Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Swift_Copy.scr
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\tmp7FF5.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\WAuLmtFUmD.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Swift_Copy.scr.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\WAuLmtFUmD.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_abcymikj.uat.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ctpggwhh.kpd.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_irgxgp21.is2.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xcggdhsd.dzj.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp8D33.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\WAuLmtFUmD.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 2 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Swift_Copy.scr
|
"C:\Users\user\Desktop\Swift_Copy.scr" /S
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\WAuLmtFUmD.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\WAuLmtFUmD" /XML "C:\Users\user\AppData\Local\Temp\tmp7FF5.tmp"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\WAuLmtFUmD.exe
|
C:\Users\user\AppData\Roaming\WAuLmtFUmD.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\WAuLmtFUmD" /XML "C:\Users\user\AppData\Local\Temp\tmp8D33.tmp"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://mail.sigmamotorspk.com
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://www.chiark.greenend.org.uk/~sgtatham/putty/0
|
unknown
|
||
|
http://sigmamotorspk.com
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mail.sigmamotorspk.com
|
unknown
|
|
|
|
sigmamotorspk.com
|
65.21.71.87
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
65.21.71.87
|
sigmamotorspk.com
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2E4E000
|
trusted library allocation
|
page read and write
|
|
|
|
4416000
|
trusted library allocation
|
page read and write
|
|
|
|
28B1000
|
trusted library allocation
|
page read and write
|
|
|
|
28FE000
|
trusted library allocation
|
page read and write
|
|
|
|
506A000
|
trusted library allocation
|
page read and write
|
|
|
|
2E37000
|
trusted library allocation
|
page read and write
|
|
|
|
5D9B000
|
stack
|
page read and write
|
||
|
AA38000
|
heap
|
page read and write
|
||
|
9F8000
|
heap
|
page read and write
|
||
|
DC2000
|
trusted library allocation
|
page read and write
|
||
|
7650000
|
trusted library allocation
|
page read and write
|
||
|
5DF7000
|
trusted library allocation
|
page read and write
|
||
|
A26000
|
heap
|
page read and write
|
||
|
1510000
|
trusted library allocation
|
page read and write
|
||
|
5F80000
|
trusted library allocation
|
page read and write
|
||
|
F68000
|
heap
|
page read and write
|
||
|
360F000
|
trusted library allocation
|
page read and write
|
||
|
1966000
|
trusted library allocation
|
page read and write
|
||
|
27C0000
|
heap
|
page read and write
|
||
|
2DD0000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
A8CE000
|
stack
|
page read and write
|
||
|
5360000
|
heap
|
page read and write
|
||
|
5EFE000
|
stack
|
page read and write
|
||
|
DB2000
|
trusted library allocation
|
page read and write
|
||
|
5A00000
|
heap
|
page read and write
|
||
|
166A000
|
trusted library allocation
|
page execute and read and write
|
||
|
59E0000
|
trusted library allocation
|
page read and write
|
||
|
91C2000
|
heap
|
page read and write
|
||
|
15E0000
|
trusted library allocation
|
page read and write
|
||
|
ABF000
|
heap
|
page read and write
|
||
|
1587000
|
heap
|
page read and write
|
||
|
DBA000
|
trusted library allocation
|
page execute and read and write
|
||
|
5D50000
|
heap
|
page read and write
|
||
|
ED2E000
|
stack
|
page read and write
|
||
|
63EE000
|
stack
|
page read and write
|
||
|
4CA3000
|
trusted library allocation
|
page read and write
|
||
|
580B000
|
stack
|
page read and write
|
||
|
3396000
|
trusted library allocation
