
2C78000
|
trusted library allocation
|
page read and write
|
||
|
2DF4000
|
trusted library allocation
|
page read and write
|
||
|
2C67000
|
trusted library allocation
|
page read and write
|
||
|
2F4E000
|
trusted library allocation
|
page read and write
|
||
|
2B80000
|
trusted library allocation
|
page read and write
|
||
|
2DA9000
|
trusted library allocation
|
page read and write
|
||
|
DAA000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A96000
|
trusted library allocation
|
page read and write
|
||
|
2DC6000
|
trusted library allocation
|
page read and write
|
||
|
2E63000
|
trusted library allocation
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
2E31000
|
trusted library allocation
|
page read and write
|
||
|
2B00000
|
trusted library allocation
|
page read and write
|
||
|
27A0000
|
heap
|
page read and write
|
||
|
2E5E000
|
trusted library allocation
|
page read and write
|
||
|
4F20000
|
heap
|
page execute and read and write
|
||
|
2D93000
|
trusted library allocation
|
page read and write
|
||
|
2C30000
|
trusted library allocation
|
page read and write
|
||
|
2D55000
|
trusted library allocation
|
page read and write
|
||
|
2F4A000
|
trusted library allocation
|
page read and write
|
||
|
2C38000
|
trusted library allocation
|
page read and write
|
||
|
2D3F000
|
trusted library allocation
|
page read and write
|
||
|
575E000
|
stack
|
page read and write
|
||
|
5294000
|
trusted library allocation
|
page read and write
|
||
|
5EE0000
|
trusted library section
|
page read and write
|
||
|
5810000
|
trusted library allocation
|
page read and write
|
||
|
2AFA000
|
trusted library allocation
|
page read and write
|
||
|
2CF8000
|
trusted library allocation
|
page read and write
|
||
|
2F33000
|
trusted library allocation
|
page read and write
|
||
|
2A58000
|
trusted library allocation
|
page read and write
|
||
|
332000
|
unkown
|
page readonly
|
||
|
273C000
|
stack
|
page read and write
|
||
|
2E5C000
|
trusted library allocation
|
page read and write
|
||
|
BD7000
|
trusted library allocation
|
page execute and read and write
|
||
|
5290000
|
trusted library allocation
|
page read and write
|
||
|
2E41000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
trusted library allocation
|
page read and write
|
||
|
2F86000
|
trusted library allocation
|
page read and write
|
||
|
DB7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D6A000
|
trusted library allocation
|
page read and write
|
||
|
2B7C000
|
trusted library allocation
|
page read and write
|
||
|
2DDF000
|
trusted library allocation
|
page read and write
|
||
|
2D04000
|
trusted library allocation
|
page read and write
|
||
|
2DFA000
|
trusted library allocation
|
page read and write
|
||
|
29F5000
|
trusted library allocation
|
page read and write
|
||
|
A0E000
|
stack
|
page read and write
|
||
|
2A5A000
|
trusted library allocation
|
page read and write
|
||
|
52D0000
|
trusted library allocation
|
page read and write
|
||
|
2A9C000
|
trusted library allocation
|
page read and write
|
||
|
2E71000
|
trusted library allocation
|
page read and write
|
||
|
2F14000
|
trusted library allocation
|
page read and write
|
||
|
2CBB000
|
trusted library allocation
|
page read and write
|
||
|
2DA7000
|
trusted library allocation
|
page read and write
|
||
|
2E90000
|
trusted library allocation
|
page read and write
|
||
|
BF0000
|
trusted library allocation
|
page read and write
|
||
|
C5F000
|
heap
|
page read and write
|
||
|
CD3000
|
heap
|
page read and write
|
||
|
2B65000
|
trusted library allocation
|
page read and write
|
||
|
5800000
|
trusted library allocation
|
page read and write
|
||
|
2F1E000
|
trusted library allocation
|
page read and write
|
||
|
57B0000
|
trusted library allocation
|
page read and write
|
||
|
2ED9000
|
trusted library allocation
|
page read and write
|
||
|
2D06000
|
trusted library allocation
|
page read and write
|
||
|
2AB3000
|
trusted library allocation
|
page read and write
|
||
|
5030000
|
trusted library section
|
page read and write
|
||
|
561E000
|
stack
|
page read and write
|
||
|
2CD1000
|
