Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
xjXIE2ZFFSw4.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\FULL.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\FULL.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\xjXIE2ZFFSw4.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpF256.tmp.bat
|
DOS batch file, ASCII text, with CRLF line terminators
|
dropped
|
||
|
\Device\Null
|
ASCII text, with CRLF line terminators, with overstriking
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\xjXIE2ZFFSw4.exe
|
"C:\Users\user\Desktop\xjXIE2ZFFSw4.exe"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c schtasks /create /f /sc onlogon /rl highest /tn "FULL" /tr '"C:\Users\user\AppData\Roaming\FULL.exe"'
& exit
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\tmpF256.tmp.bat""
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks /create /f /sc onlogon /rl highest /tn "FULL" /tr '"C:\Users\user\AppData\Roaming\FULL.exe"'
|
|
|
|
C:\Users\user\AppData\Roaming\FULL.exe
|
C:\Users\user\AppData\Roaming\FULL.exe
|
|
|
|
C:\Users\user\AppData\Roaming\FULL.exe
|
"C:\Users\user\AppData\Roaming\FULL.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\timeout.exe
|
timeout 3
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
rusia.duckdns.org
|
46.246.14.10
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
46.246.14.10
|
rusia.duckdns.org
|
Sweden
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2C16000
|
trusted library allocation
|
page read and write
|
|
|
|
302D000
|
trusted library allocation
|
page read and write
|
|
|
|
732000
|
unkown
|
page readonly
|
|
|
|
304D000
|
trusted library allocation
|
page read and write
|
|
|
|
2C00000
|
trusted library allocation
|
page read and write
|
|
|
|
2BD4000
|
trusted library allocation
|
page read and write
|
||
|
2E15000
|
trusted library allocation
|
page read and write
|
||
|
3465000
|
trusted library allocation
|
page read and write
|
||
|
2B38000
|
trusted library allocation
|
page read and write
|
||
|
34CB000
|
trusted library allocation
|
page read and write
|
||
|
346B000
|
trusted library allocation
|
page read and write
|
||
|
34DC000
|
trusted library allocation
|
page read and write
|
||
|
10CF000
|
stack
|
page read and write
|
||
|
3019000
|
trusted library allocation
|
page read and write
|
||
|
352F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B922000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
2ADC000
|
trusted library allocation
|
page read and write
|
||
|
2AF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
3361000
|
trusted library allocation
|
page read and write
|
||
|
2FF7000
|
trusted library allocation
|
page read and write
|
||
|
3355000
|
trusted library allocation
|
page read and write
|
||
|
33D5000
|
trusted library allocation
|
page read and write
|
||
|
3360000
|
trusted library allocation
|
page read and write
|
||
|
20C17260000
|
heap
|
page read and write
|
||
|
2EAB000
|
trusted library allocation
|
page read and write
|
||
|
3465000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page read and write
|
||
|
336F000
|
trusted library allocation
|
page read and write
|
||
|
E40000
|
trusted library allocation
|
page read and write
|
||
|
33D1000
|
trusted library allocation
|
page read and write
|
||
|
331D000
|
trusted library allocation
|
page read and write
|
||
|
2D91000
|
trusted library allocation
|
page read and write
|
||
|
2BFA000
|
trusted library allocation
|
page read and write
|
||
|
34EB000
|
trusted library allocation
|
page read and write
|
||
|
2DC4000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
3448000
|
trusted library allocation
|
page read and write
|
||
|
2DC2000
|
trusted library allocation
|
page read and write
|
||
|
E55000
|
heap
|
page read and write
|
||
|
134F000
|
heap
|
page read and write
|
||
|
1B89F000
|
stack
|
page read and write
|
||
|
33E2000
|
trusted library allocation
|
page read and write
|
||
|
2F62000
|
trusted library allocation
|
page read and write
|
||
|
1BF7E000
|
stack
|
page read and write
|
||
|
B61000
|
heap
|
page read and write
|
||
|
3319000
|
trusted library allocation
|
page read and write
|
||
|
340A000
|
trusted library allocation
|
page read and write
|
||
|
32DF000
|
trusted library allocation
|
page read and write
|
||
|
331B000
|
trusted library allocation