|
page read and write
|
||
|
EECC000
|
stack
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
2590000
|
heap
|
page read and write
|
||
|
1662000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page execute and read and write
|
||
|
248E000
|
unkown
|
page read and write
|
||
|
32A6000
|
trusted library allocation
|
page read and write
|
||
|
3246000
|
trusted library allocation
|
page read and write
|
||
|
5810000
|
trusted library section
|
page readonly
|
||
|
4D8E000
|
trusted library allocation
|
page read and write
|
||
|
3E29000
|
trusted library allocation
|
page read and write
|
||
|
7640000
|
trusted library section
|
page read and write
|
||
|
554C000
|
stack
|
page read and write
|
||
|
270E000
|
stack
|
page read and write
|
||
|
6A20000
|
heap
|
page read and write
|
||
|
1950000
|
trusted library allocation
|
page read and write
|
||
|
59FA000
|
trusted library allocation
|
page read and write
|
||
|
B35000
|
heap
|
page read and write
|
||
|
3916000
|
trusted library allocation
|
page read and write
|
||
|
167A000
|
heap
|
page read and write
|
||
|
103E000
|
heap
|
page read and write
|
||
|
4E08000
|
trusted library allocation
|
page read and write
|
||
|
1697000
|
heap
|
page read and write
|
||
|
16AF000
|
heap
|
page read and write
|
||
|
1560000
|
heap
|
page read and write
|
||
|
5D60000
|
heap
|
page read and write
|
||
|
1594000
|
heap
|
page read and write
|
||
|
163D000
|
stack
|
page read and write
|
||
|
43D9000
|
trusted library allocation
|
page read and write
|
||
|
59F0000
|
trusted library allocation
|
page read and write
|
||
|
5DD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
16B6000
|
heap
|
page read and write
|
||
|
19C0000
|
trusted library allocation
|
page read and write
|
||
|
2DBD000
|
trusted library allocation
|
page read and write
|
||
|
5910000
|
trusted library allocation
|
page execute and read and write
|
||
|
7630000
|
trusted library section
|
page read and write
|
||
|
3331000
|
trusted library allocation
|
page read and write
|
||
|
507C000
|
stack
|
page read and write
|
||
|
D9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1608000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
15B1000
|
heap
|
page read and write
|
||
|
DF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
76BE000
|
stack
|
page read and write
|
||
|
1B90000
|
heap
|
page read and write
|
||
|
4DF0000
|
heap
|
page read and write
|
||
|
11D0000
|
trusted library allocation
|
page read and write
|
||
|
5EBE000
|
stack
|
page read and write
|
||
|
7A30000
|
trusted library allocation
|
page read and write
|
||
|
7670000
|
trusted library allocation
|
page read and write
|
||
|
26BE000
|
stack
|
page read and write
|
||
|
243A000
|
stack
|
page read and write
|
||
|
58E2000
|
trusted library allocation
|
page read and write
|
||
|
1BB0000
|
trusted library allocation
|
page read and write
|
||
|
1240000
|
trusted library allocation
|
page read and write
|
||
|
11B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
38B3000
|
trusted library allocation
|
page read and write
|
||
|
261E000
|
unkown
|
page read and write
|
||
|
4D95000
|
trusted library allocation
|
page read and write
|
||
|
A64000
|
heap
|
page read and write
|
||
|
B27F000
|
stack
|
page read and write
|
||
|
14A5000
|
heap
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
F95000
|
heap
|
page read and write
|
||
|
A90D000
|
stack
|
page read and write
|
||
|
151B000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F9D000
|
stack
|
page read and write
|
||
|
11DE000
|
stack
|
page read and write
|
||
|
11B2000
|
trusted library allocation
|
page read and write
|
||
|
5B70000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B80000
|
trusted library allocation
|
page read and write
|
||
|
4C23000
|
trusted library allocation
|
page read and write
|
||
|
5CC0000
|
heap
|
page read and write
|
||
|
