Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
file.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_file.exe_ae7d64117abde393135f60f3ce12271aaf02d_15d7fe2e_da9ee3a9-7ff8-4221-a127-8599a91af210\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA371.tmp.dmp
|
Mini DuMP crash report, 15 streams, Fri Mar 29 14:35:52 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA4DA.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA529.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RegAsm.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 6108 -s 980
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
5.42.65.0:29587
|
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Text
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/sct
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/sc/dk
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
http://tempuri.org/Entity/Id14ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id23ResponseD
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#HexBinary
|
unknown
|
||
|
http://tempuri.org/Entity/Id12Response
|
unknown
|
||
|
http://tempuri.org/
|
unknown
|
||
|
http://tempuri.org/Entity/Id2Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/dk/p_sha1
|
unknown
|
||
|
http://tempuri.org/Entity/Id21Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/2005/02/trust/spnego#GSS_Wrap
|
unknown
|
||
|
http://tempuri.org/Entity/Id9
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID
|
unknown
|
||
|
http://tempuri.org/Entity/Id8
|
unknown
|
||
|
http://tempuri.org/Entity/Id6ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id5
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Prepare
|
unknown
|
||
|
http://tempuri.org/Entity/Id4
|
unknown
|
||
|
http://tempuri.org/Entity/Id7
|
unknown
|
||
|
http://tempuri.org/Entity/Id6
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust#BinarySecret
|
unknown
|
||
|
http://tempuri.org/Entity/Id19Response
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-rel-token-profile-1.0.pdf#license
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Aborted
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/TerminateSequence
|
unknown
|
||
|
http://tempuri.org/Entity/Id13ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/fault
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey
|
unknown
|
||
|
http://tempuri.org/Entity/Id15Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id5ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Renew
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/Register
|
unknown
|
||
|
http://tempuri.org/Entity/Id6Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/SymmetricKey
|
unknown
|
||
|
https://api.ip.sb/ip
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/sc
|
unknown
|
||
|
http://tempuri.org/Entity/Id1ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Volatile2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id9Response
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://tempuri.org/Entity/Id20
|
unknown
|
||
|
http://tempuri.org/Entity/Id21
|
unknown
|
||
|
http://tempuri.org/Entity/Id22
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#Kerberosv5APREQSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id23
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/CK/PSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id24
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/Issue
|
unknown
|
||
|
http://tempuri.org/Entity/Id24Response
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
http://tempuri.org/Entity/Id1Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/AckRequested
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/ReadOnly
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Replay
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Durable2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/SymmetricKey
|
unknown
|
||
|
http://tempuri.org/Entity/Id21ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Completion
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust
|
unknown
|
||
|
http://tempuri.org/Entity/Id10
|
unknown
|
||
|
http://tempuri.org/Entity/Id11
|
unknown
|
||
|
http://tempuri.org/Entity/Id10ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id12
|
unknown
|
||
|
http://tempuri.org/Entity/Id16Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContextResponse
