Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Quotation.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\springvandenes\Intransparency\Bowleres.Hed
|
ASCII text, with very long lines (58742), with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\springvandenes\Udstiller48\Kulmuler\Generationsskifternes\Specialudvalg\Quotation.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x8bbcd9d1, page size 16384, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ub1lwqn2.g0l.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_uuvmtcd4.uji.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\springvandenes\Dodecyl222.Lys
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\springvandenes\Intransparency\Unenslave223.ges
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\springvandenes\Udstiller48\Kulmuler\Generationsskifternes\Specialudvalg\Quotation.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\springvandenes\Udstiller48\Kulmuler\Generationsskifternes\Specialudvalg\familieplejer.nar
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\springvandenes\Udstiller48\Kulmuler\Generationsskifternes\Specialudvalg\medtog.txt
|
ASCII text, with very long lines (376), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\springvandenes\Udstiller48\Kulmuler\Generationsskifternes\Specialudvalg\wastemen.gra
|
data
|
dropped
|
||
|
C:\Users\user\dok.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun
Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600, length=0, window=hide
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
JSON data
|
dropped
|
There are 7 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Quotation.exe
|
"C:\Users\user\Desktop\Quotation.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"powershell" -windowstyle hidden "$Betalingsdages=Get-Content 'C:\Users\user\AppData\Local\Temp\springvandenes\Intransparency\Bowleres.Hed';$Taplet=$Betalingsdages.SubString(58707,3);.$Taplet($Betalingsdages)"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "set /A 1^^0"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://apwisulsel.sa.com/EnPWajJ251.bing
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://apwisulsel.sa.com/EnPWajJ251.binb
|
unknown
|
||
|
https://aka.ms/pscore6
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
https://apwisulsel.sa.com/$
|
unknown
|
||
|
https://apwisulsel.sa.com/(
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://apwisulsel.sa.com/EnPWajJ251.binW
|
unknown
|
||
|
http://www.microsoft.coiJa
|
unknown
|
||
|
https://apwisulsel.sa.com/EnPWajJ251.bincf&
|
unknown
|
||
|
https://apwisulsel.sa.com/EnPWajJ251.bin
|
unknown
|
||
|
https://apwisulsel.sa.com/lsel.sa.com/apwisulsel.sa.com5
|
unknown
|
||
|
https://g.live.com/odclientsettings/Prod-C:
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2-C:
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://apwisulsel.sa.com/C
|
unknown
|
||
|
http://crl.microz;r
|
unknown
|
||
|
https://apwisulsel.sa.com/EnPWajJ251.binoE
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://apwisulsel.sa.com/
|
unknown
|
||
|
https://apwisulsel.sa.com/r4
|
unknown
|
There are 18 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
apwisulsel.sa.com
|
104.128.228.214
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.128.228.214
|
apwisulsel.sa.com
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
D38C000
|
direct allocation
|
page execute and read and write
|
|
|
|
5D2E000
|
remote allocation
|
page execute and read and write
|
|
|
|
8890000
|
trusted library allocation
|
page execute and read and write
|
||
|
489000
|
unkown
|
page readonly
|
||
|
6F08000
|
heap
|
page read and write
|
||
|
22135C44000
|
heap
|
page read and write
|
||
|
22135CB0000
|
trusted library allocation
|
page read and write
|
||
|
89B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7190000
|
trusted library allocation
|
page read and write
|
||
|
8030000
|
trusted library allocation
|
page read and write
|
||
|
8411000
|
trusted library allocation
|
page read and write
|
||
|
6FE5000
|
heap
|
page read and write
|
||
|
2213066C000
|
heap
|
page read and write
|
||
|
22135B70000
|
trusted library allocation
