Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
QUOTATION_APRQTRA031244#U00faPDF.scr.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\QUOTATION_APRQTRA031244#U00faPDF.scr.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\QUOTATION_APRQTRA031244#U00faPDF.scr.exe
|
"C:\Users\user\Desktop\QUOTATION_APRQTRA031244#U00faPDF.scr.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_compiler.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_compiler.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://github.com/mgravell/protobuf-neti
|
unknown
|
||
|
https://stackoverflow.com/q/14436606/23354
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
https://github.com/mgravell/protobuf-netJ
|
unknown
|
||
|
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
||
|
https://s22.filetransfer.io
|
unknown
|
||
|
https://stackoverflow.com/q/11564914/23354;
|
unknown
|
||
|
https://stackoverflow.com/q/2152978/23354
|
unknown
|
||
|
https://s22.filetransfer.io/storage/download/fNtpaSFzWEzZ
|
104.21.13.139
|
||
|
http://ocsp.thawte.com0
|
unknown
|
||
|
http://ip-api.com
|
unknown
|
||
|
https://filetransfer.io
|
unknown
|
||
|
https://github.com/mgravell/protobuf-net
|
unknown
|
||
|
http://filetransfer.io/data-package/aPtWC5T9/download
|
104.21.13.139
|
||
|
https://filetransfer.io/data-package/aPtWC5T9/download
|
104.21.13.139
|
||
|
http://filetransfer.io
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://ip-api.com/line/?fields=hosting
|
208.95.112.1
|
There are 8 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
filetransfer.io
|
104.21.13.139
|
||
|
ip-api.com
|
208.95.112.1
|
||
|
s22.filetransfer.io
|
104.21.13.139
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.21.13.139
|
filetransfer.io
|
United States
|
||
|
208.95.112.1
|
ip-api.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_APRQTRA031244#U00faPDF_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_APRQTRA031244#U00faPDF_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_APRQTRA031244#U00faPDF_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_APRQTRA031244#U00faPDF_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_APRQTRA031244#U00faPDF_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_APRQTRA031244#U00faPDF_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_APRQTRA031244#U00faPDF_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_APRQTRA031244#U00faPDF_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_APRQTRA031244#U00faPDF_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_APRQTRA031244#U00faPDF_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_APRQTRA031244#U00faPDF_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_APRQTRA031244#U00faPDF_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_APRQTRA031244#U00faPDF_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QUOTATION_APRQTRA031244#U00faPDF_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\aspnet_compiler_RASMANCS
|
FileDirectory
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2BB6000
|
trusted library allocation
|
page read and write
|
|
|
|
70F0000
|
trusted library section
|
page read and write
|
|
|
|
3C24000
|
trusted library allocation
|
page read and write
|
|
|
|
9090000
|
trusted library section
|
page read and write
|
|
|
|
42C9000
|
trusted library allocation
|
page read and write
|
|
|
|
44F9000
|
trusted library allocation
|
page read and write
|
|
|
|
2E2C000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2D61000
|
trusted library allocation
|
page read and write
|
|
|
|
4599000
|
trusted library allocation
|
page read and write
|
|
|
|
4651000
|
trusted library allocation
|
page read and write
|
|
|
|
2B95000
|
trusted library allocation
|
page read and write
|
|
|
|
588E000
|
stack
|
page read and write
|
||
|
9E20000
|
trusted library allocation
|
page read and write
|
||
|
6D5E000
|
stack
|
page read and write
|
||
|
5D78000
|
heap
|
page read and write
|
||
|
11F0000
|
trusted library allocation
|
