Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
KjCBSM7Ukv.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_cvtres.exe_9cebbb35099493e8eef666c73a0984e3abb1_c414e931_7578e924-5677-4055-9699-9b04449069e8\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER40FF.tmp.dmp
|
Mini DuMP crash report, 15 streams, Fri Apr 19 05:36:04 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER42E5.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4315.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\KjCBSM7Ukv.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\KjCBSM7Ukv.exe
|
"C:\Users\user\Desktop\KjCBSM7Ukv.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe"
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 6752 -s 1668
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
gamemodz.duckdns.org
|
|
||
|
http://ip-api.com/line/?fields=hosting6
|
unknown
|
||
|
https://discord.com/2
|
unknown
|
||
|
https://github.com/mgravell/protobuf-neti
|
unknown
|
||
|
https://stackoverflow.com/q/14436606/23354
|
unknown
|
||
|
https://discord.com/6
|
unknown
|
||
|
https://github.com/mgravell/protobuf-netJ
|
unknown
|
||
|
https://discord.com/:
|
unknown
|
||
|
https://stackoverflow.com/q/11564914/23354;
|
unknown
|
||
|
https://stackoverflow.com/q/2152978/23354
|
unknown
|
||
|
https://discord.com/9
|
unknown
|
||
|
http://ip-api.com
|
unknown
|
||
|
http://ip-api.com/line/?fields=hostingy
|
unknown
|
||
|
https://github.com/mgravell/protobuf-net
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
https://discord.com/
|
unknown
|
||
|
https://discord.com/#
|
unknown
|
||
|
https://www.file-drop.cc
|
unknown
|
||
|
https://www.file-drop.cc/D/6829ab/Fizvmrd.vdf
|
172.67.146.180
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://ip-api.com/line/?fields=hosting
|
208.95.112.1
|
There are 11 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.file-drop.cc
|
172.67.146.180
|
||
|
ip-api.com
|
208.95.112.1
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
208.95.112.1
|
ip-api.com
|
United States
|
||
|
172.67.146.180
|
www.file-drop.cc
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KjCBSM7Ukv_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KjCBSM7Ukv_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KjCBSM7Ukv_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KjCBSM7Ukv_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KjCBSM7Ukv_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KjCBSM7Ukv_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KjCBSM7Ukv_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KjCBSM7Ukv_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KjCBSM7Ukv_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KjCBSM7Ukv_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KjCBSM7Ukv_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KjCBSM7Ukv_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KjCBSM7Ukv_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\KjCBSM7Ukv_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\cvtres_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\cvtres_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\cvtres_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\cvtres_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\cvtres_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\cvtres_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\cvtres_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\cvtres_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\cvtres_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\cvtres_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\cvtres_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\cvtres_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\cvtres_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\cvtres_RASMANCS
|
FileDirectory
|
||
|
\REGISTRY\A\{ccf82568-5391-0449-ed7b-24bb1190a687}\Root\InventoryApplicationFile\cvtres.exe|9c0eb88f7ba223af
|
ProgramId
|
||
|
\REGISTRY\A\{ccf82568-5391-0449-ed7b-24bb1190a687}\Root\InventoryApplicationFile\cvtres.exe|9c0eb88f7ba223af
|
FileId
|
||
|
\REGISTRY\A\{ccf82568-5391-0449-ed7b-24bb1190a687}\Root\InventoryApplicationFile\cvtres.exe|9c0eb88f7ba223af
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{ccf82568-5391-0449-ed7b-24bb1190a687}\Root\InventoryApplicationFile\cvtres.exe|9c0eb88f7ba223af
|
LongPathHash
|
||
|
\REGISTRY\A\{ccf82568-5391-0449-ed7b-24bb1190a687}\Root\InventoryApplicationFile\cvtres.exe|9c0eb88f7ba223af
|
Name
|
||
|
\REGISTRY\A\{ccf82568-5391-0449-ed7b-24bb1190a687}\Root\InventoryApplicationFile\cvtres.exe|9c0eb88f7ba223af
|
OriginalFileName
|
||
|
\REGISTRY\A\{ccf82568-5391-0449-ed7b-24bb1190a687}\Root\InventoryApplicationFile\cvtres.exe|9c0eb88f7ba223af
|
Publisher
|
||
|
\REGISTRY\A\{ccf82568-5391-0449-ed7b-24bb1190a687}\Root\InventoryApplicationFile\cvtres.exe|9c0eb88f7ba223af
|
Version
|
||
|
\REGISTRY\A\{ccf82568-5391-0449-ed7b-24bb1190a687}\Root\InventoryApplicationFile\cvtres.exe|9c0eb88f7ba223af
|
BinFileVersion
|
||
|
