Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
ctVXvVgUrO.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\chargeable.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\ctVXvVgUrO.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\ctVXvVgUrO.exe
|
"C:\Users\user\Desktop\ctVXvVgUrO.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
"C:\Users\user\AppData\Roaming\confuse\chargeable.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
|
|
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
C:\Users\user\AppData\Roaming\confuse\chargeable.exe
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\AppData\Roaming\confuse\chargeable.exe" "chargeable.exe" ENABLE
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 2200 -s 80
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
doddyfire.linkpc.net
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
doddyfire.linkpc.net
|
41.249.48.248
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
41.249.48.248
|
doddyfire.linkpc.net
|
Morocco
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
confuse
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
SysMain
|
|
|
|
HKEY_CURRENT_USER
|
di
|
|
|
|
HKEY_CURRENT_USER\Environment
|
SEE_MASK_NOZONECHECKS
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\e1a87040f2026369a233f9ae76301b7b
|
[kl]
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2FF1000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2E51000
|
trusted library allocation
|
page read and write
|
|
|
|
9F5000
|
heap
|
page read and write
|
||
|
FA2000
|
trusted library allocation
|
page execute and read and write
|
||
|
64ED000
|
stack
|
page read and write
|
||
|
4FF8000
|
trusted library allocation
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
9DA000
|
heap
|
page read and write
|
||
|
18CF000
|
stack
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
4E1F000
|
stack
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
1177000
|
trusted library allocation
|
page read and write
|
||
|
3641000
|
trusted library allocation
|
page read and write
|
||
|
5990000
|
heap
|
page read and write
|
||
|
36CE000
|
trusted library allocation
|
page read and write
|
||
|
8D0E000
|
stack
|
page read and write
|
||
|
146E000
|
stack
|
page read and write
|
||
|
4FAC000
|
heap
|
page read and write
|
||
|
1045000
|
heap
|
page read and write
|
||
|
53EE000
|
stack
|
page read and write
|
||
|
9D5000
|
heap
|
page read and write
|
||
|
D69000
|
stack
|
page read and write
|
||
|
A56000
|
heap
|
page read and write
|
||
|
68BE000
|
stack
|
page read and write
|
||
|
7E1F000
|
stack
|
page read and write
|
||
|
4FAE000
|
heap
|
page read and write
|
||
|
18F0000
|
trusted library allocation
|
page read and write
|
||
|
8EE000
|
stack
|
page read and write
|
||
|
FBE000
|
unkown
|
page readonly
|
||
|
9D9000
|
heap
|
page read and write
|
||
|
35C000
|
stack
|
page read and write
|
||
|
1190000
|
trusted library allocation
|
page read and write
|
||
|
4FAC000
|
heap
|
page read and write
|
||
|
F82000
|
trusted library allocation
|
page execute and read and write
|
||
|
A7B000
|
heap
|
page read and write
|
||
|
F8A000
|
trusted library allocation
|
page execute and read and write
|
||
|
A1C000
|
heap
|
page read and write
|
||
|
9CB000
|
heap
|
page read and write
|
||
|
B76000
|
stack
|
page read and write
|
||
|
5780000
|
trusted library allocation
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
89B0000
|
heap
|
page read and write
|
||
|
65EE000
|
stack
|
page read and write
|
||
|
D66000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
524D000
|
stack
|
page read and write
|
||
|
9FB000
|
heap
|
page read and write
|
||
|
6360000
|
heap
|
page read and write
|
||
|
A7E000
|
heap
|
page read and write
|
||
|
A6F000
|
heap
|
page read and write
|
||
|
1973000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
9DA000
|
heap
|
page read and write
|
||
|
A56000
|
heap
|
page read and write
|
||
|
1970000
|
heap
|
page read and write
|
||
|