trusted library allocation
|
page read and write
|
||
|
2C3B000
|
trusted library allocation
|
page read and write
|
||
|
2D34000
|
trusted library allocation
|
page read and write
|
||
|
537E000
|
stack
|
page read and write
|
||
|
2E3D000
|
trusted library allocation
|
page read and write
|
||
|
5100000
|
trusted library section
|
page read and write
|
||
|
2B44000
|
trusted library allocation
|
page read and write
|
||
|
6080000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C00000
|
trusted library allocation
|
page read and write
|
||
|
AC5000
|
heap
|
page read and write
|
||
|
2F50000
|
trusted library allocation
|
page read and write
|
||
|
2F1A000
|
trusted library allocation
|
page read and write
|
||
|
2DF0000
|
trusted library allocation
|
page read and write
|
||
|
2A92000
|
trusted library allocation
|
page read and write
|
||
|
2A3B000
|
trusted library allocation
|
page read and write
|
||
|
8F7000
|
stack
|
page read and write
|
||
|
2AD1000
|
trusted library allocation
|
page read and write
|
||
|
2CCF000
|
trusted library allocation
|
page read and write
|
||
|
D83000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DAB000
|
trusted library allocation
|
page read and write
|
||
|
2AED000
|
trusted library allocation
|
page read and write
|
||
|
2B2B000
|
trusted library allocation
|
page read and write
|
||
|
4D80000
|
heap
|
page read and write
|
||
|
2BE1000
|
trusted library allocation
|
page read and write
|
||
|
2DF8000
|
trusted library allocation
|
page read and write
|
||
|
2A37000
|
trusted library allocation
|
page read and write
|
||
|
2B61000
|
trusted library allocation
|
page read and write
|
||
|
2C87000
|
trusted library allocation
|
page read and write
|
||
|
62A0000
|
heap
|
page read and write
|
||
|
5EDF000
|
stack
|
page read and write
|
||
|
533E000
|
stack
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
2ACA000
|
trusted library allocation
|
page read and write
|
||
|
B9E000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
2CA4000
|
trusted library allocation
|
page read and write
|
||
|
86C000
|
stack
|
page read and write
|
||
|
A65000
|
heap
|
page read and write
|
||
|
2B97000
|
trusted library allocation
|
page read and write
|
||
|
2E5A000
|
trusted library allocation
|
page read and write
|
||
|
29ED000
|
trusted library allocation
|
page read and write
|
||
|
2CBF000
|
trusted library allocation
|
page read and write
|
||
|
2E0F000
|
trusted library allocation
|
page read and write
|
||
|
38B1000
|
trusted library allocation
|
page read and write
|
||
|
2DAD000
|
trusted library allocation
|
page read and write
|
||
|
2CCB000
|
trusted library allocation
|
page read and write
|
||
|
2911000
|
trusted library allocation
|
page read and write
|
||
|
2EA8000
|
trusted library allocation
|
page read and write
|
||
|
2D3B000
|
trusted library allocation
|
page read and write
|
||
|
2EE5000
|
trusted library allocation
|
page read and write
|
||
|
2DC8000
|
trusted library allocation
|
page read and write
|
||
|
2F35000
|
trusted library allocation
|
page read and write
|
||
|
2F2F000
|
trusted library allocation
|
page read and write
|
||
|
2D17000
|
trusted library allocation
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
2F1C000
|
trusted library allocation
|
page read and write
|
||
|
2D38000
|
trusted library allocation
|
page read and write
|
||
|
6391000
|
trusted library allocation
|
page read and write
|
||
|
2E24000
|
trusted library allocation
|
page read and write
|
||
|
2F37000
|
trusted library allocation
|
page read and write
|
||
|
330000
|
unkown
|
page readonly
|
||
|
2B63000
|
trusted library allocation
|
page read and write
|
||
|
2BEC000
|
trusted library allocation
|
page read and write
|
||
|
52B5000
|
trusted library allocation
|
page read and write
|
||
|
CC9000
|
heap
|
page read and write
|
||
|
2F3B000
|
trusted library allocation
|
page read and write
|
||
|
2E09000
|
trusted library allocation
|
page read and write
|
||
|
2AB5000
|
trusted library allocation
|
page read and write
|
||
|
2A0A000
|
trusted library allocation
|
page read and write
