Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
mail.txt .exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\services.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmp4F4F.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmpF606.tmp
|
Zip archive data, at least v1.0 to extract, compression method=store
|
modified
|
|
|
|
C:\Windows\java.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
|
dropped
|
|
|
|
C:\Windows\services.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mail.txt _8b9367d6704e4841c5403f7df2dcefd440516db1_2c74e5d9_8b910105-d770-4563-ad1e-ad81b521a1fa\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERBAFC.tmp.dmp
|
Mini DuMP crash report, 14 streams, Mon Mar 18 13:37:46 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERBC07.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERBC56.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp4F4F.tmp:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\zincite.log
|
data
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Windows\java.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
modified
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\mail.txt .exe
|
C:\Users\user\Desktop\mail.txt .exe
|
|
|
|
C:\Windows\services.exe
|
C:\Windows\services.exe
|
|
|
|
C:\Windows\java.exe
|
"C:\Windows\java.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\services.exe
|
C:\Users\user\AppData\Local\Temp\services.exe
|
|
|
|
C:\Windows\services.exe
|
"C:\Windows\services.exe"
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 6968 -s 1264
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.altavista.com/web/results?q=%s&kgs=0&kls=0
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=%s
|
unknown
|
||
|
http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=%s
|
unknown
|
||
|
http://search.yahoo.com/search?p=%s&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=
|
unknown
|
||
|
http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=%s&nbq=%dhttp://www.altavista.c
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.13
|
unknown
|
unknown
|
|
|
|
192.168.2.12
|
unknown
|
unknown
|
|
|
|
192.168.2.18
|
unknown
|
unknown
|
|
|
|
192.168.2.9
|
unknown
|
unknown
|
|
|
|
172.16.1.166
|
unknown
|
Reserved
|
||
|
10.0.2.15
|
unknown
|
unknown
|
||
|
172.16.1.4
|
unknown
|
Reserved
|
||
|
172.16.1.2
|
unknown
|
Reserved
|
||
|
172.16.1.170
|
unknown
|
Reserved
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
|
JavaVM
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
|
Services
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
|
Services
|
||
|
\REGISTRY\A\{cc402f45-a5b9-298a-6697-7b8ae2620018}\Root\InventoryApplicationFile\mail.txt |64aab956b97668c7
|
ProgramId
|
||
|
\REGISTRY\A\{cc402f45-a5b9-298a-6697-7b8ae2620018}\Root\InventoryApplicationFile\mail.txt |64aab956b97668c7
|
FileId
|
||
|
\REGISTRY\A\{cc402f45-a5b9-298a-6697-7b8ae2620018}\Root\InventoryApplicationFile\mail.txt |64aab956b97668c7
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{cc402f45-a5b9-298a-6697-7b8ae2620018}\Root\InventoryApplicationFile\mail.txt |64aab956b97668c7
|
LongPathHash
|
||
|
\REGISTRY\A\{cc402f45-a5b9-298a-6697-7b8ae2620018}\Root\InventoryApplicationFile\mail.txt |64aab956b97668c7
|
Name
|
||
|
\REGISTRY\A\{cc402f45-a5b9-298a-6697-7b8ae2620018}\Root\InventoryApplicationFile\mail.txt |64aab956b97668c7
|
OriginalFileName
|
||
|
\REGISTRY\A\{cc402f45-a5b9-298a-6697-7b8ae2620018}\Root\InventoryApplicationFile\mail.txt |64aab956b97668c7
|
Publisher
|
||
|
\REGISTRY\A\{cc402f45-a5b9-298a-6697-7b8ae2620018}\Root\InventoryApplicationFile\mail.txt |64aab956b97668c7
|
Version
|
||
|
\REGISTRY\A\{cc402f45-a5b9-298a-6697-7b8ae2620018}\Root\InventoryApplicationFile\mail.txt |64aab956b97668c7
|
BinFileVersion
|
||
|
\REGISTRY\A\{cc402f45-a5b9-298a-6697-7b8ae2620018}\Root\InventoryApplicationFile\mail.txt |64aab956b97668c7
|
BinaryType
|
||
|
\REGISTRY\A\{cc402f45-a5b9-298a-6697-7b8ae2620018}\Root\InventoryApplicationFile\mail.txt |64aab956b97668c7
|
ProductName
|
||
|
\REGISTRY\A\{cc402f45-a5b9-298a-6697-7b8ae2620018}\Root\InventoryApplicationFile\mail.txt |64aab956b97668c7
|
ProductVersion
|
||
|
\REGISTRY\A\{cc402f45-a5b9-298a-6697-7b8ae2620018}\Root\InventoryApplicationFile\mail.txt |64aab956b97668c7
|
LinkDate
|
||
|
\REGISTRY\A\{cc402f45-a5b9-298a-6697-7b8ae2620018}\Root\InventoryApplicationFile\mail.txt |64aab956b97668c7
|
BinProductVersion
|
||
|
\REGISTRY\A\{cc402f45-a5b9-298a-6697-7b8ae2620018}\Root\InventoryApplicationFile\mail.txt |64aab956b97668c7
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{cc402f45-a5b9-298a-6697-7b8ae2620018}\Root\InventoryApplicationFile\mail.txt |64aab956b97668c7
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{cc402f45-a5b9-298a-6697-7b8ae2620018}\Root\InventoryApplicationFile\mail.txt |64aab956b97668c7
|
Size
|
||
|
\REGISTRY\A\{cc402f45-a5b9-298a-6697-7b8ae2620018}\Root\InventoryApplicationFile\mail.txt |64aab956b97668c7
|
Language
|
||
|
\REGISTRY\A\{cc402f45-a5b9-298a-6697-7b8ae2620018}\Root\InventoryApplicationFile\mail.txt |64aab956b97668c7
|
Usn
|
There are 12 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
501000
|
unkown
|
page execute and read and write
|
|
|
|
501000
|
unkown
|
page execute and read and write
|
|
|
|
846000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page write copy
|
||
|
50F000
|
unkown
|
page write copy
|
||
|
82E000
|
heap
|
page read and write
|
||
|
834000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82F000
|
heap
|
page read and write
|
||
|
843000
|
heap
|
page read and write
|
||
|
901000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
888000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
846000
|
heap
|
page read and write
|
||
|
406000
|
unkown
|
page execute and write copy
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
2A9E000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
89D000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
833000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
500000
|
unkown
|
page readonly
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
50D000
|
unkown
|
page execute and read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
885000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
836000
|
heap
|
page read and write
|
||
|
AFF000
|
stack
|
page read and write
|
||
|
76E000
|
stack
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
500000
|
unkown
|
page readonly
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
839000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
80A000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
833000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
602000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
83E000
|
heap
|
page read and write
|
||
|
82F000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
55D000
|
stack
|
page read and write
|
||
|
7FC000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
846000
|
heap
|
page read and write
|
||
|
510000
|
unkown
|
page execute and write copy
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
2BDE000
|
stack
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82F000
|
heap
|
page read and write
|
||
|
