Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
PO0423023.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\PO0423023.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\43PI9J
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 8
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\PO0423023.exe
|
"C:\Users\user\Desktop\PO0423023.exe"
|
|
|
|
C:\Users\user\Desktop\PO0423023.exe
|
"C:\Users\user\Desktop\PO0423023.exe"
|
|
|
|
C:\Program Files (x86)\BfhsBJESSmvrxvvTUcmuRbsoDWHhTcMOtxhWkIEDZkirMcGdurpwUW\uFKwxSqRZbIimWVtjS.exe
|
"C:\Program Files (x86)\BfhsBJESSmvrxvvTUcmuRbsoDWHhTcMOtxhWkIEDZkirMcGdurpwUW\uFKwxSqRZbIimWVtjS.exe"
|
|
|
|
C:\Windows\SysWOW64\takeown.exe
|
"C:\Windows\SysWOW64\takeown.exe"
|
|
|
|
C:\Program Files (x86)\BfhsBJESSmvrxvvTUcmuRbsoDWHhTcMOtxhWkIEDZkirMcGdurpwUW\uFKwxSqRZbIimWVtjS.exe
|
"C:\Program Files (x86)\BfhsBJESSmvrxvvTUcmuRbsoDWHhTcMOtxhWkIEDZkirMcGdurpwUW\uFKwxSqRZbIimWVtjS.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.luckydomainz.shop/pq0o/?sHlxgpX=zlo+FGSBhCkM5GVOiSRgbmytEbX4vu088Yj7BD8zO0hDA+Ttp+tE7JQXtFhQSzjU/FmrV36xGrNmbpUbkD9mJUabQMjhSVlFurdcd91J2fhXl/3bZKBIsDf+Ls10KGv+Sw==&Lx=8PqlJ028VT_
|
91.195.240.19
|
|
|
|
http://www.luckydomainz.shop/pq0o/
|
91.195.240.19
|
|
|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
http://www.fashionagencylab.com
|
unknown
|
||
|
http://www.fashionagencylab.com/pq0o/
|
91.195.240.117
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://mail.365.com/login.html
|
unknown
|
||
|
https://www.marksmile.com/
|
unknown
|
||
|
http://tempuri.org/DataSet1.xsd
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://www.namesilo.com
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://www.chiark.greenend.org.uk/~sgtatham/putty/0
|
unknown
|
||
|
https://www.sedo.com/services/parking.php3
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
http://www.xn--yzyp76d.com/pq0o/?Lx=8PqlJ028VT_&sHlxgpX=J8WC84xruYdLZ+88O/faPZDbDvgvpAFcdnGo6AhEflv3qioXWy6Vm5wGjKWjZFBj5bzfVwWaJCB72b3lEpkTVQZSX1dtpaRBnFtuiUAedf4oW0TmsJoC9BTZIWyKDmIsTQ==
|
47.76.62.167
|
||
|
http://www.cd14j.us/pq0o/?Lx=8PqlJ028VT_&sHlxgpX=zdIBKqN9oP3plxVX8thCZZdmDrHBie+/57+iRklTGjPKULzejm8MTR3zmbqN1d/mp0y1+1mzyQU/+H24oE5uBlYVorRh6rpQbOSJYQm+mXyPaQohcHNhiXaWLX+2tNk6Xw==
|
91.195.240.123
|
||
|
https://www.namesilo.com/domain/search-domains?query=cd14j.us
|
unknown
|
||
|
https://www.tucowsdomains.com/
|
unknown
|
||
|
http://www.marksmile.com/asset/lp_style.css
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://img.sedoparking.com/templates/images/hero_nc.svg
|
unknown
|
||
|
http://www.marksmile.com/asset/lp_qrcode.png
|
unknown
|
||
|
https://www.namecheap.com/domains/registration/results/?domain=luckydomainz.shop
|
unknown
|
||
|
http://www.cd14j.us/pq0o/
|
91.195.240.123
|
||
|
http://www.fashionagencylab.com/pq0o/?sHlxgpX=Ed/ELXNC0S7dMHCut27L778qDXjqsr17l3BGGyc+QR+QSIsAiYGE9ikEmCd6tM+iTSJXxriNtRC8Y/iBHpE37xqgjcRlXnwEl/GWP1Z5DHGRU92yhpKCU6gPuWpCXnwQNw==&Lx=8PqlJ028VT_
|
91.195.240.117
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
There are 18 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.luckydomainz.shop
|
unknown
|
|
|
|
www.xn--yzyp76d.com
|
47.76.62.167
|
||
|
parkingpage.namecheap.com
|
91.195.240.19
|
||
|
www.cd14j.us
|
91.195.240.123
|
||
|
www.fashionagencylab.com
|
91.195.240.117
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
91.195.240.117
|
www.fashionagencylab.com
|
Germany
|
||
|
91.195.240.123
|
www.cd14j.us
|
Germany
|
||
|
47.76.62.167
|
www.xn--yzyp76d.com
|
United States
|
||
|
91.195.240.19
|
parkingpage.namecheap.com
|
Germany
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
5940000
|
system
|
page execute and read and write
|
|
|
|
1DA0000
|
unclassified section
|
page execute and read and write
|
|
|
|
2A20000
|
unkown
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
38C0000
|
trusted library allocation
|
page read and write
|
|
|
|
1CE0000
|
unclassified section
|
page execute and read and write
|
|
|
|
36A0000
|
trusted library allocation
|
page read and write
|
|
|
|
32E0000
|
system
|
page execute and read and write
|
|
|
|
1C56000
|
direct allocation
|
page execute and read and write
|
||
|
A5000
|
unkown
|
page read and write
|
||
|
49E3000
|
heap
|
page read and write
|
||
|
26E8000
|
trusted library allocation
|
page read and write
|
||
|
2920000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