page read and write
|
||
|
7300000
|
trusted library allocation
|
page read and write
|
||
|
2FD9000
|
trusted library allocation
|
page read and write
|
||
|
8E33000
|
trusted library allocation
|
page read and write
|
||
|
65F0000
|
heap
|
page read and write
|
||
|
4B60000
|
trusted library allocation
|
page read and write
|
||
|
660F000
|
heap
|
page read and write
|
||
|
4B70000
|
trusted library allocation
|
page read and write
|
||
|
127B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7210000
|
heap
|
page read and write
|
||
|
2FBE000
|
trusted library allocation
|
page read and write
|
||
|
6E5F000
|
stack
|
page read and write
|
||
|
DA3000
|
trusted library allocation
|
page read and write
|
||
|
5C00000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DF2000
|
trusted library allocation
|
page read and write
|
||
|
2E05000
|
trusted library allocation
|
page read and write
|
||
|
3041000
|
trusted library allocation
|
page read and write
|
||
|
3007000
|
trusted library allocation
|
page read and write
|
||
|
5E0E000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
5A6E000
|
stack
|
page read and write
|
||
|
2B53000
|
trusted library allocation
|
page read and write
|
||
|
2EF6000
|
trusted library allocation
|
page read and write
|
||
|
727B000
|
stack
|
page read and write
|
||
|
5BAE000
|
stack
|
page read and write
|
||
|
95E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
141A000
|
heap
|
page read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
51BD000
|
stack
|
page read and write
|
||
|
5090000
|
trusted library allocation
|
page read and write
|
||
|
5200000
|
heap
|
page read and write
|
||
|
5EAE000
|
stack
|
page read and write
|
||
|
2B39000
|
trusted library allocation
|
page read and write
|
||
|
3030000
|
trusted library allocation
|
page read and write
|
||
|
11F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DFF000
|
trusted library allocation
|
page read and write
|
||
|
7350000
|
heap
|
page read and write
|
||
|
820000
|
unkown
|
page readonly
|
||
|
2DE0000
|
trusted library allocation
|
page read and write
|
||
|
DA0000
|
trusted library allocation
|
page read and write
|
||
|
2FE3000
|
trusted library allocation
|
page read and write
|
||
|
2DB6000
|
trusted library allocation
|
page read and write
|
||
|
F32000
|
trusted library allocation
|
page read and write
|
||
|
3034000
|
trusted library allocation
|
page read and write
|
||
|
3BA1000
|
trusted library allocation
|
page read and write
|
||
|
300B000
|
trusted library allocation
|
page read and write
|
||
|
59CE000
|
stack
|
page read and write
|
||
|
2DEA000
|
trusted library allocation
|
page read and write
|
||
|
40A2000
|
trusted library allocation
|
page read and write
|
||
|
5E02000
|
heap
|
page read and write
|
||
|
3016000
|
trusted library allocation
|
page read and write
|
||
|
5C20000
|
trusted library allocation
|
page read and write
|
||
|
2DC9000
|
trusted library allocation
|
page read and write
|
||
|
11D0000
|
heap
|
page execute and read and write
|
||
|
2DF5000
|
trusted library allocation
|
page read and write
|
||
|
2DE6000
|
trusted library allocation
|
page read and write
|
||
|
5E3C000
|
heap
|
page read and write
|
||
|
7296000
|
trusted library allocation
|
page read and write
|
||
|
729B000
|
trusted library allocation
|
page read and write
|
||
|
11FA000
|
heap
|
page read and write
|
||
|
301D000
|
trusted library allocation
|
page read and write
|
||
|
3026000
|
trusted library allocation
|
page read and write
|
||
|
3AE8000
|
trusted library allocation
|
page read and write
|
||
|
8EB000
|
stack
|
page read and write
|
||
|
68A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3028000
|
trusted library allocation
|
page read and write
|
||
|
F30000
|
trusted library allocation
|
page read and write
|
||
|
4B1E000
|
stack
|
page read and write
|
||
|
2E0D000
|
trusted library allocation
|
page read and write
|
||
|
5B10000
|
heap
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