58EC000
|
trusted library allocation
|
page read and write
|
||
|
33A9000
|
trusted library allocation
|
page read and write
|
||
|
61B0000
|
heap
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
A0E000
|
heap
|
page read and write
|
||
|
5DE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
24AE000
|
heap
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
35A3000
|
trusted library allocation
|
page read and write
|
||
|
E62E000
|
stack
|
page read and write
|
||
|
14D0000
|
trusted library allocation
|
page read and write
|
||
|
7660000
|
trusted library allocation
|
page execute and read and write
|
||
|
DE0000
|
trusted library allocation
|
page read and write
|
||
|
1604000
|
heap
|
page read and write
|
||
|
26CF000
|
unkown
|
page read and write
|
||
|
3370000
|
trusted library allocation
|
page read and write
|
||
|
1890000
|
trusted library allocation
|
page read and write
|
||
|
107D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5790000
|
trusted library allocation
|
page execute and read and write
|
||
|
7580000
|
trusted library section
|
page read and write
|
||
|
1502000
|
trusted library allocation
|
page read and write
|
||
|
79FE000
|
stack
|
page read and write
|
||
|
35B4000
|
trusted library allocation
|
page read and write
|
||
|
1650000
|
trusted library allocation
|
page read and write
|
||
|
1870000
|
trusted library allocation
|
page read and write
|
||
|
F27F000
|
stack
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
249A000
|
stack
|
page read and write
|
||
|
18E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B8D000
|
trusted library allocation
|
page read and write
|
||
|
1512000
|
trusted library allocation
|
page read and write
|
||
|
58B0000
|
trusted library allocation
|
page read and write
|
||
|
121E000
|
stack
|
page read and write
|
||
|
1063000
|
trusted library allocation
|
page execute and read and write
|
||
|
290E000
|
trusted library allocation
|
page read and write
|
||
|
5BD2000
|
heap
|
page read and write
|
||
|
1666000
|
trusted library allocation
|
page execute and read and write
|
||
|
14F0000
|
trusted library allocation
|
page read and write
|
||
|
3320000
|
heap
|
page execute and read and write
|
||
|
12F6000
|
stack
|
page read and write
|
||
|
2440000
|
heap
|
page read and write
|
||
|
43B1000
|
trusted library allocation
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
4E99000
|
trusted library allocation
|
page read and write
|
||
|
5890000
|
trusted library allocation
|
page read and write
|
||
|
B3E7000
|
trusted library allocation
|
page read and write
|
||
|
1082000
|
trusted library allocation
|
page read and write
|
||
|
2500000
|
heap
|
page read and write
|
||
|
5CCE000
|
heap
|
page read and write
|
||
|
F89000
|
stack
|
page read and write
|
||
|
1500000
|
trusted library allocation
|
page read and write
|
||
|
B07B000
|
stack
|
page read and write
|
||
|
327F000
|
stack
|
page read and write
|
||
|
62C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
167E000
|
heap
|
page read and write
|
||
|
18A8000
|
trusted library allocation
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
5B6C000
|
stack
|
page read and write
|
||
|
5F70000
|
trusted library allocation
|
page execute and read and write
|
||
|
78BF000
|
stack
|
page read and write
|
||
|
32B0000
|
trusted library allocation
|
page read and write
|
||
|
5BAA000
|
heap
|
page read and write
|
||
|
B2E000
|
stack
|
page read and write
|
||
|
4A4D000
|
stack
|
page read and write
|
||
|
5E1D000
|
stack
|
page read and write
|
||
|
1BC7000
|
heap
|
page read and write
|
||
|
43B9000
|
trusted library allocation
|
page read and write
|
||
|
5DA0000
|
trusted library allocation
|
page read and write
|
||
|
D94000
|
trusted library allocation
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
5D80000
|
heap
|
page read and write
|
||
|
6C50000
|
heap
|
page read and write
|
||
