Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.Trojan.PWS.Steam.36457.26808.16558.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
|
C:\Program Files (x86)\360\360Safe\{17063755-E69A-41ad-B548-5A4EB6574E6F}.tf
|
data
|
dropped
|
||
|
C:\Program Files (x86)\360\360Safe\{EF88AA5B-3AA1-466c-98B7-FB3A03CDE56D}.tf
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{051B87EE-6ED6-4d2d-987B-51E827DD9B4E}.tmp
|
7-zip archive data, version 0.4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{2CFC86D2-B0FA-4e6e-98B3-DFB8DFD9FFA0}.tmp
|
7-zip archive data, version 0.4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{5B8C0D48-69CE-4729-9E6B-5FBACFFEC52C}.tmp\defaultskin.ui
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{5B8C0D48-69CE-4729-9E6B-5FBACFFEC52C}.tmp\miniui.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with very long lines (549), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{64B7E796-9F86-408b-9BE8-85DF5E630C37}.tmp\360SafeAssist.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{6DB16085-FD3D-42ad-BB1A-F0BFDECF0508}.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{6FD37900-E9BF-45df-85D3-FB776C2A71DA}.tmp
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 967545 bytes, 1 file, at 0x2c +A "7z.dll", number 1, 57 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{79304762-3434-49ff-84E1-FF1F273C851E}.tmp
|
7-zip archive data, version 0.4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{AA962B91-6711-4ed4-BEF7-C8BE525ACBE1}.tmp\360safe.setup
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{AA962B91-6711-4ed4-BEF7-C8BE525ACBE1}.tmp\Plugin.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{AA962B91-6711-4ed4-BEF7-C8BE525ACBE1}.tmp\Register.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{AA962B91-6711-4ed4-BEF7-C8BE525ACBE1}.tmp\UninstallRootDirFileList.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{AA962B91-6711-4ed4-BEF7-C8BE525ACBE1}.tmp\filelist.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{BF53C6A3-C3C2-45ef-89A2-A714F4D6AEF2}.tmp
|
7-zip archive data, version 0.4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{C495A8A5-4524-4e25-94AD-AD309AF51F49}.tmp
|
7-zip archive data, version 0.4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{DBA7F686-6D1C-4a46-82CF-0AD83670E845}.tmp\MiniUI.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{E934DA3F-9812-46cb-9794-5DDE9C05D0D2}.tmp
|
7-zip archive data, version 0.4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{EE053F58-EF8C-43c4-A3D9-1E4B2965E691}.tmp\7z.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{F4D58348-6C21-4a08-8085-0D8F6BAB44B3}.tmp
|
7-zip archive data, version 0.4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{FCFF958A-AC44-4612-807B-C8AA21571E8A}.tmp\360Base.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{FCFF958A-AC44-4612-807B-C8AA21571E8A}.tmp\CrashReport.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{FCFF958A-AC44-4612-807B-C8AA21571E8A}.tmp\DumpUper.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~xm2710.tmp
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\360Safe\360safe.setup.log
|
ASCII text, with CRLF, CR line terminators
|
dropped
|
There are 17 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.Trojan.PWS.Steam.36457.26808.16558.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.PWS.Steam.36457.26808.16558.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://hao.360.com/?installer
|
unknown
|
||
|
http://down.360safe.com/setup.exe
|
unknown
|
||
|
https://hao.360.com/?src=lm&ls=%sStart
|
unknown
|
||
|
http://s.360.cn/safe/install.html?mid=%s&
|
unknown
|
||
|
http://down.360safe.com/setup.exehttp://down.360safe.com/setupbeta.exeG
|
unknown
|
||
|
http://down.360safe.com/setup.exehttp://down.360safe.com/setupbeta.exe
|
unknown
|
||
|
http://inf.safe.360.cn/wsin/thinkhttp://inf.safe.360.cn/sein/thinkx
|
unknown
|
||
|
http://update.360safe.com/instcomp.htm?soft=509&status=%d&mid=%s&ver=%s&usetime=%d&zt=%d
|
unknown
|
