Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
e-dekont_html.scr.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\tmpA98F.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\ZRbgEuSJYOgOl.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\ZRbgEuSJYOgOl.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\e-dekont_html.scr.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1ysamt1j.yvu.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ae4fvqsl.nlb.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_g1g3g3kl.qmi.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_grfc5lp1.pcc.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jnoqfrvk.jde.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lybng2ex.zfq.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_noksldm2.3ba.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nrxwncbf.wti.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpD022.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\ZRbgEuSJYOgOl.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\e-dekont_html.scr.exe
|
"C:\Users\user\Desktop\e-dekont_html.scr.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\e-dekont_html.scr.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\ZRbgEuSJYOgOl.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\ZRbgEuSJYOgOl" /XML "C:\Users\user\AppData\Local\Temp\tmpA98F.tmp"
|
|
|
|
C:\Users\user\Desktop\e-dekont_html.scr.exe
|
"C:\Users\user\Desktop\e-dekont_html.scr.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\ZRbgEuSJYOgOl.exe
|
C:\Users\user\AppData\Roaming\ZRbgEuSJYOgOl.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\ZRbgEuSJYOgOl" /XML "C:\Users\user\AppData\Local\Temp\tmpD022.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\ZRbgEuSJYOgOl.exe
|
"C:\Users\user\AppData\Roaming\ZRbgEuSJYOgOl.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt0#
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
http://ocsp.sectigo.co=
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://www.chiark.greenend.org.uk/~sgtatham/putty/0
|
unknown
|
||
|
http://crt.sectigo.com/7
|
unknown
|
||
|
http://cp8nl.hyperhost.ua
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
cp8nl.hyperhost.ua
|
185.174.175.187
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.174.175.187
|
cp8nl.hyperhost.ua
|
Ukraine
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
64E2000
|
trusted library allocation
|
page read and write
|
|
|
|
3131000
|
trusted library allocation
|
page read and write
|
|
|
|
458B000
|
trusted library allocation
|
page read and write
|
|
|
|
2EF1000
|
trusted library allocation
|
page read and write
|
|
|
|
317E000
|
trusted library allocation
|
page read and write
|
|
|
|
2F3E000
|
trusted library allocation
|
page read and write
|
|
|
|
7A55000
|
heap
|
page read and write
|
||
|
135A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4AA000
|
stack
|
page read and write
|
||
|
4C3C000
|
stack
|
page read and write
|
||
|
56AC000
|
stack
|
page read and write
|
||
|
5616000
|
trusted library allocation
|
page read and write
|
||
|
5113000
|
heap
|
page read and write
|
||
|
1017000
|
heap
|
page read and write
|
||
|
11FE000
|
stack
|
page read and write
|
||
|
BEE000
|
unkown
|
page read and write
|
||
|
55EC000
|
stack
|
page read and write
|
||
|
6624000
|
trusted library allocation
|
page read and write
|
||
|
13A6000
|
heap
|
page read and write
|
||
|
1000000
|
trusted library allocation
|
page read and write
|
||
|
5020000
|
trusted library allocation
|
page read and write
|
||
|
6E50000
|
trusted library allocation
|
page execute and read and write
|
||
|
A17000
|
heap
|
page read and write
|
||
|
2B01000
|
trusted library allocation
|
page read and write
|
||
|
CF0000
|
trusted library allocation
|
page read and write
|
||
|
5290000
|
trusted library section
|
page readonly
|
||
|
965F000
|
stack
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
98E000
|
stack
|
page read and write
|
||
|
CEC000
|
stack
|
page read and write
|
||
|
2F17000
|
trusted library allocation
|
page execute and read and write
|
||
|
A9CB000
|
heap
|
page read and write
|
||
|
4054000
|
trusted library allocation
|
page read and write
|
||
|
5600000
|
trusted library section
|
page readonly