|
page read and write
|
||
|
4F29000
|
trusted library allocation
|
page read and write
|
||
|
2213063F000
|
heap
|
page read and write
|
||
|
9B60000
|
direct allocation
|
page read and write
|
||
|
7196000
|
trusted library allocation
|
page read and write
|
||
|
6334000
|
trusted library allocation
|
page read and write
|
||
|
22135BC0000
|
trusted library allocation
|
page read and write
|
||
|
71C000
|
heap
|
page read and write
|
||
|
9080000
|
trusted library allocation
|
page read and write
|
||
|
8D30000
|
trusted library allocation
|
page read and write
|
||
|
70D000
|
heap
|
page read and write
|
||
|
70D000
|
heap
|
page read and write
|
||
|
446000
|
unkown
|
page read and write
|
||
|
33B0000
|
trusted library section
|
page read and write
|
||
|
8F29000
|
trusted library allocation
|
page read and write
|
||
|
22135D02000
|
heap
|
page read and write
|
||
|
427000
|
unkown
|
page read and write
|
||
|
22130624000
|
heap
|
page read and write
|
||
|
8F10000
|
trusted library allocation
|
page execute and read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
B58C000
|
direct allocation
|
page execute and read and write
|
||
|
22810000
|
remote allocation
|
page read and write
|
||
|
711000
|
heap
|
page read and write
|
||
|
F7144FE000
|
stack
|
page read and write
|
||
|
721000
|
heap
|
page read and write
|
||
|
22135E20000
|
trusted library allocation
|
page read and write
|
||
|
7F00000
|
trusted library allocation
|
page read and write
|
||
|
6EDA000
|
heap
|
page read and write
|
||
|
7648000
|
heap
|
page read and write
|
||
|
7420000
|
direct allocation
|
page read and write
|
||
|
8DF0000
|
trusted library allocation
|
page read and write
|
||
|
27C0000
|
heap
|
page read and write
|
||
|
8970000
|
trusted library allocation
|
page read and write
|
||
|
8FD0000
|
trusted library allocation
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
5887000
|
trusted library allocation
|
page read and write
|
||
|
8D70000
|
trusted library allocation
|
page read and write
|
||
|
6D8000
|
heap
|
page read and write
|
||
|
8F00000
|
trusted library allocation
|
page execute and read and write
|
||
|
22135EF0000
|
remote allocation
|
page read and write
|
||
|
88E0000
|
trusted library allocation
|
page read and write
|
||
|
6EE3000
|
heap
|
page read and write
|
||
|
6ECD000
|
heap
|
page read and write
|
||
|
8990000
|
trusted library allocation
|
page read and write
|
||
|
22135C62000
|
heap
|
page read and write
|
||
|
824C000
|
trusted library allocation
|
page read and write
|
||
|
5180000
|
heap
|
page execute and read and write
|
||
|
4F30000
|
trusted library allocation
|
page read and write
|
||
|
6EDC000
|
heap
|
page read and write
|
||
|
30DB000
|
heap
|
page read and write
|
||
|
F714E7E000
|
unkown
|
page readonly
|
||
|
29B7000
|
heap
|
page read and write
|
||
|
32E0000
|
heap
|
page read and write
|
||
|
2213066E000
|
heap
|
page read and write
|
||
|
701000
|
heap
|
page read and write
|
||
|
9050000
|
trusted library allocation
|
page read and write
|
||
|
22100000
|
direct allocation
|
page read and write
|
||
|
22135C95000
|
heap
|
page read and write
|
||
|
9090000
|
trusted library allocation
|
page execute and read and write
|
||
|
8A70000
|
trusted library allocation
|
page execute and read and write
|
||
|
F71527E000
|
stack
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
8BA6000
|
heap
|
page read and write
|
||
|
71B000
|
heap
|
page read and write
|
||
|
4FA0000
|
heap
|
page read and write
|
||
|
BF8C000
|
direct allocation
|
page execute and read and write
|
||
|
729000
|
heap
|
page read and write
|
||
|
50D0000
|
trusted library allocation
|
page read and write
|
||
|
732000
|
heap
|
page read and write
|
||
|
30B6000
|
heap
|
page read and write
|
||
|
89C0000
|
trusted library allocation
|
page read and write
|
||
|
880E000
|
stack
|
page read and write
|
||
|
F714FFE000
|
stack
|
page read and write
|
||
|
502F000
|
stack
|
page read and write
|
||
|
8400000
|
trusted library allocation
|
page read and write
|
||
|
711000
|
heap
|
page read and write
|
||
|
9D90000
|
trusted library allocation
|
page read and write
|
||
|
711000
|
