Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
P020241901.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\tmpF9C9.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\VKkzqGUhsZwwm.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\P020241901.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\VKkzqGUhsZwwm.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4gbcp5mo.svp.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kukwo04m.elw.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ngjuznog.vlp.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ruetq44x.yc0.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_s1rydocn.w14.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_stcfywtp.z2r.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tijkny5d.u50.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ysdjgrp2.ove.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpBEA.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\VKkzqGUhsZwwm.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\P020241901.exe
|
C:\Users\user\Desktop\P020241901.exe
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\P020241901.exe
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\VKkzqGUhsZwwm.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
C:\Windows\System32\schtasks.exe" /Create /TN "Updates\VKkzqGUhsZwwm" /XML "C:\Users\user\AppData\Local\Temp\tmpF9C9.tmp
|
|
|
|
C:\Users\user\Desktop\P020241901.exe
|
C:\Users\user\Desktop\P020241901.exe
|
|
|
|
C:\Users\user\AppData\Roaming\VKkzqGUhsZwwm.exe
|
C:\Users\user\AppData\Roaming\VKkzqGUhsZwwm.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
C:\Windows\System32\schtasks.exe" /Create /TN "Updates\VKkzqGUhsZwwm" /XML "C:\Users\user\AppData\Local\Temp\tmpBEA.tmp
|
|
|
|
C:\Users\user\AppData\Roaming\VKkzqGUhsZwwm.exe
|
C:\Users\user\AppData\Roaming\VKkzqGUhsZwwm.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://account.dyn.com/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://mail.cup.org.pk
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mail.cup.org.pk
|
203.82.48.116
|
|
|
|
_kerberos._tcp.dc._msdcs.cup.org.pk
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
203.82.48.116
|
mail.cup.org.pk
|
Pakistan
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
375E000
|
trusted library allocation
|
page read and write
|
|
|
|
2A50000
|
trusted library allocation
|
page read and write
|
|
|
|
2A6A000
|
trusted library allocation
|
page read and write
|
|
|
|
2A01000
|
trusted library allocation
|
page read and write
|
|
|
|
2AF1000
|
trusted library allocation
|
page read and write
|
|
|
|
2B3E000
|
trusted library allocation
|
page read and write
|
|
|
|
2B59000
|
trusted library allocation
|
page read and write
|
|
|
|
431000
|
remote allocation
|
page execute and read and write
|
|
|
|
4F10000
|
heap
|
page read and write
|
||
|
96E000
|
stack
|
page read and write
|
||
|
6942000
|
trusted library allocation
|
page read and write
|
||
|
2BB0000
|
heap
|
page read and write
|
||
|
84CF000
|
stack
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
4A10000
|
trusted library allocation
|
page read and write
|
||
|
50C5000
|
heap
|
page read and write
|
||
|
2960000
|
trusted library allocation
|
page read and write
|
||
|
4FD6000
|
trusted library allocation
|
page read and write
|
||
|
4FFD000
|
trusted library allocation
|
page read and write
|
||
|
70E000
|
heap
|
page read and write
|
||
|
5DAF000
|
stack
|
page read and write
|
||
|
606E000
|
stack
|
page read and write
|
||
|
51C3000
|
heap
|
page read and write
|
||
|
602F000
|
stack
|
page read and write
|
||
|
A9E000
|
unkown
|
page read and write
|
||
|
6B80000
|
trusted library allocation
|
page execute and read and write
|
||
|
47E000
|
unkown
|
page read and write
|
||
|
6C90000
|
trusted library section
|
page read and write
|
||
|
576C000
|
trusted library allocation
|
page read and write
