Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
pcc_installer_9.7.2227.4112+++.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
|
C:\ProgramData\Avanquest\PC Cleaner\logs\2024.04.16_10.34.37_pcc_installer_9.7.2227.4112+++_pid=6504.txt
|
ASCII text, with very long lines (664), with CRLF, LF line terminators
|
dropped
|
||
|
C:\ProgramData\Avanquest\PC Cleaner\settings\current-partner-params
|
JSON data
|
dropped
|
||
|
C:\ProgramData\Avanquest\PC Cleaner\settings\deploy-platform
|
JSON data
|
dropped
|
||
|
C:\ProgramData\Avanquest\PC Cleaner\settings\installation-id
|
JSON data
|
dropped
|
||
|
C:\ProgramData\Avanquest\PC Cleaner\settings\original-partner-params
|
JSON data
|
dropped
|
||
|
C:\ProgramData\Avanquest\PC Cleaner\statistics\unsent-events\2024-04-16T08_36_10_057747
|
JSON data
|
dropped
|
||
|
C:\ProgramData\Avanquest\PC Cleaner\statistics\unsent-events\2024-04-16T08_37_10_297720
|
JSON data
|
dropped
|
||
|
C:\ProgramData\Avanquest\PC Cleaner\statistics\unsent-events\2024-04-16T08_37_40_757746
|
JSON data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\5d06d429-dca2-4a00-a698-747e6e242f0f\sciter.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Avanquest\PC Cleaner\settings\language
|
JSON data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\pcc_installer_9.7.2227.4112+++.exe
|
"C:\Users\user\Desktop\pcc_installer_9.7.2227.4112+++.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://crl.entrust.net/g2ca.crl0
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
https://partner-tracking.lavasoft.com/api/trackingc6c53987-bc57-4c76-902d-b4816fc590f2
|
unknown
|
||
|
http://ocsp.entrust.net02
|
unknown
|
||
|
http://ocsp.entrust.net01
|
unknown
|
||
|
http://ocsp.entrust.net00
|
unknown
|
||
|
https://store.pchelpsoft.com/clickgate/join.aspx?ref=pchelpsoft.com&ujid=tQ7K0qOn5OA%3D&mkey1=DEFAUL
|
unknown
|
||
|
https://analytic.pchelpsoft.com/api/v1/eventx
|
unknown
|
||
|
https://paygw.adaware.com/redirect/custom/avanquestpccleaner
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0Copyright
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0RobotoThin
|
unknown
|
||
|
http://www.apache.
|
unknown
|
||
|
https://curl.se/docs/hsts.html
|
unknown
|
||
|
https://pc-cleaner-updateservice.adaware.com/pccleanerInstallerKernel::ScenarioDetector::~ScenarioDe
|
unknown
|
||
|
https://stackoverflow.com/a/36
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.066
|
unknown
|
||
|
http://crl.entrust.net/csbr1.crl0
|
unknown
|
||
|
https://geoip.bluebeach-9a0f96b5.northeurope.azurecontainerapps.io/myip
|
unknown
|
||
|
https://stage-inapp.pchelpsoft.com/api/v1/event
|
unknown
|
||
|
https://store.pchelpsoft.com/clickgate/join.aspx?ref=pchelpsoft.com&ujid=tQ7K0qOn5OA%3D
|
unknown
|
||
|
http://aia.entrust.net/evcs2-chain.p7c01
|
unknown
|
||
|
https://stage-inapp.pchelpsoft.com/api/v1/eventBasic
|
unknown
|
||
|
https://store.pchelpsoft.com/clickgate/join.aspx?ref=pchelpsoft.com&ujid=tQ7K0qOn5OA%3Dcheckouthttps
|
unknown
|
||
|
http://www.entrust.net/rpa0
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0RobotoLight
|
unknown
|
||
|
https://store.pchelpsoft.com/clickgate/join.aspx?ref=pchelpsoft.com&ujid=TS3sF3So%2FHA%3D&step=2