|
||
|
135F000
|
stack
|
page read and write
|
||
|
5040000
|
trusted library allocation
|
page execute and read and write
|
||
|
6710000
|
trusted library allocation
|
page read and write
|
||
|
569E000
|
stack
|
page read and write
|
||
|
5A0C000
|
stack
|
page read and write
|
||
|
2F65000
|
trusted library allocation
|
page read and write
|
||
|
12AA000
|
heap
|
page read and write
|
||
|
5370000
|
trusted library allocation
|
page read and write
|
||
|
2E2F000
|
stack
|
page read and write
|
||
|
452B000
|
trusted library allocation
|
page read and write
|
||
|
A30000
|
trusted library allocation
|
page read and write
|
||
|
E0E000
|
stack
|
page read and write
|
||
|
42D0000
|
trusted library allocation
|
page read and write
|
||
|
5C70000
|
trusted library allocation
|
page read and write
|
||
|
7C75000
|
trusted library allocation
|
page read and write
|
||
|
E3C000
|
heap
|
page read and write
|
||
|
6A80000
|
heap
|
page read and write
|
||
|
7FBD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
9EBF000
|
stack
|
page read and write
|
||
|
9D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1365000
|
trusted library allocation
|
page execute and read and write
|
||
|
5556000
|
trusted library allocation
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
2F1B000
|
trusted library allocation
|
page execute and read and write
|
||
|
4EED000
|
stack
|
page read and write
|
||
|
B2E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
56C5000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
5CC0000
|
trusted library allocation
|
page read and write
|
||
|
D60000
|
trusted library allocation
|
page read and write
|
||
|
2F08000
|
trusted library allocation
|
page read and write
|
||
|
2FDC000
|
stack
|
page read and write
|
||
|
9207000
|
trusted library allocation
|
page read and write
|
||
|
50CD000
|
stack
|
page read and write
|
||
|
9200000
|
trusted library allocation
|
page read and write
|
||
|
B41000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
8DA0000
|
trusted library allocation
|
page read and write
|
||
|
90A0000
|
heap
|
page read and write
|
||
|
B0F000
|
heap
|
page read and write
|
||
|
2960000
|
trusted library section
|
page read and write
|
||
|
562E000
|
trusted library allocation
|
page read and write
|
||
|
C50000
|
trusted library allocation
|
page read and write
|
||
|
9B6D000
|
stack
|
page read and write
|
||
|
312F000
|
stack
|
page read and write
|
||
|
8E0C000
|
trusted library allocation
|
page read and write
|
||
|
52CD000
|
stack
|
page read and write
|
||
|
8DF0000
|
trusted library allocation
|
page read and write
|
||
|
2F30000
|
trusted library allocation
|
page read and write
|
||
|
DC1000
|
heap
|
page read and write
|
||
|
B13000
|
heap
|
page read and write
|
||
|
6676000
|
trusted library allocation
|
page read and write
|
||
|
66CD000
|
stack
|
page read and write
|
||
|
4159000
|
trusted library allocation
|
page read and write
|
||
|
4234000
|
trusted library allocation
|
page read and write
|
||
|
5670000
|
heap
|
page read and write
|
||
|
470A000
|
trusted library allocation
|
page read and write
|
||
|
5710000
|
heap
|
page execute and read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
A58000
|
heap
|
page read and write
|
||
|
9DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
4198000
|
trusted library allocation
|
page read and write
|
||
|
56B8000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
1265000
|
heap
|
page read and write
|
||
|
555B000
|
trusted library allocation
|
page read and write
|
||
|
9CF000
|
stack
|
page read and write
|
||
|
3014000
|
trusted library allocation
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
29E0000
|
trusted library allocation
|
page read and write
|
||
|
1734000
|
trusted library allocation
|
page read and write
|
||
|
5650000
|
trusted library allocation
|
page read and write
|
||
|
2F15000
|
trusted library allocation
|
page execute and read and write
|
||
|
69CD000
|
heap
|
page read and write
|
||
|
5642000
|
trusted library allocation
|
page read and write
|
||
|
2730000
|
trusted library allocation
|
page execute and read and write
|
||
|
3020000
|
heap
|
page execute and read and write
|
||
|
1030000
|
trusted library allocation
|
