Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
100% #U4e8b#U524d#U306e#U8fc5#U901f#U306a#U53d6#U5f15.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\tmp6D8B.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\yPsuOErYR.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\100% #U4e8b#U524d#U306e#U8fc5#U901f#U306a#U53d6#U5f15.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\yPsuOErYR.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0lgi231z.rtl.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_11qxq1qj.lq5.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4s0jwhoo.b40.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bjwznaro.01o.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_c0qgpbap.j4j.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ngaufseo.2z0.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_t4m11d0l.is2.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_w5c4dll1.zj0.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp7CBD.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\yPsuOErYR.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\100% #U4e8b#U524d#U306e#U8fc5#U901f#U306a#U53d6#U5f15.exe
|
"C:\Users\user\Desktop\100% #U4e8b#U524d#U306e#U8fc5#U901f#U306a#U53d6#U5f15.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\100% #U4e8b#U524d#U306e#U8fc5#U901f#U306a#U53d6#U5f15.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\yPsuOErYR.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\yPsuOErYR" /XML "C:\Users\user\AppData\Local\Temp\tmp6D8B.tmp"
|
|
|
|
C:\Users\user\Desktop\100% #U4e8b#U524d#U306e#U8fc5#U901f#U306a#U53d6#U5f15.exe
|
"C:\Users\user\Desktop\100% #U4e8b#U524d#U306e#U8fc5#U901f#U306a#U53d6#U5f15.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\yPsuOErYR.exe
|
C:\Users\user\AppData\Roaming\yPsuOErYR.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\yPsuOErYR" /XML "C:\Users\user\AppData\Local\Temp\tmp7CBD.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\yPsuOErYR.exe
|
"C:\Users\user\AppData\Roaming\yPsuOErYR.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://account.dyn.com/
|
unknown
|
||
|
http://mail.geasa.hn
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://account.dy
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mail.geasa.hn
|
66.96.131.81
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
66.96.131.81
|
mail.geasa.hn
|
United States
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3BB1000
|
trusted library allocation
|
page read and write
|
|
|
|
2DF1000
|
trusted library allocation
|
page read and write
|
|
|
|
2B56000
|
trusted library allocation
|
page read and write
|
|
|
|
4262000
|
trusted library allocation
|
page read and write
|
|
|
|
2E46000
|
trusted library allocation
|
page read and write
|
|
|
|
2B4E000
|
trusted library allocation
|
page read and write
|
|
|
|
2B01000
|
trusted library allocation
|
page read and write
|
|
|
|
2E3E000
|
trusted library allocation
|
page read and write
|
|
|
|
104B000
|
trusted library allocation
|
page execute and read and write
|
||
|
EE5000
|
heap
|
page read and write
|
||
|
BF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
F23000
|
trusted library allocation
|
page execute and read and write
|
||
|
6CF0000
|
trusted library allocation
|
page read and write
|
||
|
9024000
|
heap
|
page read and write
|
||
|
C29000
|
heap
|
page read and write
|
||
|
4F33000
|
heap
|
page read and write
|
||
|
9022000
|
heap
|
page read and write
|
||
|
311E000
|
trusted library allocation
|
page read and write
|
||
|
4027000
|
trusted library allocation
|
page read and write
|
||
|
61A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8D5B000
|
stack
|
page read and write
|
||
|
5C1E000
|
stack
|
page read and write
|
||
|
8FA0000
|
trusted library allocation
|
page read and write
|
||
|
6294000
|
trusted library allocation
|
page read and write
|
||
|
57DE000
|
stack
|
page read and write
|
||
|
531C000
|
trusted library allocation
|
page read and write
|
||
|
B70000
|
trusted library allocation
|
page read and write
|
||
|
9350000
|
heap
|
page read and write
|
||
|
1244000
|
heap
|
page read and write
|
||
|
437000
|
remote allocation
|
page execute and read and write
|
||
|
68E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
F9B000
|
trusted library allocation
|