13BE000
|
stack
|
page read and write
|
||
|
1BAEE947000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
2EBD000
|
unclassified section
|
page execute and read and write
|
||
|
1BAEE8AF000
|
system
|
page execute and read and write
|
||
|
83BE000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
1530000
|
heap
|
page read and write
|
||
|
2E802000
|
system
|
page read and write
|
||
|
1BAF0400000
|
trusted library allocation
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3671000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
49B0000
|
trusted library allocation
|
page read and write
|
||
|
4A50000
|
trusted library allocation
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
350C000
|
unkown
|
page read and write
|
||
|
3B9D000
|
direct allocation
|
page execute and read and write
|
||
|
EB6000
|
heap
|
page read and write
|
||
|
A80000
|
trusted library allocation
|
page read and write
|
||
|
1411000
|
unkown
|
page readonly
|
||
|
3711000
|
heap
|
page read and write
|
||
|
360D000
|
heap
|
page read and write
|
||
|
83C3000
|
heap
|
page read and write
|
||
|
1BAF0500000
|
trusted library allocation
|
page read and write
|
||
|
915E000
|
trusted library allocation
|
page read and write
|
||
|
35FE000
|
heap
|
page read and write
|
||
|
B2E000
|
stack
|
page read and write
|
||
|
39B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
1BAF06CE000
|
trusted library allocation
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
9E000
|
unkown
|
page readonly
|
||
|
2F9E000
|
stack
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
83B0000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
836E000
|
stack
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
4F7E000
|
stack
|
page read and write
|
||
|
59D7000
|
system
|
page execute and read and write
|
||
|
246F000
|
stack
|
page read and write
|
||
|
334C000
|
unkown
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
49C0000
|
trusted library allocation
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
35B7000
|
heap
|
page read and write
|
||
|
A7000
|
unkown
|
page readonly
|
||
|
A6E000
|
stack
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
A7000
|
unkown
|
page readonly
|
||
|
1BAF0330000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
837B000
|
heap
|
page read and write
|
||
|
4F3D000
|
unkown
|
page execute and read and write
|
||
|
CF1000
|
unkown
|
page readonly
|
||
|
D80000
|
heap
|
page read and write
|
||
|
BB0000
|
unkown
|
page readonly
|
||
|
1350000
|
unkown
|
page readonly
|
||
|
7E0000
|
unkown
|
page readonly
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
6A9E000
|
stack
|
page read and write
|
||
|
4B7B000
|
stack
|
page read and write
|
||
|
7D0000
|
unkown
|
page readonly
|
||
|
A94000
|
trusted library allocation
|
page read and write
|
||
|
363B000
|
heap
|
page read and write
|
||
|
1559000
|
heap
|
page read and write
|
||
|
4B90000
|
heap
|
page read and write
|
||
|
42BD000
|
unclassified section
|
page execute and read and write
|
||
|
35BD000
|
heap
|
page read and write
|
||
|
35A8000
|
heap
|
page read and write
|
||
|
3624000
|
heap
|
page read and write
|
||
|
1990000
|
direct allocation
|
page execute and read and write
|
||
|
6C50000
|
heap
|
page read and write
|
||
|
4A52000
|
trusted library allocation
|
page read and write
|
||
|
91000
|
unkown
|
page execute read
|
||
|
6E8F000
|
stack
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
313D000
|
unkown
|
page execute and read and write
|
||
|
AB0000
|
trusted library allocation
|
page read and write
|
||
|
107F000
|
stack
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
133C000
|
stack
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
83BA000
|
heap
|
page read and write
|
||
|
35BE000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
2915000
|
trusted library allocation
|
page read and write
|
||
|
828E000
|
heap
|
page read and write
|
||
|
1080000
|
unkown
|
page readonly
|
||
|
47E8000
|
unclassified section
|
page read and write
|
||
|
838C000
|
heap
|
page read and write
|
||
|
2924000
|
heap
|
page read and write
|
||
|
3700000
|
heap
|
page read and write
|
||
|
44CE000
|
stack
|
page read and write
|
||
|
A5A000
|
stack
|
page read and write
|
||
|
1340000
|
unkown
|
page readonly
|
||
|
3711000
|
heap
|
page read and write
|
||
|
44C4000
|
unclassified section