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id13
|
unknown
|
||
|
http://tempuri.org/Entity/Id14
|
unknown
|
||
|
http://tempuri.org/Entity/Id15
|
unknown
|
||
|
http://tempuri.org/Entity/Id16
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Nonce
|
unknown
|
||
|
http://tempuri.org/Entity/Id17
|
unknown
|
||
|
http://tempuri.org/Entity/Id18
|
unknown
|
||
|
http://tempuri.org/Entity/Id5Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id19
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dns
|
unknown
|
||
|
http://tempuri.org/Entity/Id15ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id10Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Renew
|
unknown
|
||
|
http://tempuri.org/Entity/Id11ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id8Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/PublicKey
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/SCT
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2006/02/addressingidentity
|
unknown
|
||
|
http://tempuri.org/Entity/Id17ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
There are 90 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
5.42.65.0
|
unknown
|
Russian Federation
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
||
|
\REGISTRY\A\{5a62fa54-30b9-191d-c396-6ce906b8daa2}\Root\InventoryApplicationFile\file.exe|ff8e65d6b06db8e5
|
ProgramId
|
||
|
\REGISTRY\A\{5a62fa54-30b9-191d-c396-6ce906b8daa2}\Root\InventoryApplicationFile\file.exe|ff8e65d6b06db8e5
|
FileId
|
||
|
\REGISTRY\A\{5a62fa54-30b9-191d-c396-6ce906b8daa2}\Root\InventoryApplicationFile\file.exe|ff8e65d6b06db8e5
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{5a62fa54-30b9-191d-c396-6ce906b8daa2}\Root\InventoryApplicationFile\file.exe|ff8e65d6b06db8e5
|
LongPathHash
|
||
|
\REGISTRY\A\{5a62fa54-30b9-191d-c396-6ce906b8daa2}\Root\InventoryApplicationFile\file.exe|ff8e65d6b06db8e5
|
Name
|
||
|
\REGISTRY\A\{5a62fa54-30b9-191d-c396-6ce906b8daa2}\Root\InventoryApplicationFile\file.exe|ff8e65d6b06db8e5
|
OriginalFileName
|
||
|
\REGISTRY\A\{5a62fa54-30b9-191d-c396-6ce906b8daa2}\Root\InventoryApplicationFile\file.exe|ff8e65d6b06db8e5
|
Publisher
|
||
|
\REGISTRY\A\{5a62fa54-30b9-191d-c396-6ce906b8daa2}\Root\InventoryApplicationFile\file.exe|ff8e65d6b06db8e5
|
Version
|
||
|
\REGISTRY\A\{5a62fa54-30b9-191d-c396-6ce906b8daa2}\Root\InventoryApplicationFile\file.exe|ff8e65d6b06db8e5
|
BinFileVersion
|
||
|
\REGISTRY\A\{5a62fa54-30b9-191d-c396-6ce906b8daa2}\Root\InventoryApplicationFile\file.exe|ff8e65d6b06db8e5
|
BinaryType
|
||
|
\REGISTRY\A\{5a62fa54-30b9-191d-c396-6ce906b8daa2}\Root\InventoryApplicationFile\file.exe|ff8e65d6b06db8e5
|
ProductName
|
||
|
\REGISTRY\A\{5a62fa54-30b9-191d-c396-6ce906b8daa2}\Root\InventoryApplicationFile\file.exe|ff8e65d6b06db8e5
|
ProductVersion
|
||
|
\REGISTRY\A\{5a62fa54-30b9-191d-c396-6ce906b8daa2}\Root\InventoryApplicationFile\file.exe|ff8e65d6b06db8e5
|
LinkDate
|
||
|
\REGISTRY\A\{5a62fa54-30b9-191d-c396-6ce906b8daa2}\Root\InventoryApplicationFile\file.exe|ff8e65d6b06db8e5
|
BinProductVersion
|
||
|
\REGISTRY\A\{5a62fa54-30b9-191d-c396-6ce906b8daa2}\Root\InventoryApplicationFile\file.exe|ff8e65d6b06db8e5
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{5a62fa54-30b9-191d-c396-6ce906b8daa2}\Root\InventoryApplicationFile\file.exe|ff8e65d6b06db8e5
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{5a62fa54-30b9-191d-c396-6ce906b8daa2}\Root\InventoryApplicationFile\file.exe|ff8e65d6b06db8e5
|
Size
|
||
|
\REGISTRY\A\{5a62fa54-30b9-191d-c396-6ce906b8daa2}\Root\InventoryApplicationFile\file.exe|ff8e65d6b06db8e5
|
Language
|
||
|
\REGISTRY\A\{5a62fa54-30b9-191d-c396-6ce906b8daa2}\Root\InventoryApplicationFile\file.exe|ff8e65d6b06db8e5
|
Usn
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
ClockTimeSeconds
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
TickCount
|
There are 16 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2954000
|
trusted library allocation
|
page read and write
|
|
|
|
3D05000
|
trusted library allocation
|
page read and write
|
|
|
|
F08000
|
heap
|
page read and write
|
||
|
2DF1000
|
trusted library allocation
|
page read and write
|
||
|
2610000
|
trusted library allocation
|
page read and write
|
||
|
6E20000
|
trusted library allocation
|
page execute and read and write
|
||
|
3B34000
|
trusted library allocation
|
page read and write
|
||
|
2AD2000
|