heap
|
page read and write
|
||
|
22131540000
|
trusted library section
|
page readonly
|
||
|
2257D000
|
stack
|
page read and write
|
||
|
6F08000
|
heap
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
F71407E000
|
unkown
|
page readonly
|
||
|
22135C4B000
|
heap
|
page read and write
|
||
|
9E10000
|
trusted library allocation
|
page execute and read and write
|
||
|
58DE000
|
trusted library allocation
|
page read and write
|
||
|
6191000
|
trusted library allocation
|
page read and write
|
||
|
70D000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
226FF000
|
stack
|
page read and write
|
||
|
8350000
|
trusted library allocation
|
page execute and read and write
|
||
|
51F5000
|
trusted library allocation
|
page read and write
|
||
|
8A50000
|
trusted library allocation
|
page read and write
|
||
|
6EF0000
|
heap
|
page read and write
|
||
|
71D000
|
heap
|
page read and write
|
||
|
F71487B000
|
stack
|
page read and write
|
||
|
8950000
|
trusted library allocation
|
page read and write
|
||
|
22135EA0000
|
trusted library allocation
|
page read and write
|
||
|
764C000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
8FAF000
|
trusted library allocation
|
page read and write
|
||
|
22131AC0000
|
trusted library allocation
|
page read and write
|
||
|
701000
|
heap
|
page read and write
|
||
|
8045000
|
trusted library allocation
|
page read and write
|
||
|
8D60000
|
trusted library allocation
|
page execute and read and write
|
||
|
8E30000
|
trusted library allocation
|
page execute and read and write
|
||
|
22810000
|
remote allocation
|
page read and write
|
||
|
7480000
|
direct allocation
|
page read and write
|
||
|
6EE9000
|
heap
|
page read and write
|
||
|
22135D16000
|
heap
|
page read and write
|
||
|
8BB8000
|
heap
|
page read and write
|
||
|
F7150FE000
|
unkown
|
page readonly
|
||
|
3880000
|
trusted library allocation
|
page read and write
|
||
|
770C000
|
heap
|
page read and write
|
||
|
8DE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5130000
|
heap
|
page execute and read and write
|
||
|
58CD000
|
trusted library allocation
|
page read and write
|
||
|
220D0000
|
direct allocation
|
page read and write
|
||
|
6EC9000
|
heap
|
page read and write
|
||
|
DD8C000
|
direct allocation
|
page execute and read and write
|
||
|
9BB0000
|
direct allocation
|
page read and write
|
||
|
61E9000
|
trusted library allocation
|
page read and write
|
||
|
888C000
|
stack
|
page read and write
|
||
|
22130729000
|
heap
|
page read and write
|
||
|
721000
|
heap
|
page read and write
|
||
|
6EC4000
|
heap
|
page read and write
|
||
|
30D0000
|
heap
|
page read and write
|
||
|
22135C20000
|
heap
|
page read and write
|
||
|
F714CFE000
|
unkown
|
page readonly
|
||
|
22810000
|
remote allocation
|
page read and write
|
||
|
61B9000
|
trusted library allocation
|
page read and write
|
||
|
50E0000
|
trusted library allocation
|
page read and write
|
||
|
22110000
|
direct allocation
|
page read and write
|
||
|
80A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
227AF000
|
stack
|
page read and write
|
||
|
288F000
|
stack
|
page read and write
|
||
|
22135D13000
|
heap
|
page read and write
|
||
|
EFD000
|
stack
|
page read and write
|
||
|
275B000
|
stack
|
page read and write
|
||
|
730E000
|
stack
|
page read and write
|
||
|
8DC0000
|
trusted library allocation
|
page read and write
|
||
|
D37000
|
stack
|
page read and write
|
||
|
729000
|
heap
|
page read and write
|
||
|
711000
|
heap
|
page read and write
|
||
|
6EDE000
|
heap
|
page read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
F713D7E000
|
stack
|
page read and write
|
||
|
22130691000
|
heap
|
page read and write
|
||
|
9E00000
|
direct allocation
|
page execute and read and write
|
||
|
22135D1D000
|
heap
|
page read and write
|
||
|
F713F7D000
|
stack
|
page read and write
|
||
|
8A20000
|
trusted library allocation
|
page read and write
|
||
|
8FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8980000
|
trusted library allocation
|
page read and write
|
||
|
8EA0000
|
trusted library allocation
|
page read and write
|
||
|
22135B50000
|
trusted library allocation
|
page read and write