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
1BAF06C4000
|
trusted library allocation
|
page read and write
|
||
|
155C000
|
stack
|
page read and write
|
||
|
5550000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3479000
|
trusted library allocation
|
page read and write
|
||
|
1BAF06AC000
|
trusted library allocation
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3645000
|
heap
|
page read and write
|
||
|
59C8000
|
system
|
page execute and read and write
|
||
|
71E000
|
stack
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
3350000
|
heap
|
page read and write
|
||
|
3DAA000
|
unkown
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
1BAEE8B2000
|
system
|
page execute and read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
4F90000
|
trusted library section
|
page read and write
|
||
|
2920000
|
heap
|
page read and write
|
||
|
F90000
|
unkown
|
page readonly
|
||
|
3711000
|
heap
|
page read and write
|
||
|
1BAF0601000
|
trusted library allocation
|
page read and write
|
||
|
3232000
|
unkown
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
1ABD000
|
direct allocation
|
page execute and read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
91000
|
unkown
|
page execute read
|
||
|
91000
|
unkown
|
page execute read
|
||
|
3640000
|
heap
|
page read and write
|
||
|
3A5F000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
35B7000
|
heap
|
page read and write
|
||
|
4BC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B11000
|
unkown
|
page readonly
|
||
|
3624000
|
heap
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
3A86000
|
unkown
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
4A00000
|
trusted library allocation
|
page read and write
|
||
|
3DB2000
|
direct allocation
|
page execute and read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
B90000
|
unkown
|
page readonly
|
||
|
3711000
|
heap
|
page read and write
|
||
|
1350000
|
unkown
|
page readonly
|
||
|
1B11000
|
unkown
|
page readonly
|
||
|
2471000
|
trusted library allocation
|
page read and write
|
||
|
3490000
|
heap
|
page read and write
|
||
|
24B2000
|
trusted library allocation
|
page read and write
|
||
|
7E0000
|
unkown
|
page readonly
|
||
|
13C0000
|
unkown
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
8364000
|
heap
|
page read and write
|
||
|
4B80000
|
trusted library section
|
page readonly
|
||
|
5584000
|
heap
|
page read and write
|
||
|
44D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D00000
|
heap
|
page read and write
|
||
|
67A0000
|
trusted library allocation
|
page read and write
|
||
|
3494000
|
heap
|
page read and write
|
||
|
497B000
|
trusted library allocation
|
page read and write
|
||
|
D90000
|
unkown
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
865000
|
heap
|
page read and write
|
||
|
1411000
|
unkown
|
page readonly
|
||
|
3711000
|
heap
|
page read and write
|
||
|
A5000
|
unkown
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
557000
|
stack
|
page read and write
|
||
|
3676000
|
heap
|
page read and write
|
||
|
133C000
|
stack
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
35AC000
|
heap
|
page read and write
|
||
|
3612000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
E88000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
1BAF0503000
|
trusted library allocation
|
page read and write
|
||
|
1D90000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
122000
|
unkown
|
page readonly
|
||
|
3711000
|
heap
|
page read and write
|
||
|
1930000
|
direct allocation
|
page read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
AB2000
|
trusted library allocation
|
page read and write
|
||
|
363E000
|
heap
|
page read and write
|
||
|
123A000
|
stack
|
page read and write
|
||
|
1588000
|
heap
|
page read and write
|
||
|
496B000
|
trusted library allocation
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
1BAEE972000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
1400000
|
unkown
|
page readonly
|
||
|
3603000
|
heap
|
page read and write
|
||
|
1420000
|
unkown
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3900000
|
trusted library allocation
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
1080000
|
unkown
|
page readonly
|
||
|
3711000
|
heap
|
page read and write
|
||
|
123C000
|
stack
|
page read and write
|
||
|
FA0000
|
unkown
|
page readonly
|
||
|
8358000
|
heap
|
page read and write