57AE000
|
stack
|
page read and write
|
||
|
92F0000
|
trusted library allocation
|
page read and write
|
||
|
5D6E000
|
stack
|
page read and write
|
||
|
3131000
|
trusted library allocation
|
page read and write
|
||
|
2FD7000
|
trusted library allocation
|
page read and write
|
||
|
44F3000
|
trusted library allocation
|
page read and write
|
||
|
313F000
|
trusted library allocation
|
page read and write
|
||
|
72C5000
|
trusted library allocation
|
page read and write
|
||
|
2FF6000
|
trusted library allocation
|
page read and write
|
||
|
D19000
|
stack
|
page read and write
|
||
|
29DE000
|
stack
|
page read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
2E24000
|
trusted library allocation
|
page read and write
|
||
|
13D8000
|
heap
|
page read and write
|
||
|
302A000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
64ED000
|
stack
|
page read and write
|
||
|
3011000
|
trusted library allocation
|
page read and write
|
||
|
5FAF000
|
stack
|
page read and write
|
||
|
F4B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5220000
|
heap
|
page execute and read and write
|
||
|
1290000
|
heap
|
page read and write
|
||
|
1650000
|
heap
|
page read and write
|
||
|
72DF000
|
trusted library allocation
|
page read and write
|
||
|
9340000
|
trusted library allocation
|
page read and write
|
||
|
2E1E000
|
trusted library allocation
|
page read and write
|
||
|
5B20000
|
trusted library allocation
|
page read and write
|
||
|
683A000
|
trusted library allocation
|
page read and write
|
||
|
51FE000
|
stack
|
page read and write
|
||
|
D94000
|
trusted library allocation
|
page read and write
|
||
|
3011000
|
trusted library allocation
|
page read and write
|
||
|
DAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B20000
|
heap
|
page read and write
|
||
|
3016000
|
trusted library allocation
|
page read and write
|
||
|
682E000
|
stack
|
page read and write
|
||
|
3145000
|
trusted library allocation
|
page read and write
|
||
|
5DA4000
|
heap
|
page read and write
|
||
|
7160000
|
trusted library section
|
page read and write
|
||
|
5B37000
|
trusted library allocation
|
page read and write
|
||
|
2FFE000
|
trusted library allocation
|
page read and write
|
||
|
2FE1000
|
trusted library allocation
|
page read and write
|
||
|
58CD000
|
stack
|
page read and write
|
||
|
71E0000
|
trusted library allocation
|
page read and write
|
||
|
2DEC000
|
trusted library allocation
|
page read and write
|
||
|
5D7A000
|
heap
|
page read and write
|
||
|
2E22000
|
trusted library allocation
|
page read and write
|
||
|
2B23000
|
trusted library allocation
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
303F000
|
trusted library allocation
|
page read and write
|
||
|
4B7D000
|
trusted library allocation
|
page read and write
|
||
|
2DB8000
|
trusted library allocation
|
page read and write
|
||
|
7330000
|
trusted library allocation
|
page read and write
|
||
|
1640000
|
trusted library allocation
|
page read and write
|
||
|
DE4000
|
heap
|
page read and write
|
||
|
6AED000
|
stack
|
page read and write
|
||
|
72A4000
|
trusted library allocation
|
page read and write
|
||
|
7490000
|
trusted library section
|
page read and write
|
||
|
5BEF000
|
stack
|
page read and write
|
||
|
2DC2000
|
trusted library allocation
|
page read and write
|
||
|
2E20000
|
trusted library allocation
|
page read and write
|
||
|
1707000
|
heap
|
page read and write
|
||
|
5FEE000
|
stack
|
page read and write
|
||
|
7F310000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B3D000
|
trusted library allocation
|
page read and write
|
||
|
F87000
|
heap
|
page read and write
|
||
|
11E0000
|
trusted library allocation
|
page read and write
|
||
|
92E0000
|
trusted library allocation
|
page read and write
|
||
|
92D0000
|
trusted library allocation
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
2B35000
|
trusted library allocation
|
page read and write
|
||
|
5D7E000
|
heap
