Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
file.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_file.exe_fcebb8fa1e3e86ecf7bee44cc44e164f10156627_fa3d53f0_cb85372f-41bd-4c7e-b8a0-651d30f057d0\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERBD25.tmp.dmp
|
Mini DuMP crash report, 15 streams, Thu Mar 28 14:50:55 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERBECB.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERBF1B.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RegAsm.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 5508 -s 912
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
5.42.65.0:29587
|
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Text
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/sct
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/sc/dk
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
http://tempuri.org/Entity/Id14ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id23ResponseD
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#HexBinary
|
unknown
|
||
|
http://tempuri.org/Entity/Id12Response
|
unknown
|
||
|
http://tempuri.org/
|
unknown
|
||
|
http://tempuri.org/Entity/Id2Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/dk/p_sha1
|
unknown
|
||
|
http://tempuri.org/Entity/Id21Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/2005/02/trust/spnego#GSS_Wrap
|
unknown
|
||
|
http://tempuri.org/Entity/Id9
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID
|
unknown
|
||
|
http://tempuri.org/Entity/Id8
|
unknown
|
||
|
http://tempuri.org/Entity/Id6ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id5
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Prepare
|
unknown
|
||
|
http://tempuri.org/Entity/Id4
|
unknown
|
||
|
http://tempuri.org/Entity/Id7
|
unknown
|
||
|
http://purl.oen
|
unknown
|
||
|
http://tempuri.org/Entity/Id6
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust#BinarySecret
|
unknown
|
||
|
http://tempuri.org/Entity/Id19Response
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-rel-token-profile-1.0.pdf#license
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Aborted
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/TerminateSequence
|
unknown
|
||
|
http://tempuri.org/Entity/Id13ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/fault
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey
|
unknown
|
||
|
http://tempuri.org/Entity/Id15Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id5ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Renew
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/Register
|
unknown
|
||
|
http://tempuri.org/Entity/Id6Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/SymmetricKey
|
unknown
|
||
|
https://api.ip.sb/ip
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/sc
|
unknown
|
||
|
http://tempuri.org/Entity/Id1ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Volatile2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id9Response
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://tempuri.org/Entity/Id20
|
unknown
|
||
|
http://tempuri.org/Entity/Id21
|
unknown
|
||
|
http://tempuri.org/Entity/Id22
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#Kerberosv5APREQSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id23
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/CK/PSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id24
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/Issue
|
unknown
|
||
|
http://tempuri.org/Entity/Id24Response
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
http://tempuri.org/Entity/Id1Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/AckRequested
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/ReadOnly
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Replay
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Durable2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/SymmetricKey
|
unknown
|
||
|
http://tempuri.org/Entity/Id21ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Completion
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust
|
unknown
|
||
|
http://tempuri.org/Entity/Id10
|
unknown
|
||
|
http://tempuri.org/Entity/Id11
|
unknown
|
||
|
http://tempuri.org/Entity/Id10ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id12
|
unknown
|
||
|
http://tempuri.org/Entity/Id16Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContextResponse
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id13
|
unknown
|
||
|
http://tempuri.org/Entity/Id14
|
unknown
|
||
|
http://tempuri.org/Entity/Id15
|
unknown
|
||
|
http://tempuri.org/Entity/Id16