|
||
|
5030000
|
trusted library allocation
|
page read and write
|
||
|
4AF8000
|
trusted library allocation
|
page read and write
|
||
|
5766000
|
trusted library allocation
|
page read and write
|
||
|
5CB0000
|
trusted library allocation
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
2932000
|
trusted library allocation
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
B00000
|
trusted library allocation
|
page read and write
|
||
|
B37000
|
heap
|
page read and write
|
||
|
2F50000
|
heap
|
page read and write
|
||
|
4E70000
|
heap
|
page read and write
|
||
|
26CD000
|
trusted library allocation
|
page read and write
|
||
|
4F7000
|
stack
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
D7E000
|
stack
|
page read and write
|
||
|
625000
|
heap
|
page read and write
|
||
|
9E8E000
|
stack
|
page read and write
|
||
|
42E000
|
remote allocation
|
page execute and read and write
|
||
|
28F5000
|
trusted library allocation
|
page execute and read and write
|
||
|
2670000
|
trusted library allocation
|
page read and write
|
||
|
3673000
|
trusted library allocation
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
414000
|
remote allocation
|
page execute and read and write
|
||
|
545E000
|
stack
|
page read and write
|
||
|
4A90000
|
trusted library allocation
|
page execute and read and write
|
||
|
9CE000
|
stack
|
page read and write
|
||
|
1CA000
|
stack
|
page read and write
|
||
|
5B7E000
|
stack
|
page read and write
|
||
|
B40000
|
trusted library allocation
|
page read and write
|
||
|
25CE000
|
trusted library allocation
|
page read and write
|
||
|
6F7000
|
stack
|
page read and write
|
||
|
9E4E000
|
stack
|
page read and write
|
||
|
5080000
|
trusted library allocation
|
page read and write
|
||
|
4AC0000
|
heap
|
page read and write
|
||
|
2910000
|
trusted library allocation
|
page read and write
|
||
|
5F40000
|
trusted library allocation
|
page execute and read and write
|
||
|
B03000
|
trusted library allocation
|
page read and write
|
||
|
3581000
|
trusted library allocation
|
page read and write
|
||
|
26FE000
|
stack
|
page read and write
|
||
|
2450000
|
trusted library allocation
|
page read and write
|
||
|
5090000
|
trusted library section
|
page read and write
|
||
|
4F00000
|
heap
|
page read and write
|
||
|
B8C000
|
heap
|
page read and write
|
||
|
430000
|
remote allocation
|
page execute and read and write
|
||
|
4AED000
|
trusted library allocation
|
page read and write
|
||
|
4A05000
|
trusted library allocation
|
page read and write
|
||
|
3639000
|
trusted library allocation
|
page read and write
|
||
|
2946000
|
trusted library allocation
|
page read and write
|
||
|
5E2E000
|
stack
|
page read and write
|
||
|
3723000
|
trusted library allocation
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
29F0000
|
heap
|
page execute and read and write
|
||
|
2430000
|
heap
|
page read and write
|
||
|
268A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B30000
|
trusted library allocation
|
page read and write
|
||
|
4EC0000
|
heap
|
page read and write
|
||
|
236B000
|
stack
|
page read and write
|
||
|
4FE2000
|
trusted library allocation
|
page read and write
|
||
|
83CE000
|
stack
|
page read and write
|
||
|
293A000
|
trusted library allocation
|
page read and write
|
||
|
5CB6000
|
trusted library allocation
|
page read and write
|
||
|
4AA0000
|
trusted library allocation
|
page read and write
|
||
|
5D0E000
|
stack
|
page read and write
|
||
|
ADF000
|
unkown
|
page read and write
|
||
|
5020000
|
trusted library allocation
|
page read and write
|
||
|
A7A000
|
heap
|
page read and write
|
||
|
5F36000
|
trusted library allocation
|
page read and write
|
||
|
4FD4000
|
trusted library allocation
|
page read and write
|
||
|
4B10000
|
trusted library allocation
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
68C0000
|
trusted library allocation
|
page read and write
