Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
2FjvjcayaH.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_2FjvjcayaH.exe_363a9054c440a65f09d92467b29511a9aaf17_22fc85c3_f909bf4d-7151-41f6-a060-721012387cc8\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_2FjvjcayaH.exe_629f4833c94957fd7494c037d86647ccd7cf21e6_22fc85c3_aa0fd20e-f8d8-45c3-bd22-9875b6de912b\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER94E4.tmp.dmp
|
Mini DuMP crash report, 15 streams, Sun Apr 21 08:47:06 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER95C0.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER95F0.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9830.tmp.dmp
|
Mini DuMP crash report, 15 streams, Sun Apr 21 08:47:07 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9C96.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9CB6.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\2FjvjcayaH.exe
|
"C:\Users\user\Desktop\2FjvjcayaH.exe"
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7516 -s 1464
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7516 -s 1612
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
incredibleextedwj.shop
|
|
||
|
shortsvelventysjo.shop
|
|
||
|
tolerateilusidjukl.shop
|
|
||
|
liabilitynighstjsko.shop
|
|
||
|
shatterbreathepsw.shop
|
|
||
|
demonstationfukewko.shop
|
|
||
|
productivelookewr.shop
|
|
||
|
strollheavengwu.shop
|
|
||
|
alcojoldwograpciw.shop
|
|
||
|
https://strollheavengwu.shop/:
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://contile-images.services.mozilla.com/0TegrVVRalreHILhR2WvtD_CFzj13HCDcLqqpvXSOuY.10862.jpg
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://bridge.lga1.admarketplace.net/ctp?version=16.0.0&key=1696332238301000001.2&ci=1696332238417.
|
unknown
|
||
|
http://www.microsoft.cou
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://strollheavengwu.shop/api
|
104.21.15.198
|
||
|
http://crl.rootca1.amazontrust.com/rootca1.crl0
|
unknown
|
||
|
https://bridge.lga1.ap01.net/ctp?version=16.0.0&key=1696332238301000001.1&ci=1696332238417.12791&cta
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
https://strollheavengwu.shop/api(
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://strollheavengwu.shop/n
|
unknown
|
||
|
http://ocsp.rootca1.amazontrust.com0:
|
unknown
|
||
|
https://strollheavengwu.shop/apiIDi
|
unknown
|
||
|
https://strollheavengwu.shop/apius
|
unknown
|
||
|
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016
|
unknown
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
|
unknown
|
||
|
https://strollheavengwu.shop/apien
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://strollheavengwu.shop/apiy
|
unknown
|
||
|
https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
|
unknown
|
||
|
https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4QqmfZfYfQfafZbXfpbWfpbX7ReNxR3UIG8zInwYIFIVs9eYi
|
unknown
|
||
|
http://x1.c.lencr.org/0
|
unknown
|
||
|
http://x1.i.lencr.org/0
|
unknown
|
||
|
https://strollheavengwu.shop/a
|
unknown
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17Install
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://support.microsof
|
unknown
|
||
|
http://crt.rootca1.amazontrust.com/rootca1.cer0?