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Nonce
|
unknown
|
||
|
http://tempuri.org/Entity/Id17
|
unknown
|
||
|
http://tempuri.org/Entity/Id18
|
unknown
|
||
|
http://tempuri.org/Entity/Id5Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id19
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dns
|
unknown
|
||
|
http://tempuri.org/Entity/Id15ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id10Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Renew
|
unknown
|
||
|
http://tempuri.org/Entity/Id11ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id8Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/PublicKey
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/SCT
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2006/02/addressingidentity
|
unknown
|
||
|
http://tempuri.org/Entity/Id17ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
There are 90 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
5.42.65.0
|
unknown
|
Russian Federation
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
||
|
\REGISTRY\A\{a8c24083-663f-62e3-661b-ec92fe533eff}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
ProgramId
|
||
|
\REGISTRY\A\{a8c24083-663f-62e3-661b-ec92fe533eff}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
FileId
|
||
|
\REGISTRY\A\{a8c24083-663f-62e3-661b-ec92fe533eff}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{a8c24083-663f-62e3-661b-ec92fe533eff}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
LongPathHash
|
||
|
\REGISTRY\A\{a8c24083-663f-62e3-661b-ec92fe533eff}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
Name
|
||
|
\REGISTRY\A\{a8c24083-663f-62e3-661b-ec92fe533eff}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
OriginalFileName
|
||
|
\REGISTRY\A\{a8c24083-663f-62e3-661b-ec92fe533eff}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
Publisher
|
||
|
\REGISTRY\A\{a8c24083-663f-62e3-661b-ec92fe533eff}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
Version
|
||
|
\REGISTRY\A\{a8c24083-663f-62e3-661b-ec92fe533eff}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
BinFileVersion
|
||
|
\REGISTRY\A\{a8c24083-663f-62e3-661b-ec92fe533eff}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
BinaryType
|
||
|
\REGISTRY\A\{a8c24083-663f-62e3-661b-ec92fe533eff}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
ProductName
|
||
|
\REGISTRY\A\{a8c24083-663f-62e3-661b-ec92fe533eff}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
ProductVersion
|
||
|
\REGISTRY\A\{a8c24083-663f-62e3-661b-ec92fe533eff}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
LinkDate
|
||
|
\REGISTRY\A\{a8c24083-663f-62e3-661b-ec92fe533eff}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
BinProductVersion
|
||
|
\REGISTRY\A\{a8c24083-663f-62e3-661b-ec92fe533eff}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{a8c24083-663f-62e3-661b-ec92fe533eff}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{a8c24083-663f-62e3-661b-ec92fe533eff}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
Size
|
||
|
\REGISTRY\A\{a8c24083-663f-62e3-661b-ec92fe533eff}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
Language
|
||
|
\REGISTRY\A\{a8c24083-663f-62e3-661b-ec92fe533eff}\Root\InventoryApplicationFile\file.exe|7bc5a156b3ccd649
|
Usn
|
There are 14 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4335000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
3204000
|
trusted library allocation
|
page read and write
|
|
|
|
32FF000
|
trusted library allocation
|
page read and write
|
||
|
61E0000
|
heap
|
page read and write
|
||
|
6194000
|
heap
|
page read and write
|
||
|
4367000
|
trusted library allocation
|
page read and write
|
||
|
7412000
|
trusted library allocation
|
page read and write
|
||
|
4250000
|
trusted library allocation
|
page read and write
|
||
|
1880000
|
trusted library allocation
|
page read and write
|
||
|
72D0000
|
heap
|
page read and write
|
||
|
42A4000
|
trusted library allocation
|
page read and write
|
||
|
3746000
|
trusted library allocation
|
page read and write
|
||
|
35BB000
|
trusted library allocation
|
page read and write
|
||
|
12F6000
|
trusted library allocation
|
page execute and read and write
|
||
|
4374000
|
trusted library allocation
|
page read and write
|
||
|
41FF000
|
trusted library allocation
|
page read and write
|
||
|
7170000
|
heap
|
page read and write
|
||
|
61EB000
|
heap
|
page read and write
|
||
|
56A2000
|
trusted library allocation
|
page read and write
|
||
|
56A0000
|
trusted library allocation
|
page read and write
|
||
|
37F4000
|
trusted library allocation
|
page read and write
|
||
|
4379000
|
trusted library allocation
|
