IOC Report
SecuriteInfo.com.FileRepMalware.27857.7397.exe

Files

File Path

Type

Category

Malicious

Download

SecuriteInfo.com.FileRepMalware.27857.7397.exe

PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive

initial sample

C:\Program Files (x86)\fluent-bit\Uninstall.exe

PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive

dropped

C:\Program Files (x86)\fluent-bit\bin\fluent-bit.dll

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Program Files (x86)\fluent-bit\bin\fluent-bit.exe

PE32 executable (console) Intel 80386, for MS Windows

dropped

C:\Program Files (x86)\fluent-bit\bin\fluent-bit.pdb

MSVC program database ver 7.00, 4096*18419 bytes

dropped

C:\Program Files (x86)\fluent-bit\bin\luajit.exe

PE32 executable (console) Intel 80386, for MS Windows

dropped

C:\Program Files (x86)\fluent-bit\conf\fluent-bit.conf

Generic INItialization configuration [INPUT]

dropped

C:\Program Files (x86)\fluent-bit\conf\parsers.conf

ASCII text, with very long lines (709), with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\conf\plugins.conf

ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\calyptia_constants.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\config_format\flb_cf.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\config_format\flb_cf_fluentbit.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\config_format\flb_cf_yaml.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_api.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_avro.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_aws_credentials.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_aws_util.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_base64.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_bits.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_bucket_queue.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_byteswap.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_callback.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_cfl_ra_key.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_cfl_record_accessor.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_chunk_trace.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_compat.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_compression.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_conditionals.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_config.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_config_format.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_config_map.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_connection.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_coro.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_crypto.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_crypto_constants.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_csv.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_custom.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_custom_plugin.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_dlfcn_win32.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_downstream.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_downstream_conn.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_dump.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_endian.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_engine.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_engine_dispatch.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_engine_macros.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_env.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_error.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_event.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_event_loop.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_file.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_filter.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_filter_plugin.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_fstore.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_gzip.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_hash.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_hash_table.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_help.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_hmac.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_http_client.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_http_client_debug.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_http_client_http1.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_http_client_http2.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_http_common.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_http_server.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_info.h

C source, ASCII text, with very long lines (568), with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_input.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_input_blob.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_input_chunk.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_input_event.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_input_log.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_input_metric.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_input_plugin.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_input_profiles.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_input_thread.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_input_trace.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_intermediate_metric.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_io.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_jsmn.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_kafka.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_kernel.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_kv.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_langinfo.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_lib.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_lock.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_log.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_log_event.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_log_event_decoder.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_log_event_encoder.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_log_event_encoder_body_macros.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_log_event_encoder_dynamic_field.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_log_event_encoder_metadata_macros.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_log_event_encoder_primitives.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_log_event_encoder_root_macros.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_lua.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_luajit.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_macros.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_mem.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_meta.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_metrics.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_metrics_exporter.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_motd.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_mp.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_mp_chunk.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_msgpack_append_message.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_net_dns.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_network.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_notification.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_oauth2.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_output.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_output_plugin.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_output_thread.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_pack.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_parser.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_parser_decoder.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_pipe.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_plugin.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_plugin_proxy.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_processor.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_processor_plugin.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_pthread.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_ra_key.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_random.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_record_accessor.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_regex.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_reload.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_ring_buffer.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_router.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_routes_mask.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_s3_local_buffer.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_scheduler.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_sds.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_sds_list.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_signv4.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_signv4_ng.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_simd.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_slist.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_snappy.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_socket.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_sosreport.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_sqldb.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_stacktrace.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_storage.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_str.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_stream.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_strptime.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_task.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_task_map.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_thread_pool.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_thread_storage.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_time.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_time_utils.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_typecast.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_unescape.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_unicode.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_upstream.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_upstream_conn.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_upstream_ha.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_upstream_node.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_upstream_queue.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_uri.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_utf8.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_utils.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_version.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_worker.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\flb_zstd.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\simdutf\flb_simdutf_connector.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\tls\flb_tls.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\tls\flb_tls_info.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\fluent-bit\wasm\flb_wasm.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\libco.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\luajit\lauxlib.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\luajit\lua.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\luajit\luaconf.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\luajit\luajit.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\luajit\lualib.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\monkey\mk_core.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\monkey\mk_core\mk_dep_unistd.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\monkey\mk_core\mk_dirent.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\monkey\mk_core\mk_event.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\monkey\mk_core\mk_event_epoll.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\monkey\mk_core\mk_event_kqueue.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\monkey\mk_core\mk_event_libevent.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\monkey\mk_core\mk_event_poll.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\monkey\mk_core\mk_event_select.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\monkey\mk_core\mk_file.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\monkey\mk_core\mk_getopt.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\monkey\mk_core\mk_iov.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\monkey\mk_core\mk_limits.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\monkey\mk_core\mk_list.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\monkey\mk_core\mk_macros.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\monkey\mk_core\mk_memory.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\monkey\mk_core\mk_pipe.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\monkey\mk_core\mk_pthread.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\monkey\mk_core\mk_rconf.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\monkey\mk_core\mk_sleep.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\monkey\mk_core\mk_string.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\monkey\mk_core\mk_thread.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\monkey\mk_core\mk_thread_channel.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\monkey\mk_core\mk_uio.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\monkey\mk_core\mk_unistd.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\monkey\mk_core\mk_utils.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\include\settings.h