|
DA0000
|
trusted library allocation
|
page read and write
|
||
|
A6CE000
|
stack
|
page read and write
|
||
|
E76E000
|
stack
|
page read and write
|
||
|
B567000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
542C000
|
stack
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
108A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
1119000
|
stack
|
page read and write
|
||
|
27CB000
|
heap
|
page read and write
|
||
|
5E50000
|
heap
|
page read and write
|
||
|
4F91000
|
trusted library allocation
|
page read and write
|
||
|
D0E000
|
stack
|
page read and write
|
||
|
3380000
|
trusted library allocation
|
page read and write
|
||
|
4DC5000
|
trusted library allocation
|
page read and write
|
||
|
543E000
|
stack
|
page read and write
|
||
|
7B82000
|
trusted library allocation
|
page read and write
|
||
|
2DAE000
|
trusted library allocation
|
page read and write
|
||
|
33A5000
|
trusted library allocation
|
page read and write
|
||
|
2D50000
|
heap
|
page execute and read and write
|
||
|
1640000
|
trusted library allocation
|
page read and write
|
||
|
18F0000
|
heap
|
page read and write
|
||
|
7870000
|
trusted library allocation
|
page read and write
|
||
|
AEDF000
|
stack
|
page read and write
|
||
|
38B7000
|
trusted library allocation
|
page read and write
|
||
|
1750000
|
heap
|
page read and write
|
||
|
1660000
|
trusted library allocation
|
page read and write
|
||
|
E46E000
|
stack
|
page read and write
|
||
|
328B000
|
trusted library allocation
|
page read and write
|
||
|
4E1B000
|
trusted library allocation
|
page read and write
|
||
|
4D94000
|
trusted library allocation
|
page read and write
|
||
|
921B000
|
heap
|
page read and write
|
||
|
5A00000
|
heap
|
page read and write
|
||
|
9221000
|
heap
|
page read and write
|
||
|
4DA0000
|
trusted library allocation
|
page read and write
|
||
|
AA1F000
|
heap
|
page read and write
|
||
|
7A7E000
|
stack
|
page read and write
|
||
|
D4E000
|
stack
|
page read and write
|
||
|
156E000
|
heap
|
page read and write
|
||
|
287E000
|
stack
|
page read and write
|
||
|
1530000
|
trusted library allocation
|
page read and write
|
||
|
923C000
|
heap
|
page read and write
|
||
|
502D000
|
trusted library allocation
|
page read and write
|
||
|
53EE000
|
stack
|
page read and write
|
||
|
7FA50000
|
trusted library allocation
|
page execute and read and write
|
||
|
3220000
|
trusted library allocation
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
756E000
|
stack
|
page read and write
|
||
|
627E000
|
stack
|
page read and write
|
||
|
65AE000
|
stack
|
page read and write
|
||
|
EBEE000
|
stack
|
page read and write
|
||
|
2906000
|
trusted library allocation
|
page read and write
|
||
|
33B1000
|
trusted library allocation
|
page read and write
|
||
|
165D000
|
trusted library allocation
|
page execute and read and write
|
||
|
786E000
|
stack
|
page read and write
|
||
|
58F0000
|
heap
|
page read and write
|
||
|
5A13000
|
heap
|
page read and write
|
||
|
48B8000
|
trusted library allocation
|
page read and write
|
||
|
2D4E000
|
stack
|
page read and write
|
||
|
3260000
|
heap
|
page execute and read and write
|
||
|
38D9000
|
trusted library allocation
|
page read and write
|
||
|
19FE000
|
stack
|
page read and write
|
||
|
5350000
|
heap
|
page read and write
|
||
|
32AD000
|
trusted library allocation
|
page read and write
|
||
|
DB0000
|
trusted library allocation
|
page read and write
|
||
|
5F50000
|
trusted library section
|
page read and write
|
||
|
15FC000
|
heap
|
page read and write
|
||
|
1450000
|
heap
|
page read and write
|
||
|
2670000
|
heap
|
page read and write
|
||
|
559E000
|
stack
|
page read and write
|
||
|
156A000
|
heap
|
page read and write
|
||
|
F7E000
|
stack
|
page read and write
|
||
|
2810000
|
heap
|
page read and write
|
||
|
245D000
|
stack
|
page read and write
|
||
|
62B0000
|
trusted library allocation
|