|
page read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
FCC000
|
heap
|
page read and write
|
||
|
1B543000
|
heap
|
page read and write
|
||
|
33FA000
|
trusted library allocation
|
page read and write
|
||
|
3437000
|
trusted library allocation
|
page read and write
|
||
|
1B910000
|
heap
|
page read and write
|
||
|
2AC9000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B794000
|
trusted library allocation
|
page read and write
|
||
|
33C6000
|
trusted library allocation
|
page read and write
|
||
|
2D7E000
|
stack
|
page read and write
|
||
|
2F27000
|
trusted library allocation
|
page read and write
|
||
|
1B8D0000
|
heap
|
page read and write
|
||
|
34C5000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
334B000
|
trusted library allocation
|
page read and write
|
||
|
33F9000
|
trusted library allocation
|
page read and write
|
||
|
33D9000
|
trusted library allocation
|
page read and write
|
||
|
353C000
|
trusted library allocation
|
page read and write
|
||
|
3365000
|
trusted library allocation
|
page read and write
|
||
|
3404000
|
trusted library allocation
|
page read and write
|
||
|
352F000
|
trusted library allocation
|
page read and write
|
||
|
2E55000
|
trusted library allocation
|
page read and write
|
||
|
1BA80000
|
heap
|
page read and write
|
||
|
20C17352000
|
heap
|
page read and write
|
||
|
304D000
|
trusted library allocation
|
page read and write
|
||
|
12F0000
|
heap
|
page read and write
|
||
|
351C000
|
trusted library allocation
|
page read and write
|
||
|
1B5CD000
|
stack
|
page read and write
|
||
|
3310000
|
trusted library allocation
|
page read and write
|
||
|
2FFD000
|
trusted library allocation
|
page read and write
|
||
|
3313000
|
trusted library allocation
|
page read and write
|
||
|
347C000
|
trusted library allocation
|
page read and write
|
||
|
34E9000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
3066000
|
trusted library allocation
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
34F0000
|
trusted library allocation
|
page read and write
|
||
|
B56000
|
heap
|
page read and write
|
||
|
2E24000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
348B000
|
trusted library allocation
|
page read and write
|
||
|
2EE0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A3000
|
trusted library allocation
|
page read and write
|
||
|
3351000
|
trusted library allocation
|
page read and write
|
||
|
3324000
|
trusted library allocation
|
page read and write
|
||
|
34CD000
|
trusted library allocation
|
page read and write
|
||
|
33D3000
|
trusted library allocation
|
page read and write
|
||
|
32EE000
|
trusted library allocation
|
page read and write
|
||
|
302F000
|
stack
|
page read and write
|
||
|
1475000
|
heap
|
page read and write
|
||
|
33A4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
3034000
|
trusted library allocation
|
page read and write
|
||
|
34D6000
|
trusted library allocation
|
page read and write
|
||
|
2D28000
|
trusted library allocation
|
page read and write
|
||
|
2910000
|
heap
|
page execute and read and write
|
||
|
3372000
|
trusted library allocation
|
page read and write
|
||
|
350D000
|
trusted library allocation
|
page read and write
|
||
|
1BE7E000
|
stack
|
page read and write
|
||
|
3352000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
13047000
|
trusted library allocation
|
page read and write
|
||
|
3489000
|
trusted library allocation
|
page read and write
|
||
|
1B54D000
|
heap
|
page read and write
|
||
|
2D8F000
|
trusted library allocation
|
page read and write
|
||
|
2E33000
|
heap
|
page read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
344E000
|
trusted library allocation
|
page read and write
|
||
|
34D8000
|
trusted library allocation
|
page read and write
|
||
|
13CC000
|
heap
|
page read and write
|
||
|
33D3000
|
trusted library allocation
|
page read and write
|
||
|
2E6C000
|
trusted library allocation
|
page read and write
|
||
|
2D2C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B866000
|
trusted library allocation
|
page execute and read and write
|
||
|
33E9000
|
trusted library allocation
|
page read and write
|
||
|
1B490000
|
heap
|
page execute and read and write
|
||
|
2E46000
|
trusted library allocation
|
page read and write
|
||
|
33E2000
|
trusted library allocation
|
page read and write