|
unknown
|
||
|
http://%s:%d;https=https://%s:%dHTTP/1.0:
|
unknown
|
||
|
https://inapp.pchelpsoft.com/api/v1/event
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
https://curl.se/docs/http-cookies.html
|
unknown
|
||
|
https://analytic.pchelpsoft.com/api/v1/event2
|
unknown
|
||
|
http://www.entrust.net/rpa03
|
unknown
|
||
|
http://www.winimage.com/zLibDllabcdefghijklmnopqrstuvwxyz0123456789
|
unknown
|
||
|
https://geoip.bluebeach-9a0f96b5.northeurope.azurecontainerapps.io/myipverify-peerinstallation-idMod
|
unknown
|
||
|
https://curl.se/docs/alt-svc.html
|
unknown
|
||
|
https://partner-tracking.lavasoft.com/api/tracking
|
unknown
|
||
|
https://bgk-rapi.adaware.com/apihttps://stage-bgk-rapi.adaware.com/api'
|
unknown
|
||
|
https://pc-cleaner-updateservice.adaware.com/pccleaner
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0RobotoBlack
|
unknown
|
||
|
https://analytic.pchelpsoft.com/api/v1/event
|
unknown
|
||
|
http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0RobotoMedium
|
unknown
|
||
|
https://stage-analytic.pchelpsoft.com/api/v1/eventhttps://analytic.pchelpsoft.com/api/v1/eventSessio
|
unknown
|
||
|
http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
|
unknown
|
||
|
https://stage-paygw.adaware.com/redirect/custom/avanquestpccleanerhttps://paygw.adaware.com/redirect
|
unknown
|
||
|
https://cloud.pchelpsoft.com/desktop/pc-cleaner/installSoftware
|
unknown
|
||
|
http://www.winimage.com/zLibDll
|
unknown
|
||
|
https://stage-bgk-rapi.adaware.com/api
|
unknown
|
||
|
https://inapp.pchelpsoft.com/api/v1/eventBasic
|
unknown
|
||
|
https://stage-analytic.pchelpsoft.com/api/v1/event
|
unknown
|
||
|
https://cloud.pchelpsoft.com/desktop/pc-cleaner/install
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0N
|
unknown
|
||
|
http://crl.entrust.net/evcs2.crl0
|
unknown
|
||
|
https://bgk-rapi.adaware.com/api
|
unknown
|
||
|
https://www.entrust.net/rpa0
|
unknown
|
There are 46 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
geoip.bluebeach-9a0f96b5.northeurope.azurecontainerapps.io
|
20.107.212.238
|
||
|
pc-cleaner-updateservice.adaware.com
|
104.16.212.94
|
||
|
analytic.pchelpsoft.com
|
172.67.73.195
|
||
|
partner-tracking.lavasoft.com
|
104.16.148.130
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
20.107.212.238
|
geoip.bluebeach-9a0f96b5.northeurope.azurecontainerapps.io
|
United States
|
||
|
104.16.148.130
|
partner-tracking.lavasoft.com
|
United States
|
||
|
104.16.212.94
|
pc-cleaner-updateservice.adaware.com
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
||
|
172.67.73.195
|
analytic.pchelpsoft.com
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1860000
|
heap
|
page read and write
|
||
|
34A8000
|
heap
|
page read and write
|
||
|
6CA97000
|
unkown
|
page readonly
|
||
|
7043000
|
heap
|
page read and write
|
||
|
9CEF000
|
heap
|
page read and write
|
||
|
3474000
|
heap
|
page read and write
|
||
|
194B000
|
heap
|
page read and write
|
||
|
9900000
|
heap
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
A1AC000
|
heap
|
page read and write
|
||
|
6E20000
|
trusted library allocation
|
page read and write
|