page read and write
|
||
|
A9D1000
|
heap
|
page read and write
|
||
|
B219000
|
heap
|
page read and write
|
||
|
EB2E000
|
stack
|
page read and write
|
||
|
520D000
|
stack
|
page read and write
|
||
|
27B1000
|
trusted library allocation
|
page read and write
|
||
|
12B5000
|
heap
|
page read and write
|
||
|
A02000
|
trusted library allocation
|
page read and write
|
||
|
9B20000
|
trusted library allocation
|
page read and write
|
||
|
955E000
|
stack
|
page read and write
|
||
|
2FF0000
|
trusted library allocation
|
page read and write
|
||
|
5C76000
|
trusted library allocation
|
page read and write
|
||
|
2F83000
|
heap
|
page read and write
|
||
|
66D0000
|
trusted library allocation
|
page read and write
|
||
|
8DE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
B1BC000
|
heap
|
page read and write
|
||
|
5562000
|
trusted library allocation
|
page read and write
|
||
|
A85000
|
heap
|
page read and write
|
||
|
90AE000
|
heap
|
page read and write
|
||
|
5631000
|
trusted library allocation
|
page read and write
|
||
|
5550000
|
trusted library allocation
|
page read and write
|
||
|
5610000
|
heap
|
page read and write
|
||
|
1352000
|
trusted library allocation
|
page read and write
|
||
|
92DE000
|
stack
|
page read and write
|
||
|
12B8000
|
heap
|
page read and write
|
||
|
5622000
|
trusted library allocation
|
page read and write
|
||
|
70B0000
|
heap
|
page read and write
|
||
|
2774000
|
trusted library allocation
|
page read and write
|
||
|
46AC000
|
trusted library allocation
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
3197000
|
trusted library allocation
|
page read and write
|
||
|
2DDF000
|
trusted library allocation
|
page read and write
|
||
|
6E3E000
|
stack
|
page read and write
|
||
|
6E10000
|
trusted library allocation
|
page read and write
|
||
|
6700000
|
trusted library allocation
|
page execute and read and write
|
||
|
EE2E000
|
stack
|
page read and write
|
||
|
6680000
|
trusted library allocation
|
page execute and read and write
|
||
|
5138000
|
trusted library allocation
|
page read and write
|
||
|
4FCC000
|
stack
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
5010000
|
trusted library allocation
|
page read and write
|
||
|
A7A000
|
stack
|
page read and write
|
||
|
2F0A000
|
trusted library allocation
|
page execute and read and write
|
||
|
69B2000
|
heap
|
page read and write
|
||
|
F7E000
|
stack
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
1288000
|
heap
|
page read and write
|
||
|
2F3C000
|
trusted library allocation
|
page read and write
|
||
|
2770000
|
trusted library allocation
|
page read and write
|
||
|
979E000
|
stack
|
page read and write
|
||
|
1610000
|
trusted library allocation
|
page read and write
|
||
|
B590000
|
trusted library section
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
694E000
|
stack
|
page read and write
|
||
|
AA40000
|
trusted library allocation
|
page read and write
|
||
|
26AF000
|
stack
|
page read and write
|
||
|
55E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F7F000
|
stack
|
page read and write
|
||
|
5FE000
|
unkown
|
page read and write
|
||
|
7F460000
|
trusted library allocation
|
page execute and read and write
|
||
|
EF2E000
|
stack
|
page read and write
|
||
|
1250000
|
trusted library allocation
|
page read and write
|
||
|
65C0000
|
trusted library allocation
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
7A20000
|
heap
|
page read and write
|
||
|
F96000
|
trusted library allocation
|
page execute and read and write
|
||
|
2960000
|
trusted library allocation
|
page read and write
|
||
|
5A5C000
|
stack
|
page read and write
|
||
|
5600000
|
heap
|
page execute and read and write
|
||
|
4074000
|
trusted library allocation
|
page read and write
|
||
|
A77000
|
heap
|
page read and write
|
||
|
9AF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1740000
|
trusted library allocation
|
page read and write
|
||
|
6A8E000
|
stack
|
page read and write
|
||
|
2780000
|
trusted library allocation
|
page read and write
|
||
|
28F9000
|
trusted library allocation
|
page read and write
|
||
|
B03000
|
heap
|
page read and write
|
||
|
6C6E000
|
stack
|
page read and write
|
||
|
5B0E000
|
stack
|
page read and write
|
||
|
62BE000
|
stack