|
||
|
2E5D000
|
trusted library allocation
|
page read and write
|
||
|
2E96000
|
trusted library allocation
|
page read and write
|
||
|
2D9E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B83C000
|
trusted library allocation
|
page execute and read and write
|
||
|
20C1732A000
|
heap
|
page read and write
|
||
|
13FE000
|
heap
|
page read and write
|
||
|
338F000
|
trusted library allocation
|
page read and write
|
||
|
32D7000
|
trusted library allocation
|
page read and write
|
||
|
33E6000
|
trusted library allocation
|
page read and write
|
||
|
1B49D000
|
stack
|
page read and write
|
||
|
34DC000
|
trusted library allocation
|
page read and write
|
||
|
100E000
|
heap
|
page read and write
|
||
|
2F6F000
|
trusted library allocation
|
page read and write
|
||
|
349C000
|
trusted library allocation
|
page read and write
|
||
|
2EAE000
|
trusted library allocation
|
page read and write
|
||
|
351E000
|
trusted library allocation
|
page read and write
|
||
|
2E17000
|
trusted library allocation
|
page read and write
|
||
|
34ED000
|
trusted library allocation
|
page read and write
|
||
|
352B000
|
trusted library allocation
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
342A000
|
trusted library allocation
|
page read and write
|
||
|
349C000
|
trusted library allocation
|
page read and write
|
||
|
3467000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B793000
|
trusted library allocation
|
page read and write
|
||
|
3419000
|
trusted library allocation
|
page read and write
|
||
|
2DD3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8A5000
|
trusted library allocation
|
page execute and read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
2D87000
|
trusted library allocation
|
page read and write
|
||
|
13021000
|
trusted library allocation
|
page read and write
|
||
|
301E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A4000
|
trusted library allocation
|
page read and write
|
||
|
B8E000
|
heap
|
page read and write
|
||
|
33D5000
|
trusted library allocation
|
page read and write
|
||
|
2AE1000
|
trusted library allocation
|
page read and write
|
||
|
3384000
|
trusted library allocation
|
page read and write
|
||
|
2ECF000
|
trusted library allocation
|
page read and write
|
||
|
3454000
|
trusted library allocation
|
page read and write
|
||
|
3391000
|
trusted library allocation
|
page read and write
|
||
|
3533000
|
trusted library allocation
|
page read and write
|
||
|
16E0000
|
heap
|
page execute and read and write
|
||
|
2EA5000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
2B9F000
|
trusted library allocation
|
page read and write
|
||
|
2B22000
|
trusted library allocation
|
page read and write
|
||
|
33A6000
|
trusted library allocation
|
page read and write
|
||
|
34B1000
|
trusted library allocation
|
page read and write
|
||
|
3451000
|
trusted library allocation
|
page read and write
|
||
|
32F1000
|
trusted library allocation
|
page read and write
|
||
|
349E000
|
trusted library allocation
|
page read and write
|
||
|
3551000
|
trusted library allocation
|
page read and write
|
||
|
2EF3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page execute and read and write
|
||
|
33B1000
|
trusted library allocation
|
page read and write
|
||
|
338D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
3449000
|
trusted library allocation
|
page read and write
|
||
|
34FE000
|
trusted library allocation
|
page read and write
|
||
|
2B88000
|
trusted library allocation
|
page read and write
|
||
|
3012000
|
trusted library allocation
|
page read and write
|
||
|
33DA000
|
trusted library allocation
|
page read and write
|
||
|
33B1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A4000
|
trusted library allocation
|
page read and write
|
||
|
3380000
|
trusted library allocation
|
page read and write
|
||
|
DEE000
|
stack
|
page read and write
|
||
|
2BE5000
|
trusted library allocation
|
page read and write
|
||
|
2E66000
|
trusted library allocation
|
page read and write
|
||
|
1AA90000
|
trusted library allocation
|
page read and write
|
||
|
3426000
|
trusted library allocation
|
page read and write
|
||
|
2D4A000
|
trusted library allocation
|
page read and write
|
||
|
2BC3000
|
trusted library allocation
|
page read and write
|
||
|
347A000
|
trusted library allocation
|
page read and write