||
|
34D2000
|
heap
|
page read and write
|
||
|
93B6000
|
heap
|
page read and write
|
||
|
34C2000
|
heap
|
page read and write
|
||
|
6E10000
|
trusted library allocation
|
page read and write
|
||
|
3457000
|
heap
|
page read and write
|
||
|
6D10000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
unkown
|
page readonly
|
||
|
9933000
|
heap
|
page read and write
|
||
|
6EE4000
|
heap
|
page read and write
|
||
|
42A6000
|
heap
|
page read and write
|
||
|
6C7E5000
|
unkown
|
page write copy
|
||
|
9CAA000
|
heap
|
page read and write
|
||
|
3468000
|
heap
|
page read and write
|
||
|
A097000
|
heap
|
page read and write
|
||
|
34A5000
|
heap
|
page read and write
|
||
|
1935000
|
heap
|
page read and write
|
||
|
4270000
|
heap
|
page read and write
|
||
|
6CA88000
|
unkown
|
page read and write
|
||
|
3620000
|
remote allocation
|
page read and write
|
||
|
6E10000
|
trusted library allocation
|
page read and write
|
||
|
93B9000
|
heap
|
page read and write
|
||
|
7068000
|
heap
|
page read and write
|
||
|
A1C2000
|
heap
|
page read and write
|
||
|
3468000
|
heap
|
page read and write
|
||
|
6D90000
|
trusted library allocation
|
page read and write
|
||
|
34D4000
|
heap
|
page read and write
|
||
|
A1AA000
|
heap
|
page read and write
|
||
|
6D30000
|
trusted library allocation
|
page read and write
|
||
|
6F2C000
|
stack
|
page read and write
|
||
|
6E20000
|
trusted library allocation
|
page read and write
|
||
|
A087000
|
heap
|
page read and write
|
||
|
34B1000
|
heap
|
page read and write
|
||
|
91EE000
|
stack
|
page read and write
|
||
|
1034000
|
unkown
|
page readonly
|
||
|
6C6A1000
|
unkown
|
page readonly
|
||
|
6E00000
|
trusted library allocation
|
page read and write
|
||
|
1917000
|
heap
|
page read and write
|
||
|
34B8000
|
heap
|
page read and write
|
||
|
3465000
|
heap
|
page read and write
|
||
|
A1F7000
|
heap
|
page read and write
|
||
|
9CB3000
|
heap
|
page read and write
|
||
|
A03E000
|
stack
|
page read and write
|
||
|
3474000
|
heap
|
page read and write
|
||
|
68CE000
|
stack
|
page read and write
|
||
|
6C230000
|
unkown
|
page readonly
|
||
|
6CAA5000
|
unkown
|
page readonly
|
||
|
6E30000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
unkown
|
page readonly
|
||
|
3474000
|
heap
|
page read and write
|
||
|
A208000
|
heap
|
page read and write
|
||
|
7F757000
|
trusted library allocation
|
page execute read
|
||
|
A158000
|
heap
|
page read and write
|
||
|
34AA000
|
heap
|
page read and write
|
||
|
34D4000
|
heap
|
page read and write
|
||
|
4292000
|
heap
|
page read and write
|
||
|
11F6000
|
unkown
|
page read and write
|
||
|
3492000
|
heap
|
page read and write
|
||
|
9F8000
|
stack
|
page read and write
|
||
|
345E000
|
heap
|
page read and write
|
||
|
6E00000
|
trusted library allocation
|
page read and write
|
||
|
6CAC6000
|
unkown
|
page readonly
|
||
|
7059000
|
heap
|
page read and write
|
||
|
92EC000
|
stack
|
page read and write
|
||
|
6D20000
|
trusted library allocation
|
page read and write
|
||
|
A1B3000
|
heap
|
page read and write
|
||
|
A1BE000
|
heap
|
page read and write
|
||
|
34C0000
|
heap
|
page read and write
|
||
|
34C2000
|
heap
|