page read and write
|
||
|
5820000
|
heap
|
page read and write
|
||
|
63AE000
|
stack
|
page read and write
|
||
|
EC2E000
|
stack
|
page read and write
|
||
|
2DD4000
|
trusted library allocation
|
page read and write
|
||
|
AB5E000
|
stack
|
page read and write
|
||
|
54C0000
|
trusted library allocation
|
page read and write
|
||
|
5B50000
|
heap
|
page read and write
|
||
|
141E000
|
stack
|
page read and write
|
||
|
14F6000
|
stack
|
page read and write
|
||
|
5DF0000
|
trusted library allocation
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
E42E000
|
stack
|
page read and write
|
||
|
A85000
|
heap
|
page read and write
|
||
|
323E000
|
trusted library allocation
|
page read and write
|
||
|
6A30000
|
trusted library allocation
|
page execute and read and write
|
||
|
1064000
|
trusted library allocation
|
page read and write
|
||
|
5BFA000
|
heap
|
page read and write
|
||
|
59F0000
|
trusted library section
|
page readonly
|
||
|
5D4D000
|
stack
|
page read and write
|
||
|
5830000
|
heap
|
page read and write
|
||
|
F8A000
|
heap
|
page read and write
|
||
|
1670000
|
heap
|
page read and write
|
||
|
18DE000
|
stack
|
page read and write
|
||
|
EE50000
|
trusted library allocation
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
5C40000
|
heap
|
page read and write
|
||
|
15D000
|
stack
|
page read and write
|
||
|
33A0000
|
heap
|
page read and write
|
||
|
321C000
|
stack
|
page read and write
|
||
|
15A0000
|
heap
|
page read and write
|
||
|
5FCE000
|
stack
|
page read and write
|
||
|
1517000
|
trusted library allocation
|
page execute and read and write
|
||
|
9200000
|
heap
|
page read and write
|
||
|
69F0000
|
trusted library allocation
|
page read and write
|
||
|
B3E0000
|
trusted library allocation
|
page read and write
|
||
|
5B20000
|
heap
|
page execute and read and write
|
||
|
2DE0000
|
trusted library allocation
|
page read and write
|
||
|
360E000
|
trusted library allocation
|
page read and write
|
||
|
1BC0000
|
heap
|
page read and write
|
||
|
2D90000
|
trusted library allocation
|
page read and write
|
||
|
14E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2894000
|
trusted library allocation
|
page read and write
|
||
|
4F15000
|
trusted library allocation
|
page read and write
|
||
|
A1A000
|
heap
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
15F0000
|
heap
|
page read and write
|
||
|
5BC0000
|
heap
|
page read and write
|
||
|
B130000
|
trusted library allocation
|
page read and write
|
||
|
175E000
|
stack
|
page read and write
|
||
|
91C0000
|
heap
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
DCB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1759000
|
heap
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
61E0000
|
heap
|
page read and write
|
||
|
86B000
|
stack
|
page read and write
|
||
|
14E4000
|
trusted library allocation
|
page read and write
|
||
|
1644000
|
trusted library allocation
|
page read and write
|
||
|
51BE000
|
stack
|
page read and write
|
||
|
106D000
|
trusted library allocation
|
page execute and read and write
|
||
|
FD7000
|
heap
|
page read and write
|
||
|
AA10000
|
heap
|
page read and write
|
||
|
3390000
|
trusted library allocation
|
page read and write
|
||
|
2E2C000
|
trusted library allocation
|
page read and write
|
||
|
F17E000
|
stack
|
page read and write
|
||
|
54C8000
|
trusted library allocation
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
11BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
ADDE000
|
stack
|
page read and write
|
||
|
536D000
|
heap
|
page read and write
|
||
|
62B6000
|
trusted library allocation
|
page read and write
|
||
|
19D0000
|
heap
|
page read and write
|
||
|
61EA000
|
heap
|
page read and write
|
||
|
FEC000
|
heap
|
page read and write
|
||
|
1540000
|
trusted library allocation
|
page execute and read and write
|
||
|
2890000
|
trusted library allocation
|