page read and write
|
||
|
5C5E000
|
stack
|
page read and write
|
||
|
81ED000
|
stack
|
page read and write
|
||
|
901E000
|
stack
|
page read and write
|
||
|
55BE000
|
stack
|
page read and write
|
||
|
2EFF000
|
trusted library allocation
|
page read and write
|
||
|
1060000
|
trusted library allocation
|
page read and write
|
||
|
C41000
|
heap
|
page read and write
|
||
|
129B000
|
heap
|
page read and write
|
||
|
F90000
|
trusted library allocation
|
page read and write
|
||
|
3DF9000
|
trusted library allocation
|
page read and write
|
||
|
552D000
|
trusted library allocation
|
page read and write
|
||
|
FEF000
|
trusted library allocation
|
page read and write
|
||
|
424000
|
remote allocation
|
page execute and read and write
|
||
|
29C1000
|
trusted library allocation
|
page read and write
|
||
|
EB7000
|
heap
|
page read and write
|
||
|
2A7F000
|
stack
|
page read and write
|
||
|
FD0000
|
trusted library allocation
|
page read and write
|
||
|
4EEE000
|
stack
|
page read and write
|
||
|
2A3A000
|
stack
|
page read and write
|
||
|
1020000
|
trusted library allocation
|
page read and write
|
||
|
4A0E000
|
stack
|
page read and write
|
||
|
1446000
|
trusted library allocation
|
page execute and read and write
|
||
|
9C9000
|
stack
|
page read and write
|
||
|
E3B000
|
stack
|
page read and write
|
||
|
52E0000
|
trusted library allocation
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
2E40000
|
trusted library allocation
|
page read and write
|
||
|
5330000
|
trusted library allocation
|
page read and write
|
||
|
121A000
|
heap
|
page read and write
|
||
|
402000
|
remote allocation
|
page execute and read and write
|
||
|
143D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
4FFA000
|
trusted library allocation
|
page read and write
|
||
|
F5B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F00000
|
trusted library allocation
|
page read and write
|
||
|
3B09000
|
trusted library allocation
|
page read and write
|
||
|
550B000
|
trusted library allocation
|
page read and write
|
||
|
1040000
|
trusted library allocation
|
page read and write
|
||
|
106F000
|
heap
|
page read and write
|
||
|
F70000
|
trusted library allocation
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
2EE0000
|
trusted library allocation
|
page read and write
|
||
|
39C7000
|
trusted library allocation
|
page read and write
|
||
|
84CB000
|
heap
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
5320000
|
trusted library section
|
page read and write
|
||
|
1490000
|
heap
|
page read and write
|
||
|
11DB000
|
heap
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
2EE6000
|
trusted library allocation
|
page read and write
|
||
|
5323000
|
heap
|
page read and write
|
||
|
145E000
|
stack
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
50B8000
|
trusted library allocation
|
page read and write
|
||
|
15A000
|
stack
|
page read and write
|
||
|
EE7000
|
heap
|
page read and write
|
||
|
5251000
|
trusted library allocation
|
page read and write
|
||
|
A46000
|
heap
|
page read and write
|
||
|
51BB000
|
stack
|
page read and write
|
||
|
56FE000
|
stack
|
page read and write
|
||
|
87C0000
|
heap
|
page read and write
|
||
|
63F5000
|
trusted library allocation
|
page read and write
|
||
|
84DA000
|
heap
|
page read and write
|
||
|
4113000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
4FEB000
|
trusted library allocation
|
page read and write
|
||
|
423000
|
remote allocation
|
page execute and read and write
|
||
|
2F09000
|
trusted library allocation
|
page read and write
|
||
|
1460000
|
trusted library allocation
|
page execute and read and write
|
||
|
1038000
|
heap
|
page read and write
|
||
|
3071000
|
trusted library allocation
|
page read and write
|
||
|
F3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
10F7000
|
stack
|
page read and write
|
||
|
5340000
|
heap
|
page read and write
|
||
|
8D1E000
|
stack
|
page read and write
|
||
|
2BCE000
|
unkown
|
page read and write
|
||
|
61F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
527D000
|
stack
|
page read and write
|
||
|
3DF1000
|
trusted library allocation
|
page read and write
|
||
|
BA6000
|
heap
|
page read and write
|
||
|
8E1D000
|
stack
|
page read and write
|
||
|
2DC4000
|
trusted library allocation
|
page read and write
|
||
|
6C60000
|
heap