page read and write
|
||
|
332E000
|
heap
|
page read and write
|
||
|
3C12000
|
heap
|
page read and write
|
||
|
3474000
|
heap
|
page read and write
|
||
|
3472000
|
heap
|
page read and write
|
||
|
11FF000
|
unkown
|
page readonly
|
||
|
7F75E000
|
trusted library allocation
|
page execute read
|
||
|
9495000
|
heap
|
page read and write
|
||
|
34CF000
|
heap
|
page read and write
|
||
|
6EE0000
|
heap
|
page read and write
|
||
|
18EC000
|
heap
|
page read and write
|
||
|
A092000
|
heap
|
page read and write
|
||
|
64CF000
|
stack
|
page read and write
|
||
|
34D4000
|
heap
|
page read and write
|
||
|
348F000
|
heap
|
page read and write
|
||
|
429F000
|
heap
|
page read and write
|
||
|
193E000
|
heap
|
page read and write
|
||
|
3474000
|
heap
|
page read and write
|
||
|
6CAAC000
|
unkown
|
page readonly
|
||
|
34D9000
|
heap
|
page read and write
|
||
|
3474000
|
heap
|
page read and write
|
||
|
9CC6000
|
heap
|
page read and write
|
||
|
348F000
|
heap
|
page read and write
|
||
|
34B4000
|
heap
|
page read and write
|
||
|
348F000
|
heap
|
page read and write
|
||
|
346C000
|
heap
|
page read and write
|
||
|
348F000
|
heap
|
page read and write
|
||
|
176E000
|
heap
|
page read and write
|
||
|
3C27000
|
heap
|
page read and write
|
||
|
A103000
|
heap
|
page read and write
|
||
|
A094000
|
heap
|
page read and write
|
||
|
7F746000
|
trusted library allocation
|
page execute read
|
||
|
674E000
|
stack
|
page read and write
|
||
|
3468000
|
heap
|
page read and write
|
||
|
3464000
|
heap
|
page read and write
|
||
|
3474000
|
heap
|
page read and write
|
||
|
703A000
|
heap
|
page read and write
|
||
|
A0FB000
|
heap
|
page read and write
|
||
|
34C2000
|
heap
|
page read and write
|
||
|
A1BA000
|
heap
|
page read and write
|
||
|
7054000
|
heap
|
page read and write
|
||
|
11FF000
|
unkown
|
page readonly
|
||
|
34A8000
|
heap
|
page read and write
|
||
|
1880000
|
heap
|
page read and write
|
||
|
3443000
|
heap
|
page read and write
|
||
|
A133000
|
heap
|
page read and write
|
||
|
18E5000
|
heap
|
page read and write
|
||
|
638D000
|
stack
|
page read and write
|
||
|
3474000
|
heap
|
page read and write
|
||
|
7060000
|
heap
|
page read and write
|
||
|
3464000
|
heap
|
page read and write
|
||
|
A12C000
|
heap
|
page read and write
|
||
|
18F7000
|
heap
|
page read and write
|
||
|
3420000
|
heap
|
page read and write
|
||
|
9CA1000
|
heap
|
page read and write
|
||
|
A1BC000
|
heap
|
page read and write
|
||
|
6C7E1000
|
unkown
|
page read and write
|
||
|
702F000
|
stack
|
page read and write
|
||
|
664E000
|
stack
|
page read and write
|
||
|
34A4000
|
heap
|
page read and write
|
||
|
4285000
|
heap
|
page read and write
|
||
|
34AE000
|
heap
|
page read and write
|
||
|
1785000
|
heap
|
page read and write
|
||
|
34B4000
|
heap
|
page read and write
|
||
|
CF8000
|
stack
|
page read and write
|
||
|
7F751000
|
trusted library allocation
|
page execute read
|
||
|
3474000
|
heap
|
page read and write
|
||
|
3474000
|
heap
|
page read and write
|
||
|
99B5000
|
heap
|
page read and write
|
||
|
3468000
|
heap
|
page read and write
|
||
|
3474000
|
heap
|
page read and write
|
||
|
A1C0000
|
heap
|