|
page read and write
|
||
|
15D0000
|
heap
|
page read and write
|
||
|
1438000
|
heap
|
page read and write
|
||
|
1600000
|
heap
|
page read and write
|
||
|
4728000
|
trusted library allocation
|
page read and write
|
||
|
4584000
|
trusted library allocation
|
page read and write
|
||
|
696E000
|
stack
|
page read and write
|
||
|
A9CD000
|
heap
|
page read and write
|
||
|
55C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DDD000
|
trusted library allocation
|
page read and write
|
||
|
94F000
|
unkown
|
page read and write
|
||
|
7F0D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F9E000
|
trusted library allocation
|
page read and write
|
||
|
BDD0000
|
trusted library allocation
|
page read and write
|
||
|
9FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
56C0000
|
heap
|
page read and write
|
||
|
A59000
|
stack
|
page read and write
|
||
|
951E000
|
stack
|
page read and write
|
||
|
7ECE000
|
stack
|
page read and write
|
||
|
B461000
|
heap
|
page read and write
|
||
|
56C3000
|
heap
|
page read and write
|
||
|
105A000
|
stack
|
page read and write
|
||
|
6E7E000
|
stack
|
page read and write
|
||
|
676E000
|
stack
|
page read and write
|
||
|
5240000
|
trusted library allocation
|
page read and write
|
||
|
4BF0000
|
trusted library allocation
|
page read and write
|
||
|
37B1000
|
trusted library allocation
|
page read and write
|
||
|
F08C000
|
stack
|
page read and write
|
||
|
D4E000
|
stack
|
page read and write
|
||
|
2F02000
|
trusted library allocation
|
page read and write
|
||
|
A940000
|
heap
|
page read and write
|
||
|
8E05000
|
trusted library allocation
|
page read and write
|
||
|
1378000
|
heap
|
page read and write
|
||
|
B56000
|
stack
|
page read and write
|
||
|
8DC0000
|
trusted library allocation
|
page read and write
|
||
|
6F10000
|
heap
|
page read and write
|
||
|
6984000
|
heap
|
page read and write
|
||
|
E48000
|
heap
|
page read and write
|
||
|
5110000
|
heap
|
page read and write
|
||
|
5A7000
|
stack
|
page read and write
|
||
|
9D0000
|
trusted library allocation
|
page read and write
|
||
|
8DB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7170000
|
heap
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
7980000
|
heap
|
page execute and read and write
|
||
|
96B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7DC0000
|
heap
|
page read and write
|
||
|
F90000
|
trusted library allocation
|
page read and write
|
||
|
A3D000
|
stack
|
page read and write
|
||
|
2F46000
|
trusted library allocation
|
page read and write
|
||
|
68BE000
|
stack
|
page read and write
|
||
|
55A0000
|
heap
|
page read and write
|
||
|
43BA000
|
trusted library allocation
|
page read and write
|
||
|
555E000
|
trusted library allocation
|
page read and write
|
||
|
1159000
|
stack
|
page read and write
|
||
|
8E0E000
|
trusted library allocation
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
2AFF000
|
stack
|
page read and write
|
||
|
1600000
|
heap
|
page read and write
|
||
|
91F0000
|
trusted library allocation
|
page read and write
|
||
|
4134000
|
trusted library allocation
|
page read and write
|
||
|
2970000
|
trusted library section
|
page read and write
|
||
|
3186000
|
trusted library allocation
|
page read and write
|
||
|
96C0000
|
trusted library allocation
|
page read and write
|
||
|
296E000
|
trusted library allocation
|
page read and write
|
||
|
F18C000
|
stack
|
page read and write
|
||
|
7C70000
|
trusted library allocation
|
page read and write
|
||
|
31A5000
|
trusted library allocation
|
page read and write
|
||
|
93DE000
|
stack
|
page read and write
|
||
|
5690000
|
trusted library allocation
|
page read and write
|
||
|
2F3A000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
4B3C000
|
stack
|
page read and write
|
||
|
56A5000
|
heap
|
page read and write
|
||
|
9AE0000
|
trusted library allocation
|
page read and write
|
||
|
E76000
|
heap
|
page read and write
|
||
|
5CCC000
|
trusted library allocation
|
page read and write
|
||
|
56B0000
|
trusted library allocation
|
page read and write
|
||
|
5C0E000
|
stack
|
page read and write
|
||
|
2F00000
|
trusted library allocation
|
page read and write
|
||
|
5CB0000
|
trusted library allocation
|
page read and write
|
||
|
6CFE000
|
stack