page read and write
|
||
|
2880000
|
trusted library allocation
|
page read and write
|
||
|
1550000
|
trusted library allocation
|
page read and write
|
||
|
B37E000
|
stack
|
page read and write
|
||
|
EFF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E66000
|
trusted library allocation
|
page read and write
|
||
|
50BE000
|
stack
|
page read and write
|
||
|
2DA2000
|
trusted library allocation
|
page read and write
|
||
|
172A000
|
heap
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
1944000
|
trusted library allocation
|
page read and write
|
||
|
5DC6000
|
trusted library allocation
|
page read and write
|
||
|
F50000
|
trusted library allocation
|
page read and write
|
||
|
60FE000
|
stack
|
page read and write
|
||
|
150A000
|
trusted library allocation
|
page execute and read and write
|
||
|
28A0000
|
heap
|
page read and write
|
||
|
1060000
|
trusted library allocation
|
page read and write
|
||
|
33F6000
|
trusted library allocation
|
page read and write
|
||
|
2DB6000
|
trusted library allocation
|
page read and write
|
||
|
AC9E000
|
stack
|
page read and write
|
||
|
4F7C000
|
stack
|
page read and write
|
||
|
B5A000
|
stack
|
page read and write
|
||
|
7450000
|
heap
|
page read and write
|
||
|
14ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
58B0000
|
trusted library allocation
|
page read and write
|
||
|
2DB1000
|
trusted library allocation
|
page read and write
|
||
|
AB9E000
|
stack
|
page read and write
|
||
|
3E09000
|
trusted library allocation
|
page read and write
|
||
|
52FE000
|
stack
|
page read and write
|
||
|
11B5000
|
trusted library allocation
|
page execute and read and write
|
||
|
28FC000
|
trusted library allocation
|
page read and write
|
||
|
776E000
|
stack
|
page read and write
|
||
|
168F000
|
heap
|
page read and write
|
||
|
2A80000
|
heap
|
page read and write
|
||
|
5B10000
|
heap
|
page read and write
|
||
|
5840000
|
trusted library allocation
|
page execute and read and write
|
||
|
FD2000
|
unkown
|
page readonly
|
||
|
569E000
|
stack
|
page read and write
|
||
|
B17C000
|
stack
|
page read and write
|
||
|
2896000
|
trusted library allocation
|
page read and write
|
||
|
5E5E000
|
heap
|
page read and write
|
||
|
5DC0000
|
trusted library allocation
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
51FE000
|
stack
|
page read and write
|
||
|
2D9B000
|
trusted library allocation
|
page read and write
|
||
|
7880000
|
trusted library allocation
|
page execute and read and write
|
||
|
3241000
|
trusted library allocation
|
page read and write
|
||
|
5430000
|
trusted library allocation
|
page read and write
|
||
|
4D0E000
|
trusted library allocation
|
page read and write
|
||
|
15D7000
|
heap
|
page read and write
|
||
|
58F0000
|
trusted library allocation
|
page read and write
|
||
|
FC0000
|
trusted library allocation
|
page read and write
|
||
|
5B35000
|
heap
|
page read and write
|
||
|
F98000
|
heap
|
page read and write
|
||
|
5780000
|
trusted library allocation
|
page read and write
|
||
|
58E6000
|
trusted library allocation
|
page read and write
|
||
|
DB6000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B40000
|
heap
|
page read and write
|
||
|
2490000
|
heap
|
page read and write
|
||
|
1233000
|
heap
|
page read and write
|
||
|
25B0000
|
heap
|
page read and write
|
||
|
2660000
|
heap
|
page read and write
|
||
|
1946000
|
trusted library allocation
|
page read and write
|
||
|
2E56000
|
trusted library allocation
|
page read and write
|
||
|
58E0000
|
trusted library allocation
|
page read and write
|
||
|
19BB000
|
stack
|
page read and write
|
||
|
4DB9000
|
trusted library allocation
|
page read and write
|
||
|
581E000
|
stack
|
page read and write
|
||
|
60BE000
|
stack
|
page read and write
|
||
|
AA0D000
|
stack
|
page read and write
|
||
|
1702000
|
heap
|
page read and write
|
||
|
F0F000
|
stack
|
page read and write
|
||
|