|
page read and write
|
||
|
89EE000
|
stack
|
page read and write
|
||
|
9750000
|
trusted library allocation
|
page read and write
|
||
|
6780000
|
heap
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
636E000
|
stack
|
page read and write
|
||
|
3B29000
|
trusted library allocation
|
page read and write
|
||
|
27DD000
|
stack
|
page read and write
|
||
|
81AD000
|
stack
|
page read and write
|
||
|
2AD0000
|
trusted library allocation
|
page read and write
|
||
|
B87000
|
trusted library allocation
|
page execute and read and write
|
||
|
50CC000
|
trusted library allocation
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
546E000
|
stack
|
page read and write
|
||
|
5308000
|
trusted library allocation
|
page read and write
|
||
|
50C2000
|
trusted library allocation
|
page read and write
|
||
|
FBE000
|
stack
|
page read and write
|
||
|
5020000
|
trusted library allocation
|
page read and write
|
||
|
F52000
|
trusted library allocation
|
page read and write
|
||
|
3971000
|
trusted library allocation
|
page read and write
|
||
|
94CC000
|
stack
|
page read and write
|
||
|
2AC0000
|
trusted library allocation
|
page read and write
|
||
|
10CB000
|
heap
|
page read and write
|
||
|
165F000
|
stack
|
page read and write
|
||
|
412000
|
remote allocation
|
page execute and read and write
|
||
|
D75000
|
heap
|
page read and write
|
||
|
B54000
|
trusted library allocation
|
page read and write
|
||
|
105D000
|
heap
|
page read and write
|
||
|
144A000
|
trusted library allocation
|
page execute and read and write
|
||
|
62B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
52F0000
|
trusted library allocation
|
page read and write
|
||
|
902D000
|
heap
|
page read and write
|
||
|
61E0000
|
heap
|
page read and write
|
||
|
5256000
|
trusted library allocation
|
page read and write
|
||
|
891D000
|
stack
|
page read and write
|
||
|
B7A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A6E000
|
trusted library allocation
|
page read and write
|
||
|
421E000
|
trusted library allocation
|
page read and write
|
||
|
515E000
|
stack
|
page read and write
|
||
|
895E000
|
stack
|
page read and write
|
||
|
5500000
|
trusted library allocation
|
page read and write
|
||
|
2AE4000
|
trusted library allocation
|
page read and write
|
||
|
B40000
|
trusted library allocation
|
page read and write
|
||
|
8B2E000
|
stack
|
page read and write
|
||
|
6790000
|
trusted library allocation
|
page execute and read and write
|
||
|
5490000
|
trusted library allocation
|
page read and write
|
||
|
1042000
|
trusted library allocation
|
page read and write
|
||
|
974E000
|
stack
|
page read and write
|
||
|
5320000
|
heap
|
page read and write
|
||
|
54F0000
|
heap
|
page read and write
|
||
|
F4A000
|
trusted library allocation
|
page execute and read and write
|
||
|
F40000
|
trusted library allocation
|
page read and write
|
||
|
4B08000
|
trusted library allocation
|
page read and write
|
||
|
5262000
|
trusted library allocation
|
page read and write
|
||
|
F8E000
|
stack
|
page read and write
|
||
|
57FE000
|
stack
|
page read and write
|
||
|
8AEE000
|
stack
|
page read and write
|
||
|
5450000
|
trusted library section
|
page read and write
|
||
|
5720000
|
trusted library allocation
|
page read and write
|
||
|
4FEE000
|
trusted library allocation
|
page read and write
|
||
|
2E53000
|
trusted library allocation
|
page read and write
|
||
|
52D0000
|
heap
|
page read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
3120000
|
trusted library allocation
|
page read and write
|
||
|
B5D000
|
trusted library allocation
|
page execute and read and write
|
||
|
FF5000
|
trusted library allocation
|
page read and write
|
||
|
93CC000
|
stack
|
page read and write
|
||
|
4E8E000
|
stack
|
page read and write
|
||
|
B53000
|
trusted library allocation
|
page execute and read and write
|
||
|
1254000
|
heap
|
page read and write
|
||
|
10C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1252000
|
heap
|
page read and write
|
||
|
5570000
|
heap
|
page read and write
|
||
|
B60000
|
trusted library allocation
|
page read and write
|
||
|
2DC0000
|
trusted library allocation
|
page read and write
|
||
|
4C9D000
|
stack
|
page read and write
|
||
|
4FE0000
|
trusted library allocation
|
page read and write
|
||
|
4482000
|
trusted library allocation