|
page read and write
|
||
|
5720000
|
heap
|
page read and write
|
||
|
9D7E000
|
stack
|
page read and write
|
||
|
7C90000
|
trusted library allocation
|
page read and write
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
E03000
|
heap
|
page read and write
|
||
|
DB4000
|
heap
|
page read and write
|
||
|
5636000
|
trusted library allocation
|
page read and write
|
||
|
5230000
|
heap
|
page read and write
|
||
|
A93000
|
heap
|
page read and write
|
||
|
1720000
|
trusted library allocation
|
page read and write
|
||
|
6EC0000
|
trusted library allocation
|
page read and write
|
||
|
6EE0000
|
trusted library allocation
|
page read and write
|
||
|
5220000
|
heap
|
page read and write
|
||
|
AA50000
|
trusted library allocation
|
page execute and read and write
|
||
|
13A3000
|
heap
|
page read and write
|
||
|
B47000
|
heap
|
page read and write
|
||
|
5571000
|
trusted library allocation
|
page read and write
|
||
|
9ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
561E000
|
trusted library allocation
|
page read and write
|
||
|
4CE3000
|
heap
|
page read and write
|
||
|
2776000
|
trusted library allocation
|
page read and write
|
||
|
65D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C1B000
|
heap
|
page read and write
|
||
|
FAB000
|
trusted library allocation
|
page execute and read and write
|
||
|
F92000
|
trusted library allocation
|
page read and write
|
||
|
3000000
|
trusted library allocation
|
page read and write
|
||
|
1020000
|
trusted library allocation
|
page read and write
|
||
|
5C4E000
|
stack
|
page read and write
|
||
|
7ED0000
|
heap
|
page read and write
|
||
|
2F7E000
|
stack
|
page read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
2F69000
|
trusted library allocation
|
page read and write
|
||
|
B2A0000
|
trusted library allocation
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
4EF8000
|
trusted library allocation
|
page read and write
|
||
|
B21C000
|
heap
|
page read and write
|
||
|
561B000
|
trusted library allocation
|
page read and write
|
||
|
2C55000
|
trusted library allocation
|
page read and write
|
||
|
A5E000
|
heap
|
page read and write
|
||
|
915000
|
heap
|
page read and write
|
||
|
9F0000
|
trusted library allocation
|
page read and write
|
||
|
C4E000
|
stack
|
page read and write
|
||
|
A0B000
|
trusted library allocation
|
page execute and read and write
|
||
|
3EF1000
|
trusted library allocation
|
page read and write
|
||
|
50E0000
|
heap
|
page read and write
|
||
|
6DFF000
|
stack
|
page read and write
|
||
|
FA2000
|
trusted library allocation
|
page read and write
|
||
|
44A5000
|
trusted library allocation
|
page read and write
|
||
|
6E00000
|
trusted library allocation
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
9680000
|
trusted library allocation
|
page read and write
|
||
|
1240000
|
trusted library allocation
|
page read and write
|
||
|
F8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
454B000
|
trusted library allocation
|
page read and write
|
||
|
13FA000
|
heap
|
page read and write
|
||
|
6670000
|
trusted library allocation
|
page read and write
|
||
|
1630000
|
heap
|
page read and write
|
||
|
6B09000
|
heap
|
page read and write
|
||
|
2790000
|
trusted library allocation
|
page read and write
|
||
|
2BB3000
|
trusted library allocation
|
page read and write
|
||
|
136B000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FA1000
|
trusted library allocation
|
page read and write
|
||
|
CAE000
|
stack
|
page read and write
|
||
|
562A000
|
trusted library allocation
|
page read and write
|
||
|
2EF6000
|
trusted library allocation
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
4C16000
|
trusted library allocation
|
page read and write
|
||
|
78C000
|
unkown
|
page execute and read and write
|
||
|
1280000
|
heap
|
page read and write
|
||
|
FC0000
|
trusted library allocation
|
page read and write
|
||
|
6F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
6EB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7B60000
|
heap
|
page read and write
|
||
|
98A0000
|
trusted library section
|
page read and write
|
||
|
66FE000
|
stack
|
page read and write
|
||
|
1356000
|
trusted library allocation
|
page execute and read and write
|
||
|
EFA000
|