C source, ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\fluent-bit\lib\libluajit.lib

current ar archive

dropped

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fluent-bit\Uninstall.lnk

MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Sat Apr 19 03:30:53 2025, mtime=Sat Apr 19 03:30:53 2025, atime=Sat Apr 19 03:30:53 2025, length=112736, window=hide

dropped

C:\Users\user\AppData\Local\Temp\nswB491.tmp\InstallOptions.dll

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Users\user\AppData\Local\Temp\nswB491.tmp\StartMenu.dll

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Users\user\AppData\Local\Temp\nswB491.tmp\System.dll

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Users\user\AppData\Local\Temp\nswB491.tmp\UserInfo.dll

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Users\user\AppData\Local\Temp\nswB491.tmp\ioSpecial.ini

Unicode text, UTF-16, little-endian text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\nswB491.tmp\modern-header.bmp

PC bitmap, Windows 3.x format, 150 x 57 x 8, image size 8666, resolution 2834 x 2834 px/m, cbSize 9744, bits offset 1078

dropped

C:\Users\user\AppData\Local\Temp\nswB491.tmp\modern-wizard.bmp

PC bitmap, Windows 3.x format, 164 x 314 x 4, image size 26376, resolution 2834 x 2834 px/m, cbSize 26494, bits offset 118

dropped

There are 203 hidden files, click here to show them.

Processes

Path

Cmdline

Malicious

C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.27857.7397.exe

"C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.27857.7397.exe"

Details

Is windows:	false
Is dropped:	false
PID:	7660
Target ID:	0
Parent PID:	3964
Name:	SecuriteInfo.com.FileRepMalware.27857.7397.exe
Path:	C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.27857.7397.exe
Commandline:	"C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.27857.7397.exe"
Size:	20958060
MD5:	26851594F76E29AFF0F4FC00F3849635
Time:	00:30:26
Date:	19/04/2025
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x400000
Modulesize:	303104
Wow64:	true

Signature Hits	Behavior Group	Mitre Attack
Uses 32bit PE files	Compliance, System Summary
PE file has an executable .text section and no other executable section	System Summary
Sample reads its own file content	System Summary
Binary contains paths to debug symbols	Compliance, System Summary
Contains modern PE file flags such as dynamic base (ASLR) or NX	Compliance, System Summary
Submission file is bigger than most known malware samples	System Summary

URLs

Name

IP

Malicious

https://monitor.azure.com/.default

unknown

https://la-endpoint-q12a.eastus-1.ingest.monitor.azure.com)dcr_idData

unknown

http://www.apache.org/licenses/LICENSE-2.0

unknown

https://www.lua.org/manual/5.1/manual.html#2.8

unknown

https://www.opensource.org/licenses/mit-license.php

unknown

https://rubular.com/r/B0ID69H9FvN0tp

unknown

http://www.apache.org/licenses/

unknown

https://kubernetes.default.svc

unknown

https://api.nightfall.ai/connection

unknown

https://kubernetes.default.svcKubernetes

unknown

http://rubular.com/r/tjUt3Awgg4

unknown

http://lwn.net/Articles/13183/

unknown

https://tools.ietf.org/html/rfc7515#appendix-A.5)