|
||
|
34F8000
|
trusted library allocation
|
page read and write
|
||
|
2B3E000
|
trusted library allocation
|
page read and write
|
||
|
2DF5000
|
trusted library allocation
|
page read and write
|
||
|
F70000
|
trusted library allocation
|
page read and write
|
||
|
2BDD000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E98000
|
trusted library allocation
|
page read and write
|
||
|
33E4000
|
trusted library allocation
|
page read and write
|
||
|
342E000
|
trusted library allocation
|
page read and write
|
||
|
3542000
|
trusted library allocation
|
page read and write
|
||
|
2D4C000
|
trusted library allocation
|
page read and write
|
||
|
1011000
|
heap
|
page read and write
|
||
|
3363000
|
trusted library allocation
|
page read and write
|
||
|
3408000
|
trusted library allocation
|
page read and write
|
||
|
2BA9000
|
trusted library allocation
|
page read and write
|
||
|
336D000
|
trusted library allocation
|
page read and write
|
||
|
1BCCE000
|
stack
|
page read and write
|
||
|
348F000
|
trusted library allocation
|
page read and write
|
||
|
3463000
|
trusted library allocation
|
page read and write
|
||
|
B63000
|
heap
|
page read and write
|
||
|
2BDB000
|
trusted library allocation
|
page read and write
|
||
|
2BBA000
|
trusted library allocation
|
page read and write
|
||
|
2F1C000
|
trusted library allocation
|
page read and write
|
||
|
2B0A000
|
trusted library allocation
|
page read and write
|
||
|
330E000
|
trusted library allocation
|
page read and write
|
||
|
2D6C000
|
trusted library allocation
|
page read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
2EA9000
|
trusted library allocation
|
page read and write
|
||
|
330A000
|
trusted library allocation
|
page read and write
|
||
|
2E28000
|
trusted library allocation
|
page read and write
|
||
|
1BD7E000
|
stack
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
2DCF000
|
trusted library allocation
|
page read and write
|
||
|
330E000
|
trusted library allocation
|
page read and write
|
||
|
3041000
|
trusted library allocation
|
page read and write
|
||
|
1319000
|
heap
|
page read and write
|
||
|
34AF000
|
trusted library allocation
|
page read and write
|
||
|
3383000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E4A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
346C000
|
trusted library allocation
|
page read and write
|
||
|
FE2000
|
heap
|
page read and write
|
||
|
7FFD9B7EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
2E4C000
|
trusted library allocation
|
page read and write
|
||
|
B4D000
|
heap
|
page read and write
|
||
|
32D9000
|
trusted library allocation
|
page read and write
|
||
|
3009000
|
trusted library allocation
|
page read and write
|
||
|
34FC000
|
trusted library allocation
|
page read and write
|
||
|
1450000
|
heap
|
page read and write
|
||
|
335E000
|
trusted library allocation
|
page read and write
|
||
|
33E6000
|
trusted library allocation
|
page read and write
|
||
|
2B64000
|
trusted library allocation
|
page read and write
|
||
|
F90000
|
trusted library allocation
|
page read and write
|
||
|
2EA7000
|
trusted library allocation
|
page read and write
|
||
|
33B5000
|
trusted library allocation
|
page read and write
|
||
|
B26000
|
heap
|
page read and write
|
||
|
334C000
|
trusted library allocation
|
page read and write
|
||
|
2D4E000
|
trusted library allocation
|
page read and write
|
||
|
5547CFE000
|
stack
|
page read and write
|
||
|
3512000
|
trusted library allocation
|
page read and write
|
||
|
34BC000
|
trusted library allocation
|
page read and write
|
||
|
340C000
|
trusted library allocation
|
page read and write
|
||
|
FA6000
|
heap
|
page read and write
|
||
|
20C17362000
|
heap
|
page read and write
|
||
|
12A67000
|
trusted library allocation
|
page read and write
|
||
|
3417000
|
trusted library allocation
|
page read and write
|
||
|
3004000
|
trusted library allocation
|
page read and write
|
||
|
341D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B850000
|
trusted library allocation
|
page execute and read and write
|
||
|
32F5000
|
trusted library allocation
|
page read and write
|
||
|
2E19000
|
trusted library allocation
|
page read and write
|
||
|
20C17362000
|
heap
|
page read and write
|
||
|
3544000
|
trusted library allocation
|
page read and write
|
||
|
2BCD000
|