9F1000
|
heap
|
page read and write
|
||
|
FB7000
|
trusted library allocation
|
page execute and read and write
|
||
|
36D8000
|
trusted library allocation
|
page read and write
|
||
|
A2F000
|
heap
|
page read and write
|
||
|
1420000
|
heap
|
page read and write
|
||
|
13DE000
|
stack
|
page read and write
|
||
|
FBB000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FB7000
|
heap
|
page read and write
|
||
|
503F000
|
stack
|
page read and write
|
||
|
9EC000
|
heap
|
page read and write
|
||
|
1425000
|
heap
|
page read and write
|
||
|
9D1000
|
heap
|
page read and write
|
||
|
662E000
|
stack
|
page read and write
|
||
|
8E8E000
|
stack
|
page read and write
|
||
|
12AC000
|
stack
|
page read and write
|
||
|
594D000
|
stack
|
page read and write
|
||
|
5800000
|
heap
|
page read and write
|
||
|
9C9000
|
heap
|
page read and write
|
||
|
308E000
|
trusted library allocation
|
page read and write
|
||
|
9F5000
|
heap
|
page read and write
|
||
|
5260000
|
heap
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
A0E000
|
heap
|
page read and write
|
||
|
9D5000
|
heap
|
page read and write
|
||
|
C9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
9FB000
|
heap
|
page read and write
|
||
|
677E000
|
stack
|
page read and write
|
||
|
3DC1000
|
trusted library allocation
|
page read and write
|
||
|
1A50000
|
heap
|
page read and write
|
||
|
1356000
|
stack
|
page read and write
|
||
|
5200000
|
trusted library allocation
|
page read and write
|
||
|
4FAF000
|
heap
|
page read and write
|
||
|
D4B000
|
heap
|
page read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
A75000
|
heap
|
page read and write
|
||
|
6FD000
|
stack
|
page read and write
|
||
|
9F8000
|
heap
|
page read and write
|
||
|
6370000
|
heap
|
page read and write
|
||
|
14C0000
|
trusted library allocation
|
page read and write
|
||
|
526C000
|
stack
|
page read and write
|
||
|
F8C000
|
trusted library allocation
|
page execute and read and write
|
||
|
51F0000
|
trusted library allocation
|
page read and write
|
||
|
C8E000
|
unkown
|
page read and write
|
||
|
9F3000
|
heap
|
page read and write
|
||
|
9CC000
|
heap
|
page read and write
|
||
|
9FB000
|
heap
|
page read and write
|
||
|
9FE000
|
heap
|
page read and write
|
||
|
10CE000
|
stack
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
4FB5000
|
heap
|
page read and write
|
||
|
8D4C000
|
stack
|
page read and write
|
||
|
C6A000
|
stack
|
page read and write
|
||
|
9F7000
|
heap
|
page read and write
|
||
|
11A7000
|
trusted library allocation
|
page execute and read and write
|
||
|
9F1000
|
heap
|
page read and write
|
||
|
9F2000
|
heap
|
page read and write
|
||
|
18EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
A0B000
|
heap
|
page read and write
|
||
|
A4F000
|
heap
|
page read and write
|
||
|
5950000
|
trusted library section
|
page readonly
|
||
|
8F4000
|
stack
|
page read and write
|
||
|
A08000
|
heap
|
page read and write
|
||
|
A4F000
|
heap
|
page read and write
|
||
|
F9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
8ACF000
|
stack
|
page read and write
|
||
|
328D000
|
trusted library allocation
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
4700000
|
heap
|
page read and write
|
||
|
A7C000
|
heap
|
page read and write
|
||
|
9FE000
|
heap
|
page read and write
|
||
|
A78000
|
heap
|
page read and write
|
||
|
11C0000
|
trusted library allocation
|
page read and write
|
||
|
17BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
9F9000
|
heap
|
page read and write
|
||
|
11CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
9F4000
|
heap
|
page read and write
|
||
|
9D5000
|
heap
|
page read and write
|
||
|
9F1000
|
heap
|
page read and write
|
||
|
11C2000
|
trusted library allocation
|
page read and write
|
||
|
994000
|
heap
|
page read and write
|
||
|
1170000
|
trusted library allocation
|
page read and write
|
||
|
2A7E000
|
stack
|
page read and write
|
||
|
1190000
|
trusted library allocation
|
page read and write
|
||