|
||
|
665E000
|
heap
|
page read and write
|
||
|
192F000
|
stack
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
44E0000
|
trusted library allocation
|
page read and write
|
||
|
3710000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
4480000
|
trusted library allocation
|
page read and write
|
||
|
2924000
|
heap
|
page read and write
|
||
|
84FD000
|
stack
|
page read and write
|
||
|
90000
|
unkown
|
page readonly
|
||
|
3711000
|
heap
|
page read and write
|
||
|
49C5000
|
trusted library allocation
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
8340000
|
heap
|
page read and write
|
||
|
3617000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
292B000
|
trusted library allocation
|
page read and write
|
||
|
8381000
|
heap
|
page read and write
|
||
|
B5C000
|
stack
|
page read and write
|
||
|
24BB000
|
trusted library allocation
|
page read and write
|
||
|
4ECD000
|
stack
|
page read and write
|
||
|
8288000
|
heap
|
page read and write
|
||
|
D5E000
|
stack
|
page read and write
|
||
|
313C000
|
stack
|
page read and write
|
||
|
83C8000
|
heap
|
page read and write
|
||
|
6A5E000
|
stack
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
B90000
|
unkown
|
page readonly
|
||
|
ACB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F0000
|
unkown
|
page readonly
|
||
|
8570000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
83C6000
|
heap
|
page read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
133A000
|
stack
|
page read and write
|
||
|
8355000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
4A5E000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C0E000
|
direct allocation
|
page execute and read and write
|
||
|
A7000
|
unkown
|
page readonly
|
||
|
4986000
|
trusted library allocation
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
9E000
|
unkown
|
page readonly
|
||
|
6D8E000
|
stack
|
page read and write
|
||
|
460C000
|
stack
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3612000
|
heap
|
page read and write
|
||
|
1BAEE95C000
|
heap
|
page read and write
|
||
|
453D000
|
unkown
|
page execute and read and write
|
||
|
3494000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
CE0000
|
unkown
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
4A60000
|
trusted library allocation
|
page execute and read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
1340000
|
unkown
|
page readonly
|
||
|
5560000
|
heap
|
page read and write
|
||
|
D00000
|
unkown
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
35AE000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
AA0000
|
trusted library allocation
|
page read and write
|
||
|
13BE000
|
stack
|
page read and write
|
||
|
4F80000
|
trusted library allocation
|
page read and write
|
||
|
38BD000
|
unclassified section
|
page execute and read and write
|
||
|
1780000
|
unkown
|
page readonly
|
||
|
3711000
|
heap
|
page read and write
|
||
|
13D1000
|
unkown
|
page readonly
|
||
|
1BAF0340000
|
trusted library allocation
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
83E000
|
heap
|
page read and write
|
||
|
35BC000
|
heap
|
page read and write
|
||
|
AB6000
|
trusted library allocation
|
page execute and read and write
|
||
|
28D4000
|
trusted library allocation
|
page read and write
|
||
|
834B000
|
heap
|
page read and write
|
||
|
1580000
|
heap
|
page read and write
|
||
|
A9F03FD000
|
stack
|
page read and write
|
||
|
13D1000
|
unkown
|
page readonly
|
||
|
4CE0000
|
trusted library section
|
page read and write
|
||
|
3617000
|
heap
|
page read and write
|
||
|
159F000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
94C0000
|
trusted library allocation
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3E02000
|
unclassified section
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
1BAEE980000
|
heap
|
page read and write
|
||
|
90000
|
unkown
|
page readonly
|
||
|
3711000
|
heap
|
page read and write
|
||
|
5B4F000
|
stack
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
4656000
|
unclassified section
|
page read and write
|
||
|
13BE000
|
stack
|
page read and write
|
||
|
4DC0000
|
heap
|
page read and write
|
||
|
1588000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
2930000
|
unkown
|
page readonly
|
||
|
24BD000
|
unclassified section
|
page execute and read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
BA0000
|
unkown
|
page readonly