|
||
|
E79000
|
heap
|
page read and write
|
||
|
4EBE000
|
stack
|
page read and write
|
||
|
B8E000
|
stack
|
page read and write
|
||
|
528C000
|
stack
|
page read and write
|
||
|
3883000
|
trusted library allocation
|
page read and write
|
||
|
42B000
|
remote allocation
|
page execute and read and write
|
||
|
4FE5000
|
trusted library allocation
|
page read and write
|
||
|
4A30000
|
trusted library allocation
|
page read and write
|
||
|
5D10000
|
trusted library allocation
|
page execute and read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
5F30000
|
trusted library allocation
|
page read and write
|
||
|
50A0000
|
trusted library section
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
5002000
|
trusted library allocation
|
page read and write
|
||
|
28C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
5040000
|
heap
|
page read and write
|
||
|
28FB000
|
trusted library allocation
|
page execute and read and write
|
||
|
6C0000
|
trusted library allocation
|
page read and write
|
||
|
28EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
6130000
|
heap
|
page read and write
|
||
|
3625000
|
trusted library allocation
|
page read and write
|
||
|
EE4000
|
heap
|
page read and write
|
||
|
A11000
|
heap
|
page read and write
|
||
|
741000
|
heap
|
page read and write
|
||
|
2581000
|
trusted library allocation
|
page read and write
|
||
|
CC5000
|
heap
|
page read and write
|
||
|
850E000
|
stack
|
page read and write
|
||
|
4AB0000
|
trusted library allocation
|
page read and write
|
||
|
A53000
|
heap
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
2370000
|
trusted library allocation
|
page read and write
|
||
|
49E1000
|
trusted library allocation
|
page read and write
|
||
|
5DF7000
|
trusted library allocation
|
page read and write
|
||
|
3911000
|
trusted library allocation
|
page read and write
|
||
|
E37000
|
heap
|
page read and write
|
||
|
6E0000
|
trusted library allocation
|
page read and write
|
||
|
8DA000
|
stack
|
page read and write
|
||
|
5760000
|
trusted library allocation
|
page read and write
|
||
|
266D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2820000
|
trusted library allocation
|
page read and write
|
||
|
3BA000
|
stack
|
page read and write
|
||
|
B1F000
|
heap
|
page read and write
|
||
|
3848000
|
trusted library allocation
|
page read and write
|
||
|
2800000
|
trusted library allocation
|
page execute and read and write
|
||
|
2952000
|
trusted library allocation
|
page read and write
|
||
|
2607000
|
trusted library allocation
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
6ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
2A9C000
|
stack
|
page read and write
|
||
|
5014000
|
trusted library allocation
|
page read and write
|
||
|
61B2000
|
heap
|
page read and write
|
||
|
49ED000
|
trusted library allocation
|
page read and write
|
||
|
2970000
|
trusted library allocation
|
page read and write
|
||
|
4C53000
|
heap
|
page read and write
|
||
|
403000
|
remote allocation
|
page execute and read and write
|
||
|
413000
|
remote allocation
|
page execute and read and write
|
||
|
4ADE000
|
trusted library allocation
|
page read and write
|
||
|
4B04000
|
trusted library allocation
|
page read and write
|
||
|
EB1000
|
heap
|
page read and write
|
||
|
9F8000
|
heap
|
page read and write
|
||
|
269B000
|
trusted library allocation
|
page execute and read and write
|
||
|
874C000
|
stack
|
page read and write
|
||
|
24AE000
|
stack
|
page read and write
|
||
|
2848000
|
trusted library allocation
|
page read and write
|
||
|
2690000
|
trusted library allocation
|
page read and write
|
||
|
61D2000
|
heap
|
page read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
4F20000
|
heap
|
page read and write
|
||
|
6F5E000
|
stack
|
page read and write
|
||
|
AE0000
|
trusted library allocation
|
page read and write
|
||
|
6077000
|
trusted library allocation