|
B79000
|
stack
|
page read and write
|
||
|
1584000
|
heap
|
page read and write
|
||
|
A1C000
|
heap
|
page read and write
|
||
|
5329000
|
stack
|
page read and write
|
||
|
9D7000
|
heap
|
page read and write
|
||
|
9D8000
|
heap
|
page read and write
|
||
|
5223000
|
heap
|
page read and write
|
||
|
5810000
|
heap
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
18D0000
|
trusted library allocation
|
page read and write
|
||
|
A04000
|
heap
|
page read and write
|
||
|
CBE000
|
heap
|
page read and write
|
||
|
A05000
|
heap
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
5390000
|
unclassified section
|
page read and write
|
||
|
A6F000
|
heap
|
page read and write
|
||
|
14D0000
|
heap
|
page read and write
|
||
|
A56000
|
heap
|
page read and write
|
||
|
8BCF000
|
stack
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
9D7000
|
heap
|
page read and write
|
||
|
59F0000
|
heap
|
page read and write
|
||
|
5DB000
|
stack
|
page read and write
|
||
|
A79000
|
heap
|
page read and write
|
||
|
687F000
|
stack
|
page read and write
|
||
|
1400000
|
heap
|
page execute and read and write
|
||
|
9D8000
|
heap
|
page read and write
|
||
|
1192000
|
trusted library allocation
|
page execute and read and write
|
||
|
F92000
|
trusted library allocation
|
page read and write
|
||
|
1018000
|
heap
|
page read and write
|
||
|
13FE000
|
stack
|
page read and write
|
||
|
52EC000
|
stack
|
page read and write
|
||
|
2DC1000
|
trusted library allocation
|
page read and write
|
||
|
179E000
|
stack
|
page read and write
|
||
|
3069000
|
trusted library allocation
|
page read and write
|
||
|
A7A000
|
stack
|
page read and write
|
||
|
1545000
|
heap
|
page read and write
|
||
|
4FB8000
|
heap
|
page read and write
|
||
|
A7E000
|
heap
|
page read and write
|
||
|
4E20000
|
heap
|
page read and write
|
||
|
FFE000
|
stack
|
page read and write
|
||
|
1040000
|
heap
|
page execute and read and write
|
||
|
A2F000
|
heap
|
page read and write
|
||
|
308C000
|
trusted library allocation
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
5B40000
|
heap
|
page read and write
|
||
|
7272000
|
trusted library allocation
|
page read and write
|
||
|
11BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
9FB000
|
heap
|
page read and write
|
||
|
9B4000
|
heap
|
page read and write
|
||
|
9CC000
|
heap
|
page read and write
|
||
|
567B000
|
stack
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
59B0000
|
heap
|
page read and write
|
||
|
4FAC000
|
heap
|
page read and write
|
||
|
18D7000
|
trusted library allocation
|
page execute and read and write
|
||
|
5980000
|
heap
|
page read and write
|
||
|
F80000
|
trusted library allocation
|
page read and write
|
||
|
9F3000
|
heap
|
page read and write
|
||
|
9F9000
|
heap
|
page read and write
|
||
|
10D7000
|
heap
|
page read and write
|
||
|
4FAC000
|
heap
|
page read and write
|
||
|
4790000
|
heap
|
page read and write
|
||
|
4FAE000
|
heap
|
page read and write
|
||
|
A0C000
|
heap
|
page read and write
|
||
|
584B000
|
stack
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
A73000
|
heap
|
page read and write
|
||
|
9F7000
|
heap
|
page read and write
|
||
|
4FA1000
|
heap
|
page read and write
|
||
|
4F33000
|
heap
|
page read and write
|
||
|
4FAC000
|
heap
|
page read and write
|
||
|
1A40000
|
trusted library allocation
|
page execute and read and write
|
||
|
6FDE000
|
stack
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
119A000
|
trusted library allocation
|
page execute and read and write
|
||
|
A04000
|
heap
|
page read and write
|
||
|
11B2000
|
trusted library allocation
|
page execute and read and write
|
||
|
11C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
A78000
|
heap
|
page read and write
|
||
|
1140000
|
heap
|
page execute and read and write
|
||
|
1987000
|
heap
|
page read and write
|
||
|
9C5000
|
heap
|
page read and write
|
||
|
11B0000
|
trusted library allocation
|
page read and write
|
||
|
C92000
|
trusted library allocation