|
||
|
224FE000
|
stack
|
page read and write
|
||
|
7DF0000
|
heap
|
page read and write
|
||
|
3410000
|
heap
|
page read and write
|
||
|
220F0000
|
direct allocation
|
page read and write
|
||
|
31C1000
|
heap
|
page read and write
|
||
|
271C000
|
stack
|
page read and write
|
||
|
71B000
|
heap
|
page read and write
|
||
|
733000
|
heap
|
page read and write
|
||
|
22130000
|
direct allocation
|
page read and write
|
||
|
802E000
|
stack
|
page read and write
|
||
|
733000
|
heap
|
page read and write
|
||
|
90A0000
|
trusted library allocation
|
page read and write
|
||
|
9D80000
|
trusted library allocation
|
page execute and read and write
|
||
|
221306B4000
|
heap
|
page read and write
|
||
|
8A60000
|
trusted library allocation
|
page execute and read and write
|
||
|
61ED000
|
trusted library allocation
|
page read and write
|
||
|
2405000
|
heap
|
page read and write
|
||
|
9B80000
|
direct allocation
|
page read and write
|
||
|
22135CE4000
|
heap
|
page read and write
|
||
|
30B0000
|
heap
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
F71427E000
|
unkown
|
page readonly
|
||
|
3418000
|
heap
|
page read and write
|
||
|
22135EF0000
|
remote allocation
|
page read and write
|
||
|
8D90000
|
trusted library allocation
|
page read and write
|
||
|
22135C50000
|
heap
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
31FB000
|
heap
|
page read and write
|
||
|
8F20000
|
trusted library allocation
|
page read and write
|
||
|
F7146FE000
|
stack
|
page read and write
|
||
|
80B0000
|
trusted library allocation
|
page read and write
|
||
|
9D70000
|
trusted library allocation
|
page read and write
|
||
|
22135C84000
|
heap
|
page read and write
|
||
|
70D000
|
heap
|
page read and write
|
||
|
4F3A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F10000
|
trusted library allocation
|
page read and write
|
||
|
8360000
|
trusted library allocation
|
page read and write
|
||
|
70D000
|
heap
|
page read and write
|
||
|
71B000
|
heap
|
page read and write
|
||
|
50C0000
|
trusted library allocation
|
page read and write
|
||
|
22135CDE000
|
heap
|
page read and write
|
||
|
76A3000
|
heap
|
page read and write
|
||
|
F713C7E000
|
unkown
|
page readonly
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
506C000
|
stack
|
page read and write
|
||
|
221306B0000
|
heap
|
page read and write
|
||
|
6EB8000
|
heap
|
page read and write
|
||
|
8102000
|
heap
|
page read and write
|
||
|
221305E0000
|
trusted library section
|
page read and write
|
||
|
22130650000
|
heap
|
page read and write
|
||
|
71D000
|
heap
|
page read and write
|
||
|
729000
|
heap
|
page read and write
|
||
|
90E0000
|
trusted library allocation
|
page read and write
|
||
|
72CE000
|
stack
|
page read and write
|
||
|
88F0000
|
trusted library allocation
|
page read and write
|
||
|
2213061F000
|
heap
|
page read and write
|
||
|
F713B77000
|
stack
|
page read and write
|
||
|
52E6000
|
trusted library allocation
|
page read and write
|
||
|
22135C2B000
|
heap
|
page read and write
|
||
|
884E000
|
stack
|
page read and write
|
||
|
F714F7E000
|
stack
|
page read and write
|
||
|
7440000
|
direct allocation
|
page read and write
|
||
|
718000
|
heap
|
page read and write
|
||
|
F71437B000
|
stack
|
page read and write
|
||
|
6FE0000
|
heap
|
page read and write
|
||
|
6E90000
|
heap
|
page read and write
|
||
|
729000
|
heap
|
page read and write
|
||
|
2409000
|
heap
|
page read and write
|
||
|
22131680000
|
trusted library allocation
|
page read and write
|
||
|
7193000
|
trusted library allocation
|
page read and write
|
||
|
33D0000
|
heap
|
page read and write
|
||
|
8FA0000
|
trusted library allocation
|
page read and write
|
||
|
308E000
|
unkown
|
page read and write
|
||
|
718000
|
heap
|
page read and write
|
||
|
4F00000
|
trusted library allocation
|
page read and write
|
||
|
22130F02000
|
heap
|
page read and write
|
||
|
8EFE000
|
stack
|
page read and write
|
||
|
4F13000
|
trusted library allocation
|
page execute and read and write
|
||
|
33C7000
|
heap
|
page read and write
|
||
|
37F0000
|
heap
|
page read and write
|
||
|
715000
|
heap
|
page read and write
|
||
|
739000
|
heap