|
unknown
|
||
|
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Examples
|
unknown
|
||
|
https://support.mozilla.org/products/firefoxgro.all
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_7548d4575af019e4c148ccf1a78112802e66a0816a72fc94
|
unknown
|
||
|
https://strollheavengwu.shop/
|
unknown
|
There are 38 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
strollheavengwu.shop
|
104.21.15.198
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.21.15.198
|
strollheavengwu.shop
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{30f6c099-05d2-8e8d-86c2-bde41a0421ae}\Root\InventoryApplicationFile\2fjvjcayah.exe|6f03ed381e6f6d63
|
ProgramId
|
||
|
\REGISTRY\A\{30f6c099-05d2-8e8d-86c2-bde41a0421ae}\Root\InventoryApplicationFile\2fjvjcayah.exe|6f03ed381e6f6d63
|
FileId
|
||
|
\REGISTRY\A\{30f6c099-05d2-8e8d-86c2-bde41a0421ae}\Root\InventoryApplicationFile\2fjvjcayah.exe|6f03ed381e6f6d63
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{30f6c099-05d2-8e8d-86c2-bde41a0421ae}\Root\InventoryApplicationFile\2fjvjcayah.exe|6f03ed381e6f6d63
|
LongPathHash
|
||
|
\REGISTRY\A\{30f6c099-05d2-8e8d-86c2-bde41a0421ae}\Root\InventoryApplicationFile\2fjvjcayah.exe|6f03ed381e6f6d63
|
Name
|
||
|
\REGISTRY\A\{30f6c099-05d2-8e8d-86c2-bde41a0421ae}\Root\InventoryApplicationFile\2fjvjcayah.exe|6f03ed381e6f6d63
|
OriginalFileName
|
||
|
\REGISTRY\A\{30f6c099-05d2-8e8d-86c2-bde41a0421ae}\Root\InventoryApplicationFile\2fjvjcayah.exe|6f03ed381e6f6d63
|
Publisher
|
||
|
\REGISTRY\A\{30f6c099-05d2-8e8d-86c2-bde41a0421ae}\Root\InventoryApplicationFile\2fjvjcayah.exe|6f03ed381e6f6d63
|
Version
|
||
|
\REGISTRY\A\{30f6c099-05d2-8e8d-86c2-bde41a0421ae}\Root\InventoryApplicationFile\2fjvjcayah.exe|6f03ed381e6f6d63
|
BinFileVersion
|
||
|
\REGISTRY\A\{30f6c099-05d2-8e8d-86c2-bde41a0421ae}\Root\InventoryApplicationFile\2fjvjcayah.exe|6f03ed381e6f6d63
|
BinaryType
|
||
|
\REGISTRY\A\{30f6c099-05d2-8e8d-86c2-bde41a0421ae}\Root\InventoryApplicationFile\2fjvjcayah.exe|6f03ed381e6f6d63
|
ProductName
|
||
|
\REGISTRY\A\{30f6c099-05d2-8e8d-86c2-bde41a0421ae}\Root\InventoryApplicationFile\2fjvjcayah.exe|6f03ed381e6f6d63
|
ProductVersion
|
||
|
\REGISTRY\A\{30f6c099-05d2-8e8d-86c2-bde41a0421ae}\Root\InventoryApplicationFile\2fjvjcayah.exe|6f03ed381e6f6d63
|
LinkDate
|
||
|
\REGISTRY\A\{30f6c099-05d2-8e8d-86c2-bde41a0421ae}\Root\InventoryApplicationFile\2fjvjcayah.exe|6f03ed381e6f6d63
|
BinProductVersion
|
||
|
\REGISTRY\A\{30f6c099-05d2-8e8d-86c2-bde41a0421ae}\Root\InventoryApplicationFile\2fjvjcayah.exe|6f03ed381e6f6d63
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{30f6c099-05d2-8e8d-86c2-bde41a0421ae}\Root\InventoryApplicationFile\2fjvjcayah.exe|6f03ed381e6f6d63
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{30f6c099-05d2-8e8d-86c2-bde41a0421ae}\Root\InventoryApplicationFile\2fjvjcayah.exe|6f03ed381e6f6d63
|
Size
|
||
|
\REGISTRY\A\{30f6c099-05d2-8e8d-86c2-bde41a0421ae}\Root\InventoryApplicationFile\2fjvjcayah.exe|6f03ed381e6f6d63
|
Language
|
||
|
\REGISTRY\A\{30f6c099-05d2-8e8d-86c2-bde41a0421ae}\Root\InventoryApplicationFile\2fjvjcayah.exe|6f03ed381e6f6d63
|
Usn
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
ClockTimeSeconds
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
TickCount
|
There are 11 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
400000
|
unkown
|
page execute and read and write
|
|
|
|
4249000
|
trusted library allocation
|
page read and write
|
||
|
4234000
|
trusted library allocation
|
page read and write
|
||
|
424D000
|
trusted library allocation
|
page read and write
|
||
|
4265000
|
trusted library allocation
|
page read and write
|
||
|
4235000
|
trusted library allocation
|
page read and write
|
||
|
4210000
|
trusted library allocation
|
page read and write
|
||
|
4256000
|
trusted library allocation
|
page read and write
|
||
|
1CE5000
|
heap
|
page read and write
|
||
|
1CE5000
|
heap
|
page read and write
|