unknown

https://help.kusto.windows.net/.default

unknown

https://rubular.com/r/0VZmcYcLWMGAp1

unknown

http://s3.amazonaws.com/doc/2006-03-01/

unknown

https://fluentbit.io

unknown

https://log-api.newrelic.com/log/v1

unknown

https://rubular.com/r/17KGEdDClwiuDG

unknown

http://nsis.sf.net/NSIS_ErrorError

unknown

https://monitor.azure.com/.defaulterror

unknown

https://rubular.com/r/IhIbCAIs7ImOkc

unknown

https://github.com/fluent/fluentd/wiki/Forward-Protocol-Specification-v1#eventtime-ext-format

unknown

https://ingest-mycluster.eastus.kusto.windows.net)

unknown

https://git.musl-libc.org/cgit/musl/tree/src/crypt/crypt_sha512.c?h=v1.1.22

unknown

https://docs.fluentbit.io/manual/0

unknown

http://metadata.google.internalmetadata_server

unknown

https://ctraces/scope_span_schema_urla.b.cctracemainFluent

unknown

https://luajit.org/

unknown

https://github.com/fluent/fluentd/wiki/Forward-Protocol-Specification-v0#eventtime-ext-format

unknown

https://help.kusto.windows.net/.defaultbefore

unknown

https://log-api.newrelic.com/log/v1New

unknown

https://ingest-mycluster.eastus.kusto.windows.net)database_nameSet

unknown

https://ctraces/scope_span_schema_urla.b.cctracemainagentyearopen_sourcetemperaturefirstmy_arrayconn

unknown

https://curl.se/docs/manual.html)

unknown

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-options.html

unknown

https://docs.fluentbit.io/manual/administration/buffering-and-storage

unknown

https://la-endpoint-q12a.eastus-1.ingest.monitor.azure.com)

unknown

https://login.microsoftonline.com/%s/oauth2/v2.0/token

unknown

http://metadata.google.internal

unknown

https://github.com/confluentinc/librdkafka/wiki/Using-SASL-with-librdkafka

unknown

https://github.com/aws/aws-sdk-go/tree/master/aws/credentials/endpointcreds

unknown

https://github.com/confluentinc/librdkafka/wiki/Using-SSL-with-librdkafka

unknown

https://rubular.com/r/Q8YY6fHqlqwGI0

unknown

http://169.254.169.254/metadata/identity/oauth2/token?api-version=2021-02-01%s%s&resource=https://ap

unknown

https://api.nightfall.ai/

unknown

https://login.microsoftonline.com/%s/oauth2/v2.0/token%s/dataCollectionRules/%s/streams/Custom-%s?ap

unknown

There are 37 hidden URLs, click here to show them.

Registry

Path

Value

Malicious

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Chronosphere Inc.\fluent-bit

NULL

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\fluent-bit

DisplayName

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\fluent-bit

DisplayVersion

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\fluent-bit

Publisher

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\fluent-bit

UninstallString

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\fluent-bit

NoRepair

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\fluent-bit

NoModify

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\fluent-bit

DisplayIcon

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\fluent-bit

StartMenu

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Chronosphere Inc.\fluent-bit

