Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
YKTNuK117e.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\WindowsServices.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\19447a578b6a3b2cdbc5a3dc3e7f5251.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\WindowsServices.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\YKTNuK117e.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\YKTNuK117e.exe
|
"C:\Users\user\Desktop\YKTNuK117e.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\WindowsServices.exe
|
"C:\Users\user\AppData\Local\Temp\WindowsServices.exe"
|
|
|
|
C:\Windows\SysWOW64\netsh.exe
|
netsh firewall add allowedprogram "C:\Users\user\AppData\Local\Temp\WindowsServices.exe" "WindowsServices.exe" ENABLE
|
|
|
|
C:\Users\user\AppData\Local\Temp\WindowsServices.exe
|
"C:\Users\user\AppData\Local\Temp\WindowsServices.exe" ..
|
|
|
|
C:\Users\user\AppData\Local\Temp\WindowsServices.exe
|
"C:\Users\user\AppData\Local\Temp\WindowsServices.exe" ..
|
|
|
|
C:\Users\user\AppData\Local\Temp\WindowsServices.exe
|
"C:\Users\user\AppData\Local\Temp\WindowsServices.exe" ..
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
83.196.78.85
|
|
||
|
http://go.microsoft.
|
unknown
|
||
|
http://go.microsoft.LinkId=42127
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
83.196.78.85
|
unknown
|
France
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER
|
di
|
|
|
|
HKEY_CURRENT_USER\Environment
|
SEE_MASK_NOZONECHECKS
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
19447a578b6a3b2cdbc5a3dc3e7f5251
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
|
19447a578b6a3b2cdbc5a3dc3e7f5251
|
||
|
HKEY_CURRENT_USER\SOFTWARE\19447a578b6a3b2cdbc5a3dc3e7f5251
|
[kl]
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
5F2000
|
unkown
|
page readonly
|
|
|
|
2C61000
|
trusted library allocation
|
page read and write
|
|
|
|
2BC1000
|
trusted library allocation
|
page read and write
|
|
|
|
F32000
|
trusted library allocation
|
page execute and read and write
|
||
|
137F000
|
heap
|
page read and write
|
||
|
5767000
|
heap
|
page read and write
|
||
|
14DE000
|
unkown
|
page read and write
|
||
|
10E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
C5C000
|
stack
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
4C9E000
|
stack
|
page read and write
|
||
|
5731000
|
heap
|
page read and write
|
||
|
1336000
|
heap
|
page read and write
|
||
|
77A000
|
trusted library allocation
|
page execute and read and write
|
||
|
D78000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
54E0000
|
heap
|
page read and write
|
||
|
574E000
|
stack
|
page read and write
|
||
|
D5B000
|
stack
|
page read and write
|
||
|
135A000
|
heap
|
page read and write
|
||
|
9F2000
|
trusted library allocation
|
page execute and read and write
|
||
|
3BE000
|
stack
|
page read and write
|
||
|
10BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
1364000
|
heap
|
page read and write
|
||
|
113E000
|
heap
|
page read and write
|
||
|
AE5000
|
heap
|
page read and write
|
||
|
3C61000
|
trusted library allocation
|
page read and write
|
||
|
1630000
|
heap
|
page execute and read and write
|
||
|
1060000
|
heap
|
page execute and read and write
|
||
|
136B000
|
heap
|
page read and write
|
||
|
2EAE000
|
stack
|
page read and write
|
||
|
575E000
|
heap
|
page read and write
|
||
|
1642000
|
trusted library allocation
|
page execute and read and write
|
||
|
18B0000
|
heap
|
page read and write
|
||
|
135C000
|
heap
|
page read and write
|
||
|
512E000
|
stack
|
page read and write
|
||
|
176E000
|
stack
|
page read and write
|
||
|
4CBE000
|
stack
|
page read and write
|
||
|
986000
|
stack
|
page read and write
|
||
|
56EE000
|
stack
|
page read and write
|
||
|
CA9000
|
heap
|
page read and write
|
||
|
1367000
|
heap
|
page read and write
|