|
page read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
5191000
|
trusted library allocation
|
page read and write
|
||
|
422000
|
unkown
|
page read and write
|
||
|
42E000
|
unkown
|
page read and write
|
||
|
88B0000
|
trusted library allocation
|
page read and write
|
||
|
F7145FE000
|
stack
|
page read and write
|
||
|
22710000
|
heap
|
page read and write
|
||
|
22135B90000
|
trusted library allocation
|
page read and write
|
||
|
29BD000
|
heap
|
page read and write
|
||
|
2213068A000
|
heap
|
page read and write
|
||
|
7630000
|
heap
|
page read and write
|
||
|
83F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F40000
|
trusted library allocation
|
page read and write
|
||
|
22135CD3000
|
heap
|
page read and write
|
||
|
83B6000
|
trusted library allocation
|
page read and write
|
||
|
22135D0A000
|
heap
|
page read and write
|
||
|
6EE9000
|
heap
|
page read and write
|
||
|
F71417B000
|
stack
|
page read and write
|
||
|
61F1000
|
trusted library allocation
|
page read and write
|
||
|
8AD0000
|
trusted library allocation
|
page read and write
|
||
|
6EE9000
|
heap
|
page read and write
|
||
|
4F60000
|
trusted library allocation
|
page read and write
|
||
|
4F88000
|
trusted library allocation
|
page read and write
|
||
|
22130570000
|
heap
|
page read and write
|
||
|
22135E90000
|
trusted library allocation
|
page read and write
|
||
|
ACF000
|
stack
|
page read and write
|
||
|
22135CF8000
|
heap
|
page read and write
|
||
|
22135B30000
|
trusted library allocation
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
6EC2000
|
heap
|
page read and write
|
||
|
31E7000
|
heap
|
page read and write
|
||
|
90B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8D50000
|
trusted library allocation
|
page read and write
|
||
|
8E10000
|
trusted library allocation
|
page execute and read and write
|
||
|
711000
|
heap
|
page read and write
|
||
|
8416000
|
trusted library allocation
|
page read and write
|
||
|
8DB0000
|
trusted library allocation
|
page read and write
|
||
|
8AA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
9C1C000
|
stack
|
page read and write
|
||
|
27F0000
|
heap
|
page read and write
|
||
|
66E000
|
stack
|
page read and write
|
||
|
50AD000
|
stack
|
page read and write
|
||
|
8B30000
|
heap
|
page read and write
|
||
|
8B20000
|
trusted library allocation
|
page read and write
|
||
|
22135E30000
|
trusted library allocation
|
page read and write
|
||
|
3350000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
70D000
|
heap
|
page read and write
|
||
|
22131440000
|
trusted library allocation
|
page read and write
|
||
|
3231000
|
heap
|
page read and write
|
||
|
F71477E000
|
unkown
|
page readonly
|
||
|
F71497E000
|
unkown
|
page readonly
|
||
|
2276E000
|
stack
|
page read and write
|
||
|
62E000
|
stack
|
page read and write
|
||
|
83D5000
|
trusted library allocation
|
page read and write
|
||
|
F715AFE000
|
stack
|
page read and write
|
||
|
71A0000
|
trusted library allocation
|
page read and write
|
||
|
22140000
|
direct allocation
|
page read and write
|
||
|
8047000
|
trusted library allocation
|
page read and write
|
||
|
221306FC000
|
heap
|
page read and write
|
||
|
83A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
89A0000
|
direct allocation
|
page read and write
|
||
|
50F0000
|
trusted library allocation
|
page read and write
|
||
|
F71537E000
|
unkown
|
page readonly
|
||
|
22130E00000
|
heap
|
page read and write
|
||
|
221305D0000
|
trusted library allocation
|
page read and write
|
||
|
22135C57000
|
heap
|
page read and write
|
||
|
89A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
22130F5A000
|
heap
|
page read and write
|
||
|
5864000
|
trusted library allocation
|
page read and write
|
||
|
6C4000
|
heap
|
page read and write
|
||
|
8F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
7672000
|
heap
|
page read and write
|
||
|
5924000
|
trusted library allocation
|
page read and write
|
||
|
6330000
|
trusted library allocation
|
page read and write
|
||
|
4F45000
|
trusted library allocation
|
page execute and read and write
|
||
|
8A90000
|
heap
|
page read and write
|
||
|
83B9000
|