\REGISTRY\A\{ccf82568-5391-0449-ed7b-24bb1190a687}\Root\InventoryApplicationFile\cvtres.exe|9c0eb88f7ba223af
|
BinaryType
|
||
|
\REGISTRY\A\{ccf82568-5391-0449-ed7b-24bb1190a687}\Root\InventoryApplicationFile\cvtres.exe|9c0eb88f7ba223af
|
ProductName
|
||
|
\REGISTRY\A\{ccf82568-5391-0449-ed7b-24bb1190a687}\Root\InventoryApplicationFile\cvtres.exe|9c0eb88f7ba223af
|
ProductVersion
|
||
|
\REGISTRY\A\{ccf82568-5391-0449-ed7b-24bb1190a687}\Root\InventoryApplicationFile\cvtres.exe|9c0eb88f7ba223af
|
LinkDate
|
||
|
\REGISTRY\A\{ccf82568-5391-0449-ed7b-24bb1190a687}\Root\InventoryApplicationFile\cvtres.exe|9c0eb88f7ba223af
|
BinProductVersion
|
||
|
\REGISTRY\A\{ccf82568-5391-0449-ed7b-24bb1190a687}\Root\InventoryApplicationFile\cvtres.exe|9c0eb88f7ba223af
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{ccf82568-5391-0449-ed7b-24bb1190a687}\Root\InventoryApplicationFile\cvtres.exe|9c0eb88f7ba223af
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{ccf82568-5391-0449-ed7b-24bb1190a687}\Root\InventoryApplicationFile\cvtres.exe|9c0eb88f7ba223af
|
Size
|
||
|
\REGISTRY\A\{ccf82568-5391-0449-ed7b-24bb1190a687}\Root\InventoryApplicationFile\cvtres.exe|9c0eb88f7ba223af
|
Language
|
||
|
\REGISTRY\A\{ccf82568-5391-0449-ed7b-24bb1190a687}\Root\InventoryApplicationFile\cvtres.exe|9c0eb88f7ba223af
|
IsOsComponent
|
||
|
\REGISTRY\A\{ccf82568-5391-0449-ed7b-24bb1190a687}\Root\InventoryApplicationFile\cvtres.exe|9c0eb88f7ba223af
|
Usn
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
ClockTimeSeconds
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
TickCount
|
There are 41 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
26F8000
|
trusted library allocation
|
page read and write
|
|
|
|
5A30000
|
trusted library section
|
page read and write
|
|
|
|
5570000
|
trusted library section
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
37C9000
|
trusted library allocation
|
page read and write
|
|
|
|
3EC0000
|
trusted library allocation
|
page read and write
|
|
|
|
4160000
|
trusted library allocation
|
page read and write
|
|
|
|
63D1000
|
trusted library allocation
|
page read and write
|
|
|
|
268E000
|
trusted library allocation
|
page read and write
|
|
|
|
26E3000
|
trusted library allocation
|
page read and write
|
|
|
|
2650000
|
trusted library allocation
|
page read and write
|
|
|
|
5D2E000
|
stack
|
page read and write
|
||
|
5E2E000
|
stack
|
page read and write
|
||
|
21E0000
|
trusted library allocation
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
21E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
2953000
|
trusted library allocation
|
page read and write
|
||
|
23B0000
|
trusted library allocation
|
page read and write
|
||
|
2919000
|
trusted library allocation
|
page read and write
|
||
|
244C000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
2FB0000
|
trusted library allocation
|
page read and write
|
||
|
160E000
|
stack
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
6CE000
|
stack
|
page read and write
|
||
|
9DF000
|
stack
|
page read and write
|
||
|
4D5F000
|
stack
|
page read and write
|
||
|
21D2000
|
trusted library allocation
|
page read and write
|
||
|
5B30000
|
trusted library allocation
|
page execute and read and write
|
||
|
2418000
|
trusted library allocation
|
page read and write
|
||
|
4F9E000
|
stack
|
page read and write
|
||
|
57BC000
|
trusted library allocation
|
page read and write
|
||
|
54C5000
|
heap
|
page read and write
|
||
|
5890000
|
trusted library allocation
|
page execute and read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
57F5000
|
trusted library allocation
|
page read and write
|
||
|
49EE000
|
stack
|
page read and write
|
||
|
5800000
|
trusted library allocation
|
page read and write
|
||
|
59B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
531E000
|
stack
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
28EB000
|
trusted library allocation
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
55C0000
|
heap
|
page read and write
|
||
|
57E1000
|
trusted library allocation
|
page read and write
|
||
|
15B0000
|
heap
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
1586000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FF0000
|
trusted library allocation
|
page read and write
|
||
|
25E3000
|
trusted library allocation
|
page read and write
|
||
|
21D0000
|
trusted library allocation
|
page read and write
|
||
|
28CE000
|
trusted library allocation
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
2200000
|
trusted library allocation
|
page read and write
|
||
|
9F0000
|
trusted library allocation
|
page read and write
|
||
|
134E000
|
heap
|
page read and write
|
||
|
1550000
|
trusted library allocation
|
page read and write
|
||
|
293C000
|
trusted library allocation
|
page read and write
|
||
|
5960000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
13B4000
|
heap
|
page read and write
|
||
|
2938000
|
trusted library allocation
|
page read and write
|
||
|
12CE000
|
stack
|
page read and write
|
||
|
28F1000
|
trusted library allocation
|
page read and write