Start Menu Folder

Memdumps

Base Address

Regiontype

Protect

Malicious

Download

30C0000

trusted library allocation

page read and write

26F9000

heap

page read and write

26FD000

heap

page read and write

26F6000

heap

page read and write

26FA000

heap

page read and write

26F9000

heap

page read and write

30C0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

26F1000

heap

page read and write

33E0000

trusted library allocation

page read and write

460000

heap

page read and write

33E0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

30C0000

trusted library allocation

page read and write

26F7000

heap

page read and write

401000

unkown

page execute read

26FD000

heap

page read and write

26F0000

heap

page read and write

26F3000

heap

page read and write

26F3000

heap

page read and write

30C0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

26FB000

heap

page read and write

510000

heap

page read and write

30C0000

trusted library allocation

page read and write

26FE000

heap

page read and write

5AE000

heap

page read and write

5F2000

heap

page read and write

30C0000

trusted library allocation

page read and write

26F1000

heap

page read and write

5AB000

heap

page read and write

26F6000

heap

page read and write

40A000

unkown

page read and write

5AB000

heap

page read and write

26F2000

heap

page read and write

30C0000

trusted library allocation

page read and write

400000

unkown

page readonly

26F8000

heap

page read and write

26FD000

heap

page read and write

33E0000

trusted library allocation

page read and write

8DF000

stack

page read and write

26FE000

heap

page read and write

5CA000

heap

page read and write

224E000

stack

page read and write

5B4000

heap

page read and write

30C0000

trusted library allocation

page read and write

30C0000

trusted library allocation

page read and write

91A000

heap

page read and write

96000

stack

page read and write

33E0000

trusted library allocation

page read and write

26FD000

heap

page read and write

26FA000

heap

page read and write

26F3000

heap

page read and write

26F3000

heap

page read and write

50EF000

heap

page read and write

30C0000

trusted library allocation

page read and write

26F3000

heap

page read and write

434000

unkown

page read and write

33E0000

trusted library allocation

page read and write

26F2000

heap

page read and write

33E0000

trusted library allocation

page read and write

59F000

heap

page read and write

26F8000

heap

page read and write

4EE000

stack

page read and write

26F5000

heap

page read and write

26F1000

heap

page read and write

30C0000

trusted library allocation

page read and write

5CC000

heap

page read and write

26FD000

heap

page read and write

26F5000

heap

page read and write

30C0000

trusted library allocation

page read and write

26F2000

heap

page read and write

33E0000

trusted library allocation

page read and write

5CF000

heap

page read and write

5E2000

heap

page read and write

33E0000

trusted library allocation

page read and write

30C0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

3030000

heap

page read and write

26F5000

heap

page read and write

5AB000

heap

page read and write

33E0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

26F8000

heap

page read and write

26F4000

heap

page read and write

33E0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

30C0000

trusted library allocation

page read and write

26F0000

heap

page read and write

26FB000

heap

page read and write

33E0000

trusted library allocation

page read and write

26F1000

heap

page read and write

5B4000

heap

page read and write

30C0000

trusted library allocation

page read and write

30C0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

3180000

trusted library allocation

page read and write

30C0000

trusted library allocation

page read and write

26F4000

heap

page read and write

26F2000

heap

page read and write

30C0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

26FB000

heap

page read and write

5F7000

heap

page read and write

30C0000

trusted library allocation

page read and write

910000

heap

page read and write

33E0000

trusted library allocation

page read and write

30C0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

26F1000

heap

page read and write

33E0000

trusted library allocation

page read and write

26FB000

heap

page read and write

26FA000

heap

page read and write

270A000

heap

page read and write

30C0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

26F1000

heap

page read and write

4AE000

stack

page read and write

33E0000

trusted library allocation

page read and write

20FE000

stack

page read and write

408000

unkown

page readonly

30C0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

50EF000

heap

page read and write

26F9000

heap

page read and write

30C0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

30C0000

trusted library allocation

page read and write

50EF000

heap

page read and write

30C0000

trusted library allocation

page read and write

26F7000

heap

page read and write

30C0000

trusted library allocation

page read and write

26F8000

heap

page read and write

5B4000

heap

page read and write

33E0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

26F7000

heap

page read and write

4F0000

heap

page read and write

26F9000

heap

page read and write

26F4000

heap

page read and write

33E0000

trusted library allocation

page read and write

26F7000

heap

page read and write

26FA000

heap

page read and write

33E0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

26FB000

heap

page read and write

2E93000

heap

page read and write

26FB000

heap

page read and write

33E0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

2A02000

heap

page read and write

30C0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

26F4000

heap

page read and write

33E0000

trusted library allocation

page read and write

439000

unkown

page read and write

30C0000

trusted library allocation

page read and write

30C0000

trusted library allocation

page read and write

26F2000

heap

page read and write

26F1000

heap

page read and write

30C0000

trusted library allocation

page read and write

30C0000

trusted library allocation

page read and write

26FE000

heap

page read and write

33E0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

26FE000

heap

page read and write

5AE000

heap

