Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
7z2301-x64.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
|
C:\Program Files\7-Zip\7-zip.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
 |
|
|
C:\Program Files\7-Zip\7-zip32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\7-Zip\7z.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\7-Zip\7z.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\7-Zip\7zFM.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\7-Zip\7zG.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\7-Zip\Uninstall.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\7-Zip\7-zip.chm
|
MS Windows HtmlHelp Data
|
dropped
|
||
|
C:\Program Files\7-Zip\7z.sfx
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files\7-Zip\7zCon.sfx
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files\7-Zip\History.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\af.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\an.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\ar.txt
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\ast.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\az.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\ba.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\be.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\bg.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\bn.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\br.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\ca.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\co.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\cs.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\cy.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\da.txt
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\de.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\el.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\en.ttt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\eo.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\es.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\et.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\eu.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\ext.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\fa.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\fi.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\fr.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\fur.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\fy.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\ga.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\gl.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\gu.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\he.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\hi.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\hr.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\hu.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\hy.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\id.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\io.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\is.txt
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\it.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\ja.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\ka.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\kaa.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\kab.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\kk.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\ko.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\ku-ckb.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\ku.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\ky.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\lij.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\lt.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\lv.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\mk.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\mn.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\mng.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\mng2.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\mr.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\ms.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\nb.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\ne.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\nl.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\nn.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\pa-in.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\pl.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\ps.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\pt-br.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\pt.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\ro.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\ru.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\sa.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\si.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\sk.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\sl.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\sq.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\sr-spc.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\sr-spl.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\sv.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\sw.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\ta.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\tg.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\th.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\tk.txt