||
|
http://www.360.cn4
|
unknown
|
||
|
http://safe.crash.browser.360.cndumpInfoSitecrashInfoSitehomeSiteNCSdomainNameshowtipdlgshowdlguseri
|
unknown
|
||
|
https://hao.360.com
|
unknown
|
||
|
http://www.360.cn/
|
unknown
|
||
|
http://www.360.cn;color=rgb(60
|
unknown
|
||
|
http://down.360safe.com/safesetup_2000.exechs
|
unknown
|
||
|
http://www.360.cn/jijiuxiang/360sd_download.html
|
unknown
|
||
|
http://down.360safe.com/360compkill64.ziphttp://www.360.cn/jijiuxiang/360sd_download.htmlDeleteUrlCa
|
unknown
|
||
|
http://down.360safe.com/360compkill64.zip
|
unknown
|
||
|
https://curl.haxx.se/docs/http-cookies.html
|
unknown
|
||
|
http://www.openssl.org/support/faq.html
|
unknown
|
||
|
https://hao.360.com/?installer/https://hao.360.comhttps://http://https://hao.360.com/%s
|
unknown
|
||
|
http://down.360safe.com/superkiller/superkillerexe_ce61817f687d599de13ee9deb1af83e2_5.1.0.1181.cab
|
unknown
|
||
|
http://s.360.cn/safe/instcomp.htm?soft=923&ver=13.0.0.2199&pid=h_home&hips=0&mid=59cd53708ed730f0ef42bb01f668d936&mid2=d0976767e6a203af75488f9609371383094a7b7d29b3&w=0&b=48&o=6&dver=9.0&installtype=1&status=109&usetime=0&zt=10565
|
171.13.14.66
|
||
|
http://my.360safe.comuseridconfig
|
unknown
|
||
|
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
||
|
http://down.360safe.com/safesetup_2000.exe
|
unknown
|
||
|
http://bbs.360safe.com/thread-4985800-1-1.htmlQ
|
unknown
|
||
|
http://www.360safe.com/
|
unknown
|
||
|
https://bbs.360.cn/thread-16079507-1-1.htmlD
|
unknown
|
||
|
http://s.360.cn/safe/instcomp.htm?soft=923&ver=13.0.0.2199&pid=h_home&hips=0&mid=59cd53708ed730f0ef42bb01f668d936&mid2=d0976767e6a203af75488f9609371383094a7b7d29b3&w=0&b=48&o=6&dver=9.0&status=101&usetime=4013656&zt=2862
|
171.13.14.66
|
||
|
http://update.360safe.com/instcomp.htm?soft=509&status=%d&mid=%s&ver=%s&usetime=%d&zt=%d&instver=%sL
|
unknown
|
||
|
https://dl.360safe.com/instbeta.exe
|
unknown
|
||
|
http://bbs.360safe.com/thread-4985800-1-1.html
|
unknown
|
||
|
http://www.360.cnhttp://www.360safe.com
|
unknown
|
||
|
http://down.360safe.com/superkiller/superkillerexe_880765522ded7527821ce7448af08018_5.1.64.1181.cabh
|
unknown
|
||
|
http://s.360.cn/safe/instcomp.htm?soft=923&ver=%s&pid=%s&hips=%d&mid=%s&mid2=%s&w=%I64d&b=%I64d&o=%d
|
unknown
|
||
|
http://s.360.cn/safe/instcomp.htm?soft=923&ver=13.0.0.2199&pid=h_home&hips=0&mid=59cd53708ed730f0ef42bb01f668d936&mid2=d0976767e6a203af75488f9609371383094a7b7d29b3&w=0&b=48&o=6&dver=9.0&installtype=1&status=189&usetime=0&zt=23732
|
171.13.14.66
|
||
|
http://s.360.cn/safe/instcomp.htm?soft=923&ver=13.0.0.2199&pid=h_home&hips=0&mid=59cd53708ed730f0ef42bb01f668d936&mid2=d0976767e6a203af75488f9609371383094a7b7d29b3&w=0&b=48&o=6&dver=9.0&installtype=1&status=147&usetime=0&zt=23680
|
171.13.14.66
|
||
|
http://down.360safe.com/setup.exehttp://down.360safe.com/setupbeta.exe360
|
unknown
|
||
|
https://dl.360safe.com/instbeta.exedk
|
unknown
|
||
|
http://my.360.cn
|
unknown
|
||
|
http://s.360.cn/safe/instcomp.htm?soft=923&ver=13.0.0.2199&pid=h_home&hips=0&mid=59cd53708ed730f0ef4
|
unknown
|
||
|
http://down.360safe.com/setupbeta.exe
|
unknown
|
||
|
http://sdl.360safe.com/dbghelp_dll.cabpkH-1C
|
unknown
|
||
|
http://www.360safe.com
|
unknown
|
||
|
http://ocsp.thawte.com0
|
unknown
|
||
|
http://my.360safe.com
|
unknown
|
||
|
http://down.360safe.com/setup.exexv
|
unknown
|
||
|
https://bbs.360.cn/thread-15735708-1-1.html;color=rgb(60
|
unknown
|
||
|
http://safe.crash.browser.360.cn
|
unknown
|
||
|
https://hao.360.com/?installerT
|
unknown
|
||
|
http://s.360.cn/safe/instcomp.htm?soft=923&ver=13.0.0.2199&pid=h_home&hips=0&mid=59cd53708ed730f0ef42bb01f668d936&mid2=d0976767e6a203af75488f9609371383094a7b7d29b3&w=0&b=48&o=6&dver=9.0&status=188&usetime=0&zt=3626
|
171.13.14.66
|
||
|
http://www.360.cn/privacy/v3/360anquanweishi.html
|
unknown
|
||
|
http://www.symauth.com/cps0(
|
unknown
|
||
|
http://s.360.cn/safe/instcomp.htm?soft=923&status=%d&mid=%s&ver=%s&usetime=%d&zt=%d&pid=%sehttp://s.