page read and write
|
||
|
70D4000
|
heap
|
page read and write
|
||
|
33C4000
|
trusted library allocation
|
page read and write
|
||
|
4569000
|
trusted library allocation
|
page read and write
|
||
|
3316000
|
trusted library allocation
|
page read and write
|
||
|
32F7000
|
trusted library allocation
|
page read and write
|
||
|
6237000
|
heap
|
page read and write
|
||
|
7404000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
4584000
|
trusted library allocation
|
page read and write
|
||
|
3331000
|
trusted library allocation
|
page read and write
|
||
|
1485000
|
heap
|
page read and write
|
||
|
56C8000
|
trusted library allocation
|
page read and write
|
||
|
4564000
|
trusted library allocation
|
page read and write
|
||
|
4294000
|
trusted library allocation
|
page read and write
|
||
|
7118000
|
heap
|
page read and write
|
||
|
41E2000
|
trusted library allocation
|
page read and write
|
||
|
1187000
|
stack
|
page read and write
|
||
|
712D000
|
heap
|
page read and write
|
||
|
74F0000
|
trusted library allocation
|
page read and write
|
||
|
45A3000
|
trusted library allocation
|
page read and write
|
||
|
6150000
|
heap
|
page read and write
|
||
|
5A40000
|
trusted library allocation
|
page read and write
|
||
|
63CE000
|
stack
|
page read and write
|
||
|
4639000
|
trusted library allocation
|
page read and write
|
||
|
41B6000
|
trusted library allocation
|
page read and write
|
||
|
5622000
|
trusted library allocation
|
page read and write
|
||
|
42C5000
|
trusted library allocation
|
page read and write
|
||
|
3676000
|
trusted library allocation
|
page read and write
|
||
|
1690000
|
heap
|
page execute and read and write
|
||
|
420F000
|
trusted library allocation
|
page read and write
|
||
|
3593000
|
trusted library allocation
|
page read and write
|
||
|
34E3000
|
trusted library allocation
|
page read and write
|
||
|
388F000
|
trusted library allocation
|
page read and write
|
||
|
35A4000
|
trusted library allocation
|
page read and write
|
||
|
4191000
|
trusted library allocation
|
page read and write
|
||
|
1320000
|
trusted library allocation
|
page read and write
|
||
|
42F5000
|
trusted library allocation
|
page read and write
|
||
|
12ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
42D3000
|
trusted library allocation
|
page read and write
|
||
|
6F10000
|
trusted library allocation
|
page read and write
|
||
|
E62000
|
unkown
|
page readonly
|
||
|
43EB000
|
trusted library allocation
|
page read and write
|
||
|
4229000
|
trusted library allocation
|
page read and write
|
||
|
417F000
|
trusted library allocation
|
page read and write
|
||
|
33D8000
|
trusted library allocation
|
page read and write
|
||
|
56B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
73EA000
|
trusted library allocation
|
page read and write
|
||
|
355B000
|
trusted library allocation
|
page read and write
|
||
|
41EE000
|
trusted library allocation
|
page read and write
|
||
|
42CB000
|
trusted library allocation
|
page read and write
|
||
|
70A0000
|
heap
|
page read and write
|
||
|
12E0000
|
trusted library allocation
|
page read and write
|
||
|
3588000
|
trusted library allocation
|
page read and write
|
||
|
32EA000
|
trusted library allocation
|
page read and write
|
||
|
3398000
|
trusted library allocation
|
page read and write
|
||
|
5820000
|
heap
|
page execute and read and write
|
||
|
3311000
|
trusted library allocation
|
page read and write
|
||
|
380D000
|
trusted library allocation
|
page read and write
|
||
|
3809000
|
trusted library allocation
|
page read and write
|
||
|
451F000
|
trusted library allocation
|
page read and write
|
||
|
5791000
|
trusted library allocation
|
page read and write
|
||
|
73D2000
|
trusted library allocation
|
page read and write
|
||
|
57AE000
|
trusted library allocation
|
page read and write
|
||
|
3862000
|
trusted library allocation
|
page read and write
|
||
|
7070000
|
trusted library allocation
|
page read and write
|
||
|
434A000
|
trusted library allocation
|
page read and write
|
||
|
31F0000
|
heap
|
page execute and read and write
|
||
|
31B0000
|
heap
|
page execute and read and write
|
||
|
73D9000
|
trusted library allocation
|
page read and write
|
||
|
386C000
|
trusted library allocation
|
page read and write
|
||
|
4630000
|
trusted library allocation
|
page read and write
|
||
|
7420000
|
trusted library allocation
|
page read and write
|
||
|
F4C000
|
stack
|
page read and write
|
||
|
3439000
|
trusted library allocation
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
57F0000
|
trusted library allocation
|
page read and write
|
||
|
4269000
|