trusted library allocation
|
page read and write
|
||
|
89E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6EBA000
|
heap
|
page read and write
|
||
|
56F6000
|
trusted library allocation
|
page read and write
|
||
|
434000
|
unkown
|
page read and write
|
||
|
4F70000
|
heap
|
page readonly
|
||
|
3177000
|
heap
|
page read and write
|
||
|
2213062F000
|
heap
|
page read and write
|
||
|
58AA000
|
trusted library allocation
|
page read and write
|
||
|
718000
|
heap
|
page read and write
|
||
|
23AF000
|
stack
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
22AE000
|
stack
|
page read and write
|
||
|
8F80000
|
trusted library allocation
|
page read and write
|
||
|
89D0000
|
trusted library allocation
|
page read and write
|
||
|
724E000
|
stack
|
page read and write
|
||
|
22135BC3000
|
trusted library allocation
|
page read and write
|
||
|
22135D21000
|
heap
|
page read and write
|
||
|
22130600000
|
heap
|
page read and write
|
||
|
9DB0000
|
trusted library allocation
|
page read and write
|
||
|
8200000
|
trusted library allocation
|
page read and write
|
||
|
729000
|
heap
|
page read and write
|
||
|
F714D7E000
|
unkown
|
page readonly
|
||
|
6EED000
|
heap
|
page read and write
|
||
|
701000
|
heap
|
page read and write
|
||
|
81F0000
|
trusted library allocation
|
page read and write
|
||
|
316A000
|
heap
|
page read and write
|
||
|
22130E02000
|
heap
|
page read and write
|
||
|
22130667000
|
heap
|
page read and write
|
||
|
2213068F000
|
heap
|
page read and write
|
||
|
22150000
|
direct allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
9DF0000
|
heap
|
page read and write
|
||
|
22160000
|
direct allocation
|
page read and write
|
||
|
6EE6000
|
heap
|
page read and write
|
||
|
F713E7E000
|
unkown
|
page readonly
|
||
|
3148000
|
heap
|
page read and write
|
||
|
7430000
|
direct allocation
|
page read and write
|
||
|
226BE000
|
stack
|
page read and write
|
||
|
6EAC000
|
heap
|
page read and write
|
||
|
70D000
|
heap
|
page read and write
|
||
|
9DD0000
|
trusted library allocation
|
page read and write
|
||
|
88A0000
|
trusted library allocation
|
page read and write
|
||
|
29B2000
|
heap
|
page read and write
|
||
|
90D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
9070000
|
trusted library allocation
|
page read and write
|
||
|
F715B7E000
|
unkown
|
page readonly
|
||
|
8210000
|
heap
|
page execute and read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
28B0000
|
heap
|
page read and write
|
||
|
8960000
|
trusted library allocation
|
page read and write
|
||
|
22130613000
|
heap
|
page read and write
|
||
|
7FEE000
|
stack
|
page read and write
|
||
|
8CF000
|
stack
|
page read and write
|
||
|
22135AD0000
|
trusted library allocation
|
page read and write
|
||
|
225FD000
|
stack
|
page read and write
|
||
|
2400000
|
heap
|
page read and write
|
||
|
F71457E000
|
unkown
|
page readonly
|
||
|
823F000
|
trusted library allocation
|
page read and write
|
||
|
71B0000
|
trusted library allocation
|
page read and write
|
||
|
9E20000
|
trusted library allocation
|
page read and write
|
||
|
CFC000
|
stack
|
page read and write
|
||
|
9AB7000
|
stack
|
page read and write
|
||
|
8040000
|
trusted library allocation
|
page read and write
|
||
|
721000
|
heap
|
page read and write
|
||
|
27D0000
|
heap
|
page read and write
|
||
|
6ED6000
|
heap
|
page read and write
|
||
|
6EFC000
|
heap
|
page read and write
|
||
|
718000
|
heap
|
page read and write
|
||
|
8248000
|
trusted library allocation
|
page read and write
|
||
|
22135D1B000
|
heap
|
page read and write
|
||
|
22135B51000
|
trusted library allocation
|
page read and write
|
||
|
9DC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7644000
|
heap
|
page read and write
|
||
|
3140000
|
heap
|
page read and write
|
||
|
22135EF0000
|
remote allocation
|
page read and write
|
||
|
58BB000
|
trusted library allocation
|
page read and write
|
||
|
225BE000
|
stack
|
page read and write
|
||
|
278E000
|
stack
|
page read and write
|
||
|
22135B50000
|
trusted library allocation
|
page read and write
|
||
|
8AC0000
|
trusted library allocation
|
page read and write
|
||
|
F714B79000
|
stack
|