||
|
1357000
|
heap
|
page read and write
|
||
|
147F000
|
stack
|
page read and write
|
||
|
131F000
|
heap
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
88B000
|
stack
|
page read and write
|
||
|
56EE000
|
stack
|
page read and write
|
||
|
1580000
|
heap
|
page read and write
|
||
|
EBE000
|
stack
|
page read and write
|
||
|
5990000
|
heap
|
page read and write
|
||
|
134E000
|
heap
|
page read and write
|
||
|
575E000
|
heap
|
page read and write
|
||
|
164C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
141F000
|
stack
|
page read and write
|
||
|
1338000
|
heap
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
167B000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F9000
|
stack
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
F0A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1353000
|
heap
|
page read and write
|
||
|
A1A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2861000
|
trusted library allocation
|
page read and write
|
||
|
509E000
|
stack
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
138E000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
59E3000
|
heap
|
page read and write
|
||
|
5AAE000
|
stack
|
page read and write
|
||
|
59A2000
|
heap
|
page read and write
|
||
|
136D000
|
heap
|
page read and write
|
||
|
1622000
|
trusted library allocation
|
page execute and read and write
|
||
|
B2E000
|
stack
|
page read and write
|
||
|
A3B000
|
trusted library allocation
|
page execute and read and write
|
||
|
786000
|
trusted library allocation
|
page execute and read and write
|
||
|
FCE000
|
stack
|
page read and write
|
||
|
1339000
|
heap
|
page read and write
|
||
|
EEB000
|
stack
|
page read and write
|
||
|
17C0000
|
heap
|
page read and write
|
||
|
10B0000
|
trusted library allocation
|
page read and write
|
||
|
54DE000
|
stack
|
page read and write
|
||
|
56AB000
|
stack
|
page read and write
|
||
|
55AB000
|
stack
|
page read and write
|
||
|
12EA000
|
heap
|
page read and write
|
||
|
14B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
A32000
|
trusted library allocation
|
page read and write
|
||
|
E30000
|
trusted library allocation
|
page execute and read and write
|
||
|
53EE000
|
stack
|
page read and write
|
||
|
1533000
|
heap
|
page read and write
|
||
|
10AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
FE6000
|
stack
|
page read and write
|
||
|
3BE7000
|
trusted library allocation
|
page read and write
|
||
|
10EE000
|
stack
|
page read and write
|
||
|
EF2000
|
trusted library allocation
|
page execute and read and write
|
||
|
1356000
|
heap
|
page read and write
|
||
|
782000
|
trusted library allocation
|
page execute and read and write
|
||
|
113E000
|
unkown
|
page read and write
|
||
|
5750000
|
heap
|
page read and write
|
||
|
4CFC000
|
stack
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
9E0000
|
trusted library allocation
|
page read and write
|
||
|
151E000
|
heap
|
page read and write
|
||
|
1317000
|
heap
|
page read and write
|
||
|
8F6000
|
stack
|
page read and write
|
||
|
1356000
|
heap
|
page read and write
|
||
|
4DF9000
|
stack
|
page read and write
|
||
|
7FD000
|
heap
|
page read and write
|
||
|
59F0000
|
heap
|
page read and write
|
||
|
566C000
|
stack
|
page read and write
|
||
|
53AE000
|
stack
|
page read and write
|
||
|
135A000
|
heap
|
page read and write
|
||
|
1670000
|
trusted library allocation
|
page read and write
|
||
|
133B000
|
heap
|
page read and write
|
||
|
BDF000
|
stack
|
page read and write
|
||
|
133B000
|
heap
|
page read and write
|
||
|
5730000
|
heap
|
page read and write
|
||
|
17AF000
|
stack
|
page read and write
|
||
|
13D6000
|
heap
|
page read and write
|
||
|
315E000
|
stack
|
page read and write
|
||
|
4D10000
|
unclassified section
|
page read and write
|
||
|
132D000
|
heap
|