trusted library allocation
|
page read and write
|
||
|
628E000
|
stack
|
page read and write
|
||
|
45A9000
|
trusted library allocation
|
page read and write
|
||
|
713D000
|
heap
|
page read and write
|
||
|
3736000
|
trusted library allocation
|
page read and write
|
||
|
33B7000
|
trusted library allocation
|
page read and write
|
||
|
319E000
|
stack
|
page read and write
|
||
|
79AF000
|
stack
|
page read and write
|
||
|
4322000
|
trusted library allocation
|
page read and write
|
||
|
73EF000
|
trusted library allocation
|
page read and write
|
||
|
4607000
|
trusted library allocation
|
page read and write
|
||
|
1660000
|
trusted library allocation
|
page read and write
|
||
|
2FAE000
|
stack
|
page read and write
|
||
|
7500000
|
trusted library allocation
|
page read and write
|
||
|
35F1000
|
trusted library allocation
|
page read and write
|
||
|
457E000
|
trusted library allocation
|
page read and write
|
||
|
4647000
|
trusted library allocation
|
page read and write
|
||
|
463F000
|
trusted library allocation
|
page read and write
|
||
|
706E000
|
stack
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page execute and read and write
|
||
|
61FE000
|
heap
|
page read and write
|
||
|
5AAE000
|
stack
|
page read and write
|
||
|
660F000
|
stack
|
page read and write
|
||
|
5930000
|
trusted library allocation
|
page read and write
|
||
|
622D000
|
heap
|
page read and write
|
||
|
55F4000
|
trusted library allocation
|
page read and write
|
||
|
73FA000
|
trusted library allocation
|
page read and write
|
||
|
37F6000
|
trusted library allocation
|
page read and write
|
||
|
3361000
|
trusted library allocation
|
page read and write
|
||
|
6EF0000
|
heap
|
page read and write
|
||
|
3802000
|
trusted library allocation
|
page read and write
|
||
|
78AE000
|
stack
|
page read and write
|
||
|
57E1000
|
trusted library allocation
|
page read and write
|
||
|
5A80000
|
trusted library allocation
|
page execute and read and write
|
||
|
7144000
|
heap
|
page read and write
|
||
|
56C0000
|
trusted library allocation
|
page read and write
|
||
|
4370000
|
trusted library allocation
|
page read and write
|
||
|
12D4000
|
trusted library allocation
|
page read and write
|
||
|
5A50000
|
trusted library allocation
|
page read and write
|
||
|
33A9000
|
trusted library allocation
|
page read and write
|
||
|
33E3000
|
trusted library allocation
|
page read and write
|
||
|
4225000
|
trusted library allocation
|
page read and write
|
||
|
1970000
|
heap
|
page read and write
|
||
|
33F4000
|
trusted library allocation
|
page read and write
|
||
|
458B000
|
trusted library allocation
|
page read and write
|
||
|
33D1000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
7FA0000
|
heap
|
page read and write
|
||
|
440C000
|
trusted library allocation
|
page read and write
|
||
|
422E000
|
trusted library allocation
|
page read and write
|
||
|
73D0000
|
trusted library allocation
|
page read and write
|
||
|
378D000
|
trusted library allocation
|
page read and write
|
||
|
33EA000
|
trusted library allocation
|
page read and write
|
||
|
623E000
|
heap
|
page read and write
|
||
|
4288000
|
trusted library allocation
|
page read and write
|
||
|
3733000
|
trusted library allocation
|
page read and write
|
||
|
4233000
|
trusted library allocation
|
page read and write
|
||
|
57BA000
|
trusted library allocation
|
page read and write
|
||
|
14A0000
|
trusted library allocation
|
page read and write
|
||
|
34CC000
|
trusted library allocation
|
page read and write
|
||
|
12F6000
|
stack
|
page read and write
|
||
|
12DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
749E000
|
stack
|
page read and write
|
||
|
1670000
|
trusted library allocation
|
page read and write
|
||
|
14CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FB6000
|
heap
|
page read and write
|
||
|
70B5000
|
heap
|
page read and write
|
||
|
1384000
|
heap
|
page read and write
|
||
|
16A0000
|
heap
|
page read and write
|
||
|
36FE000
|
trusted library allocation
|
page read and write
|
||
|
459A000
|
trusted library allocation
|
page read and write
|
||
|
3264000
|
trusted library allocation
|
page read and write
|
||
|
41C3000
|
trusted library allocation
|
page read and write
|
||
|
425C000
|
trusted library allocation
|
page read and write
|
||
|
6F16000
|
trusted library allocation
|
page read and write
|
||
|
5690000
|
heap
|
page read and write
|
||
|
455E000
|
trusted library allocation
|
page read and write
|
||
|
4401000
|
trusted library allocation
|
page read and write
|
||
|
4602000
|
trusted library allocation
|
page read and write
|
||
|
6241000
|