stack
|
page read and write
|
||
|
1367000
|
trusted library allocation
|
page execute and read and write
|
||
|
156E000
|
stack
|
page read and write
|
||
|
EDEE000
|
stack
|
page read and write
|
||
|
ECEF000
|
stack
|
page read and write
|
||
|
50CD000
|
stack
|
page read and write
|
||
|
1640000
|
heap
|
page read and write
|
||
|
698E000
|
stack
|
page read and write
|
||
|
B560000
|
heap
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
3016000
|
trusted library allocation
|
page read and write
|
||
|
2940000
|
trusted library section
|
page read and write
|
||
|
56A0000
|
heap
|
page read and write
|
||
|
293E000
|
stack
|
page read and write
|
||
|
F80000
|
trusted library allocation
|
page read and write
|
||
|
A40000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B9E000
|
stack
|
page read and write
|
||
|
7C80000
|
trusted library allocation
|
page read and write
|
||
|
6AC2000
|
heap
|
page read and write
|
||
|
1253000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C30000
|
trusted library allocation
|
page read and write
|
||
|
6D3E000
|
stack
|
page read and write
|
||
|
1624000
|
trusted library allocation
|
page read and write
|
||
|
DA7000
|
heap
|
page read and write
|
||
|
8E00000
|
trusted library allocation
|
page read and write
|
||
|
1040000
|
trusted library allocation
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
4C11000
|
trusted library allocation
|
page read and write
|
||
|
29C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
5610000
|
trusted library allocation
|
page read and write
|
||
|
6EC7000
|
trusted library allocation
|
page read and write
|
||
|
5250000
|
trusted library allocation
|
page execute and read and write
|
||
|
4CC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B5F000
|
stack
|
page read and write
|
||
|
797B000
|
stack
|
page read and write
|
||
|
D7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
96D0000
|
trusted library allocation
|
page read and write
|
||
|
4FA6000
|
trusted library allocation
|
page read and write
|
||
|
5582000
|
trusted library allocation
|
page read and write
|
||
|
9F2000
|
trusted library allocation
|
page read and write
|
||
|
1733000
|
trusted library allocation
|
page execute and read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
9AD0000
|
trusted library allocation
|
page read and write
|
||
|
4EA6000
|
trusted library allocation
|
page read and write
|
||
|
9ADC000
|
trusted library allocation
|
page read and write
|
||
|
8ECE000
|
stack
|
page read and write
|
||
|
661E000
|
stack
|
page read and write
|
||
|
632F000
|
stack
|
page read and write
|
||
|
174D000
|
trusted library allocation
|
page execute and read and write
|
||
|
63BF000
|
stack
|
page read and write
|
||
|
5C7C000
|
trusted library allocation
|
page read and write
|
||
|
556E000
|
trusted library allocation
|
page read and write
|
||
|
6F80000
|
trusted library allocation
|
page execute and read and write
|
||
|
7A40000
|
trusted library allocation
|
page read and write
|
||
|
9E0000
|
trusted library allocation
|
page read and write
|
||
|
50D000
|
stack
|
page read and write
|
||
|
1340000
|
trusted library allocation
|
page read and write
|
||
|
1442000
|
heap
|
page read and write
|
||
|
E27000
|
heap
|
page read and write
|
||
|
2750000
|
heap
|
page read and write
|
||
|
7A10000
|
heap
|
page read and write
|
||
|
66BE000
|
stack
|
page read and write
|
||
|
5CB8000
|
trusted library allocation
|
page read and write
|
||
|
7C95000
|
trusted library allocation
|
page read and write
|
||
|
4CE0000
|
heap
|
page read and write
|
||
|
E05000
|
heap
|
page read and write
|
||
|
4E8F000
|
stack
|
page read and write
|
||
|
15D0000
|
heap
|
page execute and read and write
|
||
|
9690000
|
trusted library allocation
|
page read and write
|
||
|
2BE5000
|
trusted library allocation
|
page read and write
|
||
|
565E000
|
stack
|
page read and write
|
||
|
67AE000
|
stack
|
page read and write
|
||
|
29F0000
|
heap
|
page execute and read and write
|
||
|
E72000
|
heap
|
page read and write
|
||
|
7AF000
|
unkown
|
page execute and read and write
|
||
|
6B0000
|
unkown
|
page execute and read and write
|
||
|
27A0000
|
heap
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
C60000
|
heap
|