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\tr.txt
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\tt.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\ug.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\uk.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\uz-cyrl.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\uz.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\va.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\vi.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\yo.txt
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\zh-cn.txt
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\zh-tw.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\License.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\descript.ion
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\readme.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Tue Oct 3 09:51:28
2023, mtime=Thu Apr 18 20:56:53 2024, atime=Tue Jun 20 07:00:00 2023, length=952832, window=hide
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Tue Oct 3 09:51:28
2023, mtime=Thu Apr 18 20:56:53 2024, atime=Tue Jun 20 06:00:00 2023, length=115300, window=hide
|
dropped
|
There are 100 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\7z2301-x64.exe
|
"C:\Users\user\Desktop\7z2301-x64.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.gnu.org/
|
unknown
|
||
|
https://www.7-zip.org/
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\7-Zip
|
Path64
|
||
|
HKEY_CURRENT_USER\SOFTWARE\7-Zip
|
Path
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\24\417C44EB
|
@C:\Windows\system32\windows.storage.dll,-50691
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
83E000
|
heap
|
page read and write
|
||
|
50C0000
|
heap
|
page read and write
|
||
|
509B000
|
heap
|
page read and write
|
||
|
6A6D000
|
stack
|
page read and write
|
||
|
873000
|
heap
|
page read and write
|
||
|
509E000
|
heap
|
page read and write
|
||
|
508D000
|
heap
|
page read and write
|
||
|
50FC000
|
heap
|
page read and write
|
||
|
508D000
|
heap
|
page read and write
|
||
|
899000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
50E3000
|
heap
|
page read and write
|
||
|
50DC000
|
heap
|
page read and write
|
||
|
50BC000
|
heap
|
page read and write
|
||
|
5125000
|
heap
|
page read and write
|
||
|
54CF000
|
stack
|
page read and write
|
||
|
50DC000
|
heap
|
page read and write
|
||
|
823000
|
heap
|
page read and write
|
||
|
50C7000
|
heap
|
page read and write
|
||
|
82F000
|
heap
|
page read and write
|
||
|
50EE000
|
heap
|
page read and write
|
||
|
83E000
|
heap
|
page read and write
|
||
|
7CB000
|
heap
|
page read and write
|
||
|
510F000
|
heap
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
509B000
|
heap
|
page read and write
|
||
|
5115000
|
heap
|
page read and write
|
||
|
861000
|
heap
|
page read and write
|
||
|
96000
|
stack
|
page read and write
|
||
|
5110000
|
heap
|
page read and write
|
||
|
50DC000
|
heap
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
873000
|
heap
|
page read and write
|
||
|
50C1000
|
heap
|
page read and write
|
||
|
50A2000
|
heap
|
page read and write
|
||
|
5111000
|
heap
|
page read and write
|
||
|
50CC000
|
heap
|
page read and write
|
||
|
5098000
|
heap
|
page read and write
|
||
|
50A8000
|
heap
|
page read and write
|
||
|
5092000
|
heap
|
page read and write
|
||
|
50B4000
|
heap
|
page read and write
|
||
|
50A5000
|
heap
|
page read and write
|
||
|
4B5C000
|
stack
|
page read and write
|
||
|
4C5B000
|
stack
|
page read and write
|
||
|
5099000
|
heap
|
page read and write
|
||
|
50EE000
|
heap
|
page read and write
|
||
|
50AC000
|
heap
|
page read and write
|
||
|
50E3000
|
heap
|
page read and write
|
||
|
508D000
|
heap
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
83E000
|
heap
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
510E000
|
heap
|
page read and write
|
||
|
50E3000
|
heap
|
page read and write
|
||
|
50ED000
|
heap
|
page read and write
|
||
|
50CC000
|
heap
|
page read and write
|
||
|
53CB000
|
stack
|
page read and write
|
||
|
50DD000
|
heap
|
page read and write
|
||
|
4F90000
|
trusted library allocation
|
page read and write
|
||
|
50E1000
|
heap
|
page read and write
|
||
|
5093000
|
heap
|
page read and write
|
||
|
50D9000
|
heap
|
page read and write
|
||
|
4B1B000
|
stack
|
page read and write
|
||