|
page read and write
|
||
|
B2B000
|
trusted library allocation
|
page execute and read and write
|
||
|
262F000
|
stack
|
page read and write
|
||
|
4EB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
73F000
|
heap
|
page read and write
|
||
|
E08000
|
heap
|
page read and write
|
||
|
6DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1100000
|
trusted library allocation
|
page read and write
|
||
|
E39000
|
heap
|
page read and write
|
||
|
28F2000
|
trusted library allocation
|
page read and write
|
||
|
AF3000
|
trusted library allocation
|
page execute and read and write
|
||
|
B22000
|
trusted library allocation
|
page read and write
|
||
|
864C000
|
stack
|
page read and write
|
||
|
BA3000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
4AF0000
|
heap
|
page read and write
|
||
|
5739000
|
trusted library allocation
|
page read and write
|
||
|
416000
|
remote allocation
|
page execute and read and write
|
||
|
4AF2000
|
trusted library allocation
|
page read and write
|
||
|
51D0000
|
trusted library allocation
|
page read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
60E000
|
stack
|
page read and write
|
||
|
6197000
|
heap
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
6CE000
|
unkown
|
page read and write
|
||
|
5CA0000
|
trusted library allocation
|
page read and write
|
||
|
9A5000
|
heap
|
page read and write
|
||
|
860E000
|
stack
|
page read and write
|
||
|
23F0000
|
trusted library allocation
|
page read and write
|
||
|
976E000
|
stack
|
page read and write
|
||
|
2663000
|
trusted library allocation
|
page execute and read and write
|
||
|
2810000
|
trusted library allocation
|
page read and write
|
||
|
5DEE000
|
stack
|
page read and write
|
||
|
28F0000
|
trusted library allocation
|
page read and write
|
||
|
E2A000
|
heap
|
page read and write
|
||
|
4E7E000
|
stack
|
page read and write
|
||
|
69D0000
|
trusted library allocation
|
page read and write
|
||
|
5762000
|
trusted library allocation
|
page read and write
|
||
|
4AE0000
|
trusted library section
|
page readonly
|
||
|
49C0000
|
trusted library allocation
|
page read and write
|
||
|
3A6A000
|
trusted library allocation
|
page read and write
|
||
|
AEE000
|
stack
|
page read and write
|
||
|
4F10000
|
heap
|
page read and write
|
||
|
66E000
|
stack
|
page read and write
|
||
|
6ED0000
|
trusted library allocation
|
page execute and read and write
|
||
|
391B000
|
trusted library allocation
|
page read and write
|
||
|
4FDB000
|
trusted library allocation
|
page read and write
|
||
|
2B46000
|
trusted library allocation
|
page read and write
|
||
|
5FAE000
|
stack
|
page read and write
|
||
|
615A000
|
heap
|
page read and write
|
||
|
8890000
|
trusted library allocation
|
page read and write
|
||
|
AF0000
|
trusted library allocation
|
page read and write
|
||
|
30000
|
unkown
|
page readonly
|
||
|
28C4000
|
trusted library allocation
|
page read and write
|
||
|
18D000
|
stack
|
page read and write
|
||
|
5150000
|
heap
|
page execute and read and write
|
||
|
159000
|
stack
|
page read and write
|
||
|
50E0000
|
heap
|
page read and write
|
||
|
2926000
|
trusted library allocation
|
page read and write
|
||
|
3A91000
|
trusted library allocation
|
page read and write
|
||
|
7268000
|
heap
|
page read and write
|
||
|
25F0000
|
trusted library allocation
|
page read and write
|
||
|
4F13000
|
heap
|
page read and write
|
||
|
4A70000
|
heap
|
page read and write
|
||
|
2920000
|
trusted library allocation
|
page read and write
|
||
|
2470000
|
heap
|
page read and write
|
||
|
50C0000
|
heap
|
page read and write
|
||
|
6170000
|
heap
|
page read and write
|
||
|
5029000
|
trusted library allocation
|
page read and write
|
||
|
888E000
|
stack
|
page read and write
|
||
|
27FE000
|
stack
|
page read and write
|
||
|
2AD0000
|
trusted library allocation
|
page read and write
|
||
|
294D000
|
trusted library allocation