|
||
|
2C9D000
|
trusted library allocation
|
page read and write
|
||
|
57E0000
|
trusted library allocation
|
page read and write
|
||
|
2ED6000
|
trusted library allocation
|
page read and write
|
||
|
2F82000
|
trusted library allocation
|
page read and write
|
||
|
2B6E000
|
trusted library allocation
|
page read and write
|
||
|
2EAD000
|
trusted library allocation
|
page read and write
|
||
|
4FA0000
|
trusted library section
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
2E43000
|
trusted library allocation
|
page read and write
|
||
|
2C20000
|
trusted library allocation
|
page read and write
|
||
|
297A000
|
trusted library allocation
|
page read and write
|
||
|
2730000
|
trusted library allocation
|
page read and write
|
||
|
2B7E000
|
trusted library allocation
|
page read and write
|
||
|
2EE9000
|
trusted library allocation
|
page read and write
|
||
|
2EBD000
|
trusted library allocation
|
page read and write
|
||
|
BEC000
|
heap
|
page read and write
|
||
|
2A9A000
|
trusted library allocation
|
page read and write
|
||
|
2AAF000
|
trusted library allocation
|
page read and write
|
||
|
558E000
|
stack
|
page read and write
|
||
|
C48000
|
heap
|
page read and write
|
||
|
2DA3000
|
trusted library allocation
|
page read and write
|
||
|
2A67000
|
trusted library allocation
|
page read and write
|
||
|
C00000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F65000
|
trusted library allocation
|
page read and write
|
||
|
2ACC000
|
trusted library allocation
|
page read and write
|
||
|
2AFE000
|
trusted library allocation
|
page read and write
|
||
|
2AB1000
|
trusted library allocation
|
page read and write
|
||
|
2EAA000
|
trusted library allocation
|
page read and write
|
||
|
2E13000
|
trusted library allocation
|
page read and write
|
||
|
60B0000
|
trusted library section
|
page read and write
|
||
|
2A6F000
|
trusted library allocation
|
page read and write
|
||
|
2E2D000
|
trusted library allocation
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
2C34000
|
trusted library allocation
|
page read and write
|
||
|
2C63000
|
trusted library allocation
|
page read and write
|
||
|
2BE7000
|
trusted library allocation
|
page read and write
|
||
|
2E52000
|
trusted library allocation
|
page read and write
|
||
|
D70000
|
trusted library allocation
|
page read and write
|
||
|
2F31000
|
trusted library allocation
|
page read and write
|
||
|
2A6D000
|
trusted library allocation
|
page read and write
|
||
|
2A9F000
|
trusted library allocation
|
page read and write
|
||
|
2D47000
|
trusted library allocation
|
page read and write
|
||
|
7390000
|
heap
|
page read and write
|
||
|
2A52000
|
trusted library allocation
|
page read and write
|
||
|
45E2000
|
trusted library allocation
|
page read and write
|
||
|
2E0D000
|
trusted library allocation
|
page read and write
|
||
|
2B06000
|
trusted library allocation
|
page read and write
|
||
|
7F450000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F52000
|
trusted library allocation
|
page read and write
|
||
|
2DC2000
|
trusted library allocation
|
page read and write
|
||
|
2EE7000
|
trusted library allocation
|
page read and write
|
||
|
2B04000
|
trusted library allocation
|
page read and write
|
||
|
2F71000
|
trusted library allocation
|
page read and write
|
||
|
C4E000
|
heap
|
page read and write
|
||
|
2D2E000
|
trusted library allocation
|
page read and write
|
||
|
2758000
|
heap
|
page read and write
|
||
|
FE0000
|
heap
|
page execute and read and write
|
||
|
2AD3000
|
trusted library allocation
|
page read and write
|
||
|
2E65000
|
trusted library allocation
|
page read and write
|
||
|
2D02000
|
trusted library allocation
|
page read and write
|
||
|
2C17000
|
trusted library allocation
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
2BCE000
|
trusted library allocation
|
page read and write
|
||
|
554F000
|
stack
|
page read and write
|
||
|
2A0E000
|
trusted library allocation
|
page read and write
|
||
|
2C99000
|
trusted library allocation
|
page read and write
|
||
|
2DE1000
|
trusted library allocation
|
page read and write