749E000
|
heap
|
page read and write
|
||
|
1080000
|
trusted library allocation
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
5853000
|
heap
|
page read and write
|
||
|
19D7000
|
heap
|
page read and write
|
||
|
26FF000
|
stack
|
page read and write
|
||
|
1940000
|
trusted library allocation
|
page read and write
|
||
|
2D80000
|
trusted library allocation
|
page read and write
|
||
|
32A1000
|
trusted library allocation
|
page read and write
|
||
|
DC5000
|
trusted library allocation
|
page execute and read and write
|
||
|
14FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E66000
|
trusted library allocation
|
page read and write
|
||
|
324D000
|
trusted library allocation
|
page read and write
|
||
|
15A2000
|
heap
|
page read and write
|
||
|
171A000
|
heap
|
page read and write
|
||
|
AD9E000
|
stack
|
page read and write
|
||
|
EF9000
|
stack
|
page read and write
|
||
|
3833000
|
trusted library allocation
|
page read and write
|
||
|
3280000
|
trusted library allocation
|
page read and write
|
||
|
E9B0000
|
heap
|
page read and write
|
||
|
AA28000
|
heap
|
page read and write
|
||
|
149C000
|
stack
|
page read and write
|
||
|
38B1000
|
trusted library allocation
|
page read and write
|
||
|
5900000
|
trusted library allocation
|
page read and write
|
||
|
5770000
|
heap
|
page read and write
|
||
|
5B0D000
|
stack
|
page read and write
|
||
|
38B9000
|
trusted library allocation
|
page read and write
|
||
|
5BFC000
|
heap
|
page read and write
|
||
|
500D000
|
trusted library allocation
|
page read and write
|
||
|
1506000
|
trusted library allocation
|
page execute and read and write
|
||
|
554C000
|
stack
|
page read and write
|
||
|
11B0000
|
trusted library allocation
|
page read and write
|
||
|
BBD0000
|
trusted library section
|
page read and write
|
||
|
630E000
|
stack
|
page read and write
|
||
|
61FE000
|
stack
|
page read and write
|
||
|
16A4000
|
heap
|
page read and write
|
||
|
274F000
|
stack
|
page read and write
|
||
|
1970000
|
heap
|
page read and write
|
||
|
EE52000
|
trusted library allocation
|
page read and write
|
||
|
2D9E000
|
trusted library allocation
|
page read and write
|
||
|
57DF000
|
stack
|
page read and write
|
||
|
5BA8000
|
heap
|
page read and write
|
||
|
2E4C000
|
trusted library allocation
|
page read and write
|
||
|
187B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E0C000
|
trusted library allocation
|
page read and write
|
||
|
5850000
|
heap
|
page read and write
|
||
|
74CA000
|
heap
|
page read and write
|
||
|
4F10000
|
heap
|
page execute and read and write
|
||
|
5340000
|
heap
|
page execute and read and write
|
||
|
149E000
|
stack
|
page read and write
|
||
|
329E000
|
trusted library allocation
|
page read and write
|
||
|
7FCF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
186E000
|
stack
|
page read and write
|
||
|
623E000
|
stack
|
page read and write
|
||
|
1086000
|
trusted library allocation
|
page execute and read and write
|
||
|
E9AD000
|
stack
|
page read and write
|
||
|
6400000
|
trusted library allocation
|
page read and write
|
||
|
3656000
|
trusted library allocation
|
page read and write
|
||
|
5B30000
|
heap
|
page read and write
|
||
|
5BA0000
|
heap
|
page read and write
|
||
|
56DE000
|
stack
|
page read and write
|
||
|
1601000
|
heap
|
page read and write
|
||
|
63F0000
|
trusted library allocation
|
page read and write
|
||
|
3E01000
|
trusted library allocation
|
page read and write
|
||
|
E72E000
|
stack
|
page read and write
|
||
|
6310000
|
trusted library allocation
|
page execute and read and write
|
||
|
5C07000
|
heap
|
page read and write
|
||
|
D93000
|
trusted library allocation
|
page execute and read and write
|
||
|
4339000
|
trusted library allocation
|
page read and write
|
||
|
D80000
|
trusted library allocation
|
page read and write
|
||
|
33F2000
|
trusted library allocation
|
page read and write