|
page read and write
|
||
|
4EEE000
|
stack
|
page read and write
|
||
|
2A72000
|
trusted library allocation
|
page read and write
|
||
|
293E000
|
trusted library allocation
|
page read and write
|
||
|
992E000
|
stack
|
page read and write
|
||
|
267D000
|
trusted library allocation
|
page execute and read and write
|
||
|
835000
|
heap
|
page read and write
|
||
|
3B59000
|
trusted library allocation
|
page read and write
|
||
|
49E6000
|
trusted library allocation
|
page read and write
|
||
|
6FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FF1000
|
trusted library allocation
|
page read and write
|
||
|
507E000
|
stack
|
page read and write
|
||
|
4BB2000
|
trusted library allocation
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
4B00000
|
trusted library allocation
|
page read and write
|
||
|
6940000
|
trusted library allocation
|
page read and write
|
||
|
261D000
|
trusted library allocation
|
page read and write
|
||
|
4FCE000
|
stack
|
page read and write
|
||
|
4AE6000
|
trusted library allocation
|
page read and write
|
||
|
B8E000
|
stack
|
page read and write
|
||
|
4EF0000
|
trusted library allocation
|
page read and write
|
||
|
291C000
|
stack
|
page read and write
|
||
|
4CCB000
|
stack
|
page read and write
|
||
|
B16000
|
trusted library allocation
|
page execute and read and write
|
||
|
417000
|
remote allocation
|
page execute and read and write
|
||
|
5016000
|
trusted library allocation
|
page read and write
|
||
|
2A58000
|
trusted library allocation
|
page read and write
|
||
|
292E000
|
trusted library allocation
|
page read and write
|
||
|
85A000
|
stack
|
page read and write
|
||
|
6EC0000
|
heap
|
page read and write
|
||
|
2B3C000
|
trusted library allocation
|
page read and write
|
||
|
2A5E000
|
stack
|
page read and write
|
||
|
7B2000
|
heap
|
page read and write
|
||
|
4D00000
|
heap
|
page execute and read and write
|
||
|
AFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
38E9000
|
trusted library allocation
|
page read and write
|
||
|
2510000
|
trusted library allocation
|
page execute and read and write
|
||
|
51C0000
|
heap
|
page read and write
|
||
|
A1CE000
|
stack
|
page read and write
|
||
|
295E000
|
stack
|
page read and write
|
||
|
6D8E000
|
stack
|
page read and write
|
||
|
2830000
|
heap
|
page read and write
|
||
|
42D000
|
remote allocation
|
page execute and read and write
|
||
|
402000
|
remote allocation
|
page execute and read and write
|
||
|
6C40000
|
trusted library allocation
|
page read and write
|
||
|
4BC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2680000
|
trusted library allocation
|
page read and write
|
||
|
6D10000
|
trusted library allocation
|
page read and write
|
||
|
902000
|
trusted library allocation
|
page read and write
|
||
|
878E000
|
stack
|
page read and write
|
||
|
540C000
|
stack
|
page read and write
|
||
|
BFE000
|
heap
|
page read and write
|
||
|
4F20000
|
heap
|
page read and write
|
||
|
65A0000
|
heap
|
page read and write
|
||
|
4F40000
|
heap
|
page read and write
|
||
|
A6D000
|
heap
|
page read and write
|
||
|
4CE0000
|
heap
|
page read and write
|
||
|
4B20000
|
trusted library allocation
|
page read and write
|
||
|
6D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2631000
|
trusted library allocation
|
page read and write
|
||
|
4F05000
|
heap
|
page read and write
|
||
|
569E000
|
stack
|
page read and write
|
||
|
49F2000
|
trusted library allocation
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
35D7000
|
trusted library allocation
|
page read and write
|
||
|
548E000
|
stack
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
9D9000
|
stack
|
page read and write
|
||
|
690E000
|
stack
|
page read and write
|
||
|
B0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
9D8000
|
heap
|
page read and write
|
||
|
4FD0000
|
trusted library allocation
|
page read and write
|
||
|
4FEE000
|