||
|
421C000
|
trusted library allocation
|
page read and write
|
||
|
4236000
|
trusted library allocation
|
page read and write
|
||
|
42AA000
|
trusted library allocation
|
page read and write
|
||
|
4226000
|
trusted library allocation
|
page read and write
|
||
|
423E000
|
trusted library allocation
|
page read and write
|
||
|
425C000
|
trusted library allocation
|
page read and write
|
||
|
4265000
|
trusted library allocation
|
page read and write
|
||
|
4210000
|
trusted library allocation
|
page read and write
|
||
|
1C65000
|
heap
|
page read and write
|
||
|
421F000
|
trusted library allocation
|
page read and write
|
||
|
4210000
|
trusted library allocation
|
page read and write
|
||
|
4201000
|
trusted library allocation
|
page read and write
|
||
|
4237000
|
trusted library allocation
|
page read and write
|
||
|
1CFE000
|
heap
|
page read and write
|
||
|
3BDF000
|
stack
|
page read and write
|
||
|
4207000
|
trusted library allocation
|
page read and write
|
||
|
1C7C000
|
heap
|
page read and write
|
||
|
422D000
|
trusted library allocation
|
page read and write
|
||
|
1CF9000
|
heap
|
page read and write
|
||
|
3A9F000
|
stack
|
page read and write
|
||
|
1CF9000
|
heap
|
page read and write
|
||
|
4265000
|
trusted library allocation
|
page read and write
|
||
|
4215000
|
trusted library allocation
|
page read and write
|
||
|
4210000
|
trusted library allocation
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
4210000
|
trusted library allocation
|
page read and write
|
||
|
1CE9000
|
heap
|
page read and write
|
||
|
4201000
|
trusted library allocation
|
page read and write
|
||
|
4599000
|
trusted library allocation
|
page read and write
|
||
|
420C000
|
trusted library allocation
|
page read and write
|
||
|
4210000
|
trusted library allocation
|
page read and write
|
||
|
4205000
|
trusted library allocation
|
page read and write
|
||
|
4254000
|
trusted library allocation
|
page read and write
|
||
|
1C98000
|
heap
|
page read and write
|
||
|
459B000
|
trusted library allocation
|
page read and write
|
||
|
4210000
|
trusted library allocation
|
page read and write
|
||
|
4237000
|
trusted library allocation
|
page read and write
|
||
|
369F000
|
stack
|
page read and write
|
||
|
4210000
|
trusted library allocation
|
page read and write
|
||
|
4242000
|
trusted library allocation
|
page read and write
|
||
|
420B000
|
trusted library allocation
|
page read and write
|
||
|
4245000
|
trusted library allocation
|
page read and write
|
||
|
4216000
|
trusted library allocation
|
page read and write
|
||
|
4234000
|
trusted library allocation
|
page read and write
|
||
|
4234000
|
trusted library allocation
|
page read and write
|
||
|
4219000
|
trusted library allocation
|
page read and write
|
||
|
4237000
|
trusted library allocation
|
page read and write
|
||
|
420C000
|
trusted library allocation
|
page read and write
|
||
|
4204000
|
trusted library allocation
|
page read and write
|
||
|
3ADE000
|
stack
|
page read and write
|
||
|
1C7C000
|
heap
|
page read and write
|
||
|
42AA000
|
trusted library allocation
|
page read and write
|
||
|
1CE6000
|
heap
|
page read and write
|
||
|
4284000
|
trusted library allocation
|
page read and write
|
||
|
4264000
|
trusted library allocation
|
page read and write
|
||
|
422D000
|
trusted library allocation
|
page read and write
|
||
|
1C5000
|
heap
|
page read and write
|
||
|
1CFE000
|
heap
|
page read and write
|
||
|
4207000
|
trusted library allocation
|
page read and write
|
||
|
1A13000
|
unkown
|
page readonly
|
||
|
4224000
|
trusted library allocation
|
page read and write
|
||
|
3C00000
|
remote allocation
|
page read and write
|
||
|
3750000
|
heap
|
page read and write
|
||
|
424D000
|
trusted library allocation
|
page read and write
|
||
|
4247000
|
trusted library allocation
|
page read and write
|
||
|
1CF9000
|
heap
|
page read and write
|
||
|
4221000
|