|
||
|
1597000
|
trusted library allocation
|
page execute and read and write
|
||
|
28D4000
|
trusted library allocation
|
page read and write
|
||
|
13BC000
|
heap
|
page read and write
|
||
|
15C0000
|
trusted library allocation
|
page read and write
|
||
|
521E000
|
stack
|
page read and write
|
||
|
1680000
|
trusted library allocation
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
49AD000
|
stack
|
page read and write
|
||
|
290A000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
242A000
|
trusted library allocation
|
page read and write
|
||
|
2925000
|
trusted library allocation
|
page read and write
|
||
|
441E000
|
stack
|
page read and write
|
||
|
16A0000
|
trusted library allocation
|
page read and write
|
||
|
495E000
|
stack
|
page read and write
|
||
|
23E1000
|
trusted library allocation
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
DDE000
|
stack
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
25D8000
|
trusted library allocation
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
5830000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
25D6000
|
trusted library allocation
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
2FB0000
|
trusted library allocation
|
page read and write
|
||
|
582A000
|
trusted library allocation
|
page read and write
|
||
|
25B1000
|
trusted library allocation
|
page read and write
|
||
|
5470000
|
heap
|
page read and write
|
||
|
2959000
|
trusted library allocation
|
page read and write
|
||
|
6E8000
|
heap
|
page read and write
|
||
|
5850000
|
trusted library allocation
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
16A0000
|
trusted library allocation
|
page read and write
|
||
|
25BF000
|
trusted library allocation
|
page read and write
|
||
|
5503000
|
heap
|
page read and write
|
||
|
5990000
|
trusted library allocation
|
page read and write
|
||
|
2F6F000
|
stack
|
page read and write
|
||
|
2927000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
25EB000
|
trusted library allocation
|
page read and write
|
||
|
708000
|
heap
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
1357000
|
heap
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
28D6000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
5840000
|
trusted library allocation
|
page read and write
|
||
|
57D4000
|
trusted library allocation
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
295B000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
2917000
|
trusted library allocation
|
page read and write
|
||
|
6EE000
|
heap
|
page read and write
|
||
|
2FB0000
|
trusted library allocation
|
page read and write
|
||
|
A04000
|
trusted library allocation
|
page read and write
|
||
|
63B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
491E000
|
stack
|
page read and write
|
||
|
54CD000
|
heap
|
page read and write
|
||
|
2FB0000
|
trusted library allocation
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
A00000
|
trusted library allocation
|
page read and write
|
||
|
1670000
|
trusted library allocation
|
page read and write
|
||
|
1564000
|
trusted library allocation
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
58A0000
|
trusted library allocation
|
page read and write
|
||
|
545E000
|
stack
|
page read and write
|
||
|
291F000
|
trusted library allocation
|
page read and write
|
||
|
2FEE000
|
trusted library allocation
|
page read and write
|
||
|
28E7000
|
trusted library allocation
|
page read and write
|
||
|
3FD1000
|
trusted library allocation
|
page read and write
|
||
|
240F000
|
trusted library allocation
|
page read and write
|
||
|
1590000
|
trusted library allocation
|
page read and write
|
||
|
23D0000
|
heap
|
page read and write
|
||
|
509E000
|
stack
|
page read and write
|
||
|
2940000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
4960000
|
trusted library allocation
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
57D0000
|
trusted library allocation
|
page read and write
|
||
|
74CE000
|
stack
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
25DA000
|
trusted library allocation
|
page read and write
|
||
|
D85000
|
heap
|
page read and write
|
||
|
259A000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
25BD000
|
trusted library allocation
|
page read and write
|
||
|
25A4000
|
trusted library allocation
|
page read and write
|
||
|
68D000
|
stack
|
page read and write
|
||
|
21DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
25C2000
|
trusted library allocation
|
page read and write
|
||
|
5809000
|
trusted library allocation
|
page read and write
|
||
|
137B000
|
heap
|
page read and write
|
||
|
1580000
|
trusted library allocation
|
page read and write
|
||
|
1AC000
|
stack
|
page read and write
|
||
|
258E000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
5820000
|
trusted library allocation
|
page read and write
|
||
|
4A10000
|
heap
|
page execute and read and write
|
||
|
1650000
|
trusted library allocation
|
page execute and read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
5BA0000
|
trusted library allocation