|
unknown
|
||
|
https://hao.360.com/?safe
|
unknown
|
||
|
http://down.360safe.com/setup.exePathSOFTWARE
|
unknown
|
||
|
http://s.360.cn/safe/setupsperr.htm?mid=%s
|
unknown
|
||
|
https://bbs.360.cn/thread-16079507-1-1.html
|
unknown
|
||
|
https://hao.360.com/?src=lm&ls=%s
|
unknown
|
||
|
http://down.360safe.com/setup.exehttp://down.360safe.com/setupbeta.exeGO360
|
unknown
|
||
|
http://www.symauth.com/rpa00
|
unknown
|
||
|
http://inf.safe.360.cn/wsin/think
|
unknown
|
||
|
http://down.360safe.com/superkiller/superkillerexe_880765522ded7527821ce7448af08018_5.1.64.1181.cab
|
unknown
|
||
|
http://www.360.cn/xukexieyi.htmlT
|
unknown
|
||
|
https://hao.360.com/
|
unknown
|
||
|
http://s.360.cn/safe/instcomp.htm?soft=923&ver=13.0.0.2199&pid=h_home&hips=0&mid=59cd53708ed730f0ef42bb01f668d936&mid2=d0976767e6a203af75488f9609371383094a7b7d29b3&w=0&b=48&o=6&dver=9.0&installtype=1&status=136&usetime=0&zt=24803
|
171.13.14.66
|
||
|
http://www.360.cn
|
unknown
|
||
|
http://inf.safe.360.cn/wsin/think?ipartner=0&m2=d0976767e6a203af75488f9609371383094a7b7d29b3&mid=59cd53708ed730f0ef42bb01f668d936&rand=104759×tamp=1711632600&ver=13.0.0.2199&sign=da0c9f29d00aa1f62d1472307f9415f2
|
180.163.237.185
|
||
|
http://inf.safe.360.cn/sein/think
|
unknown
|
There are 59 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
s.360.cn
|
171.13.14.66
|
||
|
inf.safe.360.cn
|
180.163.237.185
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
180.163.237.185
|
inf.safe.360.cn
|
China
|
||
|
171.13.14.66
|
s.360.cn
|
China
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\360Safe\Liveup
|
mid
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\360Safe\Liveup
|
m2
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\360Clear
|
SetupKilled
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager
|
PendingFileRenameOperations
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\360Safe
|
QIBegin
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\360Safe
|
QIBegin
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\360Safe\Liveup
|
mid
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager
|
PendingFileRenameOperations
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager
|
PendingFileRenameOperations
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager
|
PendingFileRenameOperations
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager
|
PendingFileRenameOperations
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager
|
PendingFileRenameOperations
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager
|
PendingFileRenameOperations
|
There are 3 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4D13000
|
heap
|
page read and write
|
||
|
507E000
|
heap
|
page read and write
|
||
|
46D4000
|
heap
|
page read and write
|
||
|
4FEA000
|
heap
|
page read and write
|
||
|
475C000
|
heap
|
page read and write
|
||
|
6CC81000
|
unkown
|
page execute read
|
||
|
4FD0000
|
heap
|
page read and write
|
||
|
5048000
|
heap
|
page read and write
|
||
|
6CD71000
|
unkown
|
page execute read
|
||
|
46D8000
|
heap
|
page read and write
|
||
|
50B5000
|
heap
|
page read and write
|
||
|
6CC64000
|
unkown
|
page read and write
|
||
|
4290000
|
heap
|
page read and write
|
||
|
6CD4B000
|
unkown
|
page readonly
|
||
|
4CF2000
|
heap
|
page read and write
|
||
|
4D52000
|
heap
|
page read and write
|
||
|
4754000
|
heap
|
page read and write
|
||
|
4F70000
|
direct allocation
|
page read and write
|
||
|
4C9F000
|
heap
|
page read and write
|
||
|
1764000
|
heap
|
page read and write
|
||
|
46D7000
|
heap
|
page read and write
|
||
|
4C5B000
|
heap
|
page read and write
|
||
|
4CC3000
|
heap
|
page read and write
|
||
|
36F7000
|
heap
|
page read and write
|
||
|
46C9000
|
heap
|
page read and write
|
||
|
6E42D000
|
unkown
|
page read and write
|
||
|
3FB0000
|
heap
|
page read and write
|
||
|
4C03000
|
heap
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
6CF24000
|
unkown
|
page read and write
|
||
|
4CB3000
|
heap
|
page read and write
|
||
|
43A0000
|
direct allocation
|
page read and write
|
||
|
4C1C000
|
heap
|
page read and write
|
||
|
43A0000
|
heap
|
page read and write
|
||
|
43D4000
|
direct allocation