trusted library allocation
|
page read and write
|
||
|
4204000
|
trusted library allocation
|
page read and write
|
||
|
1CA9000
|
heap
|
page read and write
|
||
|
43A9000
|
trusted library allocation
|
page read and write
|
||
|
4262000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
4359000
|
trusted library allocation
|
page read and write
|
||
|
4233000
|
trusted library allocation
|
page read and write
|
||
|
1C00000
|
heap
|
page read and write
|
||
|
1C94000
|
heap
|
page read and write
|
||
|
4205000
|
trusted library allocation
|
page read and write
|
||
|
4308000
|
trusted library allocation
|
page read and write
|
||
|
4210000
|
trusted library allocation
|
page read and write
|
||
|
421D000
|
trusted library allocation
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
4234000
|
trusted library allocation
|
page read and write
|
||
|
4215000
|
trusted library allocation
|
page read and write
|
||
|
4203000
|
trusted library allocation
|
page read and write
|
||
|
4210000
|
trusted library allocation
|
page read and write
|
||
|
4210000
|
trusted library allocation
|
page read and write
|
||
|
421C000
|
trusted library allocation
|
page read and write
|
||
|
1CF9000
|
heap
|
page read and write
|
||
|
422D000
|
trusted library allocation
|
page read and write
|
||
|
1CFB000
|
heap
|
page read and write
|
||
|
1CFE000
|
heap
|
page read and write
|
||
|
4216000
|
trusted library allocation
|
page read and write
|
||
|
423C000
|
trusted library allocation
|
page read and write
|
||
|
4201000
|
trusted library allocation
|
page read and write
|
||
|
50CF000
|
trusted library allocation
|
page read and write
|
||
|
41EE000
|
stack
|
page read and write
|
||
|
1CFE000
|
heap
|
page read and write
|
||
|
4204000
|
trusted library allocation
|
page read and write
|
||
|
1C7000
|
heap
|
page read and write
|
||
|
1C6F000
|
heap
|
page read and write
|
||
|
4251000
|
trusted library allocation
|
page read and write
|
||
|
4260000
|
trusted library allocation
|
page read and write
|
||
|
4301000
|
heap
|
page read and write
|
||
|
4215000
|
trusted library allocation
|
page read and write
|
||
|
1C95000
|
heap
|
page read and write
|
||
|
421B000
|
trusted library allocation
|
page read and write
|
||
|
42AA000
|
trusted library allocation
|
page read and write
|
||
|
4284000
|
trusted library allocation
|
page read and write
|
||
|
1CF4000
|
heap
|
page read and write
|
||
|
4246000
|
trusted library allocation
|
page read and write
|
||
|
4248000
|
trusted library allocation
|
page read and write
|
||
|
4210000
|
trusted library allocation
|
page read and write
|
||
|
4205000
|
trusted library allocation
|
page read and write
|
||
|
4263000
|
trusted library allocation
|
page read and write
|
||
|
425C000
|
trusted library allocation
|
page read and write
|
||
|
4204000
|
trusted library allocation
|
page read and write
|
||
|
421F000
|
trusted library allocation
|
page read and write
|
||
|
1CF7000
|
heap
|
page read and write
|
||
|
1CE5000
|
heap
|
page read and write
|
||
|
4284000
|
trusted library allocation
|
page read and write
|
||
|
1C5E000
|
heap
|
page read and write
|
||
|
423A000
|
trusted library allocation
|
page read and write
|
||
|
4255000
|
trusted library allocation
|
page read and write
|
||
|
1C91000
|
heap
|
page read and write
|
||
|
1C9C000
|
heap
|
page read and write
|
||
|
4258000
|
trusted library allocation
|
page read and write
|
||
|
1CF1000
|
heap
|
page read and write
|
||
|
421C000
|
trusted library allocation
|
page read and write
|
||
|
4215000
|
trusted library allocation
|
page read and write
|
||
|
417000
|
unkown
|
page write copy
|
||
|
4339000
|
trusted library allocation
|
page read and write
|
||
|
1B10000
|
heap
|
page read and write
|
||
|
1CF9000
|
heap
|
page read and write
|
||
|
1CF9000
|
heap
|
page read and write
|
||
|
3C00000
|
remote allocation
|
page read and write
|
||
|
1CF9000
|
heap