trusted library allocation
|
page read and write
|
||
|
2DD6000
|
trusted library allocation
|
page read and write
|
||
|
2D83000
|
trusted library allocation
|
page read and write
|
||
|
1BECE000
|
stack
|
page read and write
|
||
|
2B35000
|
trusted library allocation
|
page read and write
|
||
|
19111B99000
|
heap
|
page read and write
|
||
|
2E70000
|
trusted library allocation
|
page read and write
|
||
|
2DAF000
|
trusted library allocation
|
page read and write
|
||
|
2B67000
|
trusted library allocation
|
page read and write
|
||
|
133A000
|
heap
|
page read and write
|
||
|
34E5000
|
trusted library allocation
|
page read and write
|
||
|
350F000
|
trusted library allocation
|
page read and write
|
||
|
1B79E000
|
stack
|
page read and write
|
||
|
5E74D9C000
|
stack
|
page read and write
|
||
|
32FB000
|
trusted library allocation
|
page read and write
|
||
|
334E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
||
|
2F3E000
|
trusted library allocation
|
page read and write
|
||
|
2AF2000
|
trusted library allocation
|
page read and write
|
||
|
33A8000
|
trusted library allocation
|
page read and write
|
||
|
2DE0000
|
trusted library allocation
|
page read and write
|
||
|
3467000
|
trusted library allocation
|
page read and write
|
||
|
351E000
|
trusted library allocation
|
page read and write
|
||
|
34B3000
|
trusted library allocation
|
page read and write
|
||
|
2B41000
|
trusted library allocation
|
page read and write
|
||
|
2F07000
|
trusted library allocation
|
page read and write
|
||
|
34CD000
|
trusted library allocation
|
page read and write
|
||
|
34E9000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7B0000
|
trusted library allocation
|
page read and write
|
||
|
3341000
|
trusted library allocation
|
page read and write
|
||
|
2EC9000
|
trusted library allocation
|
page read and write
|
||
|
34B1000
|
trusted library allocation
|
page read and write
|
||
|
33E4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7B4000
|
trusted library allocation
|
page read and write
|
||
|
33A4000
|
trusted library allocation
|
page read and write
|
||
|
335F000
|
trusted library allocation
|
page read and write
|
||
|
5E750FF000
|
unkown
|
page read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
2E5B000
|
trusted library allocation
|
page read and write
|
||
|
3415000
|
trusted library allocation
|
page read and write
|
||
|
1AFEC000
|
stack
|
page read and write
|
||
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3038000
|
trusted library allocation
|
page read and write
|
||
|
3321000
|
trusted library allocation
|
page read and write
|
||
|
2F09000
|
trusted library allocation
|
page read and write
|
||
|
2BAE000
|
trusted library allocation
|
page read and write
|
||
|
1B8C0000
|
heap
|
page execute and read and write
|
||
|
2BC1000
|
trusted library allocation
|
page read and write
|
||
|
2EDA000
|
trusted library allocation
|
page read and write
|
||
|
3428000
|
trusted library allocation
|
page read and write
|
||
|
333B000
|
trusted library allocation
|
page read and write
|
||
|
2D5D000
|
trusted library allocation
|
page read and write
|
||
|
343B000
|
trusted library allocation
|
page read and write
|
||
|
34A9000
|
trusted library allocation
|
page read and write
|
||
|
2E94000
|
trusted library allocation
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
2D70000
|
trusted library allocation
|
page read and write
|
||
|
2D15000
|
trusted library allocation
|
page read and write
|
||
|
32F7000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B14000
|
trusted library allocation
|
page read and write
|
||
|
344A000
|
trusted library allocation
|
page read and write
|
||
|
5E751FF000
|
stack
|
page read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
trusted library allocation
|
page read and write
|
||
|
3469000
|
trusted library allocation
|
page read and write
|
||
|
2F18000
|
trusted library allocation
|
page read and write
|
||
|
3343000
|
trusted library allocation
|
page read and write
|
||
|
3548000
|
trusted library allocation
|
page read and write
|
||
|
33E8000
|
trusted library allocation
|
page read and write
|
||
|
341B000
|
trusted library allocation
|
page read and write
|
||
|
346E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page read and write
|
||
|
5547D7F000
|
stack
|
page read and write