|
page execute and read and write
|
||
|
9D5000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
9A1000
|
heap
|
page read and write
|
||
|
1A30000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
4FA1000
|
heap
|
page read and write
|
||
|
D66000
|
stack
|
page read and write
|
||
|
59D0000
|
heap
|
page read and write
|
||
|
9C5000
|
heap
|
page read and write
|
||
|
59B5000
|
heap
|
page read and write
|
||
|
89C0000
|
trusted library section
|
page read and write
|
||
|
9D4000
|
heap
|
page read and write
|
||
|
7D00000
|
heap
|
page read and write
|
||
|
121E000
|
stack
|
page read and write
|
||
|
17B0000
|
trusted library allocation
|
page read and write
|
||
|
150E000
|
heap
|
page read and write
|
||
|
CCD000
|
stack
|
page read and write
|
||
|
9A1000
|
heap
|
page read and write
|
||
|
9F5000
|
heap
|
page read and write
|
||
|
9EC000
|
heap
|
page read and write
|
||
|
17B2000
|
trusted library allocation
|
page execute and read and write
|
||
|
118A000
|
trusted library allocation
|
page execute and read and write
|
||
|
17C0000
|
heap
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
4FAC000
|
heap
|
page read and write
|
||
|
9FA000
|
heap
|
page read and write
|
||
|
5780000
|
trusted library allocation
|
page execute and read and write
|
||
|
1259000
|
stack
|
page read and write
|
||
|
6F2E000
|
stack
|
page read and write
|
||
|
A1C000
|
heap
|
page read and write
|
||
|
5B4E000
|
heap
|
page read and write
|
||
|
1556000
|
heap
|
page read and write
|
||
|
A7A000
|
heap
|
page read and write
|
||
|
18F7000
|
trusted library allocation
|
page execute and read and write
|
||
|
70DF000
|
stack
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
52AB000
|
stack
|
page read and write
|
||
|
9F5000
|
heap
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
9FD000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
A08000
|
heap
|
page read and write
|
||
|
2E95000
|
trusted library allocation
|
page read and write
|
||
|
8C0E000
|
stack
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
CA5000
|
heap
|
page read and write
|
||
|
11D6000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
9CD000
|
heap
|
page read and write
|
||
|
C80000
|
trusted library allocation
|
page read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
3045000
|
trusted library allocation
|
page read and write
|
||
|
A31000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
17BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FA9000
|
heap
|
page read and write
|
||
|
4D1E000
|
stack
|
page read and write
|
||
|
FA2000
|
unkown
|
page readonly
|
||
|
13E0000
|
trusted library allocation
|
page read and write
|
||
|
14DE000
|
heap
|
page read and write
|
||
|
4F80000
|
heap
|
page read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
9F4000
|
heap
|
page read and write
|
||
|
10AB000
|
heap
|
page read and write
|
||
|
A7E000
|
heap
|
page read and write
|
||
|
5250000
|
heap
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
6E2E000
|
stack
|
page read and write
|
||
|
9CB000
|
heap
|
page read and write
|
||
|
5350000
|
heap
|
page read and write
|
||
|
5210000
|
trusted library allocation
|
page execute and read and write
|
||
|
A56000
|
heap
|
page read and write
|
||
|
11A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
98A000
|
heap
|
page read and write
|
||
|
F7E000
|
stack
|
page read and write
|
||
|
A72000
|
heap
|
page read and write
|
||
|
14DA000
|
heap
|
page read and write
|
||
|
7F370000
|
trusted library allocation
|
page execute and read and write
|
||
|
711E000
|
stack
|
page read and write
|
||
|
A0B000
|
heap
|
page read and write
|
||
|
5090000
|
trusted library section
|
page readonly
|
||
|
715E000
|
stack
|
page read and write
|
||
|
32FE000
|
stack
|
page read and write
|
||
|
4F30000
|
heap
|
page read and write
|
||
|
18DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
A6F000
|
heap
|
page read and write
|
||
|
9F8000
|
heap
|
page read and write
|
||
|