|
510E000
|
heap
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
50EE000
|
heap
|
page read and write
|
||
|
50ED000
|
heap
|
page read and write
|
||
|
50F6000
|
heap
|
page read and write
|
||
|
50AC000
|
heap
|
page read and write
|
||
|
50E1000
|
heap
|
page read and write
|
||
|
5099000
|
heap
|
page read and write
|
||
|
507A000
|
heap
|
page read and write
|
||
|
50AF000
|
heap
|
page read and write
|
||
|
6AAC000
|
stack
|
page read and write
|
||
|
50EE000
|
heap
|
page read and write
|
||
|
50FC000
|
heap
|
page read and write
|
||
|
50BC000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
508D000
|
heap
|
page read and write
|
||
|
507F000
|
heap
|
page read and write
|
||
|
89B000
|
heap
|
page read and write
|
||
|
5107000
|
heap
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
5090000
|
heap
|
page read and write
|
||
|
5125000
|
heap
|
page read and write
|
||
|
50E3000
|
heap
|
page read and write
|
||
|
5115000
|
heap
|
page read and write
|
||
|
5100000
|
heap
|
page read and write
|
||
|
5115000
|
heap
|
page read and write
|
||
|
50AD000
|
heap
|
page read and write
|
||
|
50B2000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
50B2000
|
heap
|
page read and write
|
||
|
50C7000
|
heap
|
page read and write
|
||
|
4F90000
|
trusted library allocation
|
page read and write
|
||
|
5090000
|
heap
|
page read and write
|
||
|
4E4E000
|
stack
|
page read and write
|
||
|
50CC000
|
heap
|
page read and write
|
||
|
50F5000
|
heap
|
page read and write
|
||
|
50E0000
|
heap
|
page read and write
|
||
|
4F50000
|
trusted library allocation
|
page read and write
|
||
|
50B2000
|
heap
|
page read and write
|
||
|
89C000
|
heap
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
50AC000
|
heap
|
page read and write
|
||
|
5090000
|
heap
|
page read and write
|
||
|
510B000
|
heap
|
page read and write
|
||
|
50F8000
|
heap
|
page read and write
|
||
|
50C7000
|
heap
|
page read and write
|
||
|
508D000
|
heap
|
page read and write
|
||
|
50AC000
|
heap
|
page read and write
|
||
|
84F000
|
heap
|
page read and write
|
||
|
50E7000
|
heap
|
page read and write
|
||
|
50BC000
|
heap
|
page read and write
|
||
|
50B2000
|
heap
|
page read and write
|
||
|
50BC000
|
heap
|
page read and write
|
||
|
50AC000
|
heap
|
page read and write
|
||
|
89C000
|
heap
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
50AC000
|
heap
|
page read and write
|
||
|
873000
|
heap
|
page read and write
|
||
|
508D000
|
heap
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
50B2000
|
heap
|
page read and write
|
||
|
50BC000
|
heap
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
745000
|
heap
|
page read and write
|
||
|
5100000
|
heap
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
864000
|
heap
|
page read and write
|
||
|
4E20000
|
trusted library allocation
|
page read and write
|
||
|
508D000
|
heap
|
page read and write
|
||
|
50A5000
|
heap
|
page read and write
|
||
|
50E3000
|
heap
|
page read and write
|
||
|
854000
|
heap
|
page read and write
|
||
|
50E3000
|
heap
|
page read and write
|
||
|
873000
|
heap
|
page read and write
|
||
|
5110000
|
heap
|
page read and write
|
||
|
2651000
|
heap
|
page read and write
|
||
|
509B000
|
heap
|
page read and write
|
||
|
5111000
|
heap
|
page read and write
|
||
|
50E7000
|
heap
|
page read and write
|
||
|
50BC000
|
heap
|
page read and write
|
||
|
509E000
|
heap
|
page read and write
|
||
|
50D7000
|
heap
|
page read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
50F5000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
50ED000
|
heap
|
page read and write
|
||
|
50D7000
|
heap
|
page read and write
|
||
|
5100000
|
heap
|
page read and write
|
||
|
50BC000
|
heap
|
page read and write
|
||
|
50F6000
|
heap
|
page read and write
|
||
|
50BC000
|
heap
|
page read and write
|
||
|
50AC000
|
heap
|
page read and write
|
||
|
85E000
|
heap
|
page read and write
|
||
|
50DC000
|
heap
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
507A000
|
heap
|
page read and write
|
||
|
50B4000
|
heap
|
page read and write
|
||
|
5093000
|
heap
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
899000
|
heap
|
page read and write
|
||
|
50BC000
|
heap
|
page read and write
|
||
|
50E3000
|
heap
|
page read and write
|
||
|
5100000
|
heap
|
page read and write
|
||
|
5115000
|
heap
|
page read and write
|
||
|
50AC000
|
heap
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
50F5000
|
heap
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
50DC000
|
heap
|
page read and write
|
||
|
509E000
|
heap
|
page read and write
|
||
|
50AF000
|
heap
|
page read and write
|
||
|
21D4000
|
heap
|
page read and write
|
||
|
5116000
|
heap
|
page read and write
|
||
|
510E000
|
heap
|
page read and write
|
||
|
509C000
|
heap
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
50B8000
|
heap
|
page read and write
|
||
|
50C0000
|
heap
|
page read and write
|
||
|
5110000
|
heap
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