heap
|
page read and write
|
||
|
187E000
|
stack
|
page read and write
|
||
|
61F7000
|
heap
|
page read and write
|
||
|
57FB000
|
trusted library allocation
|
page read and write
|
||
|
3220000
|
heap
|
page read and write
|
||
|
6206000
|
heap
|
page read and write
|
||
|
459E000
|
trusted library allocation
|
page read and write
|
||
|
7D6F000
|
stack
|
page read and write
|
||
|
32C5000
|
trusted library allocation
|
page read and write
|
||
|
57B1000
|
trusted library allocation
|
page read and write
|
||
|
5A70000
|
heap
|
page execute and read and write
|
||
|
59A0000
|
trusted library allocation
|
page read and write
|
||
|
7510000
|
trusted library allocation
|
page execute and read and write
|
||
|
5AEE000
|
stack
|
page read and write
|
||
|
3567000
|
trusted library allocation
|
page read and write
|
||
|
4376000
|
trusted library allocation
|
page read and write
|
||
|
45AD000
|
trusted library allocation
|
page read and write
|
||
|
5611000
|
trusted library allocation
|
page read and write
|
||
|
64CE000
|
stack
|
page read and write
|
||
|
431B000
|
trusted library allocation
|
page read and write
|
||
|
3574000
|
trusted library allocation
|
page read and write
|
||
|
4334000
|
trusted library allocation
|
page read and write
|
||
|
73FF000
|
trusted library allocation
|
page read and write
|
||
|
422B000
|
trusted library allocation
|
page read and write
|
||
|
5780000
|
trusted library allocation
|
page read and write
|
||
|
3873000
|
trusted library allocation
|
page read and write
|
||
|
421C000
|
trusted library allocation
|
page read and write
|
||
|
373F000
|
trusted library allocation
|
page read and write
|
||
|
3894000
|
trusted library allocation
|
page read and write
|
||
|
3055000
|
trusted library allocation
|
page read and write
|
||
|
45BE000
|
trusted library allocation
|
page read and write
|
||
|
149D000
|
trusted library allocation
|
page execute and read and write
|
||
|
621B000
|
heap
|
page read and write
|
||
|
463D000
|
trusted library allocation
|
page read and write
|
||
|
619E000
|
heap
|
page read and write
|
||
|
622A000
|
heap
|
page read and write
|
||
|
EB2000
|
unkown
|
page readonly
|
||
|
3331000
|
trusted library allocation
|
page execute and read and write
|
||
|
436B000
|
trusted library allocation
|
page read and write
|
||
|
7530000
|
trusted library allocation
|
page execute and read and write
|
||
|
165E000
|
stack
|
page read and write
|
||
|
1305000
|
trusted library allocation
|
page execute and read and write
|
||
|
3712000
|
trusted library allocation
|
page read and write
|
||
|
57C0000
|
trusted library allocation
|
page read and write
|
||
|
3548000
|
trusted library allocation
|
page read and write
|
||
|
33AB000
|
trusted library allocation
|
page read and write
|
||
|
7EFC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4623000
|
trusted library allocation
|
page read and write
|
||
|
5823000
|
heap
|
page execute and read and write
|
||
|
4642000
|
trusted library allocation
|
page read and write
|
||
|
578B000
|
trusted library allocation
|
page read and write
|
||
|
461D000
|
trusted library allocation
|
page read and write
|
||
|
14E0000
|
trusted library allocation
|
page read and write
|
||
|
6EE0000
|
trusted library allocation
|
page read and write
|
||
|
5A10000
|
trusted library allocation
|
page read and write
|
||
|
57FE000
|
trusted library allocation
|
page read and write
|
||
|
560E000
|
trusted library allocation
|
page read and write
|
||
|
73F5000
|
trusted library allocation
|
page read and write
|
||
|
5970000
|
heap
|
page read and write
|
||
|
348F000
|
trusted library allocation
|
page read and write
|
||
|
6660000
|
trusted library allocation
|
page execute and read and write
|
||
|
3559000
|
trusted library allocation
|
page read and write
|
||
|
349C000
|
trusted library allocation
|
page read and write
|
||
|
1399000
|
heap
|
page read and write
|
||
|
37E2000
|
trusted library allocation
|
page read and write
|
||
|
33A1000
|
trusted library allocation
|
page read and write
|
||
|
359A000
|
trusted library allocation
|
page read and write
|
||
|
435A000
|
trusted library allocation
|
page read and write
|
||
|
45D7000
|
trusted library allocation
|
page read and write
|
||
|
45A0000
|
trusted library allocation
|
page read and write
|
||
|
42CE000
|
trusted library allocation
|
page read and write
|
||
|
14C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
4238000
|
trusted library allocation
|
page read and write
|
||
|
13ED000
|
heap
|
page read and write
|
||
|
6232000
|
heap
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
621F000
|