36D1000
|
trusted library allocation
|
page read and write
|
||
|
18E2000
|
trusted library allocation
|
page execute and read and write
|
||
|
9F3000
|
heap
|
page read and write
|
||
|
4EBE000
|
stack
|
page read and write
|
||
|
4FB5000
|
heap
|
page read and write
|
||
|
8E4C000
|
stack
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
B8E000
|
unkown
|
page read and write
|
||
|
508B000
|
stack
|
page read and write
|
||
|
FAA000
|
trusted library allocation
|
page execute and read and write
|
||
|
8F8E000
|
stack
|
page read and write
|
||
|
108C000
|
stack
|
page read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
A0E000
|
heap
|
page read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
5220000
|
heap
|
page read and write
|
||
|
54EE000
|
stack
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
C3E000
|
stack
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
5140000
|
heap
|
page read and write
|
||
|
11AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
8FB000
|
stack
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
6470000
|
trusted library allocation
|
page read and write
|
||
|
A0B000
|
heap
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
A2F000
|
heap
|
page read and write
|
||
|
D22000
|
heap
|
page read and write
|
||
|
9F1000
|
heap
|
page read and write
|
||
|
17A2000
|
trusted library allocation
|
page execute and read and write
|
||
|
577E000
|
stack
|
page read and write
|
||
|
9EC000
|
heap
|
page read and write
|
||
|
9D7000
|
heap
|
page read and write
|
||
|
18FB000
|
trusted library allocation
|
page execute and read and write
|
||
|
307A000
|
trusted library allocation
|
page read and write
|
||
|
30AF000
|
trusted library allocation
|
page read and write
|
||
|
A0E000
|
heap
|
page read and write
|
||
|
5830000
|
heap
|
page read and write
|
||
|
A2F000
|
heap
|
page read and write
|
||
|
1359000
|
stack
|
page read and write
|
||
|
5145000
|
heap
|
page read and write
|
||
|
D26000
|
heap
|
page read and write
|
||
|
59C0000
|
heap
|
page read and write
|
||
|
4FB6000
|
heap
|
page read and write
|
||
|
9EE000
|
heap
|
page read and write
|
||
|
975000
|
heap
|
page read and write
|
||
|
CEE000
|
heap
|
page read and write
|
||
|
18D2000
|
trusted library allocation
|
page read and write
|
||
|
9F7000
|
heap
|
page read and write
|
||
|
E6E000
|
stack
|
page read and write
|
||
|
A0B000
|
heap
|
page read and write
|
||
|
1182000
|
trusted library allocation
|
page execute and read and write
|
||
|
17AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
A6F000
|
heap
|
page read and write
|
||
|
672E000
|
stack
|
page read and write
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
193E000
|
stack
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
1541000
|
heap
|
page read and write
|
||
|
13F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
9F9000
|
heap
|
page read and write
|
||
|
3FF1000
|
trusted library allocation
|
page read and write
|
||
|
4641000
|
trusted library allocation
|
page read and write
|
||
|
6970000
|
trusted library allocation
|
page execute and read and write
|
||
|
518E000
|
stack
|
page read and write
|
||
|
2E4E000
|
trusted library allocation
|
page read and write
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
59A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
A08000
|
heap
|
page read and write
|
||
|
9A1000
|
heap
|
page read and write
|
||
|
9F5000
|
heap
|
page read and write
|
||
|
1074000
|
heap
|
page read and write
|
||
|
9C5000
|
heap
|
page read and write
|
||
|
18F2000
|
trusted library allocation
|
page read and write
|
||
|
CB9000
|
heap
|
page read and write
|
||
|
1980000
|
heap
|
page read and write
|
||
|
9D7000
|
heap
|
page read and write
|
||
|
4FA2000
|
heap
|
page read and write
|
||
|
EE5000
|
heap
|
page read and write
|
||
|
F97000
|
trusted library allocation
|
page execute and read and write
|
||
|
FA0000
|
unkown
|
page readonly
|
There are 389 hidden memdumps, click here to show them.