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
4C1B000
|
heap
|
page read and write
|
||
|
1762000
|
heap
|
page read and write
|
||
|
1762000
|
heap
|
page read and write
|
||
|
4C17000
|
heap
|
page read and write
|
||
|
4FBC000
|
heap
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
36FB000
|
heap
|
page read and write
|
||
|
1760000
|
heap
|
page read and write
|
||
|
475D000
|
heap
|
page read and write
|
||
|
476E000
|
heap
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
4C43000
|
heap
|
page read and write
|
||
|
33E1000
|
heap
|
page read and write
|
||
|
16D0000
|
heap
|
page read and write
|
||
|
4693000
|
heap
|
page read and write
|
||
|
4CE7000
|
heap
|
page read and write
|
||
|
3384000
|
heap
|
page read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
4FDC000
|
heap
|
page read and write
|
||
|
4C32000
|
heap
|
page read and write
|
||
|
46D8000
|
heap
|
page read and write
|
||
|
1744000
|
heap
|
page read and write
|
||
|
476E000
|
heap
|
page read and write
|
||
|
44A1000
|
heap
|
page read and write
|
||
|
4FED000
|
heap
|
page read and write
|
||
|
4798000
|
heap
|
page read and write
|
||
|
33D0000
|
heap
|
page read and write
|
||
|
1687000
|
heap
|
page read and write
|
||
|
439D000
|
stack
|
page read and write
|
||
|
46A0000
|
heap
|
page read and write
|
||
|
54B0000
|
heap
|
page read and write
|
||
|
46D6000
|
heap
|
page read and write
|
||
|
46D7000
|
heap
|
page read and write
|
||
|
4FF5000
|
heap
|
page read and write
|
||
|
4698000
|
heap
|
page read and write
|
||
|
1772000
|
heap
|
page read and write
|
||
|
4C19000
|
heap
|
page read and write
|
||
|
46D6000
|
heap
|
page read and write
|
||
|
4C15000
|
heap
|
page read and write
|
||
|
996000
|
unkown
|
page readonly
|
||
|
5C4C000
|
stack
|
page read and write
|
||
|
476E000
|
heap
|
page read and write
|
||
|
4F30000
|
direct allocation
|
page read and write
|
||
|
4200000
|
direct allocation
|
page execute and read and write
|
||
|
4D13000
|
heap
|
page read and write
|
||
|
3E7B000
|
heap
|
page read and write
|
||
|
4C16000
|
heap
|
page read and write
|
||
|
46D6000
|
heap
|
page read and write
|
||
|
33E0000
|
heap
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
43A0000
|
direct allocation
|
page read and write
|
||
|
4CD4000
|
heap
|
page read and write
|
||
|
33E1000
|
heap
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
33E1000
|
heap
|
page read and write
|
||
|
4C2A000
|
heap
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
33E1000
|
heap
|
page read and write
|
||
|
473D000
|
heap
|
page read and write
|
||
|
4DF8000
|
direct allocation
|
page read and write
|
||
|
475F000
|
heap
|
page read and write
|
||
|
474A000
|
heap
|
page read and write
|
||
|
1780000
|
heap
|
page read and write
|
||
|
45C0000
|
direct allocation
|
page read and write
|
||
|
46A3000
|
heap
|
page read and write
|
||
|
41FB000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
33E1000
|
heap
|
page read and write
|
||
|
46D9000
|
heap
|
page read and write
|
||
|
8C1000
|
unkown
|
page execute read
|
||
|
175E000
|
heap
|
page read and write
|
||
|
1760000
|
heap
|
page read and write
|
||
|
6CC2F000
|
unkown
|
page readonly
|
||
|
4C26000
|
heap
|
page read and write
|
||
|
4E00000
|
direct allocation
|
page read and write
|
||
|
476E000
|
heap
|
page read and write
|
||
|
4693000
|
heap
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
475E000
|
heap
|
page read and write
|
||
|
1774000
|
heap
|
page read and write
|
||
|
33E1000
|
heap
|
page read and write
|
||
|
9D2000
|
unkown
|
page read and write
|
||
|
1687000
|
heap
|
page read and write
|
||
|
1790000
|
heap
|
page read and write
|
||
|
4C1B000
|
heap
|
page read and write
|
||
|
1580000
|
heap
|
page read and write
|
||
|
6CB80000
|
unkown
|
page readonly
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
33E1000
|
heap
|
page read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
3E70000
|
direct allocation
|
page read and write
|
||
|
4C15000
|
heap
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
4CC3000
|
heap
|
page read and write
|
||
|
33E1000
|
heap
|
page read and write
|
||
|
4C32000
|
heap
|
page read and write
|
||
|
46D9000
|
heap
|
page read and write
|
||