|
page read and write
|
||
|
28F4000
|
trusted library allocation
|
page read and write
|
||
|
56AE000
|
stack
|
page read and write
|
||
|
5B00000
|
trusted library allocation
|
page execute and read and write
|
||
|
2921000
|
trusted library allocation
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
2906000
|
trusted library allocation
|
page read and write
|
||
|
25A2000
|
trusted library allocation
|
page read and write
|
||
|
2942000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
224E000
|
stack
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
21CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
110000
|
unkown
|
page readonly
|
||
|
2FEA000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
130A000
|
heap
|
page read and write
|
||
|
28CC000
|
trusted library allocation
|
page read and write
|
||
|
25B3000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
5F70000
|
heap
|
page read and write
|
||
|
4E5E000
|
stack
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
5A5F000
|
stack
|
page read and write
|
||
|
2957000
|
trusted library allocation
|
page read and write
|
||
|
1680000
|
trusted library allocation
|
page read and write
|
||
|
25B7000
|
trusted library allocation
|
page read and write
|
||
|
16A0000
|
trusted library allocation
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
16A0000
|
trusted library allocation
|
page read and write
|
||
|
293E000
|
trusted library allocation
|
page read and write
|
||
|
151E000
|
stack
|
page read and write
|
||
|
28EF000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
5A9E000
|
stack
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
16A0000
|
trusted library allocation
|
page read and write
|
||
|
304C000
|
trusted library allocation
|
page read and write
|
||
|
305C000
|
trusted library allocation
|
page read and write
|
||
|
5B9C000
|
stack
|
page read and write
|
||
|
FEE40000
|
trusted library allocation
|
page execute and read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
5F6E000
|
stack
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
2FD1000
|
trusted library allocation
|
page read and write
|
||
|
2923000
|
trusted library allocation
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
5830000
|
trusted library allocation
|
page read and write
|
||
|
236E000
|
stack
|
page read and write
|
||
|
599C000
|
trusted library allocation
|
page read and write
|
||
|
28C7000
|
trusted library allocation
|
page read and write
|
||
|
2FD9000
|
trusted library allocation
|
page read and write
|
||
|
25E5000
|
trusted library allocation
|
page read and write
|
||
|
2902000
|
trusted library allocation
|
page read and write
|
||
|
40E8000
|
trusted library allocation
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
4F7000
|
stack
|
page read and write
|
||
|
582D000
|
stack
|
page read and write
|
||
|
141D000
|
stack
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
1520000
|
heap
|
page read and write
|
||
|
28D2000
|
trusted library allocation
|
page read and write
|
||
|
4C5E000
|
stack
|
page read and write
|
||
|
25EF000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
13BF000
|
heap
|
page read and write
|
||
|
535E000
|
stack
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
8DE000
|
stack
|
page read and write
|
||
|
414000
|
remote allocation
|
page execute and read and write
|
||
|
1560000
|
trusted library allocation
|
page read and write
|
||
|
5970000
|
trusted library allocation
|
page read and write
|
||
|
5790000
|
trusted library allocation
|
page read and write
|
||
|
291D000
|
trusted library allocation
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
57DE000
|
trusted library allocation
|
page read and write
|
||
|
2609000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
2426000
|
trusted library allocation
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
25B5000
|
trusted library allocation
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
D1B000
|
stack
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
25FD000
|
trusted library allocation
|
page read and write
|
||
|
57EE000
|
stack
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
A03000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FB0000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
5B60000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F5E000
|
stack
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
2908000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
1660000
|
heap
|
page execute and read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
58B0000
|
trusted library allocation
|
page read and write
|
||
|
25DC000
|
trusted library allocation
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
5850000
|
heap
|
page execute and read and write
|
||
|
259C000
|
trusted library allocation
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
5BB4000
|
trusted library allocation
|
page read and write
|
||
|
2FB0000
|
trusted library allocation
|
page read and write
|
||
|
16A0000
|
trusted library allocation