|
page read and write
|
||
|
502000
|
unkown
|
page readonly
|
||
|
1000000
|
trusted library allocation
|
page read and write
|
||
|
1350000
|
heap
|
page read and write
|
||
|
2C4E000
|
stack
|
page read and write
|
||
|
23C0000
|
heap
|
page read and write
|
||
|
5170000
|
heap
|
page read and write
|
||
|
62E0000
|
trusted library allocation
|
page read and write
|
||
|
549A000
|
trusted library allocation
|
page read and write
|
||
|
525D000
|
trusted library allocation
|
page read and write
|
||
|
FF4000
|
heap
|
page read and write
|
||
|
F20000
|
trusted library allocation
|
page read and write
|
||
|
1014000
|
trusted library allocation
|
page read and write
|
||
|
62FD000
|
stack
|
page read and write
|
||
|
101D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CD0000
|
heap
|
page read and write
|
||
|
62E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
B1A000
|
stack
|
page read and write
|
||
|
A2E000
|
stack
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
4E90000
|
trusted library section
|
page read and write
|
||
|
5330000
|
heap
|
page read and write
|
||
|
142D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E3C000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
trusted library allocation
|
page read and write
|
||
|
5490000
|
heap
|
page execute and read and write
|
||
|
84C2000
|
heap
|
page read and write
|
||
|
50C6000
|
trusted library allocation
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
E60000
|
trusted library allocation
|
page read and write
|
||
|
6290000
|
trusted library allocation
|
page read and write
|
||
|
507C000
|
stack
|
page read and write
|
||
|
5236000
|
trusted library allocation
|
page read and write
|
||
|
524A000
|
trusted library allocation
|
page read and write
|
||
|
2ABC000
|
stack
|
page read and write
|
||
|
2E0B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5242000
|
trusted library allocation
|
page read and write
|
||
|
4FE6000
|
trusted library allocation
|
page read and write
|
||
|
438000
|
remote allocation
|
page execute and read and write
|
||
|
3B6E000
|
trusted library allocation
|
page read and write
|
||
|
5300000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AE0000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
trusted library allocation
|
page read and write
|
||
|
904D000
|
heap
|
page read and write
|
||
|
964E000
|
stack
|
page read and write
|
||
|
5600000
|
heap
|
page read and write
|
||
|
648E000
|
stack
|
page read and write
|
||
|
6490000
|
heap
|
page read and write
|
||
|
F55000
|
trusted library allocation
|
page execute and read and write
|
||
|
C83000
|
heap
|
page read and write
|
||
|
5074000
|
trusted library allocation
|
page read and write
|
||
|
1442000
|
trusted library allocation
|
page read and write
|
||
|
511E000
|
stack
|
page read and write
|
||
|
500000
|
unkown
|
page readonly
|
||
|
5180000
|
heap
|
page read and write
|
||
|
5A2D000
|
stack
|
page read and write
|
||
|
155F000
|
stack
|
page read and write
|
||
|
56DC000
|
stack
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
2F05000
|
trusted library allocation
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
925E000
|
stack
|
page read and write
|
||
|
3977000
|
trusted library allocation
|
page read and write
|
||
|
62D7000
|
trusted library allocation
|
page read and write
|
||
|
915E000
|
stack
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
FAE000
|
trusted library allocation
|
page read and write
|
||
|
5C60000
|
trusted library section
|
page read and write
|
||
|
5160000
|
trusted library allocation
|
page read and write
|
||
|
5900000
|
trusted library allocation
|
page read and write
|
||
|
524E000
|
trusted library allocation
|
page read and write
|
||
|
3E5D000
|
trusted library allocation
|
page read and write
|
||
|
1440000
|
trusted library allocation
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
1000000
|
trusted library allocation
|
page read and write
|
||
|
5A90000
|
trusted library allocation
|
page read and write
|
||
|
5A80000
|
heap
|
page read and write
|
||
|
6420000
|
trusted library allocation
|
page execute and read and write
|
||
|
64D2000
|
heap
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
4405000
|
trusted library allocation
|
page read and write
|
||
|
84B2000
|
heap
|
page read and write