|
46D3000
|
heap
|
page read and write
|
||
|
172A000
|
heap
|
page read and write
|
||
|
16DA000
|
heap
|
page read and write
|
||
|
4CF4000
|
heap
|
page read and write
|
||
|
33E1000
|
heap
|
page read and write
|
||
|
44B0000
|
heap
|
page read and write
|
||
|
17B0000
|
heap
|
page read and write
|
||
|
4C1B000
|
heap
|
page read and write
|
||
|
4C58000
|
heap
|
page read and write
|
||
|
4C1B000
|
heap
|
page read and write
|
||
|
3F50000
|
trusted library allocation
|
page read and write
|
||
|
1660000
|
heap
|
page read and write
|
||
|
33D6000
|
heap
|
page read and write
|
||
|
4C67000
|
heap
|
page read and write
|
||
|
503D000
|
heap
|
page read and write
|
||
|
503D000
|
heap
|
page read and write
|
||
|
1686000
|
heap
|
page read and write
|
||
|
9CC000
|
unkown
|
page write copy
|
||
|
3B3C000
|
stack
|
page read and write
|
||
|
478E000
|
heap
|
page read and write
|
||
|
1687000
|
heap
|
page read and write
|
||
|
4776000
|
heap
|
page read and write
|
||
|
46DE000
|
heap
|
page read and write
|
||
|
4D0A000
|
heap
|
page read and write
|
||
|
4698000
|
heap
|
page read and write
|
||
|
46DE000
|
heap
|
page read and write
|
||
|
44B0000
|
heap
|
page read and write
|
||
|
4F8D000
|
direct allocation
|
page read and write
|
||
|
44B0000
|
heap
|
page read and write
|
||
|
43A0000
|
direct allocation
|
page read and write
|
||
|
503D000
|
heap
|
page read and write
|
||
|
4C16000
|
heap
|
page read and write
|
||
|
9CC000
|
unkown
|
page read and write
|
||
|
1687000
|
heap
|
page read and write
|
||
|
4748000
|
heap
|
page read and write
|
||
|
46DE000
|
heap
|
page read and write
|
||
|
59B0000
|
heap
|
page read and write
|
||
|
36F0000
|
heap
|
page read and write
|
||
|
33E1000
|
heap
|
page read and write
|
||
|
479E000
|
heap
|
page read and write
|
||
|
36FB000
|
heap
|
page read and write
|
||
|
4D1C000
|
heap
|
page read and write
|
||
|
5007000
|
heap
|
page read and write
|
||
|
4FC0000
|
heap
|
page read and write
|
||
|
47D9000
|
heap
|
page read and write
|
||
|
48E7000
|
heap
|
page read and write
|
||
|
4C26000
|
heap
|
page read and write
|
||
|
1780000
|
heap
|
page read and write
|
||
|
17A7000
|
heap
|
page read and write
|
||
|
4FB6000
|
heap
|
page read and write
|
||
|
4CF1000
|
heap
|
page read and write
|
||
|
501C000
|
heap
|
page read and write
|
||
|
476E000
|
heap
|
page read and write
|
||
|
1762000
|
heap
|
page read and write
|
||
|
6CD70000
|
unkown
|
page readonly
|
||
|
73B0000
|
trusted library allocation
|
page read and write
|
||
|
4CA2000
|
heap
|
page read and write
|
||
|
4FE7000
|
heap
|
page read and write
|
||
|
9E0000
|
unkown
|
page readonly
|
||
|
33E1000
|
heap
|
page read and write
|
||
|
4C1B000
|
heap
|
page read and write
|
||
|
479B000
|
heap
|
page read and write
|
||
|
44B0000
|
heap
|
page read and write
|
||
|
1687000
|
heap
|
page read and write
|
||
|
4736000
|
heap
|
page read and write
|
||
|
4FF0000
|
heap
|
page read and write
|
||
|
4FFE000
|
heap
|
page read and write
|
||
|
36FE000
|
heap
|
page read and write
|
||
|
46DB000
|
heap
|
page read and write
|
||
|
4C56000
|
heap
|
page read and write
|
||
|
478B000
|
heap
|
page read and write
|
||
|
4D50000
|
heap
|
page read and write
|
||
|
4698000
|
heap
|
page read and write
|
||
|
1780000
|
heap
|
page read and write
|
||
|
4FF2000
|
heap
|
page read and write
|
||
|
4D12000
|
heap
|
page read and write
|
||
|
1772000
|
heap
|
page read and write
|
||
|
46D9000
|
heap
|
page read and write
|
||
|
4CE7000
|
heap
|
page read and write
|
||
|
4C8E000
|
heap
|
page read and write
|
||
|
476F000
|
heap
|
page read and write
|
||
|
4C17000
|
heap
|
page read and write
|
||
|
33E1000
|
heap
|
page read and write
|
||
|
46D4000
|
heap
|
page read and write
|
||
|
1680000
|
heap
|
page read and write
|
||
|
1780000
|
heap
|
page read and write
|
||
|
46DB000
|
heap
|
page read and write
|
||
|
36FB000
|
heap
|
page read and write
|
||
|
1743000
|
heap
|
page read and write
|
||
|
46D7000
|
heap
|
page read and write
|
||
|
4C2B000
|
heap
|
page read and write
|
||
|
4C40000
|
heap
|
page read and write
|
||
|
1790000
|
heap
|
page read and write
|
||
|
4C4F000
|
heap
|
page read and write
|
||
|
1764000
|
heap
|