trusted library allocation
|
page read and write
|
||
|
6C4E000
|
stack
|
page read and write
|
||
|
6E10000
|
trusted library allocation
|
page read and write
|
||
|
6886000
|
heap
|
page read and write
|
||
|
2FCD000
|
trusted library allocation
|
page read and write
|
||
|
3911000
|
trusted library allocation
|
page read and write
|
||
|
5982000
|
heap
|
page read and write
|
||
|
6B30000
|
trusted library allocation
|
page read and write
|
||
|
5A2E000
|
heap
|
page read and write
|
||
|
2BD3000
|
trusted library allocation
|
page read and write
|
||
|
3B3F000
|
trusted library allocation
|
page read and write
|
||
|
2612000
|
trusted library allocation
|
page read and write
|
||
|
732E000
|
stack
|
page read and write
|
||
|
2606000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E4B000
|
trusted library allocation
|
page read and write
|
||
|
3A57000
|
trusted library allocation
|
page read and write
|
||
|
3991000
|
trusted library allocation
|
page read and write
|
||
|
3A03000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
5170000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F45000
|
trusted library allocation
|
page read and write
|
||
|
50D0000
|
trusted library allocation
|
page read and write
|
||
|
8F7000
|
stack
|
page read and write
|
||
|
71EE000
|
stack
|
page read and write
|
||
|
3937000
|
trusted library allocation
|
page read and write
|
||
|
2B8E000
|
trusted library allocation
|
page read and write
|
||
|
2617000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A9F000
|
trusted library allocation
|
page read and write
|
||
|
5040000
|
trusted library allocation
|
page read and write
|
||
|
393D000
|
trusted library allocation
|
page read and write
|
||
|
59F0000
|
heap
|
page read and write
|
||
|
9B5000
|
heap
|
page read and write
|
||
|
E5D000
|
stack
|
page read and write
|
||
|
2A6C000
|
trusted library allocation
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
666C000
|
stack
|
page read and write
|
||
|
2C13000
|
trusted library allocation
|
page read and write
|
||
|
4D2D000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
3B1B000
|
trusted library allocation
|
page read and write
|
||
|
6EAE000
|
stack
|
page read and write
|
||
|
6DFE000
|
stack
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
39E5000
|
trusted library allocation
|
page read and write
|
||
|
2D5A000
|
trusted library allocation
|
page read and write
|
||
|
2F2C000
|
trusted library allocation
|
page read and write
|
||
|
5011000
|
trusted library allocation
|
page read and write
|
||
|
EBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E5A000
|
trusted library allocation
|
page read and write
|
||
|
5050000
|
trusted library allocation
|
page read and write
|
||
|
BFE000
|
heap
|
page read and write
|
||
|
5F30000
|
trusted library allocation
|
page read and write
|
||
|
EF7000
|
trusted library allocation
|
page execute and read and write
|
||
|
6AFA000
|
trusted library allocation
|
page read and write
|
||
|
5140000
|
trusted library allocation
|
page execute and read and write
|
||
|
59C4000
|
heap
|
page read and write
|
||
|
5F34000
|
trusted library allocation
|
page read and write
|
||
|
2F88000
|
trusted library allocation
|
page read and write
|
||
|
2EF3000
|
trusted library allocation
|
page read and write
|
||
|
5016000
|
trusted library allocation
|
page read and write
|
||
|
3AB7000
|
trusted library allocation
|
page read and write
|
||
|
2BE6000
|
trusted library allocation
|
page read and write
|
||
|
1160000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A63000
|
trusted library allocation
|
page read and write
|
||
|
3A73000
|
trusted library allocation
|
page read and write
|
||
|
502E000
|
trusted library allocation
|
page read and write
|
||
|
59B5000
|
heap
|
page read and write
|
||
|
4DFE000
|
stack
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
68A9000
|
heap
|
page read and write
|
||
|
2B5F000
|
trusted library allocation
|
page read and write
|
||
|
E1E000
|
stack
|
page read and write
|
||
|
25EE000
|
stack
|
page read and write
|
||
|
98C000
|
stack
|
page read and write
|
||
|
2C11000
|
trusted library allocation
|
page read and write
|
||
|
DC3000
|
trusted library allocation
|
page execute and read and write
|
||
|
B20000
|
trusted library allocation
|
page read and write
|
||
|
39EF000
|
trusted library allocation
|