|
||
|
5001000
|
trusted library allocation
|
page read and write
|
||
|
2DC6000
|
trusted library allocation
|
page read and write
|
||
|
2E02000
|
trusted library allocation
|
page read and write
|
||
|
523B000
|
trusted library allocation
|
page read and write
|
||
|
10AE000
|
stack
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
1298000
|
trusted library allocation
|
page read and write
|
||
|
8B1E000
|
stack
|
page read and write
|
||
|
436000
|
remote allocation
|
page execute and read and write
|
||
|
B82000
|
trusted library allocation
|
page read and write
|
||
|
581E000
|
stack
|
page read and write
|
||
|
8C9000
|
stack
|
page read and write
|
||
|
628F000
|
stack
|
page read and write
|
||
|
5012000
|
trusted library allocation
|
page read and write
|
||
|
50C0000
|
trusted library allocation
|
page read and write
|
||
|
BA0000
|
trusted library allocation
|
page read and write
|
||
|
50BE000
|
stack
|
page read and write
|
||
|
EDA000
|
heap
|
page read and write
|
||
|
301E000
|
stack
|
page read and write
|
||
|
102D000
|
trusted library allocation
|
page execute and read and write
|
||
|
839000
|
stack
|
page read and write
|
||
|
950E000
|
stack
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
B6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
27EB000
|
heap
|
page read and write
|
||
|
63DE000
|
stack
|
page read and write
|
||
|
6300000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B80000
|
heap
|
page read and write
|
||
|
DFE000
|
stack
|
page read and write
|
||
|
FBD000
|
trusted library allocation
|
page read and write
|
||
|
2BE000
|
stack
|
page read and write
|
||
|
5DDE000
|
stack
|
page read and write
|
||
|
89AF000
|
stack
|
page read and write
|
||
|
1059000
|
heap
|
page read and write
|
||
|
FC8000
|
heap
|
page read and write
|
||
|
56BE000
|
stack
|
page read and write
|
||
|
1424000
|
trusted library allocation
|
page read and write
|
||
|
5532000
|
trusted library allocation
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
DF9000
|
stack
|
page read and write
|
||
|
3A63000
|
trusted library allocation
|
page read and write
|
||
|
4389000
|
trusted library allocation
|
page read and write
|
||
|
2EDC000
|
stack
|
page read and write
|
||
|
F42000
|
trusted library allocation
|
page read and write
|
||
|
8C1F000
|
stack
|
page read and write
|
||
|
49C0000
|
trusted library allocation
|
page read and write
|
||
|
3021000
|
trusted library allocation
|
page read and write
|
||
|
B76000
|
trusted library allocation
|
page execute and read and write
|
||
|
62A6000
|
trusted library allocation
|
page read and write
|
||
|
84AE000
|
stack
|
page read and write
|
||
|
121E000
|
heap
|
page read and write
|
||
|
62CE000
|
stack
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
1423000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B60000
|
heap
|
page read and write
|
||
|
61D0000
|
heap
|
page read and write
|
||
|
413000
|
remote allocation
|
page execute and read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
2A80000
|
heap
|
page read and write
|
||
|
1010000
|
trusted library allocation
|
page read and write
|
||
|
8E9E000
|
stack
|
page read and write
|
||
|
5070000
|
trusted library allocation
|
page read and write
|
||
|
FF0000
|
trusted library allocation
|
page read and write
|
||
|
1032000
|
trusted library allocation
|
page read and write
|
||
|
C43000
|
heap
|
page read and write
|
||
|
141E000
|
stack
|
page read and write
|
||
|
5573000
|
heap
|
page read and write
|
||
|
5060000
|
trusted library allocation
|
page execute and read and write
|
||
|
63E0000
|
trusted library allocation
|
page read and write
|
||
|
F57000
|
trusted library allocation
|
page execute and read and write
|
||
|
5270000
|
trusted library allocation
|
page read and write
|
||
|
250000
|
heap
|
page read and write
|
||
|
20E000
|
unkown
|
page read and write
|
||
|
2CD8000
|
heap
|
page read and write
|
||
|
5550000
|
heap
|
page execute and read and write
|
||
|
4021000
|
trusted library allocation
|
page read and write
|
||
|
1430000
|
trusted library allocation
|
page read and write
|
||
|
639F000
|
stack
|
page read and write
|
||
|
5470000
|
trusted library allocation
|
page read and write
|
||
|
3B01000
|
trusted library allocation
|
page read and write
|
||
|
49C5000
|