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
72B1000
|
trusted library allocation
|
page read and write
|
||
|
93D0000
|
trusted library allocation
|
page read and write
|
||
|
6890000
|
heap
|
page read and write
|
||
|
126A000
|
trusted library allocation
|
page execute and read and write
|
||
|
6830000
|
trusted library allocation
|
page read and write
|
||
|
4069000
|
trusted library allocation
|
page read and write
|
||
|
15A0000
|
trusted library allocation
|
page read and write
|
||
|
513D000
|
stack
|
page read and write
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
71E9000
|
trusted library allocation
|
page read and write
|
||
|
302C000
|
trusted library allocation
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
546E000
|
stack
|
page read and write
|
||
|
6B2E000
|
stack
|
page read and write
|
||
|
6840000
|
trusted library allocation
|
page execute and read and write
|
||
|
7340000
|
trusted library allocation
|
page read and write
|
||
|
143C000
|
heap
|
page read and write
|
||
|
1700000
|
heap
|
page read and write
|
||
|
2E09000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
745E000
|
stack
|
page read and write
|
||
|
3041000
|
trusted library allocation
|
page read and write
|
||
|
2FBA000
|
trusted library allocation
|
page read and write
|
||
|
54EC000
|
stack
|
page read and write
|
||
|
2E11000
|
trusted library allocation
|
page read and write
|
||
|
58AF000
|
stack
|
page read and write
|
||
|
3032000
|
trusted library allocation
|
page read and write
|
||
|
72A0000
|
trusted library allocation
|
page read and write
|
||
|
5B0E000
|
stack
|
page read and write
|
||
|
312D000
|
trusted library allocation
|
page read and write
|
||
|
2E13000
|
trusted library allocation
|
page read and write
|
||
|
2FC2000
|
trusted library allocation
|
page read and write
|
||
|
92C0000
|
trusted library allocation
|
page read and write
|
||
|
2FC0000
|
trusted library allocation
|
page read and write
|
||
|
1668000
|
trusted library allocation
|
page read and write
|
||
|
F2E000
|
stack
|
page read and write
|
||
|
2DA5000
|
trusted library allocation
|
page read and write
|
||
|
9359000
|
trusted library allocation
|
page read and write
|
||
|
7EF20000
|
trusted library allocation
|
page execute and read and write
|
||
|
68B0000
|
trusted library allocation
|
page read and write
|
||
|
65EE000
|
stack
|
page read and write
|
||
|
3013000
|
trusted library allocation
|
page read and write
|
||
|
F70000
|
trusted library allocation
|
page execute and read and write
|
||
|
30FC000
|
trusted library allocation
|
page read and write
|
||
|
2FD0000
|
trusted library allocation
|
page read and write
|
||
|
1262000
|
trusted library allocation
|
page read and write
|
||
|
162C000
|
stack
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
11E7000
|
trusted library allocation
|
page read and write
|
||
|
5B30000
|
trusted library allocation
|
page read and write
|
||
|
822000
|
unkown
|
page readonly
|
||
|
2E0B000
|
trusted library allocation
|
page read and write
|
||
|
1190000
|
trusted library allocation
|
page read and write
|
||
|
125D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3002000
|
trusted library allocation
|
page read and write
|
||
|
9E7000
|
stack
|
page read and write
|
||
|
9300000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BBC000
|
stack
|
page read and write
|
||
|
6860000
|
trusted library allocation
|
page read and write
|
||
|
300E000
|
trusted library allocation
|
page read and write
|
||
|
3117000
|
trusted library allocation
|
page read and write
|
||
|
2FF8000
|
trusted library allocation
|
page read and write
|
||
|
9390000
|
trusted library allocation
|
page execute and read and write
|
||
|
3030000
|
heap
|
page execute and read and write
|
||
|
13A8000
|
heap
|
page read and write
|
||
|
7310000
|
trusted library allocation
|
page execute and read and write
|
||
|
1451000
|
heap
|
page read and write
|
||
|
6850000
|
trusted library allocation
|