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
5980000
|
trusted library allocation
|
page read and write
|
||
|
457E000
|
stack
|
page read and write
|
||
|
13CC000
|
heap
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
16B1000
|
trusted library allocation
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
50DE000
|
stack
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
16A0000
|
trusted library allocation
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
5E6E000
|
stack
|
page read and write
|
||
|
57AE000
|
stack
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
1317000
|
heap
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
28D8000
|
trusted library allocation
|
page read and write
|
||
|
51DE000
|
stack
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
25B9000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
2955000
|
trusted library allocation
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
5AE0000
|
trusted library allocation
|
page read and write
|
||
|
1563000
|
trusted library allocation
|
page execute and read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
25BB000
|
trusted library allocation
|
page read and write
|
||
|
3047000
|
trusted library allocation
|
page read and write
|
||
|
16A0000
|
trusted library allocation
|
page read and write
|
||
|
12E8000
|
heap
|
page read and write
|
||
|
595E000
|
stack
|
page read and write
|
||
|
3064000
|
trusted library allocation
|
page read and write
|
||
|
21EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
5460000
|
trusted library allocation
|
page read and write
|
||
|
21D6000
|
trusted library allocation
|
page execute and read and write
|
||
|
5792000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
112000
|
unkown
|
page readonly
|
||
|
3044000
|
trusted library allocation
|
page read and write
|
||
|
4430000
|
trusted library section
|
page read and write
|
||
|
28D0000
|
trusted library allocation
|
page read and write
|
||
|
33E1000
|
trusted library allocation
|
page read and write
|
||
|
2936000
|
trusted library allocation
|
page read and write
|
||
|
25ED000
|
trusted library allocation
|
page read and write
|
||
|
23AC000
|
stack
|
page read and write
|
||
|
159B000
|
trusted library allocation
|
page execute and read and write
|
||
|
A0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
725000
|
heap
|
page read and write
|
||
|
28E9000
|
trusted library allocation
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
2260000
|
heap
|
page execute and read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
16A0000
|
trusted library allocation
|
page read and write
|
||
|
579F000
|
trusted library allocation
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
156D000
|
trusted library allocation
|
page execute and read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
16C0000
|
heap
|
page read and write
|
||
|
5B90000
|
trusted library allocation
|
page execute and read and write
|
||
|
59A0000
|
trusted library allocation
|
page read and write
|
||
|
16A0000
|
trusted library allocation
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
58BD000
|
trusted library allocation
|
page read and write
|
||
|
21E2000
|
trusted library allocation
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
13BB000
|
heap
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
54BD000
|
heap
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
2250000
|
trusted library allocation
|
page execute and read and write
|
||
|
158A000
|
trusted library allocation
|
page execute and read and write
|
||
|
25D4000
|
trusted library allocation
|
page read and write
|
||
|
5A90000
|
trusted library section
|
page read and write
|
||
|
164D000
|
stack
|
page read and write
|
||
|
2945000
|
trusted library allocation
|
page read and write
|
||
|
25D2000
|
trusted library allocation
|
page read and write
|
||
|
291B000
|
trusted library allocation
|
page read and write
|
||
|
516E000
|
stack
|
page read and write
|
||
|
2FAC000
|
stack
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
57B0000
|
trusted library allocation
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
57C6000
|
trusted library allocation
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
259E000
|
trusted library allocation
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
293A000
|
trusted library allocation
|
page read and write
|
||
|
2FB0000
|
trusted library allocation
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
5810000
|
trusted library allocation
|
page read and write
|
||
|
139F000
|
heap
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
10F7000
|
stack
|
page read and write
|
||
|
13BB000
|
heap
|
page read and write
|
||
|
728000
|
heap
|
page read and write
|
||
|
55AC000
|
stack
|
page read and write
|
||
|
28ED000
|
trusted library allocation
|
page read and write
|
||
|
575000
|
heap
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
21C0000
|
trusted library allocation
|
page read and write
|
There are 403 hidden memdumps, click here to show them.