trusted library allocation
|
page read and write
|
||
|
F30000
|
trusted library allocation
|
page read and write
|
||
|
937000
|
stack
|
page read and write
|
||
|
5070000
|
heap
|
page execute and read and write
|
||
|
766E000
|
stack
|
page read and write
|
||
|
27E0000
|
heap
|
page read and write
|
||
|
56FD000
|
stack
|
page read and write
|
||
|
585E000
|
stack
|
page read and write
|
||
|
68D0000
|
heap
|
page read and write
|
||
|
61ED000
|
stack
|
page read and write
|
||
|
EF9000
|
stack
|
page read and write
|
||
|
84B0000
|
heap
|
page read and write
|
||
|
5610000
|
trusted library allocation
|
page read and write
|
||
|
1045000
|
trusted library allocation
|
page execute and read and write
|
||
|
296E000
|
stack
|
page read and write
|
||
|
6F0E000
|
stack
|
page read and write
|
||
|
67AB000
|
heap
|
page read and write
|
||
|
5173000
|
heap
|
page read and write
|
||
|
1013000
|
trusted library allocation
|
page execute and read and write
|
||
|
24F000
|
unkown
|
page read and write
|
||
|
6760000
|
heap
|
page read and write
|
||
|
8C2E000
|
stack
|
page read and write
|
||
|
D3F000
|
stack
|
page read and write
|
||
|
5050000
|
trusted library allocation
|
page read and write
|
||
|
1420000
|
trusted library allocation
|
page read and write
|
||
|
4F30000
|
heap
|
page read and write
|
||
|
67D0000
|
heap
|
page read and write
|
||
|
52CC000
|
stack
|
page read and write
|
||
|
1470000
|
trusted library allocation
|
page read and write
|
||
|
B50000
|
trusted library allocation
|
page read and write
|
||
|
4FFE000
|
trusted library allocation
|
page read and write
|
||
|
2EE4000
|
trusted library allocation
|
page read and write
|
||
|
4B0C000
|
stack
|
page read and write
|
||
|
FDE000
|
heap
|
page read and write
|
||
|
87AD000
|
stack
|
page read and write
|
||
|
1030000
|
trusted library allocation
|
page read and write
|
||
|
9EE000
|
stack
|
page read and write
|
||
|
B72000
|
trusted library allocation
|
page read and write
|
||
|
C47000
|
heap
|
page read and write
|
||
|
2C8F000
|
stack
|
page read and write
|
||
|
62D0000
|
trusted library allocation
|
page read and write
|
||
|
435000
|
remote allocation
|
page execute and read and write
|
||
|
86AF000
|
stack
|
page read and write
|
||
|
1036000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E19000
|
trusted library allocation
|
page read and write
|
||
|
5460000
|
trusted library section
|
page read and write
|
||
|
4FE4000
|
trusted library allocation
|
page read and write
|
||
|
54C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5F8E000
|
stack
|
page read and write
|
||
|
8F9E000
|
stack
|
page read and write
|
||
|
BEE000
|
stack
|
page read and write
|
||
|
F94000
|
trusted library allocation
|
page read and write
|
||
|
5920000
|
heap
|
page read and write
|
||
|
504B000
|
stack
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
8E20000
|
heap
|
page read and write
|
||
|
904A000
|
heap
|
page read and write
|
||
|
1200000
|
trusted library allocation
|
page read and write
|
||
|
2C0F000
|
unkown
|
page read and write
|
||
|
128E000
|
stack
|
page read and write
|
||
|
7F960000
|
trusted library allocation
|
page execute and read and write
|
||
|
1480000
|
trusted library allocation
|
page read and write
|
||
|
2971000
|
trusted library allocation
|
page read and write
|
||
|
11D000
|
stack
|
page read and write
|
||
|
551E000
|
trusted library allocation
|
page read and write
|
||
|
C0E000
|
heap
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
5310000
|
trusted library allocation
|
page read and write
|
||
|
2E20000
|
trusted library allocation
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
F4E000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
F2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
960E000
|
stack
|
page read and write
|
||
|
2F10000
|
heap
|
page execute and read and write
|
||
|
2E07000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B20000
|
trusted library allocation
|
page read and write
|
||
|
63F0000
|
trusted library allocation
|
page read and write
|
||
|
434000
|
remote allocation
|
page execute and read and write
|
||
|
83AE000
|
stack
|
page read and write
|
||
|
608E000
|
stack
|
page read and write
|
||
|
FEA000
|
heap
|
page read and write
|
||
|
7441000
|
trusted library allocation
|
page read and write