page read and write
|
||
|
2C9B000
|
trusted library allocation
|
page read and write
|
||
|
5A24000
|
heap
|
page read and write
|
||
|
50C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1110000
|
trusted library allocation
|
page read and write
|
||
|
6B40000
|
heap
|
page read and write
|
||
|
3D01000
|
trusted library allocation
|
page read and write
|
||
|
3A86000
|
trusted library allocation
|
page read and write
|
||
|
3B5D000
|
trusted library allocation
|
page read and write
|
||
|
3A70000
|
trusted library allocation
|
page read and write
|
||
|
5070000
|
trusted library allocation
|
page read and write
|
||
|
3AF4000
|
trusted library allocation
|
page read and write
|
||
|
2A76000
|
trusted library allocation
|
page read and write
|
||
|
2CE7000
|
trusted library allocation
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
6AA9000
|
trusted library allocation
|
page read and write
|
||
|
68B5000
|
heap
|
page read and write
|
||
|
2E5E000
|
trusted library allocation
|
page read and write
|
||
|
55EE000
|
stack
|
page read and write
|
||
|
4E50000
|
heap
|
page execute and read and write
|
||
|
5000000
|
trusted library allocation
|
page read and write
|
||
|
2AC4000
|
trusted library allocation
|
page read and write
|
||
|
2E34000
|
trusted library allocation
|
page read and write
|
||
|
2D41000
|
trusted library allocation
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
722E000
|
stack
|
page read and write
|
||
|
2A84000
|
trusted library allocation
|
page read and write
|
||
|
6AD9000
|
trusted library allocation
|
page read and write
|
||
|
3AA6000
|
trusted library allocation
|
page read and write
|
||
|
2ABA000
|
trusted library allocation
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
3A52000
|
trusted library allocation
|
page read and write
|
||
|
2615000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AB8000
|
trusted library allocation
|
page read and write
|
||
|
6E6E000
|
stack
|
page read and write
|
||
|
59D5000
|
heap
|
page read and write
|
||
|
3AE8000
|
trusted library allocation
|
page read and write
|
||
|
2FC2000
|
trusted library allocation
|
page read and write
|
||
|
2F22000
|
trusted library allocation
|
page read and write
|
||
|
3A94000
|
trusted library allocation
|
page read and write
|
||
|
6AEA000
|
trusted library allocation
|
page read and write
|
||
|
3999000
|
trusted library allocation
|
page read and write
|
||
|
260A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D60000
|
trusted library allocation
|
page read and write
|
||
|
5930000
|
heap
|
page read and write
|
||
|
59DE000
|
heap
|
page read and write
|
||
|
3B37000
|
trusted library allocation
|
page read and write
|
||
|
B0D000
|
stack
|
page read and write
|
||
|
5D70000
|
trusted library allocation
|
page read and write
|
||
|
2C82000
|
trusted library allocation
|
page read and write
|
||
|
3B22000
|
trusted library allocation
|
page read and write
|
||
|
50F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7B50000
|
heap
|
page read and write
|
||
|
ED4000
|
trusted library allocation
|
page read and write
|
||
|
EA0000
|
trusted library allocation
|
page read and write
|
||
|
5DA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C2B000
|
trusted library allocation
|
page read and write
|
||
|
2E42000
|
trusted library allocation
|
page read and write
|
||
|
F3F000
|
heap
|
page read and write
|
||
|
2A68000
|
trusted library allocation
|
page read and write
|
||
|
2C44000
|
trusted library allocation
|
page read and write
|
||
|
5A2C000
|
heap
|
page read and write
|
||
|
4D40000
|
trusted library allocation
|
page read and write
|
||
|
2708000
|
trusted library allocation
|
page read and write
|
||
|
67AD000
|
stack
|
page read and write
|
||
|
3C73000
|
trusted library allocation
|
page read and write
|
||
|
5DEC000
|
stack
|
page read and write
|
||
|
F42000
|
heap
|
page read and write
|
||
|
6AF5000
|
trusted library allocation
|
page read and write
|
||
|
6AA0000
|
trusted library allocation
|
page read and write
|
||
|
2B36000
|
trusted library allocation
|
page read and write
|
||
|
5190000
|
trusted library allocation
|
page read and write
|
||
|
39E0000
|
trusted library allocation
|
page read and write
|
||
|
6911000
|
heap
|
page read and write
|
||
|
535E000
|
stack
|
page read and write
|
||
|
6AAB000
|
trusted library allocation
|