page execute and read and write
|
||
|
5C72000
|
trusted library allocation
|
page read and write
|
||
|
F1CE000
|
stack
|
page read and write
|
||
|
3F19000
|
trusted library allocation
|
page read and write
|
||
|
FA7000
|
trusted library allocation
|
page execute and read and write
|
||
|
8DD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F25000
|
trusted library allocation
|
page read and write
|
||
|
56B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EEF000
|
stack
|
page read and write
|
||
|
91FF000
|
trusted library allocation
|
page read and write
|
||
|
29D0000
|
trusted library allocation
|
page read and write
|
||
|
5680000
|
trusted library allocation
|
page read and write
|
||
|
6B2000
|
unkown
|
page readonly
|
||
|
A30000
|
heap
|
page read and write
|
||
|
7A30000
|
trusted library allocation
|
page read and write
|
||
|
67B0000
|
heap
|
page read and write
|
||
|
5576000
|
trusted library allocation
|
page read and write
|
||
|
6A8C000
|
heap
|
page read and write
|
||
|
941E000
|
stack
|
page read and write
|
||
|
AD1000
|
heap
|
page read and write
|
||
|
7C60000
|
trusted library allocation
|
page execute and read and write
|
||
|
7DAE000
|
stack
|
page read and write
|
||
|
D70000
|
trusted library allocation
|
page read and write
|
||
|
9C7E000
|
stack
|
page read and write
|
||
|
6970000
|
heap
|
page read and write
|
||
|
1360000
|
trusted library allocation
|
page read and write
|
||
|
92A2000
|
trusted library allocation
|
page read and write
|
||
|
56D0000
|
heap
|
page read and write
|
||
|
2740000
|
trusted library allocation
|
page read and write
|
||
|
521F000
|
stack
|
page read and write
|
||
|
1362000
|
trusted library allocation
|
page read and write
|
||
|
6ED0000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
1580000
|
trusted library allocation
|
page read and write
|
||
|
3010000
|
trusted library allocation
|
page read and write
|
||
|
7C7D000
|
trusted library allocation
|
page read and write
|
||
|
26F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
9220000
|
trusted library allocation
|
page execute and read and write
|
||
|
A3A000
|
heap
|
page read and write
|
||
|
920C000
|
trusted library allocation
|
page read and write
|
||
|
D74000
|
trusted library allocation
|
page read and write
|
||
|
2F12000
|
trusted library allocation
|
page read and write
|
||
|
3B01000
|
trusted library allocation
|
page read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
12EC000
|
heap
|
page read and write
|
||
|
6B2000
|
unkown
|
page execute and read and write
|
||
|
4C7E000
|
stack
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
AD4000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
556A000
|
trusted library allocation
|
page read and write
|
||
|
5C9F000
|
stack
|
page read and write
|
||
|
D8E000
|
heap
|
page read and write
|
||
|
15E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
D0D000
|
stack
|
page read and write
|
||
|
D4F000
|
unkown
|
page read and write
|
||
|
15F0000
|
trusted library allocation
|
page read and write
|
||
|
8010000
|
trusted library allocation
|
page read and write
|
||
|
95E000
|
stack
|
page read and write
|
||
|
9210000
|
trusted library allocation
|
page read and write
|
||
|
2797000
|
trusted library allocation
|
page read and write
|
||
|
134D000
|
trusted library allocation
|
page execute and read and write
|
||
|
8FCE000
|
stack
|
page read and write
|
||
|
2F57000
|
trusted library allocation
|
page read and write
|
||
|
4CA0000
|
trusted library allocation
|
page read and write
|
||
|
570E000
|
stack
|
page read and write
|
||
|
65C6000
|
trusted library allocation
|
page read and write
|
||
|
B252000
|
heap
|
page read and write
|
||
|
4C1D000
|
trusted library allocation
|
page read and write
|
||
|
4131000
|
trusted library allocation
|
page read and write
|
||
|
5590000
|
trusted library allocation
|
page read and write
|
||
|
B07000
|
heap
|
page read and write
|
||
|
7B70000
|
heap
|
page read and write
|
||
|
FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
563D000
|
trusted library allocation
|
page read and write
|
||
|
50D0000
|
heap
|
page read and write
|
||
|
96A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
557D000
|
trusted library allocation
|