page read and write

26FA000

heap

page read and write

33E0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

30C0000

trusted library allocation

page read and write

26F8000

heap

page read and write

26F3000

heap

page read and write

33E0000

trusted library allocation

page read and write

26FA000

heap

page read and write

5D0000

heap

page read and write

33E0000

trusted library allocation

page read and write

26F8000

heap

page read and write

33E0000

trusted library allocation

page read and write

5AE000

heap

page read and write

26FC000

heap

page read and write

33E0000

trusted library allocation

page read and write

425000

unkown

page read and write

26F9000

heap

page read and write

401000

unkown

page execute read

33E0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

26FC000

heap

page read and write

33E0000

trusted library allocation

page read and write

5AB000

heap

page read and write

30C0000

trusted library allocation

page read and write

518000

heap

page read and write

33E0000

trusted library allocation

page read and write

32E1000

heap

page read and write

3030000

trusted library allocation

page read and write

30C0000

trusted library allocation

page read and write

26F0000

heap

page read and write

30C0000

trusted library allocation

page read and write

26F6000

heap

page read and write

33E0000

trusted library allocation

page read and write

59F000

heap

page read and write

30C0000

trusted library allocation

page read and write

30C0000

trusted library allocation

page read and write

26F2000

heap

page read and write

33E0000

trusted library allocation

page read and write

26FA000

heap

page read and write

442000

unkown

page readonly

26F8000

heap

page read and write

26FC000

heap

page read and write

26F6000

heap

page read and write

26FB000

heap

page read and write

28D2000

heap

page read and write

30C0000

trusted library allocation

page read and write

427000

unkown

page read and write

27B3000

heap

page read and write

30C0000

trusted library allocation

page read and write

30C0000

trusted library allocation

page read and write

5D1000

heap

page read and write

33E0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

59F000

heap

page read and write

50EF000

heap

page read and write

33E0000

trusted library allocation

page read and write

30C0000

trusted library allocation

page read and write

7DF000

stack

page read and write

26FE000

heap

page read and write

32E1000

heap

page read and write

30C0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

26F8000

heap

page read and write

33E0000

trusted library allocation

page read and write

5FA000

heap

page read and write

400000

unkown

page readonly

33E0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

40A000

unkown

page write copy

30C0000

trusted library allocation

page read and write

26F5000

heap

page read and write

26FB000

heap

page read and write

26F4000

heap

page read and write

26F5000

heap

page read and write

3020000

heap

page read and write

30C0000

trusted library allocation

page read and write

30C0000

trusted library allocation

page read and write

30C0000

trusted library allocation

page read and write

26F8000

heap

page read and write

915000

heap

page read and write

408000

unkown

page readonly

26F8000

heap

page read and write

5E4000

heap

page read and write

2294000

heap

page read and write

5AE000

heap

page read and write

30C0000

trusted library allocation

page read and write

26DF000

stack

page read and write

26F9000

heap

page read and write

26FC000

heap

page read and write

1F0000

heap

page read and write

30C0000

trusted library allocation

page read and write

30C0000

trusted library allocation

page read and write

19A000

stack

page read and write

26FE000

heap

page read and write

30C0000

trusted library allocation

page read and write

50EF000

heap

page read and write

26FA000

heap

page read and write

33E0000

trusted library allocation

page read and write

30C0000

trusted library allocation

page read and write

26F7000

heap

page read and write

52D000

heap

page read and write

5B4000

heap

page read and write

30C0000

trusted library allocation

page read and write

30C0000

trusted library allocation

page read and write

30C0000

trusted library allocation

page read and write

30C0000

trusted library allocation

page read and write

30C0000

trusted library allocation

page read and write

3180000

trusted library allocation

page read and write

5B4000

heap

page read and write

30C0000

trusted library allocation

page read and write

26F6000

heap

page read and write

2290000

heap

page read and write

21FF000

stack

page read and write

26FB000

heap

page read and write

26FA000

heap

page read and write

33E0000

trusted library allocation

page read and write

26FA000

heap

page read and write

30C0000

trusted library allocation

page read and write

26F2000

heap

page read and write

26F5000

heap

page read and write

26F1000

heap

page read and write

26F9000

heap

page read and write

30C0000

trusted library allocation

page read and write

26F6000

heap

page read and write

43E000

unkown

page read and write

26FC000

heap

page read and write

48E0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

26F4000

heap

page read and write

442000

unkown

page readonly

26F7000

heap

page read and write

50EF000

heap

page read and write

5AB000

heap

page read and write

30C0000

trusted library allocation

page read and write

2EED000

heap

page read and write

30C0000

trusted library allocation

page read and write

3030000

trusted library allocation

page read and write

5FF000

heap

page read and write

530000

heap

page read and write

3180000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

26F7000

heap

page read and write

30C0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

30C0000

trusted library allocation

page read and write

30C0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

33E0000

trusted library allocation

page read and write

26F9000

heap

page read and write

5F6000

heap

page read and write

30C0000

trusted library allocation

page read and write

5AE000

heap

page read and write

42A000

unkown

page read and write

26FA000

heap

page read and write

26FD000

heap

page read and write

30C0000

trusted library allocation

page read and write

There are 316 hidden memdumps, click here to show them.