|
page read and write
|
||
|
4204000
|
trusted library allocation
|
page read and write
|
||
|
1C65000
|
heap
|
page read and write
|
||
|
43D1000
|
trusted library allocation
|
page read and write
|
||
|
421B000
|
trusted library allocation
|
page read and write
|
||
|
1CF9000
|
heap
|
page read and write
|
||
|
44B000
|
unkown
|
page execute and read and write
|
||
|
4206000
|
trusted library allocation
|
page read and write
|
||
|
426C000
|
trusted library allocation
|
page read and write
|
||
|
4203000
|
trusted library allocation
|
page read and write
|
||
|
1CFE000
|
heap
|
page read and write
|
||
|
1CE5000
|
heap
|
page read and write
|
||
|
422D000
|
trusted library allocation
|
page read and write
|
||
|
4201000
|
trusted library allocation
|
page read and write
|
||
|
4201000
|
trusted library allocation
|
page read and write
|
||
|
4210000
|
trusted library allocation
|
page read and write
|
||
|
1CF9000
|
heap
|
page read and write
|
||
|
4321000
|
trusted library allocation
|
page read and write
|
||
|
41D000
|
unkown
|
page write copy
|
||
|
4277000
|
trusted library allocation
|
page read and write
|
||
|
1CFE000
|
heap
|
page read and write
|
||
|
1C7E000
|
heap
|
page read and write
|
||
|
4241000
|
trusted library allocation
|
page read and write
|
||
|
A1000
|
stack
|
page read and write
|
||
|
374D000
|
stack
|
page read and write
|
||
|
425C000
|
trusted library allocation
|
page read and write
|
||
|
4241000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
40EE000
|
stack
|
page read and write
|
||
|
4208000
|
trusted library allocation
|
page read and write
|
||
|
421F000
|
trusted library allocation
|
page read and write
|
||
|
3700000
|
heap
|
page read and write
|
||
|
1CFE000
|
heap
|
page read and write
|
||
|
424B000
|
trusted library allocation
|
page read and write
|
||
|
4210000
|
trusted library allocation
|
page read and write
|
||
|
420F000
|
trusted library allocation
|
page read and write
|
||
|
4210000
|
trusted library allocation
|
page read and write
|
||
|
426F000
|
trusted library allocation
|
page read and write
|
||
|
46A0000
|
heap
|
page read and write
|
||
|
4219000
|
trusted library allocation
|
page read and write
|
||
|
421C000
|
trusted library allocation
|
page read and write
|
||
|
420E000
|
trusted library allocation
|
page read and write
|
||
|
1C55000
|
heap
|
page read and write
|
||
|
4208000
|
trusted library allocation
|
page read and write
|
||
|
1CF9000
|
heap
|
page read and write
|
||
|
1CF6000
|
heap
|
page read and write
|
||
|
1CFE000
|
heap
|
page read and write
|
||
|
4204000
|
trusted library allocation
|
page read and write
|
||
|
4234000
|
trusted library allocation
|
page read and write
|
||
|
423B000
|
trusted library allocation
|
page read and write
|
||
|
423A000
|
trusted library allocation
|
page read and write
|
||
|
1A13000
|
unkown
|
page readonly
|
||
|
424D000
|
trusted library allocation
|
page read and write
|
||
|
4230000
|
trusted library allocation
|
page read and write
|
||
|
4216000
|
trusted library allocation
|
page read and write
|
||
|
425D000
|
trusted library allocation
|
page read and write
|
||
|
4255000
|
trusted library allocation
|
page read and write
|
||
|
43D9000
|
trusted library allocation
|
page read and write
|
||
|
4210000
|
trusted library allocation
|
page read and write
|
||
|
4204000
|
trusted library allocation
|
page read and write
|
||
|
423F000
|
trusted library allocation
|
page read and write
|
||
|
40AF000
|
stack
|
page read and write
|
||
|
421E000
|
trusted library allocation
|
page read and write
|
||
|
1BB0000
|
direct allocation
|
page execute and read and write
|
||
|
1A30000
|
heap
|
page read and write
|
||
|
421A000
|
trusted library allocation
|
page read and write
|
||
|
42A8000
|
trusted library allocation
|
page read and write
|
||
|
1C4C000
|
heap
|
page read and write
|
||
|
421C000
|
trusted library allocation
|