page read and write
|
||
|
8231000
|
trusted library allocation
|
page read and write
|
||
|
9DA0000
|
trusted library allocation
|
page read and write
|
||
|
7490000
|
direct allocation
|
page read and write
|
||
|
8A80000
|
trusted library allocation
|
page read and write
|
||
|
F71557E000
|
unkown
|
page readonly
|
||
|
320F000
|
heap
|
page read and write
|
||
|
6EF0000
|
heap
|
page read and write
|
||
|
B3C0000
|
direct allocation
|
page execute and read and write
|
||
|
22130702000
|
heap
|
page read and write
|
||
|
8090000
|
trusted library allocation
|
page execute and read and write
|
||
|
9B70000
|
direct allocation
|
page read and write
|
||
|
763C000
|
heap
|
page read and write
|
||
|
29B7000
|
heap
|
page read and write
|
||
|
8F40000
|
trusted library allocation
|
page read and write
|
||
|
F71547C000
|
stack
|
page read and write
|
||
|
6F09000
|
heap
|
page read and write
|
||
|
F71447E000
|
unkown
|
page readonly
|
||
|
33CF000
|
stack
|
page read and write
|
||
|
22131AA1000
|
trusted library allocation
|
page read and write
|
||
|
736000
|
heap
|
page read and write
|
||
|
8E9D000
|
stack
|
page read and write
|
||
|
76FC000
|
heap
|
page read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
6F00000
|
heap
|
page read and write
|
||
|
F714DFE000
|
stack
|
page read and write
|
||
|
8050000
|
trusted library allocation
|
page read and write
|
||
|
221305A0000
|
heap
|
page read and write
|
||
|
71D000
|
heap
|
page read and write
|
||
|
9CF000
|
stack
|
page read and write
|
||
|
8A40000
|
trusted library allocation
|
page read and write
|
||
|
33C0000
|
heap
|
page read and write
|
||
|
8A30000
|
trusted library allocation
|
page read and write
|
||
|
F7134BB000
|
stack
|
page read and write
|
||
|
9CE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
F7149FE000
|
stack
|
page read and write
|
||
|
22130E15000
|
heap
|
page read and write
|
||
|
83B0000
|
trusted library allocation
|
page read and write
|
||
|
90C0000
|
trusted library allocation
|
page read and write
|
||
|
89F0000
|
trusted library allocation
|
page read and write
|
||
|
83BD000
|
trusted library allocation
|
page read and write
|
||
|
22135E80000
|
trusted library allocation
|
page read and write
|
||
|
6EAD000
|
heap
|
page read and write
|
||
|
7470000
|
direct allocation
|
page read and write
|
||
|
22130590000
|
heap
|
page read and write
|
||
|
83C0000
|
trusted library allocation
|
page read and write
|
||
|
22120000
|
direct allocation
|
page read and write
|
||
|
4FE000
|
stack
|
page read and write
|
||
|
734E000
|
stack
|
page read and write
|
||
|
4FA9000
|
heap
|
page read and write
|
||
|
22130F13000
|
heap
|
page read and write
|
||
|
22130F00000
|
heap
|
page read and write
|
||
|
701000
|
heap
|
page read and write
|
||
|
87CE000
|
stack
|
page read and write
|
||
|
C98C000
|
direct allocation
|
page execute and read and write
|
||
|
2263C000
|
stack
|
page read and write
|
||
|
F714BFE000
|
stack
|
page read and write
|
||
|
22135E20000
|
trusted library allocation
|
page read and write
|
||
|
F71467E000
|
unkown
|
page readonly
|
||
|
4F14000
|
trusted library allocation
|
page read and write
|
||
|
721000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
22137000000
|
heap
|
page read and write
|
||
|
3130000
|
trusted library section
|
page read and write
|
||
|
90F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6ED3000
|
heap
|
page read and write
|
||
|
8E20000
|
heap
|
page read and write
|
||
|
8B1B000
|
stack
|
page read and write
|
||
|
2213068C000
|
heap
|
page read and write
|
||
|
7450000
|
direct allocation
|
page read and write
|
||
|
89B0000
|
direct allocation
|
page read and write
|
||
|
8EB0000
|
heap
|
page read and write
|
||
|
2253F000
|
stack
|
page read and write
|
||
|
6EAE000
|
heap
|
page read and write
|
||
|
718000
|
heap
|
page read and write
|
||
|
720E000
|
stack
|
page read and write
|
||
|
6ED3000
|
heap
|
page read and write
|
||
|
8250000
|
trusted library allocation
|
page read and write
|
||
|
9045000
|
trusted library allocation
|
page read and write
|
||
|
711000
|
heap
|
page read and write
|
||
|
8DD0000
|
trusted library allocation
|