heap
|
page read and write
|
||
|
3783000
|
trusted library allocation
|
page read and write
|
||
|
316F000
|
stack
|
page read and write
|
||
|
42AE000
|
trusted library allocation
|
page read and write
|
||
|
3050000
|
trusted library allocation
|
page read and write
|
||
|
435000
|
remote allocation
|
page execute and read and write
|
||
|
428F000
|
trusted library allocation
|
page read and write
|
||
|
4220000
|
trusted library allocation
|
page read and write
|
||
|
3551000
|
trusted library allocation
|
page read and write
|
||
|
41E9000
|
trusted library allocation
|
page read and write
|
||
|
716B000
|
heap
|
page read and write
|
||
|
7B0E000
|
stack
|
page read and write
|
||
|
13D4000
|
heap
|
page read and write
|
||
|
37EB000
|
trusted library allocation
|
page read and write
|
||
|
42DE000
|
trusted library allocation
|
page read and write
|
||
|
1300000
|
trusted library allocation
|
page read and write
|
||
|
7AC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
15D8000
|
heap
|
page read and write
|
||
|
7400000
|
trusted library allocation
|
page read and write
|
||
|
1391000
|
heap
|
page read and write
|
||
|
664C000
|
stack
|
page read and write
|
||
|
462A000
|
trusted library allocation
|
page read and write
|
||
|
108A000
|
stack
|
page read and write
|
||
|
34D7000
|
trusted library allocation
|
page read and write
|
||
|
2FB8000
|
trusted library allocation
|
page read and write
|
||
|
638F000
|
stack
|
page read and write
|
||
|
3706000
|
trusted library allocation
|
page read and write
|
||
|
59AE000
|
stack
|
page read and write
|
||
|
7430000
|
trusted library allocation
|
page execute and read and write
|
||
|
3804000
|
trusted library allocation
|
page read and write
|
||
|
786E000
|
stack
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
61BD000
|
heap
|
page read and write
|
||
|
433F000
|
trusted library allocation
|
page read and write
|
||
|
331B000
|
trusted library allocation
|
page read and write
|
||
|
454C000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
trusted library allocation
|
page read and write
|
||
|
388B000
|
trusted library allocation
|
page read and write
|
||
|
37AB000
|
trusted library allocation
|
page read and write
|
||
|
3742000
|
trusted library allocation
|
page read and write
|
||
|
33EF000
|
trusted library allocation
|
page read and write
|
||
|
70B2000
|
heap
|
page read and write
|
||
|
5650000
|
trusted library allocation
|
page read and write
|
||
|
7A6E000
|
stack
|
page read and write
|
||
|
5A30000
|
trusted library allocation
|
page execute and read and write
|
||
|
387E000
|
trusted library allocation
|
page read and write
|
||
|
4209000
|
trusted library allocation
|
page read and write
|
||
|
51AB000
|
stack
|
page read and write
|
||
|
12F0000
|
trusted library allocation
|
page read and write
|
||
|
18CE000
|
stack
|
page read and write
|
||
|
37F8000
|
trusted library allocation
|
page read and write
|
||
|
1350000
|
heap
|
page read and write
|
||
|
1612000
|
heap
|
page read and write
|
||
|
36F8000
|
trusted library allocation
|
page read and write
|
||
|
14C0000
|
trusted library allocation
|
page read and write
|
||
|
52AC000
|
stack
|
page read and write
|
||
|
1302000
|
trusted library allocation
|
page read and write
|
||
|
3470000
|
trusted library allocation
|
page read and write
|
||
|
32BC000
|
trusted library allocation
|
page read and write
|
||
|
330A000
|
trusted library allocation
|
page read and write
|
||
|
7C6E000
|
stack
|
page read and write
|
||
|
3581000
|
trusted library allocation
|
page read and write
|
||
|
624E000
|
heap
|
page read and write
|
||
|
5810000
|
trusted library allocation
|
page read and write
|
||
|
6F6B000
|
stack
|
page read and write
|
||
|
3601000
|
trusted library allocation
|
page read and write
|
||
|
4538000
|
trusted library allocation
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
4591000
|
trusted library allocation
|
page read and write
|
||
|
596E000
|
stack
|
page read and write
|
||
|
4545000
|
trusted library allocation
|
page read and write
|
||
|
7410000
|
trusted library allocation
|
page read and write
|
||
|
3714000
|
trusted library allocation
|
page read and write
|
||
|
4171000
|
trusted library allocation
|
page read and write
|
||
|
1896000
|
heap
|
page read and write
|
||
|
5800000
|
trusted library allocation
|
page read and write
|
||
|
70BC000
|
heap
|
page read and write
|
||
|
3481000
|
trusted library allocation
|
page read and write
|
||
|
140E000
|
stack
|
page read and write
|
||
|
1890000
|
heap
|
page read and write
|
||
|
6F18000
|
trusted library allocation
|