page read and write
|
||
|
33E1000
|
heap
|
page read and write
|
||
|
4D07000
|
heap
|
page read and write
|
||
|
4CC6000
|
heap
|
page read and write
|
||
|
4C01000
|
heap
|
page read and write
|
||
|
476E000
|
heap
|
page read and write
|
||
|
33E1000
|
heap
|
page read and write
|
||
|
33E1000
|
heap
|
page read and write
|
||
|
44B0000
|
heap
|
page read and write
|
||
|
54C0000
|
heap
|
page read and write
|
||
|
4762000
|
heap
|
page read and write
|
||
|
52B1000
|
heap
|
page read and write
|
||
|
4CCF000
|
heap
|
page read and write
|
||
|
4D1E000
|
heap
|
page read and write
|
||
|
475E000
|
heap
|
page read and write
|
||
|
50B0000
|
heap
|
page read and write
|
||
|
46D7000
|
heap
|
page read and write
|
||
|
1790000
|
heap
|
page read and write
|
||
|
476E000
|
heap
|
page read and write
|
||
|
4750000
|
heap
|
page read and write
|
||
|
1790000
|
heap
|
page read and write
|
||
|
4C69000
|
heap
|
page read and write
|
||
|
36FC000
|
heap
|
page read and write
|
||
|
4CF5000
|
heap
|
page read and write
|
||
|
368E000
|
stack
|
page read and write
|
||
|
4FF5000
|
heap
|
page read and write
|
||
|
1780000
|
heap
|
page read and write
|
||
|
1786000
|
heap
|
page read and write
|
||
|
477E000
|
heap
|
page read and write
|
||
|
4771000
|
heap
|
page read and write
|
||
|
17A7000
|
heap
|
page read and write
|
||
|
33E1000
|
heap
|
page read and write
|
||
|
1687000
|
heap
|
page read and write
|
||
|
46D6000
|
heap
|
page read and write
|
||
|
4C2C000
|
heap
|
page read and write
|
||
|
4C79000
|
heap
|
page read and write
|
||
|
4C26000
|
heap
|
page read and write
|
||
|
476E000
|
heap
|
page read and write
|
||
|
4C1D000
|
heap
|
page read and write
|
||
|
46D6000
|
heap
|
page read and write
|
||
|
1687000
|
heap
|
page read and write
|
||
|
59B2000
|
heap
|
page read and write
|
||
|
4698000
|
heap
|
page read and write
|
||
|
4CF8000
|
heap
|
page read and write
|
||
|
8C0000
|
unkown
|
page readonly
|
||
|
36EC000
|
stack
|
page read and write
|
||
|
4C14000
|
heap
|
page read and write
|
||
|
4CF0000
|
heap
|
page read and write
|
||
|
4DB0000
|
direct allocation
|
page read and write
|
||
|
4C88000
|
heap
|
page read and write
|
||
|
6CEDB000
|
unkown
|
page readonly
|
||
|
4C1E000
|
heap
|
page read and write
|
||
|
1687000
|
heap
|
page read and write
|
||
|
475D000
|
heap
|
page read and write
|
||
|
1776000
|
heap
|
page read and write
|
||
|
1687000
|
heap
|
page read and write
|
||
|
4E00000
|
direct allocation
|
page read and write
|
||
|
4C32000
|
heap
|
page read and write
|
||
|
33E1000
|
heap
|
page read and write
|
||
|
4CF1000
|
heap
|
page read and write
|
||
|
4FD1000
|
heap
|
page read and write
|
||
|
1774000
|
heap
|
page read and write
|
||
|
46D6000
|
heap
|
page read and write
|
||
|
4C14000
|
heap
|
page read and write
|
||
|
4693000
|
heap
|
page read and write
|
||
|
178B000
|
heap
|
page read and write
|
||
|
4C62000
|
heap
|
page read and write
|
||
|
4763000
|
heap
|
page read and write
|
||
|
1687000
|
heap
|
page read and write
|
||
|
33E1000
|
heap
|
page read and write
|
||
|
6E432000
|
unkown
|
page readonly
|
||
|
1687000
|
heap
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
9D4000
|
unkown
|
page write copy
|
||
|
46DC000
|
heap
|
page read and write
|
||
|
3300000
|
heap
|
page read and write
|
||
|
476E000
|
heap
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
335C000
|
stack
|
page read and write
|
||
|
4284000
|
direct allocation
|
page read and write
|
||
|
4FF0000
|
heap
|
page read and write
|
||
|
4FB1000
|
heap
|
page read and write
|
||
|
46D4000
|
heap
|
page read and write
|
||
|
4FBA000
|
heap
|
page read and write
|
||
|
476E000
|
heap
|
page read and write
|
||
|
351E000
|
stack
|
page read and write
|
||
|
46D3000
|
heap
|
page read and write
|
||
|
4D13000
|
heap
|
page read and write
|
||
|
6E410000
|
unkown
|
page readonly
|
||
|
33E1000
|
heap
|
page read and write
|
||
|
50B0000
|
direct allocation
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
4C32000
|
heap
|
page read and write
|
||
|
1790000
|
heap
|
page read and write
|
||
|
4763000
|
heap
|
page read and write
|
||
|
1783000
|
heap
|
page read and write
|
||
|
4D1C000
|
heap
|
page read and write