page read and write
|
||
|
2A16000
|
trusted library allocation
|
page read and write
|
||
|
3C7E000
|
trusted library allocation
|
page read and write
|
||
|
2DA6000
|
trusted library allocation
|
page read and write
|
||
|
4D32000
|
trusted library allocation
|
page read and write
|
||
|
39D9000
|
trusted library allocation
|
page read and write
|
||
|
6EF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
54AE000
|
stack
|
page read and write
|
||
|
2D06000
|
trusted library allocation
|
page read and write
|
||
|
B71000
|
heap
|
page read and write
|
||
|
F2B000
|
heap
|
page read and write
|
||
|
2C90000
|
trusted library allocation
|
page read and write
|
||
|
DC0000
|
trusted library allocation
|
page read and write
|
||
|
38FC000
|
trusted library allocation
|
page read and write
|
||
|
3919000
|
trusted library allocation
|
page read and write
|
||
|
2AE0000
|
trusted library allocation
|
page read and write
|
||
|
66AE000
|
stack
|
page read and write
|
||
|
ED0000
|
trusted library allocation
|
page read and write
|
||
|
3ACF000
|
trusted library allocation
|
page read and write
|
||
|
2E55000
|
trusted library allocation
|
page read and write
|
||
|
2C4C000
|
trusted library allocation
|
page read and write
|
||
|
25FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3AC4000
|
trusted library allocation
|
page read and write
|
||
|
67F0000
|
trusted library allocation
|
page read and write
|
||
|
736E000
|
stack
|
page read and write
|
||
|
3AC1000
|
trusted library allocation
|
page read and write
|
||
|
2B57000
|
trusted library allocation
|
page read and write
|
||
|
2D66000
|
trusted library allocation
|
page read and write
|
||
|
5A0C000
|
heap
|
page read and write
|
||
|
26C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
38CF000
|
trusted library allocation
|
page read and write
|
||
|
2BDE000
|
stack
|
page read and write
|
||
|
6859000
|
heap
|
page read and write
|
||
|
4DC3000
|
heap
|
page read and write
|
||
|
EB4000
|
trusted library allocation
|
page read and write
|
||
|
2CA9000
|
trusted library allocation
|
page read and write
|
||
|
F47000
|
heap
|
page read and write
|
||
|
2E2A000
|
trusted library allocation
|
page read and write
|
||
|
3B31000
|
trusted library allocation
|
page read and write
|
||
|
39C9000
|
trusted library allocation
|
page read and write
|
||
|
2CED000
|
trusted library allocation
|
page read and write
|
||
|
ACE000
|
stack
|
page read and write
|
||
|
59BF000
|
heap
|
page read and write
|
||
|
4D80000
|
trusted library allocation
|
page read and write
|
||
|
39C4000
|
trusted library allocation
|
page read and write
|
||
|
3C69000
|
trusted library allocation
|
page read and write
|
||
|
6AAF000
|
trusted library allocation
|
page read and write
|
||
|
398E000
|
trusted library allocation
|
page read and write
|
||
|
6C50000
|
heap
|
page read and write
|
||
|
5C6E000
|
stack
|
page read and write
|
||
|
2B33000
|
trusted library allocation
|
page read and write
|
||
|
4D50000
|
trusted library allocation
|
page read and write
|
||
|
3B27000
|
trusted library allocation
|
page read and write
|
||
|
4E00000
|
trusted library allocation
|
page read and write
|
||
|
2B3E000
|
trusted library allocation
|
page read and write
|
||
|
DDE000
|
heap
|
page read and write
|
||
|
2C1D000
|
trusted library allocation
|
page read and write
|
||
|
6B04000
|
trusted library allocation
|
page read and write
|
||
|
3B58000
|
trusted library allocation
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
2F37000
|
trusted library allocation
|
page read and write
|
||
|
38E1000
|
trusted library allocation
|
page read and write
|
||
|
2DB8000
|
trusted library allocation
|
page read and write
|
||
|
B64000
|
heap
|
page read and write
|
||
|
2DE1000
|
trusted library allocation
|
page read and write
|
||
|
6AD0000
|
trusted library allocation
|
page read and write
|
||
|
DC4000
|
trusted library allocation
|
page read and write
|
||
|
2C78000
|
trusted library allocation
|
page read and write
|
||
|
67E0000
|
trusted library allocation
|
page read and write
|
||
|
50E0000
|
trusted library allocation
|
page read and write
|
||
|
5140000
|
heap
|
page read and write
|
||
|
6B15000
|
trusted library allocation
|
page read and write
|
||
|
500B000
|
trusted library allocation
|
page read and write
|
||
|
68E4000
|
heap
|
page read and write
|
||
|