836000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
826000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
27DD000
|
stack
|
page read and write
|
||
|
405000
|
unkown
|
page execute and read and write
|
||
|
19B000
|
stack
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
833000
|
heap
|
page read and write
|
||
|
500000
|
unkown
|
page readonly
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
405000
|
unkown
|
page execute and write copy
|
||
|
50F000
|
unkown
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
6CE000
|
stack
|
page read and write
|
||
|
80A000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
2A5F000
|
stack
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
293E000
|
stack
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
834000
|
heap
|
page read and write
|
||
|
291F000
|
stack
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
849000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
847000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
2C0E000
|
stack
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
26DE000
|
stack
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
5DC000
|
stack
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
901000
|
heap
|
page read and write
|
||
|
82F000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
50F000
|
unkown
|
page write copy
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
510000
|
unkown
|
page execute and read and write
|
||
|
82A000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
22BD000
|
stack
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
510000
|
unkown
|
page execute and read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
2D0F000
|
stack
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
7FD000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
509000
|
unkown
|
page execute and read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
83E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
901000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
829000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
846000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page write copy
|
||
|
82E000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
82E000
|
heap
|
page read and write
|
||
|
405000
|
unkown
|
page execute and read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
87F000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82D000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
842000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
812000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
839000
|
heap
|
page read and write
|
||
|
836000
|
heap
|
page read and write
|
||
|
843000
|
heap
|
page read and write
|
||
|
861000
|
heap
|
page read and write
|
||
|
53E000
|
stack
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
509000
|
unkown
|
page execute and write copy
|
||
|
821000
|
heap
|
page read and write
|
||
|
405000
|
unkown
|
page execute and read and write
|
||
|
853000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
26FF000
|
stack
|
page read and write
|
||
|
82B000
|
heap
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
81E000
|
heap
|
page read and write
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
509000
|
unkown
|
page execute and read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
836000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
827000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page write copy
|
||
|
82E000
|
heap
|
page read and write
|
||
|
8AD000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
833000
|
heap
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
500000
|
unkown
|
page readonly
|
||
|
580000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
836000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
269F000
|
stack
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
7CA000
|
heap
|
page read and write
|
||
|
2B9E000
|
stack
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
832000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
406000
|
unkown
|
page execute and write copy
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82A000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
829000
|
heap
|
page read and write
|
||
|
835000
|
heap
|
page read and write
|
||
|
406000
|
unkown
|
page execute and write copy
|
||
|
836000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
405000
|
unkown
|
page execute and write copy
|
||
|
812000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
53E000
|
stack
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82F000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
602000
|
heap
|
page read and write
|
||
|
833000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
7CE000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
21BF000
|
stack
|
page read and write
|
||
|
82F000
|
heap
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
5DC000
|
stack
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
2CDF000
|
stack
|
page read and write
|
||
|
832000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
70C000
|
stack
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
843000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
837000
|
heap
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
27DF000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
AFF000
|
stack
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
2A3F000
|
stack
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
8AD000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
88A000
|
heap
|
page read and write
|
||
|
602000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
295E000
|
stack
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
AFF000
|
stack
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
873000
|
heap
|
page read and write
|
||
|
509000
|
unkown
|
page execute and write copy
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
836000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
822000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
88D000
|
heap
|
page read and write
|
||
|
50D000
|
unkown
|
page execute and read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
685000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
812000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
65C000
|
stack
|
page read and write
|
||
|
225D000
|
stack
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
50F000
|
unkown
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
53E000
|
stack
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
405000
|
unkown
|
page execute and write copy
|
||
|
82E000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
85E000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
821000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
510000
|
unkown
|
page execute and write copy
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page read and write
|
||
|
79E000
|
stack
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
281E000
|
stack
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
835000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
826000
|
heap
|
page read and write
|
There are 518 hidden memdumps, click here to show them.