page read and write
|
||
|
1CFA000
|
heap
|
page read and write
|
||
|
421B000
|
trusted library allocation
|
page read and write
|
||
|
1C94000
|
heap
|
page read and write
|
||
|
4224000
|
trusted library allocation
|
page read and write
|
||
|
1CFE000
|
heap
|
page read and write
|
||
|
421C000
|
trusted library allocation
|
page read and write
|
||
|
4264000
|
trusted library allocation
|
page read and write
|
||
|
1CF9000
|
heap
|
page read and write
|
||
|
4221000
|
trusted library allocation
|
page read and write
|
||
|
4244000
|
trusted library allocation
|
page read and write
|
||
|
420D000
|
trusted library allocation
|
page read and write
|
||
|
46BD000
|
trusted library allocation
|
page read and write
|
||
|
1C7A000
|
heap
|
page read and write
|
||
|
1CF9000
|
heap
|
page read and write
|
||
|
423E000
|
trusted library allocation
|
page read and write
|
||
|
395E000
|
stack
|
page read and write
|
||
|
1C0E000
|
heap
|
page read and write
|
||
|
424D000
|
trusted library allocation
|
page read and write
|
||
|
4215000
|
trusted library allocation
|
page read and write
|
||
|
4208000
|
trusted library allocation
|
page read and write
|
||
|
421D000
|
trusted library allocation
|
page read and write
|
||
|
1B5E000
|
stack
|
page read and write
|
||
|
36A0000
|
direct allocation
|
page read and write
|
||
|
4208000
|
trusted library allocation
|
page read and write
|
||
|
4210000
|
trusted library allocation
|
page read and write
|
||
|
4201000
|
trusted library allocation
|
page read and write
|
||
|
4219000
|
trusted library allocation
|
page read and write
|
||
|
425D000
|
trusted library allocation
|
page read and write
|
||
|
423F000
|
trusted library allocation
|
page read and write
|
||
|
3C00000
|
remote allocation
|
page read and write
|
||
|
4247000
|
trusted library allocation
|
page read and write
|
||
|
4215000
|
trusted library allocation
|
page read and write
|
||
|
4471000
|
trusted library allocation
|
page read and write
|
||
|
1DFF000
|
stack
|
page read and write
|
||
|
429D000
|
trusted library allocation
|
page read and write
|
||
|
4210000
|
trusted library allocation
|
page read and write
|
||
|
425E000
|
trusted library allocation
|
page read and write
|
||
|
4210000
|
trusted library allocation
|
page read and write
|
||
|
4208000
|
trusted library allocation
|
page read and write
|
||
|
4247000
|
trusted library allocation
|
page read and write
|
||
|
4234000
|
trusted library allocation
|
page read and write
|
||
|
4204000
|
trusted library allocation
|
page read and write
|
||
|
42A1000
|
trusted library allocation
|
page read and write
|
||
|
4284000
|
trusted library allocation
|
page read and write
|
||
|
421C000
|
trusted library allocation
|
page read and write
|
||
|
421D000
|
trusted library allocation
|
page read and write
|
||
|
424C000
|
trusted library allocation
|
page read and write
|
||
|
4222000
|
trusted library allocation
|
page read and write
|
||
|
399E000
|
stack
|
page read and write
|
||
|
4295000
|
trusted library allocation
|
page read and write
|
||
|
36FE000
|
stack
|
page read and write
|
||
|
4234000
|
trusted library allocation
|
page read and write
|
||
|
423D000
|
trusted library allocation
|
page read and write
|
||
|
420C000
|
trusted library allocation
|
page read and write
|
||
|
4201000
|
trusted library allocation
|
page read and write
|
||
|
422D000
|
trusted library allocation
|
page read and write
|
||
|
4225000
|
trusted library allocation
|
page read and write
|
||
|
420A000
|
trusted library allocation
|
page read and write
|
||
|
424D000
|
trusted library allocation
|
page read and write
|
||
|
385D000
|
stack
|
page read and write
|
||
|
4210000
|
trusted library allocation
|
page read and write
|
||
|
420F000
|
trusted library allocation
|
page read and write
|
||
|
4248000
|
trusted library allocation
|
page read and write
|
||
|
1CFE000
|
heap
|
page read and write