50ED000
|
heap
|
page read and write
|
||
|
50DC000
|
heap
|
page read and write
|
||
|
50DB000
|
heap
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
50DC000
|
heap
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
50BC000
|
heap
|
page read and write
|
||
|
509E000
|
heap
|
page read and write
|
||
|
50E3000
|
heap
|
page read and write
|
||
|
510F000
|
heap
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
50C8000
|
heap
|
page read and write
|
||
|
50E1000
|
heap
|
page read and write
|
||
|
5113000
|
heap
|
page read and write
|
||
|
507A000
|
heap
|
page read and write
|
||
|
50B7000
|
heap
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
509C000
|
heap
|
page read and write
|
||
|
4F90000
|
trusted library allocation
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
509C000
|
heap
|
page read and write
|
||
|
50D9000
|
heap
|
page read and write
|
||
|
50F3000
|
heap
|
page read and write
|
||
|
50A2000
|
heap
|
page read and write
|
||
|
50DB000
|
heap
|
page read and write
|
||
|
50F6000
|
heap
|
page read and write
|
||
|
50E1000
|
heap
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
2718000
|
heap
|
page read and write
|
||
|
510F000
|
heap
|
page read and write
|
||
|
3D70000
|
trusted library allocation
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
50B7000
|
heap
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
7BF000
|
heap
|
page read and write
|
||
|
50CC000
|
heap
|
page read and write
|
||
|
50ED000
|
heap
|
page read and write
|
||
|
50EE000
|
heap
|
page read and write
|
||
|
5090000
|
heap
|
page read and write
|
||
|
50C7000
|
heap
|
page read and write
|
||
|
50D7000
|
heap
|
page read and write
|
||
|
866000
|
heap
|
page read and write
|
||
|
50FA000
|
heap
|
page read and write
|
||
|
50E3000
|
heap
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
50ED000
|
heap
|
page read and write
|
||
|
50AF000
|
heap
|
page read and write
|
||
|
5093000
|
heap
|
page read and write
|
||
|
50AF000
|
heap
|
page read and write
|
||
|
50F8000
|
heap
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
50F6000
|
heap
|
page read and write
|
||
|
5116000
|
heap
|
page read and write
|
||
|
410000
|
heap
|
page read and write
|
||
|
40D000
|
unkown
|
page readonly
|
||
|
50AD000
|
heap
|
page read and write
|
||
|
50B2000
|
heap
|
page read and write
|
||
|
50F2000
|
heap
|
page read and write
|
||
|
4F4E000
|
stack
|
page read and write
|
||
|
50BD000
|
heap
|
page read and write
|
||
|
5100000
|
heap
|
page read and write
|
||
|
40D000
|
unkown
|
page readonly
|
||
|
50DB000
|
heap
|
page read and write
|
||
|
5083000
|
heap
|
page read and write
|
||
|
50AD000
|
heap
|
page read and write
|
||
|
50D0000
|
heap
|
page read and write
|
||
|
84B000
|
heap
|
page read and write
|
||
|
5100000
|
heap
|
page read and write
|
||
|
510B000
|
heap
|
page read and write
|
||
|
50A8000
|
heap
|
page read and write
|
||
|
5090000
|
heap
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
50B4000
|
heap
|
page read and write
|
||
|
5090000
|
heap
|
page read and write
|
||
|
5111000
|
heap
|
page read and write
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
510D000
|
heap
|
page read and write
|
||
|
50FC000
|
heap
|
page read and write
|
||
|
510F000
|
heap
|
page read and write
|
||
|
50B7000
|
heap
|
page read and write
|
||
|
5098000
|
heap
|
page read and write
|
||
|
509A000
|
heap
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
509C000
|
heap
|
page read and write
|
||
|
50AC000
|
heap
|
page read and write
|
||
|
50AC000
|
heap
|
page read and write
|
||
|
89B000
|
heap
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
5110000
|
heap
|
page read and write
|
||
|
50FC000
|
heap
|
page read and write
|
||
|
50FC000
|
heap
|
page read and write
|
||
|
47CE000
|
stack
|
page read and write
|
||
|
2734000
|
heap
|
page read and write
|
||
|
510B000
|
heap
|
page read and write
|
||
|
5107000
|
heap
|
page read and write
|
||
|
83C000
|
heap
|
page read and write
|
||
|
861000
|
heap
|
page read and write
|
||
|
5100000
|
heap
|
page read and write
|
||
|
861000
|
heap
|
page read and write
|
||
|
50B7000
|
heap
|
page read and write
|
||
|
4C70000
|
heap
|
page read and write
|
||
|
5088000
|
heap
|
page read and write
|
||
|
5115000
|
heap
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
509C000
|
heap
|
page read and write
|
||
|
50A2000
|
heap
|
page read and write
|
||
|
510000
|
trusted library allocation
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
50AF000
|
heap
|
page read and write
|
||
|
5090000
|
heap
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
510F000
|
heap
|
page read and write
|
||
|
50B2000
|
heap
|
page read and write
|
||
|
29AB000
|
stack
|
page read and write
|
||
|
510F000
|
heap
|
page read and write
|
||
|
696E000
|
stack
|
page read and write
|
||
|
50EE000
|
heap
|
page read and write
|
||
|
510F000
|
heap
|
page read and write
|
||
|
4E70000
|