page read and write
|
||
|
9CD0000
|
heap
|
page read and write
|
||
|
7F744000
|
trusted library allocation
|
page execute read
|
||
|
3643000
|
heap
|
page read and write
|
||
|
196C000
|
heap
|
page read and write
|
||
|
DD1000
|
unkown
|
page execute read
|
||
|
34C0000
|
heap
|
page read and write
|
||
|
18F6000
|
heap
|
page read and write
|
||
|
69CF000
|
stack
|
page read and write
|
||
|
34CA000
|
heap
|
page read and write
|
||
|
A090000
|
heap
|
page read and write
|
||
|
9CCB000
|
heap
|
page read and write
|
||
|
3492000
|
heap
|
page read and write
|
||
|
6E00000
|
trusted library allocation
|
page read and write
|
||
|
348F000
|
heap
|
page read and write
|
||
|
A0C9000
|
heap
|
page read and write
|
||
|
A082000
|
heap
|
page read and write
|
||
|
9CFC000
|
heap
|
page read and write
|
||
|
191C000
|
heap
|
page read and write
|
||
|
9313000
|
heap
|
page read and write
|
||
|
9CDF000
|
heap
|
page read and write
|
||
|
7F755000
|
trusted library allocation
|
page execute read
|
||
|
345B000
|
heap
|
page read and write
|
||
|
34D9000
|
heap
|
page read and write
|
||
|
3468000
|
heap
|
page read and write
|
||
|
1920000
|
heap
|
page read and write
|
||
|
7F748000
|
trusted library allocation
|
page execute read
|
||
|
1979000
|
heap
|
page read and write
|
||
|
3468000
|
heap
|
page read and write
|
||
|
34A4000
|
heap
|
page read and write
|
||
|
A13F000
|
heap
|
page read and write
|
||
|
348F000
|
heap
|
page read and write
|
||
|
3474000
|
heap
|
page read and write
|
||
|
3474000
|
heap
|
page read and write
|
||
|
34C8000
|
heap
|
page read and write
|
||
|
705D000
|
heap
|
page read and write
|
||
|
6E00000
|
trusted library allocation
|
page read and write
|
||
|
34AE000
|
heap
|
page read and write
|
||
|
193C000
|
heap
|
page read and write
|
||
|
18EF000
|
heap
|
page read and write
|
||
|
624D000
|
stack
|
page read and write
|
||
|
A1B5000
|
heap
|
page read and write
|
||
|
34C2000
|
heap
|
page read and write
|
||
|
3614000
|
heap
|
page read and write
|
||
|
191A000
|
heap
|
page read and write
|
||
|
346A000
|
heap
|
page read and write
|
||
|
34D9000
|
heap
|
page read and write
|
||
|
3468000
|
heap
|
page read and write
|
||
|
1917000
|
heap
|
page read and write
|
||
|
6EC0000
|
heap
|
page read and write
|
||
|
9CA7000
|
heap
|
page read and write
|
||
|
3474000
|
heap
|
page read and write
|
||
|
3474000
|
heap
|
page read and write
|
||
|
1920000
|
heap
|
page read and write
|
||
|
93D3000
|
heap
|
page read and write
|
||
|
34B8000
|
heap
|
page read and write
|
||
|
93D6000
|
heap
|
page read and write
|
||
|
3468000
|
heap
|
page read and write
|
||
|
6DF0000
|
trusted library allocation
|
page read and write
|
||
|
3474000
|
heap
|
page read and write
|
||
|
3560000
|
heap
|
page read and write
|
||
|
7063000
|
heap
|
page read and write
|
||
|
34AE000
|
heap
|
page read and write
|
||
|
3468000
|
heap
|
page read and write
|
||
|
DD1000
|
unkown
|
page execute read
|
||
|
A199000
|
heap
|
page read and write
|
||
|
A0D1000
|
heap
|
page read and write
|
||
|
6CAB8000
|
unkown
|
page readonly
|
||
|
D60000
|
heap
|
page read and write
|
||
|
1034000
|
unkown
|
page readonly
|
||
|