page read and write
|
||
|
4C90000
|
trusted library allocation
|
page read and write
|
||
|
9AC0000
|
trusted library allocation
|
page read and write
|
||
|
FF0000
|
trusted library allocation
|
page read and write
|
||
|
6BFB000
|
stack
|
page read and write
|
||
|
6B0000
|
unkown
|
page readonly
|
||
|
A07000
|
trusted library allocation
|
page execute and read and write
|
||
|
1620000
|
trusted library allocation
|
page read and write
|
||
|
7DB0000
|
trusted library allocation
|
page read and write
|
||
|
7EE0000
|
heap
|
page read and write
|
||
|
1750000
|
heap
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
2BA1000
|
trusted library allocation
|
page read and write
|
||
|
566B000
|
stack
|
page read and write
|
||
|
31A9000
|
trusted library allocation
|
page read and write
|
||
|
6CFC000
|
stack
|
page read and write
|
||
|
4FFE000
|
stack
|
page read and write
|
||
|
139A000
|
heap
|
page read and write
|
||
|
B45D000
|
stack
|
page read and write
|
||
|
9C0000
|
trusted library allocation
|
page read and write
|
||
|
7B5D000
|
stack
|
page read and write
|
||
|
15CE000
|
stack
|
page read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
D73000
|
trusted library allocation
|
page execute and read and write
|
||
|
48AC000
|
stack
|
page read and write
|
||
|
56CD000
|
trusted library allocation
|
page read and write
|
||
|
99E000
|
stack
|
page read and write
|
||
|
173D000
|
trusted library allocation
|
page execute and read and write
|
||
|
EAED000
|
stack
|
page read and write
|
||
|
64A1000
|
trusted library allocation
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
B1A0000
|
heap
|
page read and write
|
||
|
F9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
F2CE000
|
stack
|
page read and write
|
||
|
47F5000
|
trusted library allocation
|
page read and write
|
||
|
8CA0000
|
heap
|
page read and write
|
||
|
1254000
|
trusted library allocation
|
page read and write
|
||
|
800E000
|
stack
|
page read and write
|
||
|
4309000
|
trusted library allocation
|
page read and write
|
||
|
56C0000
|
trusted library allocation
|
page read and write
|
||
|
9D4000
|
trusted library allocation
|
page read and write
|
||
|
6717000
|
trusted library allocation
|
page read and write
|
||
|
4F80000
|
trusted library allocation
|
page read and write
|
||
|
9B27000
|
trusted library allocation
|
page read and write
|
||
|
B2B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6620000
|
trusted library allocation
|
page read and write
|
||
|
6E40000
|
heap
|
page read and write
|
||
|
317C000
|
trusted library allocation
|
page read and write
|
||
|
1730000
|
trusted library allocation
|
page read and write
|
||
|
4C0E000
|
trusted library allocation
|
page read and write
|
||
|
2FE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5620000
|
heap
|
page execute and read and write
|
||
|
9F6000
|
trusted library allocation
|
page execute and read and write
|
||
|
5270000
|
trusted library allocation
|
page execute and read and write
|
||
|
13E2000
|
heap
|
page read and write
|
||
|
54A000
|
stack
|
page read and write
|
||
|
7A50000
|
heap
|
page read and write
|
||
|
2980000
|
trusted library allocation
|
page execute and read and write
|
||
|
4EA0000
|
trusted library allocation
|
page read and write
|
||
|
989E000
|
stack
|
page read and write
|
||
|
125D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F06000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FAD000
|
trusted library allocation
|
page read and write
|
||
|
3FB9000
|
trusted library allocation
|
page read and write
|
||
|
1350000
|
trusted library allocation
|
page read and write
|
||
|
6D6F000
|
stack
|
page read and write
|
||
|
6AEA000
|
heap
|
page read and write
|
||
|
7F04000
|
heap
|
page read and write
|
||
|
FF8000
|
stack
|
page read and write
|
||
|
40B4000
|
trusted library allocation
|
page read and write
|
||
|
E4D000
|
heap
|
page read and write
|
||
|
3F59000
|
trusted library allocation
|
page read and write
|
||
|
B2D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
9DBE000
|
stack
|
page read and write
|
||
|
2DEE000
|
stack
|
page read and write
|
||
|
2F10000
|
trusted library allocation
|
page read and write
|
There are 573 hidden memdumps, click here to show them.