trusted library allocation
|
page read and write
|
||
|
5100000
|
heap
|
page read and write
|
||
|
4A1C000
|
stack
|
page read and write
|
||
|
5090000
|
heap
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
50B2000
|
heap
|
page read and write
|
||
|
50F3000
|
heap
|
page read and write
|
||
|
864000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
50CC000
|
heap
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
50BC000
|
heap
|
page read and write
|
||
|
84B000
|
heap
|
page read and write
|
||
|
50C8000
|
heap
|
page read and write
|
||
|
50DD000
|
heap
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
5079000
|
heap
|
page read and write
|
||
|
510F000
|
heap
|
page read and write
|
||
|
50BC000
|
heap
|
page read and write
|
||
|
84F000
|
heap
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
50C7000
|
heap
|
page read and write
|
||
|
50DB000
|
heap
|
page read and write
|
||
|
21D0000
|
heap
|
page read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
509F000
|
heap
|
page read and write
|
||
|
873000
|
heap
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
48CF000
|
stack
|
page read and write
|
||
|
50A8000
|
heap
|
page read and write
|
||
|
508D000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
50AC000
|
heap
|
page read and write
|
||
|
50DC000
|
heap
|
page read and write
|
||
|
50A6000
|
heap
|
page read and write
|
||
|
509A000
|
heap
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
5116000
|
heap
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
50E1000
|
heap
|
page read and write
|
||
|
509B000
|
heap
|
page read and write
|
||
|
50F5000
|
heap
|
page read and write
|
||
|
50BC000
|
heap
|
page read and write
|
||
|
50CD000
|
heap
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
5072000
|
heap
|
page read and write
|
||
|
50D9000
|
heap
|
page read and write
|
||
|
50BC000
|
heap
|
page read and write
|
||
|
50AF000
|
heap
|
page read and write
|
||
|
5107000
|
heap
|
page read and write
|
||
|
5114000
|
heap
|
page read and write
|
||
|
5115000
|
heap
|
page read and write
|
||
|
50D7000
|
heap
|
page read and write
|
||
|
50ED000
|
heap
|
page read and write
|
||
|
5030000
|
heap
|
page read and write
|
||
|
50BD000
|
heap
|
page read and write
|
||
|
50AD000
|
heap
|
page read and write
|
||
|
50B7000
|
heap
|
page read and write
|
||
|
28AC000
|
stack
|
page read and write
|
||
|
83E000
|
heap
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
5115000
|
heap
|
page read and write
|
||
|
84F000
|
heap
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
873000
|
heap
|
page read and write
|
||
|
5125000
|
heap
|
page read and write
|
||
|
510F000
|
heap
|
page read and write
|
||
|
84F000
|
heap
|
page read and write
|
||
|
510B000
|
heap
|
page read and write
|
||
|
510F000
|
heap
|
page read and write
|
||
|
50A6000
|
heap
|
page read and write
|
||
|
4F50000
|
trusted library allocation
|
page read and write
|
||
|
5093000
|
heap
|
page read and write
|
||
|
834000
|
heap
|
page read and write
|
||
|
509C000
|
heap
|
page read and write
|
||
|
50D7000
|
heap
|
page read and write
|
||
|
50DB000
|
heap
|
page read and write
|
||
|
88A000
|
heap
|
page read and write
|
||
|
50FD000
|
heap
|
page read and write
|
||
|
50E1000
|
heap
|
page read and write
|
||
|
52CC000
|
stack
|
page read and write
|
||
|
56E000
|
stack
|
page read and write
|
||
|
50ED000
|
heap
|
page read and write
|
||
|
508D000
|
heap
|
page read and write
|
||
|
5108000
|
heap
|
page read and write
|
||
|
274C000
|
stack
|
page read and write
|
||
|
4577000
|
heap
|
page read and write
|
||
|
508E000
|
heap
|
page read and write
|
||
|
508D000
|
heap
|
page read and write
|
||
|
5100000
|
heap
|
page read and write
|
||
|
509E000
|
heap
|
page read and write
|
||
|
50A2000
|
heap
|
page read and write
|
||
|
4F60000
|
trusted library allocation
|
page read and write
|
||
|
5090000
|
heap
|
page read and write
|
||
|
50F3000
|
heap
|
page read and write
|
||
|
50AC000
|
heap
|
page read and write
|
||
|
5090000
|
heap
|
page read and write
|
||
|
5100000
|
heap
|
page read and write
|
||
|
50BC000
|
heap
|
page read and write
|
||
|
5092000
|
heap
|
page read and write
|
||
|
50AC000
|
heap
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
50AF000
|
heap
|
page read and write
|
||
|
50C0000
|
heap
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
50E0000
|
heap
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
873000
|
heap
|
page read and write
|
||
|
50BC000
|
heap
|
page read and write
|
||
|
84F000
|
heap
|
page read and write
|
||
|
7CA000
|
heap
|
page read and write
|
||
|
5080000
|
heap
|
page read and write
|
||
|
873000
|
heap
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
5090000
|
heap
|
page read and write
|
||
|
50EE000
|
heap
|
page read and write
|
||
|
5108000
|
heap
|
page read and write
|
||
|
50E3000
|
heap
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
50BD000
|
heap
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