|
||
|
4255000
|
trusted library allocation
|
page read and write
|
||
|
4249000
|
trusted library allocation
|
page read and write
|
||
|
4224000
|
trusted library allocation
|
page read and write
|
||
|
420C000
|
trusted library allocation
|
page read and write
|
||
|
4238000
|
trusted library allocation
|
page read and write
|
||
|
4231000
|
trusted library allocation
|
page read and write
|
||
|
4263000
|
trusted library allocation
|
page read and write
|
||
|
445E000
|
stack
|
page read and write
|
||
|
1BAE000
|
stack
|
page read and write
|
||
|
1C0A000
|
heap
|
page read and write
|
||
|
4210000
|
trusted library allocation
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
455F000
|
stack
|
page read and write
|
||
|
428D000
|
trusted library allocation
|
page read and write
|
||
|
4288000
|
trusted library allocation
|
page read and write
|
||
|
426F000
|
trusted library allocation
|
page read and write
|
||
|
424C000
|
trusted library allocation
|
page read and write
|
||
|
4204000
|
trusted library allocation
|
page read and write
|
||
|
36A0000
|
heap
|
page read and write
|
||
|
42AA000
|
trusted library allocation
|
page read and write
|
||
|
1CF4000
|
heap
|
page read and write
|
||
|
4216000
|
trusted library allocation
|
page read and write
|
||
|
421A000
|
trusted library allocation
|
page read and write
|
||
|
421A000
|
trusted library allocation
|
page read and write
|
||
|
4215000
|
trusted library allocation
|
page read and write
|
||
|
1C8E000
|
heap
|
page read and write
|
||
|
1C1E000
|
heap
|
page execute and read and write
|
||
|
4302000
|
trusted library allocation
|
page read and write
|
||
|
4208000
|
trusted library allocation
|
page read and write
|
||
|
4204000
|
trusted library allocation
|
page read and write
|
||
|
4215000
|
trusted library allocation
|
page read and write
|
||
|
1CFC000
|
heap
|
page read and write
|
||
|
4219000
|
trusted library allocation
|
page read and write
|
||
|
420A000
|
trusted library allocation
|
page read and write
|
||
|
3FAE000
|
stack
|
page read and write
|
||
|
1C7A000
|
heap
|
page read and write
|
||
|
4219000
|
trusted library allocation
|
page read and write
|
||
|
422D000
|
trusted library allocation
|
page read and write
|
||
|
423A000
|
trusted library allocation
|
page read and write
|
||
|
429F000
|
trusted library allocation
|
page read and write
|
||
|
4210000
|
trusted library allocation
|
page read and write
|
||
|
423E000
|
trusted library allocation
|
page read and write
|
||
|
4210000
|
trusted library allocation
|
page read and write
|
||
|
4226000
|
trusted library allocation
|
page read and write
|
||
|
4215000
|
trusted library allocation
|
page read and write
|
||
|
43E1000
|
trusted library allocation
|
page read and write
|
||
|
4275000
|
trusted library allocation
|
page read and write
|
||
|
4224000
|
trusted library allocation
|
page read and write
|
||
|
4300000
|
heap
|
page read and write
|
||
|
4200000
|
trusted library allocation
|
page read and write
|
||
|
4BB7000
|
trusted library allocation
|
page read and write
|
||
|
1C95000
|
heap
|
page read and write
|
||
|
422F000
|
trusted library allocation
|
page read and write
|
||
|
1CF9000
|
heap
|
page read and write
|
||
|
1CF9000
|
heap
|
page read and write
|
||
|
4254000
|
trusted library allocation
|
page read and write
|
||
|
424D000
|
trusted library allocation
|
page read and write
|
||
|
4241000
|
trusted library allocation
|
page read and write
|
||
|
421C000
|
trusted library allocation
|
page read and write
|
||
|
1CFC000
|
heap
|
page read and write
|
||
|
4254000
|
trusted library allocation
|
page read and write
|
||
|
1CFE000
|
heap
|
page read and write
|
||
|
424D000
|
trusted library allocation
|
page read and write
|
||
|
422F000
|
trusted library allocation
|
page read and write
|
||
|
1C8E000
|
heap
|
page read and write
|
There are 333 hidden memdumps, click here to show them.