|
||
|
3635000
|
heap
|
page read and write
|
||
|
1CD8000
|
direct allocation
|
page execute and read and write
|
||
|
3F1C000
|
unclassified section
|
page read and write
|
||
|
2EEC4000
|
system
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
59AE000
|
system
|
page execute and read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3494000
|
heap
|
page read and write
|
||
|
AC7000
|
trusted library allocation
|
page execute and read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
1BAEE96A000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
853E000
|
stack
|
page read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
8330000
|
trusted library allocation
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
A5000
|
unkown
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
4CBD000
|
unclassified section
|
page execute and read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
35BD000
|
heap
|
page read and write
|
||
|
383B000
|
heap
|
page read and write
|
||
|
5C4F000
|
stack
|
page read and write
|
||
|
3CC7000
|
trusted library allocation
|
page read and write
|
||
|
6C4E000
|
stack
|
page read and write
|
||
|
35AC000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
F80000
|
unkown
|
page readonly
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
A9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BAF050E000
|
trusted library allocation
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
1538000
|
heap
|
page read and write
|
||
|
84BC000
|
stack
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
F80000
|
unkown
|
page readonly
|
||
|
827D000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
350C000
|
unkown
|
page read and write
|
||
|
4A70000
|
trusted library allocation
|
page read and write
|
||
|
3610000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3470000
|
heap
|
page read and write
|
||
|
1580000
|
heap
|
page read and write
|
||
|
7F100000
|
trusted library allocation
|
page execute and read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
13C0000
|
unkown
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
1C41000
|
direct allocation
|
page execute and read and write
|
||
|
35EA000
|
heap
|
page read and write
|
||
|
2FF4000
|
heap
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
6B5000
|
heap
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
4BA0000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
AC2000
|
trusted library allocation
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
E88000
|
heap
|
page read and write
|
||
|
ABA000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F0000
|
unkown
|
page readonly
|
||
|
498D000
|
trusted library allocation
|
page read and write
|
||
|
81AE000
|
stack
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
4486000
|
trusted library allocation
|
page read and write
|
||
|
838000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
8A2000
|
heap
|
page read and write
|
||
|
879000
|
heap
|
page read and write
|
||
|
3B99000
|
direct allocation
|
page execute and read and write
|
||
|
8E8000
|
heap
|
page read and write
|
||
|
90000
|
unkown
|
page readonly
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
2F5E000
|
stack
|
page read and write
|
||
|
8350000
|
heap
|
page read and write
|
||
|
182F000
|
stack
|
page read and write
|
||
|
4A40000
|
heap
|
page read and write
|
||
|
1BAF0511000
|
trusted library allocation
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
1BAEE870000
|
system
|
page execute and read and write
|
||
|
30D0000
|
unkown
|
page execute and read and write
|
||
|
1440000
|
heap
|
page read and write
|
||
|
3718000
|
heap
|
page read and write
|
||
|
4950000
|
trusted library allocation
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
6772000
|
trusted library allocation
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
83AA000
|
heap
|
page read and write
|
||
|
3232000
|
unkown
|
page read and write
|
||
|
326B000
|
stack
|
page read and write
|
||
|
9800000
|
trusted library section
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
AE0000
|
trusted library allocation
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
91000
|
unkown
|
page execute read
|
||
|
3711000
|
heap
|
page read and write
|
||
|
459000
|
stack
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
368B000
|
heap
|
page read and write
|
||
|