|
||
|
32A7000
|
trusted library allocation
|
page read and write
|
||
|
5504000
|
trusted library allocation
|
page read and write
|
||
|
C08000
|
heap
|
page read and write
|
||
|
5726000
|
trusted library allocation
|
page read and write
|
||
|
2E30000
|
trusted library allocation
|
page execute and read and write
|
||
|
5AE0000
|
trusted library allocation
|
page read and write
|
||
|
3B6C000
|
trusted library allocation
|
page read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
523E000
|
trusted library allocation
|
page read and write
|
||
|
FB6000
|
trusted library allocation
|
page read and write
|
||
|
517E000
|
stack
|
page read and write
|
||
|
FA4000
|
heap
|
page read and write
|
||
|
2FF000
|
stack
|
page read and write
|
||
|
F24000
|
trusted library allocation
|
page read and write
|
||
|
4FE0000
|
trusted library allocation
|
page read and write
|
||
|
505E000
|
stack
|
page read and write
|
||
|
5480000
|
trusted library allocation
|
page execute and read and write
|
||
|
5230000
|
trusted library allocation
|
page read and write
|
||
|
103A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B62000
|
trusted library allocation
|
page read and write
|
||
|
3A15000
|
trusted library allocation
|
page read and write
|
||
|
B8B000
|
trusted library allocation
|
page execute and read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
50D0000
|
heap
|
page execute and read and write
|
||
|
270000
|
heap
|
page read and write
|
||
|
6750000
|
trusted library allocation
|
page read and write
|
||
|
E70000
|
heap
|
page execute and read and write
|
||
|
84C8000
|
heap
|
page read and write
|
||
|
5AB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
49AE000
|
stack
|
page read and write
|
||
|
632E000
|
stack
|
page read and write
|
||
|
5910000
|
trusted library allocation
|
page execute and read and write
|
||
|
1450000
|
heap
|
page read and write
|
||
|
63F0000
|
trusted library allocation
|
page read and write
|
||
|
2DD0000
|
heap
|
page execute and read and write
|
||
|
5521000
|
trusted library allocation
|
page read and write
|
||
|
FB1000
|
trusted library allocation
|
page read and write
|
||
|
F46000
|
trusted library allocation
|
page execute and read and write
|
||
|
5540000
|
trusted library allocation
|
page read and write
|
||
|
2EF0000
|
trusted library allocation
|
page read and write
|
||
|
62A0000
|
trusted library allocation
|
page read and write
|
||
|
500D000
|
trusted library allocation
|
page read and write
|
||
|
5300000
|
trusted library allocation
|
page read and write
|
||
|
8E5C000
|
stack
|
page read and write
|
||
|
5007000
|
trusted library allocation
|
page read and write
|
||
|
11AE000
|
stack
|
page read and write
|
||
|
BEE000
|
stack
|
page read and write
|
||
|
7F920000
|
trusted library allocation
|
page execute and read and write
|
||
|
30D0000
|
trusted library allocation
|
page read and write
|
||
|
58FB000
|
stack
|
page read and write
|
||
|
C36000
|
heap
|
page read and write
|
||
|
7F740000
|
trusted library allocation
|
page execute and read and write
|
||
|
5526000
|
trusted library allocation
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
12DE000
|
heap
|
page read and write
|
||
|
6860000
|
trusted library allocation
|
page read and write
|
||
|
87B0000
|
heap
|
page read and write
|
||
|
2E9E000
|
stack
|
page read and write
|
||
|
2AF0000
|
heap
|
page execute and read and write
|
||
|
5AA0000
|
trusted library allocation
|
page read and write
|
||
|
2E50000
|
heap
|
page read and write
|
||
|
659E000
|
stack
|
page read and write
|
||
|
2B4C000
|
trusted library allocation
|
page read and write
|
||
|
63E7000
|
trusted library allocation
|
page read and write
|
||
|
FC2000
|
trusted library allocation
|
page read and write
|
||
|
2DBC000
|
stack
|
page read and write
|
||
|
54BC000
|
stack
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
9020000
|
heap
|
page read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
1047000
|
trusted library allocation
|
page execute and read and write
|
||
|
5500000
|
heap
|
page read and write
|
||
|
4FF2000
|
trusted library allocation
|
page read and write
|
||
|
63FA000
|
trusted library allocation
|
page read and write
|
||
|
E7E000
|
stack
|
page read and write
|
There are 503 hidden memdumps, click here to show them.