page read and write
|
||
|
12D0000
|
trusted library allocation
|
page read and write
|
||
|
340B000
|
trusted library allocation
|
page read and write
|
||
|
676C000
|
stack
|
page read and write
|
||
|
45FD000
|
trusted library allocation
|
page read and write
|
||
|
3704000
|
trusted library allocation
|
page read and write
|
||
|
43BB000
|
trusted library allocation
|
page read and write
|
||
|
3171000
|
trusted library allocation
|
page read and write
|
||
|
4216000
|
trusted library allocation
|
page read and write
|
||
|
3624000
|
trusted library allocation
|
page read and write
|
||
|
7A2F000
|
stack
|
page read and write
|
||
|
5796000
|
trusted library allocation
|
page read and write
|
||
|
41AA000
|
trusted library allocation
|
page read and write
|
||
|
5920000
|
trusted library allocation
|
page read and write
|
||
|
32DD000
|
trusted library allocation
|
page read and write
|
||
|
70DE000
|
heap
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
34B0000
|
trusted library allocation
|
page read and write
|
||
|
370A000
|
trusted library allocation
|
page read and write
|
||
|
717D000
|
heap
|
page read and write
|
||
|
189E000
|
heap
|
page read and write
|
||
|
161E000
|
stack
|
page read and write
|
||
|
5A00000
|
trusted library allocation
|
page execute and read and write
|
||
|
4634000
|
trusted library allocation
|
page read and write
|
||
|
74E0000
|
trusted library allocation
|
page read and write
|
||
|
7179000
|
heap
|
page read and write
|
||
|
144E000
|
stack
|
page read and write
|
||
|
41D7000
|
trusted library allocation
|
page read and write
|
||
|
33FF000
|
trusted library allocation
|
page read and write
|
||
|
437F000
|
trusted library allocation
|
page read and write
|
||
|
45CA000
|
trusted library allocation
|
page read and write
|
||
|
6224000
|
heap
|
page read and write
|
||
|
4574000
|
trusted library allocation
|
page read and write
|
||
|
34BB000
|
trusted library allocation
|
page read and write
|
||
|
5980000
|
trusted library allocation
|
page execute and read and write
|
||
|
42D1000
|
trusted library allocation
|
page read and write
|
||
|
3718000
|
trusted library allocation
|
page read and write
|
||
|
1470000
|
trusted library allocation
|
page read and write
|
||
|
57D0000
|
trusted library allocation
|
page read and write
|
||
|
3483000
|
trusted library allocation
|
page read and write
|
||
|
34C2000
|
trusted library allocation
|
page read and write
|
||
|
4301000
|
trusted library allocation
|
page read and write
|
||
|
5A60000
|
trusted library allocation
|
page execute and read and write
|
||
|
757E000
|
stack
|
page read and write
|
||
|
382B000
|
trusted library allocation
|
page read and write
|
||
|
7FB1000
|
heap
|
page read and write
|
||
|
433A000
|
trusted library allocation
|
page read and write
|
||
|
4331000
|
trusted library allocation
|
page read and write
|
||
|
4299000
|
trusted library allocation
|
page read and write
|
||
|
464C000
|
trusted library allocation
|
page read and write
|
||
|
4557000
|
trusted library allocation
|
page read and write
|
||
|
57A2000
|
trusted library allocation
|
page read and write
|
||
|
12FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1359000
|
heap
|
page read and write
|
||
|
4276000
|
trusted library allocation
|
page read and write
|
||
|
4413000
|
trusted library allocation
|
page read and write
|
||
|
56C5000
|
trusted library allocation
|
page read and write
|
||
|
542D000
|
stack
|
page read and write
|
||
|
74DE000
|
stack
|
page read and write
|
||
|
5A20000
|
trusted library allocation
|
page read and write
|
||
|
7080000
|
trusted library allocation
|
page read and write
|
||
|
55F0000
|
trusted library allocation
|
page read and write
|
||
|
4361000
|
trusted library allocation
|
page read and write
|
||
|
1580000
|
heap
|
page read and write
|
||
|
70C9000
|
heap
|
page read and write
|
||
|
3333000
|
trusted library allocation
|
page read and write
|
||
|
1330000
|
trusted library allocation
|
page execute and read and write
|
||
|
15FC000
|
heap
|
page read and write
|
||
|
45E4000
|
trusted library allocation
|
page read and write
|
||
|
3326000
|
trusted library allocation
|
page read and write
|
||
|
5990000
|
trusted library allocation
|
page read and write
|
||
|
7123000
|
heap
|
page read and write
|
||
|
1494000
|
trusted library allocation
|
page read and write
|
||
|
3700000
|
trusted library allocation
|
page read and write
|
||
|
3511000
|
trusted library allocation
|
page read and write
|
||
|
57F5000
|
trusted library allocation
|
page read and write
|
||
|
5630000
|
trusted library allocation
|
page read and write