24EE000
|
stack
|
page read and write
|
||
|
6875000
|
heap
|
page read and write
|
||
|
3A99000
|
trusted library allocation
|
page read and write
|
||
|
3944000
|
trusted library allocation
|
page read and write
|
||
|
29B8000
|
trusted library allocation
|
page read and write
|
||
|
2B9F000
|
trusted library allocation
|
page read and write
|
||
|
28BE000
|
stack
|
page read and write
|
||
|
55AE000
|
stack
|
page read and write
|
||
|
6A90000
|
trusted library allocation
|
page read and write
|
||
|
2B00000
|
heap
|
page read and write
|
||
|
3B09000
|
trusted library allocation
|
page read and write
|
||
|
4D21000
|
trusted library allocation
|
page read and write
|
||
|
6850000
|
heap
|
page read and write
|
||
|
59E3000
|
heap
|
page read and write
|
||
|
56EE000
|
stack
|
page read and write
|
||
|
2B49000
|
trusted library allocation
|
page read and write
|
||
|
59FE000
|
heap
|
page read and write
|
||
|
3ADA000
|
trusted library allocation
|
page read and write
|
||
|
5C9000
|
stack
|
page read and write
|
||
|
7C50000
|
heap
|
page read and write
|
||
|
3949000
|
trusted library allocation
|
page read and write
|
||
|
4DE0000
|
trusted library allocation
|
page read and write
|
||
|
4D00000
|
trusted library allocation
|
page read and write
|
||
|
6B00000
|
trusted library allocation
|
page read and write
|
||
|
5022000
|
trusted library allocation
|
page read and write
|
||
|
5031000
|
trusted library allocation
|
page read and write
|
||
|
3A4B000
|
trusted library allocation
|
page read and write
|
||
|
7B61000
|
heap
|
page read and write
|
||
|
2A7E000
|
trusted library allocation
|
page read and write
|
||
|
2C85000
|
trusted library allocation
|
page read and write
|
||
|
2BEC000
|
trusted library allocation
|
page read and write
|
||
|
270A000
|
trusted library allocation
|
page read and write
|
||
|
49BB000
|
stack
|
page read and write
|
||
|
435000
|
remote allocation
|
page execute and read and write
|
||
|
6AFF000
|
trusted library allocation
|
page read and write
|
||
|
4E0A000
|
trusted library allocation
|
page read and write
|
||
|
5060000
|
trusted library allocation
|
page read and write
|
||
|
4E06000
|
trusted library allocation
|
page read and write
|
||
|
2A66000
|
trusted library allocation
|
page read and write
|
||
|
261B000
|
trusted library allocation
|
page execute and read and write
|
||
|
6B20000
|
trusted library allocation
|
page read and write
|
||
|
2DCB000
|
trusted library allocation
|
page read and write
|
||
|
4E6E000
|
trusted library allocation
|
page read and write
|
||
|
390B000
|
trusted library allocation
|
page read and write
|
||
|
25F0000
|
trusted library allocation
|
page read and write
|
||
|
5150000
|
trusted library allocation
|
page read and write
|
||
|
4D1E000
|
trusted library allocation
|
page read and write
|
||
|
2B4D000
|
stack
|
page read and write
|
||
|
6AEF000
|
trusted library allocation
|
page read and write
|
||
|
2B24000
|
trusted library allocation
|
page read and write
|
||
|
2F50000
|
trusted library allocation
|
page read and write
|
||
|
2C76000
|
trusted library allocation
|
page read and write
|
||
|
29E3000
|
trusted library allocation
|
page read and write
|
||
|
2DA8000
|
trusted library allocation
|
page read and write
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
C0C000
|
heap
|
page read and write
|
||
|
68BD000
|
heap
|
page read and write
|
||
|
5460000
|
heap
|
page execute and read and write
|
||
|
3AC7000
|
trusted library allocation
|
page read and write
|
||
|
4E20000
|
trusted library allocation
|
page read and write
|
||
|
38C1000
|
trusted library allocation
|
page read and write
|
||
|
2AF0000
|
trusted library allocation
|
page read and write
|
||
|
2B94000
|
trusted library allocation
|
page read and write
|
||
|
115E000
|
stack
|
page read and write
|
||
|
3901000
|
trusted library allocation
|
page read and write
|
||
|
38F0000
|
trusted library allocation
|
page read and write
|
||
|
DD6000
|
heap
|
page read and write
|
||
|
2A6E000
|
trusted library allocation
|
page read and write
|
||
|
F0E000
|
heap
|
page read and write
|
||
|
5D6E000
|
stack
|
page read and write
|
||
|
2CEA000
|
trusted library allocation
|
page read and write
|
||
|
5D80000
|
heap
|
page read and write
|
||
|
390E000
|
trusted library allocation
|
page read and write
|
||
|
543E000
|
stack
|
page read and write