trusted library allocation
|
page read and write
|
||
|
AF4000
|
trusted library allocation
|
page read and write
|
||
|
5CC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BD0000
|
trusted library allocation
|
page read and write
|
||
|
250E000
|
stack
|
page read and write
|
||
|
2679000
|
trusted library allocation
|
page read and write
|
||
|
4C50000
|
heap
|
page read and write
|
||
|
49DE000
|
trusted library allocation
|
page read and write
|
||
|
466C000
|
stack
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
2964000
|
trusted library allocation
|
page read and write
|
||
|
63E0000
|
heap
|
page read and write
|
||
|
6080000
|
trusted library allocation
|
page read and write
|
||
|
467C000
|
stack
|
page read and write
|
||
|
6AE000
|
stack
|
page read and write
|
||
|
9DE000
|
heap
|
page read and write
|
||
|
6630000
|
trusted library allocation
|
page read and write
|
||
|
4AE1000
|
trusted library allocation
|
page read and write
|
||
|
2B60000
|
trusted library allocation
|
page read and write
|
||
|
4E80000
|
heap
|
page read and write
|
||
|
3631000
|
trusted library allocation
|
page read and write
|
||
|
9D4E000
|
stack
|
page read and write
|
||
|
559E000
|
stack
|
page read and write
|
||
|
632E000
|
stack
|
page read and write
|
||
|
970000
|
trusted library allocation
|
page execute and read and write
|
||
|
6862000
|
trusted library allocation
|
page read and write
|
||
|
B2A000
|
heap
|
page read and write
|
||
|
CCE000
|
stack
|
page read and write
|
||
|
4CD0000
|
heap
|
page read and write
|
||
|
28DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3B19000
|
trusted library allocation
|
page read and write
|
||
|
6660000
|
heap
|
page read and write
|
||
|
2A4E000
|
trusted library allocation
|
page read and write
|
||
|
4A82000
|
trusted library allocation
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
2682000
|
trusted library allocation
|
page read and write
|
||
|
29CC000
|
stack
|
page read and write
|
||
|
B9E000
|
heap
|
page read and write
|
||
|
5020000
|
trusted library allocation
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
3A01000
|
trusted library allocation
|
page read and write
|
||
|
A0CC000
|
stack
|
page read and write
|
||
|
61BE000
|
heap
|
page read and write
|
||
|
5082000
|
trusted library allocation
|
page read and write
|
||
|
7240000
|
heap
|
page read and write
|
||
|
6C80000
|
trusted library allocation
|
page read and write
|
||
|
28E2000
|
trusted library allocation
|
page read and write
|
||
|
2660000
|
trusted library allocation
|
page read and write
|
||
|
6C8E000
|
stack
|
page read and write
|
||
|
B1E000
|
stack
|
page read and write
|
||
|
A13000
|
heap
|
page read and write
|
||
|
2664000
|
trusted library allocation
|
page read and write
|
||
|
3999000
|
trusted library allocation
|
page read and write
|
||
|
51A0000
|
heap
|
page read and write
|
||
|
838F000
|
stack
|
page read and write
|
||
|
6D37000
|
trusted library allocation
|
page read and write
|
||
|
2FFB000
|
heap
|
page read and write
|
||
|
6184000
|
heap
|
page read and write
|
||
|
23D0000
|
trusted library allocation
|
page read and write
|
||
|
9E9000
|
stack
|
page read and write
|
||
|
6670000
|
trusted library allocation
|
page execute and read and write
|
||
|
B35000
|
heap
|
page read and write
|
||
|
959000
|
stack
|
page read and write
|
||
|
70E000
|
stack
|
page read and write
|
||
|
418000
|
remote allocation
|
page execute and read and write
|
||
|
63B0000
|
trusted library allocation
|
page read and write
|
||
|
B10000
|
trusted library allocation
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
74F000
|
stack
|
page read and write
|
||
|
6EBF000
|
stack
|
page read and write
|
||
|
98E000
|
stack
|
page read and write
|
||
|
26B7000
|
trusted library allocation
|
page read and write
|
||
|
2692000
|
trusted library allocation
|
page read and write
|
||
|
9AD000
|
stack
|