page read and write
|
||
|
132E000
|
heap
|
page read and write
|
||
|
6F6000
|
stack
|
page read and write
|
||
|
1312000
|
heap
|
page read and write
|
||
|
4A20000
|
trusted library allocation
|
page execute and read and write
|
||
|
136F000
|
heap
|
page read and write
|
||
|
52AE000
|
stack
|
page read and write
|
||
|
750000
|
trusted library allocation
|
page read and write
|
||
|
4D30000
|
heap
|
page read and write
|
||
|
F02000
|
trusted library allocation
|
page execute and read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
1508000
|
heap
|
page read and write
|
||
|
16A0000
|
heap
|
page read and write
|
||
|
B5B000
|
stack
|
page read and write
|
||
|
132A000
|
heap
|
page read and write
|
||
|
1356000
|
heap
|
page read and write
|
||
|
1334000
|
heap
|
page read and write
|
||
|
135A000
|
heap
|
page read and write
|
||
|
D1C000
|
heap
|
page read and write
|
||
|
575E000
|
heap
|
page read and write
|
||
|
1313000
|
heap
|
page read and write
|
||
|
30B000
|
stack
|
page read and write
|
||
|
5CE000
|
stack
|
page read and write
|
||
|
4D33000
|
heap
|
page read and write
|
||
|
10D2000
|
trusted library allocation
|
page execute and read and write
|
||
|
F0C000
|
trusted library allocation
|
page execute and read and write
|
||
|
370000
|
heap
|
page read and write
|
||
|
EE0000
|
trusted library allocation
|
page read and write
|
||
|
1367000
|
heap
|
page read and write
|
||
|
5A6E000
|
stack
|
page read and write
|
||
|
10F3000
|
stack
|
page read and write
|
||
|
5766000
|
heap
|
page read and write
|
||
|
502E000
|
stack
|
page read and write
|
||
|
1356000
|
heap
|
page read and write
|
||
|
51A0000
|
heap
|
page read and write
|
||
|
5994000
|
heap
|
page read and write
|
||
|
5765000
|
heap
|
page read and write
|
||
|
1128000
|
heap
|
page read and write
|
||
|
4F9E000
|
stack
|
page read and write
|
||
|
1338000
|
heap
|
page read and write
|
||
|
575E000
|
heap
|
page read and write
|
||
|
BFE000
|
stack
|
page read and write
|
||
|
14CE000
|
stack
|
page read and write
|
||
|
145E000
|
stack
|
page read and write
|
||
|
E10000
|
trusted library allocation
|
page read and write
|
||
|
A0A000
|
trusted library allocation
|
page execute and read and write
|
||
|
14A0000
|
trusted library allocation
|
page read and write
|
||
|
5BAE000
|
stack
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
4D7A000
|
stack
|
page read and write
|
||
|
1362000
|
heap
|
page read and write
|
||
|
4E5F000
|
stack
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
1365000
|
heap
|
page read and write
|
||
|
3BC1000
|
trusted library allocation
|
page read and write
|
||
|
57AE000
|
stack
|
page read and write
|
||
|
1195000
|
heap
|
page read and write
|
||
|
4E9E000
|
stack
|
page read and write
|
||
|
538F000
|
stack
|
page read and write
|
||
|
575E000
|
heap
|
page read and write
|
||
|
14C0000
|
trusted library allocation
|
page read and write
|
||
|
4A10000
|
heap
|
page read and write
|
||
|
57EE000
|
stack
|
page read and write
|
||
|
55E4000
|
trusted library allocation
|
page read and write
|
||
|
4DA0000
|
trusted library allocation
|
page read and write
|
||
|
CED000
|
heap
|
page read and write
|
||
|
55F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
1367000
|
heap
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
1327000
|
heap
|
page read and write
|
||
|
1301000
|
heap
|
page read and write
|
||
|
570F000
|
stack
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
AF5000
|
heap
|
page read and write
|
||
|
509000
|
stack
|
page read and write
|
||
|
D23000
|
heap
|
page read and write
|
||
|
59B5000
|
heap
|
page read and write
|
||
|
149E000
|
stack
|
page read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
1332000
|
heap
|
page read and write
|
||
|
1365000
|
heap
|
page read and write
|
||
|
10FB000
|
stack