|
||
|
2EEB000
|
trusted library allocation
|
page read and write
|
||
|
2A98000
|
trusted library allocation
|
page read and write
|
||
|
6432000
|
trusted library allocation
|
page read and write
|
||
|
2D36000
|
trusted library allocation
|
page read and write
|
||
|
2F7E000
|
trusted library allocation
|
page read and write
|
||
|
2D66000
|
trusted library allocation
|
page read and write
|
||
|
2AEB000
|
trusted library allocation
|
page read and write
|
||
|
2F16000
|
trusted library allocation
|
page read and write
|
||
|
2CC1000
|
trusted library allocation
|
page read and write
|
||
|
6290000
|
trusted library allocation
|
page read and write
|
||
|
2AE1000
|
trusted library allocation
|
page read and write
|
||
|
2BE5000
|
trusted library allocation
|
page read and write
|
||
|
2BCA000
|
trusted library allocation
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
2DDB000
|
trusted library allocation
|
page read and write
|
||
|
5820000
|
trusted library allocation
|
page execute and read and write
|
||
|
52C0000
|
trusted library allocation
|
page read and write
|
||
|
3A85000
|
trusted library allocation
|
page read and write
|
||
|
2C7E000
|
trusted library allocation
|
page read and write
|
||
|
2A33000
|
trusted library allocation
|
page read and write
|
||
|
28AF000
|
stack
|
page read and write
|
||
|
C10000
|
trusted library allocation
|
page read and write
|
||
|
2BD5000
|
trusted library allocation
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
2C05000
|
trusted library allocation
|
page read and write
|
||
|
6132000
|
trusted library allocation
|
page read and write
|
||
|
2EC1000
|
trusted library allocation
|
page read and write
|
||
|
2AC6000
|
trusted library allocation
|
page read and write
|
||
|
BCA000
|
trusted library allocation
|
page execute and read and write
|
||
|
62C0000
|
trusted library section
|
page read and write
|
||
|
2EA6000
|
trusted library allocation
|
page read and write
|
||
|
2E8E000
|
trusted library allocation
|
page read and write
|
||
|
2AE3000
|
trusted library allocation
|
page read and write
|
||
|
4ECE000
|
stack
|
page read and write
|
||
|
2A65000
|
trusted library allocation
|
page read and write
|
||
|
2EED000
|
trusted library allocation
|
page read and write
|
||
|
C3C000
|
heap
|
page read and write
|
||
|
2B33000
|
trusted library allocation
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
279E000
|
stack
|
page read and write
|
||
|
4F10000
|
heap
|
page read and write
|
||
|
2F4C000
|
trusted library allocation
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
D94000
|
trusted library allocation
|
page read and write
|
||
|
2F88000
|
trusted library allocation
|
page read and write
|
||
|
2B78000
|
trusted library allocation
|
page read and write
|
||
|
2EE3000
|
trusted library allocation
|
page read and write
|
||
|
2D4B000
|
trusted library allocation
|
page read and write
|
||
|
5FA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F21000
|
trusted library allocation
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
2A31000
|
trusted library allocation
|
page read and write
|
||
|
273F000
|
trusted library allocation
|
page read and write
|
||
|
2EBB000
|
trusted library allocation
|
page read and write
|
||
|
2E3F000
|
trusted library allocation
|
page read and write
|
||
|
6330000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E75000
|
trusted library allocation
|
page read and write
|
||
|
2A35000
|
trusted library allocation
|
page read and write
|
||
|
BD5000
|
trusted library allocation
|
page execute and read and write
|
||
|
DA7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B91000
|
trusted library allocation
|
page read and write
|
||
|
2C69000
|
trusted library allocation
|
page read and write
|
||
|
2B9D000
|
trusted library allocation
|
page read and write
|
||
|
29D8000
|
trusted library allocation
|
page read and write
|
||
|
2E39000
|
trusted library allocation
|
page read and write
|
||
|
285E000
|
stack
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
There are 552 hidden memdumps, click here to show them.