page read and write
|
||
|
2FAE000
|
stack
|
page read and write
|
||
|
11F4000
|
trusted library allocation
|
page read and write
|
||
|
C50000
|
heap
|
page read and write
|
||
|
3047000
|
trusted library allocation
|
page read and write
|
||
|
3AE1000
|
trusted library allocation
|
page read and write
|
||
|
4B40000
|
trusted library allocation
|
page read and write
|
||
|
F60000
|
trusted library allocation
|
page read and write
|
||
|
30B1000
|
trusted library allocation
|
page read and write
|
||
|
6C6E000
|
stack
|
page read and write
|
||
|
13D5000
|
heap
|
page read and write
|
||
|
300F000
|
trusted library allocation
|
page read and write
|
||
|
13CA000
|
heap
|
page read and write
|
||
|
7480000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FC6000
|
trusted library allocation
|
page read and write
|
||
|
124E000
|
stack
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
5A0E000
|
stack
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
2E07000
|
trusted library allocation
|
page read and write
|
||
|
4041000
|
trusted library allocation
|
page read and write
|
||
|
93B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
72B8000
|
trusted library allocation
|
page read and write
|
||
|
11E0000
|
trusted library allocation
|
page read and write
|
||
|
1266000
|
trusted library allocation
|
page execute and read and write
|
||
|
554E000
|
stack
|
page read and write
|
||
|
59EE000
|
stack
|
page read and write
|
||
|
2E0F000
|
trusted library allocation
|
page read and write
|
||
|
5AAE000
|
stack
|
page read and write
|
||
|
5E64000
|
heap
|
page read and write
|
||
|
3009000
|
trusted library allocation
|
page read and write
|
||
|
5490000
|
trusted library allocation
|
page read and write
|
||
|
9350000
|
trusted library allocation
|
page read and write
|
||
|
566E000
|
stack
|
page read and write
|
||
|
DBE000
|
heap
|
page read and write
|
||
|
11FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
60EE000
|
stack
|
page read and write
|
||
|
7290000
|
trusted library allocation
|
page read and write
|
||
|
2DBE000
|
trusted library allocation
|
page read and write
|
||
|
1630000
|
trusted library allocation
|
page execute and read and write
|
||
|
2ADE000
|
stack
|
page read and write
|
||
|
2DBC000
|
trusted library allocation
|
page read and write
|
||
|
2FDB000
|
trusted library allocation
|
page read and write
|
||
|
2E28000
|
trusted library allocation
|
page read and write
|
||
|
1425000
|
heap
|
page read and write
|
||
|
2DB4000
|
trusted library allocation
|
page read and write
|
||
|
10F9000
|
stack
|
page read and write
|
||
|
F42000
|
trusted library allocation
|
page read and write
|
||
|
2DF0000
|
trusted library allocation
|
page read and write
|
||
|
556F000
|
stack
|
page read and write
|
||
|
30F8000
|
trusted library allocation
|
page read and write
|
||
|
DCE000
|
stack
|
page read and write
|
||
|
15EE000
|
stack
|
page read and write
|
||
|
517E000
|
stack
|
page read and write
|
||
|
9310000
|
trusted library allocation
|
page read and write
|
||
|
13BE000
|
heap
|
page read and write
|
||
|
DF2000
|
heap
|
page read and write
|
||
|
1277000
|
trusted library allocation
|
page execute and read and write
|
||
|
5580000
|
heap
|
page execute and read and write
|
||
|
4CBD000
|
stack
|
page read and write
|
||
|
1483000
|
heap
|
page read and write
|
||
|
D93000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B0E000
|
trusted library allocation
|
page read and write
|
||
|
2B91000
|
trusted library allocation
|
page read and write
|
||
|
2DE8000
|
trusted library allocation
|
page read and write
|
||
|
4B30000
|
heap
|
page read and write
|
||
|
F3A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B2D000
|
trusted library allocation
|
page read and write
|
||
|
2DD5000
|
trusted library allocation
|
page read and write
|
||
|
5D70000
|
heap
|
page read and write
|
||
|
1260000
|
trusted library allocation
|
page read and write
|
||
|
118E000
|
stack
|
page read and write