99E000
|
stack
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
7A7000
|
heap
|
page read and write
|
||
|
2610000
|
heap
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
50E3000
|
heap
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
50E3000
|
heap
|
page read and write
|
||
|
861000
|
heap
|
page read and write
|
||
|
509C000
|
heap
|
page read and write
|
||
|
509A000
|
heap
|
page read and write
|
||
|
50AC000
|
heap
|
page read and write
|
||
|
2850000
|
heap
|
page read and write
|
||
|
50ED000
|
heap
|
page read and write
|
||
|
6BAE000
|
stack
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
5093000
|
heap
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
50D7000
|
heap
|
page read and write
|
||
|
859000
|
heap
|
page read and write
|
||
|
5116000
|
heap
|
page read and write
|
||
|
50DD000
|
heap
|
page read and write
|
||
|
749000
|
heap
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
4F50000
|
trusted library allocation
|
page read and write
|
||
|
50A2000
|
heap
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
507A000
|
heap
|
page read and write
|
||
|
89C000
|
heap
|
page read and write
|
||
|
508D000
|
heap
|
page read and write
|
||
|
510F000
|
heap
|
page read and write
|
||
|
4C80000
|
heap
|
page read and write
|
||
|
5125000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
4C65000
|
heap
|
page read and write
|
||
|
50AC000
|
heap
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
510E000
|
heap
|
page read and write
|
||
|
510C000
|
heap
|
page read and write
|
||
|
509A000
|
heap
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
50FC000
|
heap
|
page read and write
|
||
|
865000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
5115000
|
heap
|
page read and write
|
||
|
5092000
|
heap
|
page read and write
|
||
|
50E1000
|
heap
|
page read and write
|
||
|
50BC000
|
heap
|
page read and write
|
||
|
4F50000
|
trusted library allocation
|
page read and write
|
||
|
50F8000
|
heap
|
page read and write
|
||
|
873000
|
heap
|
page read and write
|
||
|
510F000
|
heap
|
page read and write
|
||
|
5114000
|
heap
|
page read and write
|
||
|
5090000
|
heap
|
page read and write
|
||
|
50E3000
|
heap
|
page read and write
|
||
|
50BC000
|
heap
|
page read and write
|
||
|
50BC000
|
heap
|
page read and write
|
||
|
84F000
|
heap
|
page read and write
|
||
|
50D0000
|
heap
|
page read and write
|
||
|
2611000
|
heap
|
page read and write
|
||
|
50DC000
|
heap
|
page read and write
|
||
|
5125000
|
heap
|
page read and write
|
||
|
50A6000
|
heap
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
50B2000
|
heap
|
page read and write
|
||
|
5110000
|
heap
|
page read and write
|
||
|
50F6000
|
heap
|
page read and write
|
||
|
510F000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
507A000
|
heap
|
page read and write
|
||
|
4F50000
|
trusted library allocation
|
page read and write
|
||
|
5090000
|
heap
|
page read and write
|
||
|
5116000
|
heap
|
page read and write
|
||
|
82F000
|
heap
|
page read and write
|
||
|
84F000
|
heap
|
page read and write
|
||
|
510B000
|
heap
|
page read and write
|
||
|
5092000
|
heap
|
page read and write
|
||
|
5090000
|
heap
|
page read and write
|
||
|
284B000
|
stack
|
page read and write
|
||
|
50D7000
|
heap
|
page read and write
|
||
|
50A2000
|
heap
|
page read and write
|
||
|
5107000
|
heap
|
page read and write
|
||
|
7CE000
|
heap
|
page read and write
|
||
|
50ED000
|
heap
|
page read and write
|
||
|
5092000
|
heap
|
page read and write
|
||
|
4F90000
|
trusted library allocation
|
page read and write
|
||
|
85B000
|
heap
|
page read and write
|
||
|
50DB000
|
heap
|
page read and write
|
||
|
508D000
|
heap
|
page read and write
|
||
|
197000
|
stack
|
page read and write
|
||
|
50F1000
|
heap
|
page read and write
|
||
|
5D5000
|
heap
|
page read and write
|
||
|
510E000
|
heap
|
page read and write
|
||
|
50CC000
|
heap
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
5100000
|
heap
|
page read and write
|
||
|
5125000
|
heap
|
page read and write
|
||
|
50CC000
|
heap
|
page read and write
|
||
|
5090000
|
heap
|
page read and write
|
||
|
508D000
|
heap
|
page read and write
|
||
|
510B000
|
heap
|
page read and write
|
||
|
50AC000
|
heap
|
page read and write
|
||
|
5115000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
873000
|
heap
|
page read and write
|
||
|
50A2000
|
heap
|
page read and write
|
||
|
5105000
|
heap
|
page read and write
|
||
|
4F90000
|
trusted library allocation
|
page read and write
|
||
|
873000
|
heap
|
page read and write
|
||
|
50AC000
|
heap
|
page read and write
|
||
|
50CC000
|
heap
|
page read and write
|
||
|
4F8E000
|
stack
|
page read and write
|
||
|
5115000
|
heap
|
page read and write
|
||
|
50A5000
|
heap
|
page read and write
|
||
|
5109000
|
heap
|
page read and write
|
||
|
508D000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
There are 541 hidden memdumps, click here to show them.