155C000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
BA0000
|
unkown
|
page readonly
|
||
|
1370000
|
heap
|
page read and write
|
||
|
872000
|
heap
|
page read and write
|
||
|
3A70000
|
direct allocation
|
page execute and read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
9480000
|
trusted library allocation
|
page execute and read and write
|
||
|
D60000
|
unkown
|
page readonly
|
||
|
1BAF0600000
|
trusted library allocation
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3560000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
816E000
|
stack
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
838A000
|
heap
|
page read and write
|
||
|
38F4000
|
unkown
|
page read and write
|
||
|
A5000
|
unkown
|
page read and write
|
||
|
7D0000
|
unkown
|
page readonly
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
49E0000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
13FE000
|
stack
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
897F000
|
stack
|
page read and write
|
||
|
35FE000
|
heap
|
page read and write
|
||
|
3D63000
|
trusted library allocation
|
page read and write
|
||
|
5A2B000
|
system
|
page execute and read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
6C6A000
|
heap
|
page read and write
|
||
|
3DC0000
|
trusted library allocation
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
32A8000
|
stack
|
page read and write
|
||
|
EB3000
|
heap
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
3DC0000
|
trusted library allocation
|
page read and write
|
||
|
856F000
|
stack
|
page read and write
|
||
|
177F000
|
stack
|
page read and write
|
||
|
BB0000
|
unkown
|
page readonly
|
||
|
846E000
|
stack
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
123A000
|
stack
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
AA3000
|
trusted library allocation
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
291F000
|
stack
|
page read and write
|
||
|
CF1000
|
unkown
|
page readonly
|
||
|
A90000
|
trusted library allocation
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
BAC000
|
stack
|
page read and write
|
||
|
4D90000
|
trusted library allocation
|
page read and write
|
||
|
96E000
|
stack
|
page read and write
|
||
|
D00000
|
unkown
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
1360000
|
unkown
|
page readonly
|
||
|
1BAEE96F000
|
heap
|
page read and write
|
||
|
4981000
|
trusted library allocation
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
2930000
|
unkown
|
page readonly
|
||
|
3711000
|
heap
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
3666000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
89FF000
|
stack
|
page read and write
|
||
|
CDE000
|
stack
|
page read and write
|
||
|
2EADC000
|
system
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
88FF000
|
stack
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
3C18000
|
unkown
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3E4E000
|
trusted library allocation
|
page read and write
|
||
|
1BAEE972000
|
heap
|
page read and write
|
||
|
90000
|
unkown
|
page readonly
|
||
|
3711000
|
heap
|
page read and write
|
||
|
32F2000
|
unkown
|
page read and write
|
||
|
39EA000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
7040000
|
trusted library allocation
|
page read and write
|
||
|
8270000
|
trusted library allocation
|
page read and write
|
||
|
4992000
|
trusted library allocation
|
page read and write
|
||
|
39EE000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3EC2000
|
unclassified section
|
page read and write
|
||
|
3140000
|
unkown
|
page readonly
|
||
|
1780000
|
unkown
|
page readonly
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
94CD000
|
trusted library allocation
|
page read and write
|
||
|
F90000
|
unkown
|
page readonly
|
||
|
40DC000
|
unclassified section
|
page read and write
|
||
|
35DB000
|
heap
|
page read and write
|
||
|
4960000
|
trusted library allocation
|
page read and write
|
||
|
CE0000
|
unkown
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
83A0000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
56BD000
|
unclassified section
|
page execute and read and write
|
||
|
1420000
|
unkown
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
366C000
|
heap
|
page read and write
|
||
|
120000
|
unkown
|
page readonly
|
||
|
1BAF050B000
|
trusted library allocation
|
page read and write
|
||
|