|
page read and write
|
||
|
134E000
|
heap
|
page read and write
|
||
|
1500000
|
heap
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
5757000
|
heap
|
page read and write
|
||
|
CBF000
|
heap
|
page read and write
|
||
|
560E000
|
stack
|
page read and write
|
||
|
5600000
|
trusted library allocation
|
page read and write
|
||
|
D21000
|
heap
|
page read and write
|
||
|
1353000
|
heap
|
page read and write
|
||
|
4D9E000
|
stack
|
page read and write
|
||
|
1640000
|
trusted library allocation
|
page read and write
|
||
|
138F000
|
heap
|
page read and write
|
||
|
814000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
138E000
|
heap
|
page read and write
|
||
|
3C0000
|
heap
|
page read and write
|
||
|
1329000
|
heap
|
page read and write
|
||
|
3C64000
|
trusted library allocation
|
page read and write
|
||
|
575E000
|
heap
|
page read and write
|
||
|
10B2000
|
trusted library allocation
|
page execute and read and write
|
||
|
FB0000
|
trusted library allocation
|
page read and write
|
||
|
12F2000
|
heap
|
page read and write
|
||
|
5752000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
552E000
|
stack
|
page read and write
|
||
|
D67000
|
heap
|
page read and write
|
||
|
7A0000
|
heap
|
page execute and read and write
|
||
|
7D7000
|
trusted library allocation
|
page execute and read and write
|
||
|
EFA000
|
trusted library allocation
|
page execute and read and write
|
||
|
3864000
|
trusted library allocation
|
page read and write
|
||
|
1368000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
A17000
|
trusted library allocation
|
page execute and read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
138E000
|
heap
|
page read and write
|
||
|
118B000
|
heap
|
page read and write
|
||
|
13DE000
|
heap
|
page read and write
|
||
|
41F4000
|
trusted library allocation
|
page read and write
|
||
|
82F000
|
heap
|
page read and write
|
||
|
4F40000
|
heap
|
page read and write
|
||
|
5970000
|
trusted library allocation
|
page execute and read and write
|
||
|
31F4000
|
trusted library allocation
|
page read and write
|
||
|
1590000
|
heap
|
page read and write
|
||
|
14F0000
|
heap
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
7E8000
|
heap
|
page read and write
|
||
|
1790000
|
heap
|
page execute and read and write
|
||
|
C5E000
|
stack
|
page read and write
|
||
|
1326000
|
heap
|
page read and write
|
||
|
4A30000
|
trusted library allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
4D00000
|
trusted library allocation
|
page read and write
|
||
|
1363000
|
heap
|
page read and write
|
||
|
1367000
|
heap
|
page read and write
|
||
|
4DA0000
|
heap
|
page read and write
|
||
|
59DC000
|
heap
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
59D0000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
13D7000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
592F000
|
stack
|
page read and write
|
||
|
1331000
|
heap
|
page read and write
|
||
|
4A00000
|
trusted library allocation
|
page read and write
|
||
|
1186000
|
heap
|
page read and write
|
||
|
54C0000
|
heap
|
page read and write
|
||
|
7B2000
|
trusted library allocation
|
page execute and read and write
|
||
|
9FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E90000
|
heap
|
page read and write
|
||
|
C88000
|
heap
|
page read and write
|
||
|
13D5000
|
heap
|
page read and write
|
||
|
4DBC000
|
stack
|
page read and write
|
||
|
12F5000
|
heap
|
page read and write
|
||
|
C1E000
|
stack
|
page read and write
|
||
|
780000
|
trusted library allocation
|
page read and write
|
||
|
F3E000
|
stack
|
page read and write
|
||
|
A2A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5760000
|
heap
|
page read and write
|
||
|
291E000
|
stack
|
page read and write
|
||
|
584E000
|
stack
|
page read and write
|
||
|
7DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
C2F000
|
stack
|
page read and write
|
||
|
55DF000
|
stack
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
F47000
|
trusted library allocation
|
page execute and read and write
|
||
|
44A1000
|
trusted library allocation
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
133B000
|
heap
|
page read and write
|
||
|
4D1E000
|
stack
|
page read and write
|
||
|
C8E000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
575E000
|
heap
|
page read and write
|
||
|
576C000
|
stack
|
page read and write
|
||
|
5330000
|
trusted library allocation
|
page execute and read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
1154000
|
heap
|
page read and write
|
||
|
4F9F000
|
stack
|
page read and write
|
||
|
44A4000
|
trusted library allocation
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
1331000
|
heap
|
page read and write
|
||
|
4DB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
F7D000
|
stack
|
page read and write
|
||
|
5767000
|
heap
|
page read and write
|
||
|
13DD000
|
heap
|
page read and write
|
||
|
1337000
|
heap
|
page read and write
|
||
|
5F0000
|
unkown
|
page readonly
|
||
|
D0B000
|
heap
|
page read and write
|
||
|
5751000
|
heap
|
page read and write
|
||
|
A02000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BDE000
|
stack
|
page read and write
|
||
|
1357000
|
heap
|
page read and write
|
||
|
1332000
|
heap
|
page read and write
|
||
|
F4B000
|
trusted library allocation
|
page execute and read and write
|
||
|
59C3000
|
heap
|
page read and write
|
||
|
131E000
|
heap
|
page read and write
|
||
|
7FAC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
AAF000
|
stack
|
page read and write
|
||
|
F06000
|
trusted library allocation
|
page execute and read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
137E000
|
stack
|
page read and write
|
||
|
162A000
|
trusted library allocation
|
page execute and read and write
|
||
|
13D7000
|
heap
|
page read and write
|
||
|
133A000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
5767000
|
heap
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
A7E000
|
stack
|
page read and write
|
||
|
137F000
|
heap
|
page read and write
|
||
|
FE9000
|
stack
|
page read and write
|
||
|
A37000
|
trusted library allocation
|
page execute and read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
54A0000
|
heap
|
page read and write
|
||
|
13DD000
|
heap
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
131F000
|
stack
|
page read and write
|
||
|
10FE000
|
stack
|
page read and write
|
||
|
49FE000
|
stack
|
page read and write
|
||
|
135D000
|
heap
|
page read and write
|
||
|
4F9E000
|
stack
|
page read and write
|
||
|
138F000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
10A2000
|
trusted library allocation
|
page execute and read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
1610000
|
trusted library allocation
|
page read and write
|
||
|
41F1000
|
trusted library allocation
|
page read and write
|
||
|
E66000
|
heap
|
page read and write
|
||
|
136D000
|
heap
|
page read and write
|
||
|
134E000
|
heap
|
page read and write
|
||
|
73E000
|
stack
|
page read and write
|
||
|
4D5E000
|
stack
|
page read and write
|
||
|
1329000
|
heap
|
page read and write
|
||
|
CAF000
|
heap
|
page read and write
|
||
|
13D9000
|
heap
|
page read and write
|
||
|
2864000
|
trusted library allocation
|
page read and write
|
||
|
251E000
|
stack
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
4D5E000
|
stack
|
page read and write
|
||
|
C7E000
|
heap
|
page read and write
|
||
|
1331000
|
heap
|
page read and write
|
||
|
54EE000
|
stack
|
page read and write
|
||
|
DBE000
|
stack
|
page read and write
|
||
|
13D3000
|
heap
|
page read and write
|
||
|
1356000
|
heap
|
page read and write
|
||
|
31F1000
|