page read and write
|
||
|
29B6000
|
heap
|
page read and write
|
||
|
8BCE000
|
heap
|
page read and write
|
||
|
22135B90000
|
trusted library allocation
|
page read and write
|
||
|
8BA9000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
721000
|
heap
|
page read and write
|
||
|
8E00000
|
trusted library allocation
|
page read and write
|
||
|
8FB0000
|
trusted library allocation
|
page read and write
|
||
|
23C0000
|
heap
|
page read and write
|
||
|
8234000
|
trusted library allocation
|
page read and write
|
||
|
8B8C000
|
heap
|
page read and write
|
||
|
B4D000
|
stack
|
page read and write
|
||
|
22130695000
|
heap
|
page read and write
|
||
|
29B6000
|
heap
|
page read and write
|
||
|
220E0000
|
direct allocation
|
page read and write
|
||
|
515000
|
heap
|
page read and write
|
||
|
22135C00000
|
heap
|
page read and write
|
||
|
9060000
|
trusted library allocation
|
page read and write
|
||
|
4FEE000
|
stack
|
page read and write
|
||
|
22135AC0000
|
trusted library allocation
|
page read and write
|
||
|
728E000
|
stack
|
page read and write
|
||
|
701000
|
heap
|
page read and write
|
||
|
F71517E000
|
unkown
|
page readonly
|
||
|
6E97000
|
heap
|
page read and write
|
||
|
7460000
|
direct allocation
|
page read and write
|
||
|
6EDC000
|
heap
|
page read and write
|
||
|
6FD0000
|
heap
|
page readonly
|
||
|
8340000
|
trusted library allocation
|
page read and write
|
||
|
31E3000
|
heap
|
page read and write
|
||
|
28C8000
|
heap
|
page read and write
|
||
|
5135000
|
heap
|
page execute and read and write
|
||
|
9BA0000
|
direct allocation
|
page read and write
|
||
|
9110000
|
trusted library allocation
|
page execute and read and write
|
||
|
8F50000
|
trusted library allocation
|
page read and write
|
||
|
8AB0000
|
trusted library allocation
|
page read and write
|
||
|
6EF0000
|
heap
|
page read and write
|
||
|
72D000
|
heap
|
page read and write
|
||
|
8D40000
|
trusted library allocation
|
page read and write
|
||
|
22135BB2000
|
trusted library allocation
|
page read and write
|
||
|
8D80000
|
trusted library allocation
|
page execute and read and write
|
||
|
29B4000
|
heap
|
page read and write
|
||
|
22130713000
|
heap
|
page read and write
|
||
|
8DA0000
|
trusted library allocation
|
page read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
6EB3000
|
heap
|
page read and write
|
||
|
5898000
|
trusted library allocation
|
page read and write
|
||
|
7EF0000
|
trusted library allocation
|
page read and write
|
||
|
701000
|
heap
|
page read and write
|
||
|
6EDA000
|
heap
|
page read and write
|
||
|
6195000
|
trusted library allocation
|
page read and write
|
||
|
9DE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
449000
|
unkown
|
page readonly
|
||
|
711000
|
heap
|
page read and write
|
||
|
32CE000
|
unkown
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
8A00000
|
trusted library allocation
|
page read and write
|
||
|
83D0000
|
trusted library allocation
|
page read and write
|
||
|
8390000
|
trusted library allocation
|
page read and write
|
||
|
4F20000
|
trusted library allocation
|
page read and write
|
||
|
9057000
|
trusted library allocation
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
9B90000
|
direct allocation
|
page read and write
|
||
|
715000
|
heap
|
page read and write
|
||
|
22130F1A000
|
heap
|
page read and write
|
||
|
9C5C000
|
stack
|
page read and write
|
||
|
221306A1000
|
heap
|
page read and write
|
||
|
8F90000
|
trusted library allocation
|
page read and write
|
||
|
7F9A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8BB1000
|
heap
|
page read and write
|
||
|
F714A7E000
|
unkown
|
page readonly
|
||
|
8A10000
|
trusted library allocation
|
page execute and read and write
|
||
|
71E000
|
heap
|
page read and write
|
||
|
83E0000
|
trusted library allocation
|
page read and write
|
||
|
5875000
|
trusted library allocation
|
page read and write
|
||
|
22130F1A000
|
heap
|
page read and write
|
||
|
30CE000
|
stack
|
page read and write
|
||
|
724000
|
heap
|
page read and write
|
||
|
5901000
|
trusted library allocation
|
page read and write
|
There are 561 hidden memdumps, click here to show them.