page read and write
|
||
|
6ED8000
|
heap
|
page read and write
|
||
|
4EFE000
|
stack
|
page read and write
|
||
|
6070000
|
trusted library allocation
|
page read and write
|
||
|
69F6000
|
trusted library allocation
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
815F000
|
stack
|
page read and write
|
||
|
28CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
9FCB000
|
stack
|
page read and write
|
||
|
2AE0000
|
heap
|
page read and write
|
||
|
2520000
|
heap
|
page read and write
|
||
|
78F000
|
heap
|
page read and write
|
||
|
38BD000
|
trusted library allocation
|
page read and write
|
||
|
70A000
|
heap
|
page read and write
|
||
|
50D0000
|
heap
|
page read and write
|
||
|
708F000
|
stack
|
page read and write
|
||
|
666E000
|
heap
|
page read and write
|
||
|
6184000
|
heap
|
page read and write
|
||
|
723F000
|
stack
|
page read and write
|
||
|
BC7000
|
heap
|
page read and write
|
||
|
BA7000
|
heap
|
page read and write
|
||
|
2650000
|
trusted library allocation
|
page read and write
|
||
|
4BA0000
|
heap
|
page read and write
|
||
|
9A30000
|
heap
|
page read and write
|
||
|
5F90000
|
trusted library allocation
|
page execute and read and write
|
||
|
87E000
|
stack
|
page read and write
|
||
|
257F000
|
stack
|
page read and write
|
||
|
476C000
|
stack
|
page read and write
|
||
|
28D0000
|
trusted library allocation
|
page read and write
|
||
|
5DF0000
|
trusted library allocation
|
page read and write
|
||
|
90B000
|
trusted library allocation
|
page execute and read and write
|
||
|
42C000
|
remote allocation
|
page execute and read and write
|
||
|
4AFE000
|
stack
|
page read and write
|
||
|
42F000
|
remote allocation
|
page execute and read and write
|
||
|
4ACB000
|
trusted library allocation
|
page read and write
|
||
|
6F1E000
|
stack
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
4B70000
|
heap
|
page execute and read and write
|
||
|
490000
|
heap
|
page read and write
|
||
|
2AB0000
|
heap
|
page execute and read and write
|
||
|
519C000
|
stack
|
page read and write
|
||
|
A55000
|
heap
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
5770000
|
trusted library allocation
|
page read and write
|
||
|
6D4000
|
trusted library allocation
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
B1A000
|
trusted library allocation
|
page execute and read and write
|
||
|
A8E000
|
stack
|
page read and write
|
||
|
727000
|
heap
|
page read and write
|
||
|
5730000
|
trusted library allocation
|
page read and write
|
||
|
4C3B000
|
stack
|
page read and write
|
||
|
4A80000
|
trusted library allocation
|
page read and write
|
||
|
419000
|
remote allocation
|
page execute and read and write
|
||
|
BB0000
|
heap
|
page execute and read and write
|
||
|
380E000
|
trusted library allocation
|
page read and write
|
||
|
4B06000
|
trusted library allocation
|
page read and write
|
||
|
2695000
|
trusted library allocation
|
page execute and read and write
|
||
|
28F7000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BB0000
|
trusted library allocation
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
6F0000
|
trusted library allocation
|
page read and write
|
||
|
6E3000
|
trusted library allocation
|
page read and write
|
||
|
23D3000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
28E6000
|
trusted library allocation
|
page execute and read and write
|
||
|
23CE000
|
stack
|
page read and write
|
||
|
503C000
|
trusted library allocation
|
page read and write
|
||
|
828E000
|
stack
|
page read and write
|
||
|
63F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
292B000
|
trusted library allocation
|
page read and write
|
||
|
49C4000
|
trusted library allocation
|
page read and write
|
||
|
25C9000
|
trusted library allocation
|
page read and write
|
||
|
7EEE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
415000
|
remote allocation
|
page execute and read and write
|
||
|