89BE000
|
stack
|
page read and write
|
||
|
FA0000
|
unkown
|
page readonly
|
||
|
497A000
|
unclassified section
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3603000
|
heap
|
page read and write
|
||
|
13E0000
|
unkown
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
9E000
|
unkown
|
page readonly
|
||
|
3D41000
|
direct allocation
|
page execute and read and write
|
||
|
2FF4000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
1BAEEA60000
|
heap
|
page read and write
|
||
|
4DC5000
|
heap
|
page read and write
|
||
|
3B3D000
|
unkown
|
page execute and read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
4DB0000
|
trusted library section
|
page read and write
|
||
|
360D000
|
heap
|
page read and write
|
||
|
1510000
|
unkown
|
page read and write
|
||
|
35B7000
|
heap
|
page read and write
|
||
|
1C5D000
|
direct allocation
|
page execute and read and write
|
||
|
D60000
|
unkown
|
page readonly
|
||
|
A9F0BFE000
|
stack
|
page read and write
|
||
|
59B8000
|
system
|
page execute and read and write
|
||
|
38C1000
|
heap
|
page read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
893E000
|
stack
|
page read and write
|
||
|
2450000
|
unclassified section
|
page execute and read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
1AB9000
|
direct allocation
|
page execute and read and write
|
||
|
35B7000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
8386000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
13E0000
|
unkown
|
page read and write
|
||
|
4BD0000
|
heap
|
page execute and read and write
|
||
|
3D3D000
|
direct allocation
|
page execute and read and write
|
||
|
A9EFBFB000
|
stack
|
page read and write
|
||
|
3D15000
|
trusted library allocation
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
59D4000
|
system
|
page execute and read and write
|
||
|
1630000
|
heap
|
page read and write
|
||
|
81F000
|
stack
|
page read and write
|
||
|
3610000
|
heap
|
page read and write
|
||
|
1BAEE940000
|
heap
|
page read and write
|
||
|
8346000
|
heap
|
page read and write
|
||
|
A9F13FE000
|
stack
|
page read and write
|
||
|
3140000
|
unkown
|
page readonly
|
||
|
3471000
|
trusted library allocation
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
AAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
BC7000
|
heap
|
page read and write
|
||
|
4964000
|
trusted library allocation
|
page read and write
|
||
|
1BAF0521000
|
trusted library allocation
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
35B7000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
9E000
|
unkown
|
page readonly
|
||
|
83B5000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
1360000
|
unkown
|
page readonly
|
||
|
3711000
|
heap
|
page read and write
|
||
|
1BAF0340000
|
trusted library allocation
|
page read and write
|
||
|
B5C000
|
stack
|
page read and write
|
||
|
633D000
|
unkown
|
page execute and read and write
|
||
|
593D000
|
unkown
|
page execute and read and write
|
||
|
A7000
|
unkown
|
page readonly
|
||
|
1400000
|
unkown
|
page readonly
|
||
|
49D0000
|
trusted library allocation
|
page read and write
|
||
|
D90000
|
unkown
|
page read and write
|
||
|
49A0000
|
trusted library allocation
|
page read and write
|
||
|
1BAF06BE000
|
trusted library allocation
|
page read and write
|
||
|
1B2E000
|
direct allocation
|
page execute and read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
3560000
|
trusted library allocation
|
page read and write
|
||
|
86F000
|
heap
|
page read and write
|
||
|
497E000
|
trusted library allocation
|
page read and write
|
||
|
3651000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
6650000
|
heap
|
page read and write
|
||
|
362F000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
35A0000
|
heap
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
3810000
|
heap
|
page read and write
|
||
|
A5A000
|
stack
|
page read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
2E8C2000
|
system
|
page read and write
|
||
|
B30000
|
heap
|
page execute and read and write
|
||
|
3711000
|
heap
|
page read and write
|
||
|
1BAF0240000
|
heap
|
page read and write
|
||
|
3DC0000
|
trusted library allocation
|
page read and write
|
||
|
1BAF0513000
|
trusted library allocation
|
page read and write
|
||
|
A93000
|
trusted library allocation
|
page execute and read and write
|
There are 669 hidden memdumps, click here to show them.