|
||
|
1205000
|
heap
|
page read and write
|
||
|
3075000
|
trusted library allocation
|
page read and write
|
||
|
2DBA000
|
trusted library allocation
|
page read and write
|
||
|
304D000
|
trusted library allocation
|
page read and write
|
||
|
CA5000
|
heap
|
page read and write
|
||
|
EEE000
|
stack
|
page read and write
|
||
|
1250000
|
trusted library allocation
|
page read and write
|
||
|
576E000
|
stack
|
page read and write
|
||
|
9830000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DD3000
|
trusted library allocation
|
page read and write
|
||
|
5D90000
|
heap
|
page read and write
|
||
|
300D000
|
trusted library allocation
|
page read and write
|
||
|
D9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
60F1000
|
trusted library allocation
|
page read and write
|
||
|
5A2D000
|
stack
|
page read and write
|
||
|
2E2A000
|
trusted library allocation
|
page read and write
|
||
|
729E000
|
trusted library allocation
|
page read and write
|
||
|
72AE000
|
trusted library allocation
|
page read and write
|
||
|
3045000
|
trusted library allocation
|
page read and write
|
||
|
F36000
|
trusted library allocation
|
page execute and read and write
|
||
|
43E000
|
remote allocation
|
page execute and read and write
|
||
|
5BF0000
|
trusted library allocation
|
page read and write
|
||
|
143E000
|
heap
|
page read and write
|
||
|
71C0000
|
trusted library allocation
|
page read and write
|
||
|
2DD1000
|
trusted library allocation
|
page read and write
|
||
|
6D10000
|
heap
|
page read and write
|
||
|
3049000
|
trusted library allocation
|
page read and write
|
||
|
5205000
|
heap
|
page read and write
|
||
|
7320000
|
trusted library allocation
|
page read and write
|
||
|
72E0000
|
trusted library allocation
|
page read and write
|
||
|
2FFB000
|
trusted library allocation
|
page read and write
|
||
|
665B000
|
heap
|
page read and write
|
||
|
72F0000
|
trusted library allocation
|
page read and write
|
||
|
9320000
|
trusted library allocation
|
page read and write
|
||
|
71B2000
|
trusted library allocation
|
page read and write
|
||
|
D80000
|
trusted library allocation
|
page read and write
|
||
|
7200000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AE1000
|
trusted library allocation
|
page read and write
|
||
|
7280000
|
trusted library allocation
|
page read and write
|
||
|
506D000
|
stack
|
page read and write
|
||
|
6B6E000
|
stack
|
page read and write
|
||
|
2B2A000
|
trusted library allocation
|
page read and write
|
||
|
2DEE000
|
trusted library allocation
|
page read and write
|
||
|
2E26000
|
trusted library allocation
|
page read and write
|
||
|
72D0000
|
trusted library allocation
|
page read and write
|
||
|
2FBC000
|
trusted library allocation
|
page read and write
|
||
|
71B0000
|
trusted library allocation
|
page read and write
|
||
|
5480000
|
trusted library allocation
|
page read and write
|
||
|
58EE000
|
stack
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
2DCF000
|
trusted library allocation
|
page read and write
|
||
|
5C6E000
|
stack
|
page read and write
|
||
|
2FF0000
|
trusted library allocation
|
page read and write
|
||
|
672E000
|
stack
|
page read and write
|
||
|
2FC4000
|
trusted library allocation
|
page read and write
|
||
|
5590000
|
heap
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
108E000
|
stack
|
page read and write
|
||
|
2FD5000
|
trusted library allocation
|
page read and write
|
||
|
1272000
|
trusted library allocation
|
page read and write
|
||
|
F47000
|
trusted library allocation
|
page execute and read and write
|
||
|
3110000
|
trusted library allocation
|
page read and write
|
||
|
6640000
|
heap
|
page read and write
|
||
|
9330000
|
trusted library allocation
|
page read and write
|
||
|
2FF0000
|
trusted library allocation
|
page read and write
|
||
|
578C000
|
stack
|
page read and write
|
||
|
302E000
|
trusted library allocation
|
page read and write
|
There are 356 hidden memdumps, click here to show them.