4AC0000
|
trusted library allocation
|
page read and write
|
||
|
4C40000
|
trusted library section
|
page readonly
|
||
|
538E000
|
stack
|
page read and write
|
||
|
EDB000
|
heap
|
page read and write
|
||
|
1F7000
|
heap
|
page read and write
|
||
|
42A000
|
remote allocation
|
page execute and read and write
|
||
|
4FF6000
|
trusted library allocation
|
page read and write
|
||
|
6880000
|
heap
|
page read and write
|
||
|
26B0000
|
trusted library allocation
|
page read and write
|
||
|
2689000
|
trusted library allocation
|
page read and write
|
||
|
B08000
|
heap
|
page read and write
|
||
|
5F8E000
|
stack
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
4C8D000
|
stack
|
page read and write
|
||
|
2941000
|
trusted library allocation
|
page read and write
|
||
|
B87000
|
heap
|
page read and write
|
||
|
5010000
|
trusted library allocation
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
9D0E000
|
stack
|
page read and write
|
||
|
4FDE000
|
trusted library allocation
|
page read and write
|
||
|
B27000
|
trusted library allocation
|
page execute and read and write
|
||
|
A06000
|
heap
|
page read and write
|
||
|
28C0000
|
trusted library allocation
|
page read and write
|
||
|
2BAF000
|
stack
|
page read and write
|
||
|
6F6000
|
trusted library allocation
|
page execute and read and write
|
||
|
B83000
|
heap
|
page read and write
|
||
|
2686000
|
trusted library allocation
|
page execute and read and write
|
||
|
25DC000
|
trusted library allocation
|
page read and write
|
||
|
6D0000
|
trusted library allocation
|
page read and write
|
||
|
4B50000
|
trusted library allocation
|
page read and write
|
||
|
56DE000
|
stack
|
page read and write
|
||
|
32000
|
unkown
|
page readonly
|
||
|
B20000
|
heap
|
page read and write
|
||
|
3AF1000
|
trusted library allocation
|
page read and write
|
||
|
4AC4000
|
trusted library allocation
|
page read and write
|
||
|
67C0000
|
heap
|
page read and write
|
||
|
2AA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
555F000
|
stack
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
9F8E000
|
stack
|
page read and write
|
||
|
2697000
|
trusted library allocation
|
page execute and read and write
|
||
|
26A0000
|
trusted library allocation
|
page read and write
|
||
|
6660000
|
heap
|
page read and write
|
||
|
2380000
|
heap
|
page execute and read and write
|
||
|
7253000
|
heap
|
page read and write
|
||
|
907000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B25000
|
trusted library allocation
|
page read and write
|
||
|
9C0E000
|
stack
|
page read and write
|
||
|
618C000
|
heap
|
page read and write
|
||
|
5E00000
|
trusted library allocation
|
page read and write
|
||
|
4CA000
|
heap
|
page read and write
|
||
|
49CB000
|
trusted library allocation
|
page read and write
|
||
|
4EA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3589000
|
trusted library allocation
|
page read and write
|
||
|
5040000
|
heap
|
page execute and read and write
|
||
|
3A29000
|
trusted library allocation
|
page read and write
|
||
|
4FEA000
|
trusted library allocation
|
page read and write
|
||
|
28E0000
|
trusted library allocation
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
4A00000
|
trusted library allocation
|
page read and write
|
||
|
3A15000
|
trusted library allocation
|
page read and write
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
4E90000
|
trusted library section
|
page read and write
|
||
|
920000
|
trusted library allocation
|
page read and write
|
||
|
2AC0000
|
trusted library allocation
|
page read and write
|
||
|
4AF3000
|
heap
|
page read and write
|
||
|
429000
|
remote allocation
|
page execute and read and write
|
||
|
9A2F000
|
stack
|
page read and write
|
||
|
4E0E000
|
stack
|
page read and write
|
||
|
7F760000
|
trusted library allocation
|
page execute and read and write
|
There are 528 hidden memdumps, click here to show them.