|
||
|
2B26000
|
trusted library allocation
|
page read and write
|
||
|
3AB2000
|
trusted library allocation
|
page read and write
|
||
|
2D0E000
|
trusted library allocation
|
page read and write
|
||
|
F7E000
|
heap
|
page read and write
|
||
|
59CA000
|
heap
|
page read and write
|
||
|
4E30000
|
trusted library allocation
|
page read and write
|
||
|
7B66000
|
heap
|
page read and write
|
||
|
2BE1000
|
trusted library allocation
|
page read and write
|
||
|
3962000
|
trusted library allocation
|
page read and write
|
||
|
26D0000
|
trusted library allocation
|
page read and write
|
||
|
4D0B000
|
trusted library allocation
|
page read and write
|
||
|
4E6B000
|
trusted library allocation
|
page read and write
|
||
|
F79000
|
heap
|
page read and write
|
||
|
3A6D000
|
trusted library allocation
|
page read and write
|
||
|
5B2E000
|
stack
|
page read and write
|
||
|
5180000
|
trusted library allocation
|
page read and write
|
||
|
68D3000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
2C88000
|
trusted library allocation
|
page read and write
|
||
|
2AED000
|
trusted library allocation
|
page read and write
|
||
|
3A5E000
|
trusted library allocation
|
page read and write
|
||
|
4E08000
|
trusted library allocation
|
page read and write
|
||
|
398B000
|
trusted library allocation
|
page read and write
|
||
|
4E41000
|
trusted library allocation
|
page read and write
|
||
|
5160000
|
trusted library allocation
|
page read and write
|
||
|
27A0000
|
trusted library allocation
|
page read and write
|
||
|
5F2E000
|
stack
|
page read and write
|
||
|
2CFE000
|
stack
|
page read and write
|
||
|
39D3000
|
trusted library allocation
|
page read and write
|
||
|
50B0000
|
heap
|
page read and write
|
||
|
4DD0000
|
heap
|
page read and write
|
||
|
68DB000
|
heap
|
page read and write
|
||
|
51C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
892000
|
unkown
|
page readonly
|
||
|
50A0000
|
trusted library allocation
|
page read and write
|
||
|
4D55000
|
trusted library allocation
|
page read and write
|
||
|
2C20000
|
trusted library allocation
|
page read and write
|
||
|
3B0F000
|
trusted library allocation
|
page read and write
|
||
|
696D000
|
heap
|
page read and write
|
||
|
2DC0000
|
trusted library allocation
|
page read and write
|
||
|
4D04000
|
trusted library allocation
|
page read and write
|
||
|
F34000
|
heap
|
page read and write
|
||
|
598D000
|
heap
|
page read and write
|
||
|
531E000
|
stack
|
page read and write
|
||
|
3A7B000
|
trusted library allocation
|
page read and write
|
||
|
3B16000
|
trusted library allocation
|
page read and write
|
||
|
39B2000
|
trusted library allocation
|
page read and write
|
||
|
503A000
|
trusted library allocation
|
page read and write
|
||
|
2F57000
|
trusted library allocation
|
page read and write
|
||
|
2602000
|
trusted library allocation
|
page read and write
|
||
|
8F4000
|
unkown
|
page readonly
|
||
|
26E0000
|
trusted library allocation
|
page read and write
|
||
|
4D26000
|
trusted library allocation
|
page read and write
|
||
|
B3B000
|
heap
|
page read and write
|
||
|
5150000
|
heap
|
page read and write
|
||
|
5EEC000
|
stack
|
page read and write
|
||
|
2FDB000
|
trusted library allocation
|
page read and write
|
||
|
3950000
|
trusted library allocation
|
page read and write
|
||
|
2BC6000
|
trusted library allocation
|
page read and write
|
||
|
6E00000
|
trusted library allocation
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
29F3000
|
trusted library allocation
|
page read and write
|
||
|
2A81000
|
trusted library allocation
|
page read and write
|
||
|
38E9000
|
trusted library allocation
|
page read and write
|
||
|
2AF5000
|
trusted library allocation
|
page read and write
|
||
|
CFA000
|
stack
|
page read and write
|
||
|
39D0000
|
trusted library allocation
|
page read and write
|
||
|
6863000
|
heap
|
page read and write
|
||
|
2630000
|
trusted library allocation
|
page read and write
|
||
|
38F5000
|
trusted library allocation
|
page read and write
|
||
|
2A60000
|
trusted library allocation
|
page read and write
|
||
|
28C1000
|
trusted library allocation
|
page read and write
|
||
|
6DBE000
|
stack
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
2E8C000
|
trusted library allocation
|
page read and write
|
||
|
3AAB000
|
trusted library allocation
|
page read and write
|
||
|