|
||
|
4D07000
|
heap
|
page read and write
|
||
|
1760000
|
heap
|
page read and write
|
||
|
4FE0000
|
heap
|
page read and write
|
||
|
475F000
|
heap
|
page read and write
|
||
|
1762000
|
heap
|
page read and write
|
||
|
44A0000
|
heap
|
page read and write
|
||
|
4E30000
|
direct allocation
|
page read and write
|
||
|
4C28000
|
heap
|
page read and write
|
||
|
4693000
|
heap
|
page read and write
|
||
|
33CB000
|
stack
|
page read and write
|
||
|
504C000
|
heap
|
page read and write
|
||
|
6E411000
|
unkown
|
page execute read
|
||
|
4693000
|
heap
|
page read and write
|
||
|
173D000
|
heap
|
page read and write
|
||
|
4C19000
|
heap
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
473E000
|
heap
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
1687000
|
heap
|
page read and write
|
||
|
4C55000
|
heap
|
page read and write
|
||
|
36FB000
|
heap
|
page read and write
|
||
|
4766000
|
heap
|
page read and write
|
||
|
52B0000
|
heap
|
page read and write
|
||
|
33E1000
|
heap
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
4D1C000
|
heap
|
page read and write
|
||
|
996000
|
unkown
|
page readonly
|
||
|
4CCD000
|
heap
|
page read and write
|
||
|
4C12000
|
heap
|
page read and write
|
||
|
1436000
|
stack
|
page read and write
|
||
|
16DE000
|
heap
|
page read and write
|
||
|
1687000
|
heap
|
page read and write
|
||
|
36FE000
|
heap
|
page read and write
|
||
|
475F000
|
heap
|
page read and write
|
||
|
33E1000
|
heap
|
page read and write
|
||
|
3C3F000
|
stack
|
page read and write
|
||
|
4CF1000
|
heap
|
page read and write
|
||
|
4250000
|
direct allocation
|
page read and write
|
||
|
4C6C000
|
heap
|
page read and write
|
||
|
9D5000
|
unkown
|
page read and write
|
||
|
46DC000
|
heap
|
page read and write
|
||
|
476E000
|
heap
|
page read and write
|
||
|
36FE000
|
heap
|
page read and write
|
||
|
478B000
|
heap
|
page read and write
|
||
|
474D000
|
heap
|
page read and write
|
||
|
1687000
|
heap
|
page read and write
|
||
|
33E1000
|
heap
|
page read and write
|
||
|
33DE000
|
heap
|
page read and write
|
||
|
4C26000
|
heap
|
page read and write
|
||
|
46D6000
|
heap
|
page read and write
|
||
|
6CC63000
|
unkown
|
page write copy
|
||
|
52D0000
|
heap
|
page read and write
|
||
|
1776000
|
heap
|
page read and write
|
||
|
33E1000
|
heap
|
page read and write
|
||
|
476E000
|
heap
|
page read and write
|
||
|
1687000
|
heap
|
page read and write
|
||
|
3F50000
|
trusted library allocation
|
page read and write
|
||
|
4777000
|
heap
|
page read and write
|
||
|
4C81000
|
heap
|
page read and write
|
||
|
1687000
|
heap
|
page read and write
|
||
|
4CD5000
|
heap
|
page read and write
|
||
|
4798000
|
heap
|
page read and write
|
||
|
4EFE000
|
stack
|
page read and write
|
||
|
43A0000
|
direct allocation
|
page read and write
|
||
|
4C88000
|
heap
|
page read and write
|
||
|
6E428000
|
unkown
|
page readonly
|
||
|
5B4B000
|
stack
|
page read and write
|
||
|
3F0E000
|
stack
|
page read and write
|
||
|
4FF2000
|
heap
|
page read and write
|
||
|
4A90000
|
heap
|
page read and write
|
||
|
4C1D000
|
heap
|
page read and write
|
||
|
4EB0000
|
direct allocation
|
page read and write
|
||
|
478D000
|
heap
|
page read and write
|
||
|
44A1000
|
heap
|
page read and write
|
||
|
4C28000
|
heap
|
page read and write
|
||
|
9E0000
|
unkown
|
page readonly
|
||
|
8C0000
|
unkown
|
page readonly
|
||
|
36FB000
|
heap
|
page read and write
|
||
|
4D50000
|
heap
|
page read and write
|
||
|
4FB0000
|
heap
|
page read and write
|
||
|
1687000
|
heap
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
3540000
|
heap
|
page read and write
|
||
|
4C1B000
|
heap
|
page read and write
|
||
|
4C16000
|
heap
|
page read and write
|
||
|
178E000
|
heap
|
page read and write
|
||
|
33E1000
|
heap
|
page read and write
|
||
|
4693000
|
heap
|
page read and write
|
||
|
6CC80000
|
unkown
|
page readonly
|
||
|
4CE6000
|
heap
|
page read and write
|
||
|
4751000
|
heap
|
page read and write
|
||
|
4FB1000
|
heap
|
page read and write
|
||
|
46DC000
|
heap
|
page read and write
|
||
|
17C0000
|
heap
|
page read and write
|
||
|
46D9000
|
heap
|
page read and write
|
||
|
3FA0000
|
heap
|
page read and write
|
||