348F000
|
heap
|
page read and write
|
||
|
3468000
|
heap
|
page read and write
|
||
|
704A000
|
heap
|
page read and write
|
||
|
A19C000
|
heap
|
page read and write
|
||
|
7F742000
|
trusted library allocation
|
page execute read
|
||
|
7F759000
|
trusted library allocation
|
page execute read
|
||
|
9437000
|
heap
|
page read and write
|
||
|
7117000
|
heap
|
page read and write
|
||
|
1767000
|
heap
|
page read and write
|
||
|
3474000
|
heap
|
page read and write
|
||
|
6BE2000
|
heap
|
page read and write
|
||
|
3465000
|
heap
|
page read and write
|
||
|
34A5000
|
heap
|
page read and write
|
||
|
34CA000
|
heap
|
page read and write
|
||
|
6E00000
|
trusted library allocation
|
page read and write
|
||
|
348F000
|
heap
|
page read and write
|
||
|
18EC000
|
heap
|
page read and write
|
||
|
6D8E000
|
stack
|
page read and write
|
||
|
A12F000
|
heap
|
page read and write
|
||
|
93E6000
|
heap
|
page read and write
|
||
|
A1B1000
|
heap
|
page read and write
|
||
|
3484000
|
heap
|
page read and write
|
||
|
35BC000
|
stack
|
page read and write
|
||
|
3474000
|
heap
|
page read and write
|
||
|
7F740000
|
trusted library allocation
|
page execute read
|
||
|
34B1000
|
heap
|
page read and write
|
||
|
18F6000
|
heap
|
page read and write
|
||
|
9300000
|
heap
|
page read and write
|
||
|
9CBC000
|
heap
|
page read and write
|
||
|
6D90000
|
trusted library allocation
|
page read and write
|
||
|
6DF0000
|
trusted library allocation
|
page read and write
|
||
|
3468000
|
heap
|
page read and write
|
||
|
34A5000
|
heap
|
page read and write
|
||
|
427E000
|
heap
|
page read and write
|
||
|
A275000
|
heap
|
page read and write
|
||
|
688D000
|
stack
|
page read and write
|
||
|
A23D000
|
heap
|
page read and write
|
||
|
9A05000
|
heap
|
page read and write
|
||
|
A232000
|
heap
|
page read and write
|
||
|
34C5000
|
heap
|
page read and write
|
||
|
6E30000
|
trusted library allocation
|
page read and write
|
||
|
3474000
|
heap
|
page read and write
|
||
|
6DD0000
|
trusted library allocation
|
page read and write
|
||
|
3492000
|
heap
|
page read and write
|
||
|
3483000
|
heap
|
page read and write
|
||
|
A08B000
|
heap
|
page read and write
|
||
|
6DF0000
|
trusted library allocation
|
page read and write
|
||
|
6CA86000
|
unkown
|
page read and write
|
||
|
6E20000
|
trusted library allocation
|
page read and write
|
||
|
9447000
|
heap
|
page read and write
|
||
|
346A000
|
heap
|
page read and write
|
||
|
3463000
|
heap
|
page read and write
|
||
|
9964000
|
heap
|
page read and write
|
||
|
3445000
|
heap
|
page read and write
|
||
|
3474000
|
heap
|
page read and write
|
||
|
18A2000
|
heap
|
page read and write
|
||
|
3468000
|
heap
|
page read and write
|
||
|
3620000
|
remote allocation
|
page read and write
|
||
|
3550000
|
heap
|
page read and write
|
||
|
3468000
|
heap
|
page read and write
|
||
|
1935000
|
heap
|
page read and write
|
||
|
3474000
|
heap
|
page read and write
|
||
|
3474000
|
heap
|
page read and write
|
||
|
6DF0000
|
trusted library allocation
|
page read and write
|
||
|
6D40000
|
trusted library allocation
|
page read and write
|
||
|
7030000
|
heap
|
page read and write
|
||
|