746E000
|
stack
|
page read and write
|
||
|
2D01000
|
trusted library allocation
|
page read and write
|
||
|
2CF5000
|
trusted library allocation
|
page read and write
|
||
|
39EC000
|
trusted library allocation
|
page read and write
|
||
|
6AD2000
|
trusted library allocation
|
page read and write
|
||
|
2D05000
|
trusted library allocation
|
page execute and read and write
|
||
|
67C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
39BD000
|
trusted library allocation
|
page read and write
|
||
|
27B0000
|
heap
|
page read and write
|
||
|
2FB8000
|
trusted library allocation
|
page read and write
|
||
|
2ACA000
|
trusted library allocation
|
page read and write
|
||
|
2CDC000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
heap
|
page execute and read and write
|
||
|
EB3000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A18000
|
heap
|
page read and write
|
||
|
2DB5000
|
trusted library allocation
|
page read and write
|
||
|
4DC0000
|
heap
|
page read and write
|
||
|
2D52000
|
trusted library allocation
|
page read and write
|
||
|
444000
|
remote allocation
|
page execute and read and write
|
||
|
4DF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
267E000
|
stack
|
page read and write
|
||
|
2B99000
|
trusted library allocation
|
page read and write
|
||
|
4E65000
|
trusted library allocation
|
page read and write
|
||
|
2D16000
|
trusted library allocation
|
page read and write
|
||
|
2AE3000
|
trusted library allocation
|
page read and write
|
||
|
26BC000
|
stack
|
page read and write
|
||
|
26F0000
|
heap
|
page execute and read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
2CB1000
|
trusted library allocation
|
page read and write
|
||
|
4E53000
|
heap
|
page execute and read and write
|
||
|
39A4000
|
trusted library allocation
|
page read and write
|
||
|
4E60000
|
trusted library allocation
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
5A10000
|
heap
|
page read and write
|
||
|
6D50000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D01000
|
trusted library allocation
|
page read and write
|
||
|
6924000
|
heap
|
page read and write
|
||
|
6AE8000
|
trusted library allocation
|
page read and write
|
||
|
2C36000
|
trusted library allocation
|
page read and write
|
||
|
EFB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D7B000
|
trusted library allocation
|
page read and write
|
||
|
129F000
|
stack
|
page read and write
|
||
|
E65000
|
heap
|
page read and write
|
||
|
2600000
|
trusted library allocation
|
page read and write
|
||
|
3932000
|
trusted library allocation
|
page read and write
|
||
|
2ADD000
|
trusted library allocation
|
page read and write
|
||
|
2D73000
|
trusted library allocation
|
page read and write
|
||
|
3924000
|
trusted library allocation
|
page read and write
|
||
|
51A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
598F000
|
heap
|
page read and write
|
||
|
2C23000
|
trusted library allocation
|
page read and write
|
||
|
3A45000
|
trusted library allocation
|
page read and write
|
||
|
7F4A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DB2000
|
trusted library allocation
|
page read and write
|
||
|
10FE000
|
stack
|
page read and write
|
||
|
39B7000
|
trusted library allocation
|
page read and write
|
||
|
2A62000
|
trusted library allocation
|
page read and write
|
||
|
59BB000
|
heap
|
page read and write
|
||
|
2DD9000
|
trusted library allocation
|
page read and write
|
||
|
4DE2000
|
trusted library allocation
|
page read and write
|
||
|
2D4C000
|
trusted library allocation
|
page read and write
|
||
|
2D4F000
|
trusted library allocation
|
page read and write
|
||
|
5C2F000
|
stack
|
page read and write
|
||
|
DCD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AC7000
|
trusted library allocation
|
page read and write
|
||
|
6AD5000
|
trusted library allocation
|
page read and write
|
||
|
6A8B000
|
stack
|
page read and write
|
||
|
59F7000
|
heap
|
page read and write
|
||
|
51B0000
|
heap
|
page execute and read and write
|
||
|
6B12000
|
trusted library allocation
|
page read and write
|
||
|
59F4000
|
heap
|
page read and write
|
||
|
6EEF000
|
stack
|
page read and write
|
||
|
C2C000
|
heap
|
page read and write
|
||
|
6B10000
|
trusted library allocation
|
page read and write
|
||
|
890000
|
unkown
|
page readonly
|
There are 452 hidden memdumps, click here to show them.