|
4250000
|
direct allocation
|
page read and write
|
||
|
4693000
|
heap
|
page read and write
|
||
|
46DE000
|
heap
|
page read and write
|
||
|
6CF21000
|
unkown
|
page write copy
|
||
|
5030000
|
heap
|
page read and write
|
||
|
1687000
|
heap
|
page read and write
|
||
|
6CF20000
|
unkown
|
page read and write
|
||
|
1780000
|
heap
|
page read and write
|
||
|
1687000
|
heap
|
page read and write
|
||
|
4C13000
|
heap
|
page read and write
|
||
|
4698000
|
heap
|
page read and write
|
||
|
3EC0000
|
heap
|
page read and write
|
||
|
36FE000
|
heap
|
page read and write
|
||
|
4690000
|
heap
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
4698000
|
heap
|
page read and write
|
||
|
52C0000
|
heap
|
page read and write
|
||
|
1780000
|
heap
|
page read and write
|
||
|
50D0000
|
heap
|
page read and write
|
||
|
1687000
|
heap
|
page read and write
|
||
|
6CC62000
|
unkown
|
page read and write
|
||
|
1687000
|
heap
|
page read and write
|
||
|
476E000
|
heap
|
page read and write
|
||
|
479B000
|
heap
|
page read and write
|
||
|
475F000
|
heap
|
page read and write
|
||
|
1687000
|
heap
|
page read and write
|
||
|
4C32000
|
heap
|
page read and write
|
||
|
478E000
|
heap
|
page read and write
|
||
|
4C1A000
|
heap
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
52B1000
|
heap
|
page read and write
|
||
|
1535000
|
stack
|
page read and write
|
||
|
4CF5000
|
heap
|
page read and write
|
||
|
4C34000
|
heap
|
page read and write
|
||
|
1687000
|
heap
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
4FF0000
|
heap
|
page read and write
|
||
|
6CC68000
|
unkown
|
page readonly
|
||
|
1687000
|
heap
|
page read and write
|
||
|
8C1000
|
unkown
|
page execute read
|
||
|
4C13000
|
heap
|
page read and write
|
||
|
1752000
|
heap
|
page read and write
|
||
|
46D6000
|
heap
|
page read and write
|
||
|
1790000
|
heap
|
page read and write
|
||
|
4C39000
|
heap
|
page read and write
|
||
|
45B8000
|
heap
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
46D9000
|
heap
|
page read and write
|
||
|
3E3C000
|
stack
|
page read and write
|
||
|
4CB3000
|
heap
|
page read and write
|
||
|
5178000
|
direct allocation
|
page read and write
|
||
|
46D4000
|
heap
|
page read and write
|
||
|
4C56000
|
heap
|
page read and write
|
||
|
4C4E000
|
heap
|
page read and write
|
||
|
4698000
|
heap
|
page read and write
|
||
|
33E1000
|
heap
|
page read and write
|
||
|
33E1000
|
heap
|
page read and write
|
||
|
501F000
|
heap
|
page read and write
|
||
|
44BA000
|
heap
|
page read and write
|
||
|
476E000
|
heap
|
page read and write
|
||
|
1687000
|
heap
|
page read and write
|
||
|
5030000
|
heap
|
page read and write
|
||
|
1790000
|
heap
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
6CD1C000
|
unkown
|
page readonly
|
||
|
4C1B000
|
heap
|
page read and write
|
||
|
4FF0000
|
heap
|
page read and write
|
||
|
4698000
|
heap
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
17C0000
|
heap
|
page read and write
|
||
|
1764000
|
heap
|
page read and write
|
||
|
4777000
|
heap
|
page read and write
|
||
|
44B0000
|
heap
|
page read and write
|
||
|
4C26000
|
heap
|
page read and write
|
||
|
5009000
|
heap
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
6CB81000
|
unkown
|
page execute read
|
||
|
3D3F000
|
stack
|
page read and write
|
||
|
45C0000
|
heap
|
page read and write
|
||
|
44B0000
|
heap
|
page read and write
|
||
|
4CAB000
|
heap
|
page read and write
|
||
|
364C000
|
stack
|
page read and write
|
||
|
4C8E000
|
heap
|
page read and write
|
||
|
9CD000
|
unkown
|
page write copy
|
||
|
44B2000
|
heap
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
4C68000
|
heap
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
6CF2E000
|
unkown
|
page readonly
|
||
|
6CD42000
|
unkown
|
page read and write
|
||
|
4D1D000
|
heap
|
page read and write
|
||
|
4D13000
|
heap
|
page read and write
|
||
|
4CA2000
|
heap
|
page read and write
|
||
|
4698000
|
heap
|
page read and write
|
||
|
4693000
|
heap
|
page read and write
|
||
|
4C1B000
|
heap
|
page read and write
|
||
|
4C66000
|
heap
|
page read and write
|
||
|
4C1D000
|
heap
|
page read and write
|
There are 513 hidden memdumps, click here to show them.