|
||
|
34C7000
|
trusted library allocation
|
page read and write
|
||
|
7142000
|
heap
|
page read and write
|
||
|
3751000
|
trusted library allocation
|
page read and write
|
||
|
5960000
|
trusted library allocation
|
page read and write
|
||
|
3479000
|
trusted library allocation
|
page read and write
|
||
|
72BA000
|
trusted library allocation
|
page read and write
|
||
|
6EDC000
|
stack
|
page read and write
|
||
|
444000
|
remote allocation
|
page execute and read and write
|
||
|
1605000
|
heap
|
page read and write
|
||
|
4613000
|
trusted library allocation
|
page read and write
|
||
|
70F2000
|
heap
|
page read and write
|
||
|
15DE000
|
heap
|
page read and write
|
||
|
5616000
|
trusted library allocation
|
page read and write
|
||
|
45EB000
|
trusted library allocation
|
page read and write
|
||
|
6DDE000
|
stack
|
page read and write
|
||
|
15D0000
|
heap
|
page read and write
|
||
|
7138000
|
heap
|
page read and write
|
||
|
55FB000
|
trusted library allocation
|
page read and write
|
||
|
72B7000
|
trusted library allocation
|
page read and write
|
||
|
3875000
|
trusted library allocation
|
page read and write
|
||
|
61F2000
|
heap
|
page read and write
|
||
|
359F000
|
trusted library allocation
|
page read and write
|
||
|
4393000
|
trusted library allocation
|
page read and write
|
||
|
715B000
|
heap
|
page read and write
|
||
|
7090000
|
heap
|
page read and write
|
||
|
430E000
|
trusted library allocation
|
page read and write
|
||
|
42BB000
|
trusted library allocation
|
page read and write
|
||
|
72B0000
|
trusted library allocation
|
page read and write
|
||
|
7106000
|
heap
|
page read and write
|
||
|
35AF000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
heap
|
page read and write
|
||
|
130B000
|
trusted library allocation
|
page execute and read and write
|
||
|
79EE000
|
stack
|
page read and write
|
||
|
7415000
|
trusted library allocation
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
56CA000
|
trusted library allocation
|
page read and write
|
||
|
152E000
|
stack
|
page read and write
|
||
|
370E000
|
trusted library allocation
|
page read and write
|
||
|
126E000
|
stack
|
page read and write
|
||
|
12D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
61B2000
|
heap
|
page read and write
|
||
|
452B000
|
trusted library allocation
|
page read and write
|
||
|
34A9000
|
trusted library allocation
|
page read and write
|
||
|
1680000
|
heap
|
page read and write
|
||
|
1307000
|
trusted library allocation
|
page execute and read and write
|
||
|
12B0000
|
trusted library allocation
|
page read and write
|
||
|
45F6000
|
trusted library allocation
|
page read and write
|
||
|
427D000
|
trusted library allocation
|
page read and write
|
||
|
4595000
|
trusted library allocation
|
page read and write
|
||
|
142D000
|
heap
|
page read and write
|
||
|
6213000
|
heap
|
page read and write
|
||
|
5BEF000
|
stack
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
70A2000
|
heap
|
page read and write
|
||
|
1590000
|
trusted library allocation
|
page read and write
|
||
|
156E000
|
stack
|
page read and write
|
||
|
E60000
|
unkown
|
page readonly
|
||
|
12F2000
|
trusted library allocation
|
page read and write
|
||
|
72E0000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
650E000
|
stack
|
page read and write
|
||
|
14BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1493000
|
trusted library allocation
|
page execute and read and write
|
||
|
1683000
|
heap
|
page read and write
|
||
|
12C5000
|
heap
|
page read and write
|
||
|
4354000
|
trusted library allocation
|
page read and write
|
||
|
41F3000
|
trusted library allocation
|
page read and write
|
||
|
73D5000
|
trusted library allocation
|
page read and write
|
||
|
1340000
|
trusted library allocation
|
page read and write
|
||
|
432D000
|
trusted library allocation
|
page read and write
|
||
|
41D0000
|
trusted library allocation
|
page read and write
|
||
|
17CF000
|
stack
|
page read and write
|
||
|
332E000
|
stack
|
page read and write
|
||
|
42D9000
|
trusted library allocation
|
page read and write
|
||
|
42B5000
|
trusted library allocation
|
page read and write
|
||
|
73E8000
|
trusted library allocation
|
page read and write
|
||
|
59B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
37FF000
|
trusted library allocation
|
page read and write
|
||
|
561D000
|
trusted library allocation
|
page read and write
|
||
|
70F7000
|
heap
|
page read and write
|
||
|
42C2000
|
trusted library allocation
|
page read and write
|
||
|
70E8000
|
heap
|
page read and write
|
There are 483 hidden memdumps, click here to show them.