|
||
|
547E000
|
stack
|
page read and write
|
||
|
59FD000
|
trusted library allocation
|
page read and write
|
||
|
5DAC000
|
trusted library allocation
|
page read and write
|
||
|
7F310000
|
trusted library allocation
|
page execute and read and write
|
||
|
5FAE000
|
stack
|
page read and write
|
||
|
5B9E000
|
stack
|
page read and write
|
||
|
7EE70000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C55000
|
trusted library allocation
|
page read and write
|
||
|
FBC000
|
stack
|
page read and write
|
||
|
5B90000
|
trusted library allocation
|
page read and write
|
||
|
5BA0000
|
heap
|
page read and write
|
||
|
102A000
|
heap
|
page read and write
|
||
|
766E000
|
stack
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
3393000
|
trusted library allocation
|
page read and write
|
||
|
1960000
|
trusted library allocation
|
page read and write
|
||
|
164D000
|
trusted library allocation
|
page execute and read and write
|
||
|
163C000
|
heap
|
page read and write
|
||
|
969000
|
stack
|
page read and write
|
||
|
2DAA000
|
trusted library allocation
|
page read and write
|
||
|
EFCC000
|
stack
|
page read and write
|
||
|
78FE000
|
stack
|
page read and write
|
||
|
5433000
|
trusted library allocation
|
page read and write
|
||
|
1872000
|
trusted library allocation
|
page read and write
|
||
|
F03E000
|
stack
|
page read and write
|
||
|
265F000
|
unkown
|
page read and write
|
||
|
4331000
|
trusted library allocation
|
page read and write
|
||
|
F13E000
|
stack
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
336E000
|
stack
|
page read and write
|
||
|
16B2000
|
heap
|
page read and write
|
||
|
189E000
|
stack
|
page read and write
|
||
|
1877000
|
trusted library allocation
|
page execute and read and write
|
||
|
E8AD000
|
stack
|
page read and write
|
||
|
B3EB000
|
trusted library allocation
|
page read and write
|
||
|
322B000
|
trusted library allocation
|
page read and write
|
||
|
F30000
|
heap
|
page execute and read and write
|
||
|
EAED000
|
stack
|
page read and write
|
||
|
57C0000
|
trusted library allocation
|
page read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
54BE000
|
stack
|
page read and write
|
||
|
5B10000
|
trusted library allocation
|
page read and write
|
||
|
A79000
|
heap
|
page read and write
|
||
|
532C000
|
stack
|
page read and write
|
||
|
163A000
|
heap
|
page read and write
|
||
|
4F30000
|
heap
|
page read and write
|
||
|
FD0000
|
unkown
|
page readonly
|
||
|
74B8000
|
heap
|
page read and write
|
||
|
A7CE000
|
stack
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
1643000
|
trusted library allocation
|
page execute and read and write
|
||
|
533E000
|
stack
|
page read and write
|
||
|
14E0000
|
trusted library allocation
|
page read and write
|
||
|
15F5000
|
heap
|
page read and write
|
||
|
542E000
|
stack
|
page read and write
|
||
|
185F000
|
stack
|
page read and write
|
||
|
5A10000
|
heap
|
page read and write
|
||
|
4DA4000
|
trusted library allocation
|
page read and write
|
||
|
FD2000
|
heap
|
page read and write
|
||
|
2E01000
|
trusted library allocation
|
page read and write
|
||
|
AB10000
|
trusted library allocation
|
page execute and read and write
|
||
|
E86E000
|
stack
|
page read and write
|
||
|
A24000
|
heap
|
page read and write
|
||
|
32E0000
|
heap
|
page execute and read and write
|
||
|
1095000
|
heap
|
page read and write
|
||
|
4C07000
|
trusted library allocation
|
page read and write
|
||
|
1032000
|
heap
|
page read and write
|
||
|
5BA5000
|
heap
|
page read and write
|
||
|
63F7000
|
trusted library allocation
|
page read and write
|
||
|
77BF000
|
stack
|
page read and write
|
||
|
249A000
|
heap
|
page read and write
|
||
|
DC7000
|
trusted library allocation
|
page execute and read and write
|
||
|
58B8000
|
trusted library allocation
|
page read and write
|
There are 543 hidden memdumps, click here to show them.