trusted library allocation
|
page read and write
|
||
|
526E000
|
stack
|
page read and write
|
||
|
1326000
|
heap
|
page read and write
|
||
|
10EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
132A000
|
heap
|
page read and write
|
||
|
1050000
|
trusted library allocation
|
page execute and read and write
|
||
|
13D8000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
1363000
|
heap
|
page read and write
|
||
|
4DC0000
|
trusted library allocation
|
page read and write
|
||
|
4E60000
|
heap
|
page read and write
|
||
|
548E000
|
stack
|
page read and write
|
||
|
5760000
|
heap
|
page read and write
|
||
|
1364000
|
heap
|
page read and write
|
||
|
5762000
|
heap
|
page read and write
|
||
|
34A4000
|
trusted library allocation
|
page read and write
|
||
|
56DF000
|
stack
|
page read and write
|
||
|
5650000
|
heap
|
page read and write
|
||
|
55E0000
|
trusted library allocation
|
page read and write
|
||
|
1336000
|
heap
|
page read and write
|
||
|
1338000
|
heap
|
page read and write
|
||
|
582E000
|
stack
|
page read and write
|
||
|
58AE000
|
stack
|
page read and write
|
||
|
10E0000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
heap
|
page execute and read and write
|
||
|
135A000
|
heap
|
page read and write
|
||
|
516E000
|
stack
|
page read and write
|
||
|
156B000
|
heap
|
page read and write
|
||
|
562E000
|
stack
|
page read and write
|
||
|
596E000
|
stack
|
page read and write
|
||
|
EF6000
|
stack
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1646000
|
trusted library allocation
|
page execute and read and write
|
||
|
135D000
|
heap
|
page read and write
|
||
|
1339000
|
heap
|
page read and write
|
||
|
134E000
|
heap
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
E40000
|
trusted library allocation
|
page read and write
|
||
|
10B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
5755000
|
heap
|
page read and write
|
||
|
14A4000
|
trusted library allocation
|
page read and write
|
||
|
78C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1326000
|
heap
|
page read and write
|
||
|
134F000
|
heap
|
page read and write
|
||
|
1339000
|
heap
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
13D3000
|
heap
|
page read and write
|
||
|
CEA000
|
heap
|
page read and write
|
||
|
4C1E000
|
stack
|
page read and write
|
||
|
1339000
|
heap
|
page read and write
|
||
|
C7A000
|
heap
|
page read and write
|
||
|
4E6E000
|
stack
|
page read and write
|
||
|
772000
|
trusted library allocation
|
page execute and read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
85B000
|
heap
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
54CE000
|
stack
|
page read and write
|
||
|
34A1000
|
trusted library allocation
|
page read and write
|
||
|
277F000
|
stack
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
135A000
|
heap
|
page read and write
|
||
|
138E000
|
heap
|
page read and write
|
||
|
989000
|
stack
|
page read and write
|
||
|
13D7000
|
heap
|
page read and write
|
||
|
4ADE000
|
stack
|
page read and write
|
||
|
1662000
|
trusted library allocation
|
page execute and read and write
|
||
|
A22000
|
trusted library allocation
|
page execute and read and write
|
||
|
1368000
|
heap
|
page read and write
|
||
|
57EE000
|
stack
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
5765000
|
heap
|
page read and write
|
||
|
136D000
|
heap
|
page read and write
|
||
|
55CE000
|
stack
|
page read and write
|
||
|
3861000
|
trusted library allocation
|
page read and write
|
||
|
5752000
|
heap
|
page read and write
|
||
|
A00000
|
trusted library allocation
|
page read and write
|
||
|
1677000
|
trusted library allocation
|
page execute and read and write
|
||
|
180E000
|
stack
|
page read and write
|
||
|
137F000
|
heap
|
page read and write
|
There are 446 hidden memdumps, click here to show them.