9475000
|
heap
|
page read and write
|
||
|
614C000
|
stack
|
page read and write
|
||
|
3C48000
|
heap
|
page read and write
|
||
|
35FD000
|
stack
|
page read and write
|
||
|
A1A8000
|
heap
|
page read and write
|
||
|
1760000
|
heap
|
page read and write
|
||
|
939D000
|
heap
|
page read and write
|
||
|
9522000
|
trusted library allocation
|
page read and write
|
||
|
3474000
|
heap
|
page read and write
|
||
|
34AD000
|
heap
|
page read and write
|
||
|
7037000
|
heap
|
page read and write
|
||
|
A20E000
|
heap
|
page read and write
|
||
|
348B000
|
heap
|
page read and write
|
||
|
3610000
|
heap
|
page read and write
|
||
|
3C41000
|
heap
|
page read and write
|
||
|
7F75B000
|
trusted library allocation
|
page execute read
|
||
|
705B000
|
heap
|
page read and write
|
||
|
6CA84000
|
unkown
|
page read and write
|
||
|
628C000
|
stack
|
page read and write
|
||
|
34B4000
|
heap
|
page read and write
|
||
|
3474000
|
heap
|
page read and write
|
||
|
9504000
|
trusted library allocation
|
page read and write
|
||
|
9CF3000
|
heap
|
page read and write
|
||
|
34D9000
|
heap
|
page read and write
|
||
|
3474000
|
heap
|
page read and write
|
||
|
3474000
|
heap
|
page read and write
|
||
|
18EC000
|
heap
|
page read and write
|
||
|
18BD000
|
heap
|
page read and write
|
||
|
7F753000
|
trusted library allocation
|
page execute read
|
||
|
6DE0000
|
trusted library allocation
|
page read and write
|
||
|
A040000
|
heap
|
page read and write
|
||
|
3C20000
|
heap
|
page read and write
|
||
|
3467000
|
heap
|
page read and write
|
||
|
3464000
|
heap
|
page read and write
|
||
|
9315000
|
heap
|
page read and write
|
||
|
63CE000
|
stack
|
page read and write
|
||
|
69DA000
|
heap
|
page read and write
|
||
|
11DB000
|
unkown
|
page write copy
|
||
|
34A4000
|
heap
|
page read and write
|
||
|
11FC000
|
unkown
|
page read and write
|
||
|
6C231000
|
unkown
|
page execute read
|
||
|
34A8000
|
heap
|
page read and write
|
||
|
939B000
|
heap
|
page read and write
|
||
|
348F000
|
heap
|
page read and write
|
||
|
11D8000
|
unkown
|
page write copy
|
||
|
6C7F9000
|
unkown
|
page read and write
|
||
|
3474000
|
heap
|
page read and write
|
||
|
3485000
|
heap
|
page read and write
|
||
|
9C96000
|
heap
|
page read and write
|
||
|
348F000
|
heap
|
page read and write
|
||
|
678D000
|
stack
|
page read and write
|
||
|
18A6000
|
heap
|
page read and write
|
||
|
11D8000
|
unkown
|
page read and write
|
||
|
3C34000
|
heap
|
page read and write
|
||
|
3CA1000
|
heap
|
page read and write
|
||
|
3430000
|
heap
|
page read and write
|
||
|
17B0000
|
trusted library section
|
page readonly
|
||
|
92F0000
|
heap
|
page read and write
|
||
|
1974000
|
heap
|
page read and write
|
||
|
3468000
|
heap
|
page read and write
|
||
|
34D5000
|
heap
|
page read and write
|
||
|
6CA90000
|
unkown
|
page readonly
|
||
|
6CACD000
|
unkown
|
page readonly
|
||
|
1780000
|
heap
|
page read and write
|
||
|
34A5000
|
heap
|
page read and write
|
||
|
348F000
|
heap
|
page read and write
|
||
|
3474000
|
heap
|
page read and write
|
||
|
3620000
|
remote allocation
|
page read and write
|
There are 343 hidden memdumps, click here to show them.