|
||
|
332C000
|
trusted library allocation
|
page read and write
|
||
|
20C17250000
|
heap
|
page read and write
|
||
|
2D1B000
|
trusted library allocation
|
page read and write
|
||
|
2D72000
|
trusted library allocation
|
page read and write
|
||
|
FCE000
|
stack
|
page read and write
|
||
|
7FFD9B927000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
34FA000
|
trusted library allocation
|
page read and write
|
||
|
335C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page read and write
|
||
|
2F16000
|
trusted library allocation
|
page read and write
|
||
|
EF4000
|
stack
|
page read and write
|
||
|
33C6000
|
trusted library allocation
|
page read and write
|
||
|
342C000
|
trusted library allocation
|
page read and write
|
||
|
3382000
|
trusted library allocation
|
page read and write
|
||
|
3533000
|
trusted library allocation
|
page read and write
|
||
|
2B6E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B876000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B03000
|
trusted library allocation
|
page read and write
|
||
|
2D42000
|
trusted library allocation
|
page read and write
|
||
|
20C17352000
|
heap
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
3350000
|
trusted library allocation
|
page read and write
|
||
|
2E37000
|
trusted library allocation
|
page read and write
|
||
|
167E000
|
stack
|
page read and write
|
||
|
2F40000
|
trusted library allocation
|
page read and write
|
||
|
3330000
|
trusted library allocation
|
page read and write
|
||
|
2AC2000
|
trusted library allocation
|
page read and write
|
||
|
3408000
|
trusted library allocation
|
page read and write
|
||
|
2B4F000
|
trusted library allocation
|
page read and write
|
||
|
332E000
|
trusted library allocation
|
page read and write
|
||
|
33B3000
|
trusted library allocation
|
page read and write
|
||
|
3469000
|
trusted library allocation
|
page read and write
|
||
|
34BE000
|
trusted library allocation
|
page read and write
|
||
|
34DA000
|
trusted library allocation
|
page read and write
|
||
|
3332000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B84C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BDCE000
|
stack
|
page read and write
|
||
|
2BE7000
|
trusted library allocation
|
page read and write
|
||
|
16D0000
|
trusted library allocation
|
page read and write
|
||
|
350F000
|
trusted library allocation
|
page read and write
|
||
|
3025000
|
trusted library allocation
|
page read and write
|
||
|
134C000
|
heap
|
page read and write
|
||
|
34C0000
|
trusted library allocation
|
page read and write
|
||
|
2950000
|
heap
|
page read and write
|
||
|
347C000
|
trusted library allocation
|
page read and write
|
||
|
2E22000
|
trusted library allocation
|
page read and write
|
||
|
730000
|
unkown
|
page readonly
|
||
|
1377000
|
heap
|
page read and write
|
||
|
333F000
|
trusted library allocation
|
page read and write
|
||
|
1B572000
|
heap
|
page read and write
|
||
|
33F3000
|
trusted library allocation
|
page read and write
|
||
|
2DE2000
|
trusted library allocation
|
page read and write
|
||
|
2D50000
|
trusted library allocation
|
page read and write
|
||
|
2E9A000
|
trusted library allocation
|
page read and write
|
||
|
33A2000
|
trusted library allocation
|
page read and write
|
||
|
2F5C000
|
trusted library allocation
|
page read and write
|
||
|
33BA000
|
trusted library allocation
|
page read and write
|
||
|
3021000
|
trusted library allocation
|
page read and write
|
||
|
336D000
|
trusted library allocation
|
page read and write
|
||
|
3406000
|
trusted library allocation
|
page read and write
|
||
|
3010000
|
heap
|
page execute and read and write
|
||
|
341E000
|
trusted library allocation
|
page read and write
|
||
|
33F5000
|
trusted library allocation
|
page read and write
|
||
|
3335000
|
trusted library allocation
|
page read and write
|
||
|
34C9000
|
trusted library allocation
|
page read and write
|
||
|
2F1E000
|
trusted library allocation
|
page read and write
|
||
|
3371000
|
trusted library allocation
|
page read and write
|
||
|
337E000
|
trusted library allocation
|
page read and write
|
||
|
3396000
|
trusted library allocation
|
page read and write
|
||
|
3415000
|
trusted library allocation
|
page read and write
|
||
|
33F7000
|
trusted library allocation
|
page read and write
|
||
|
1C11B000
|
stack
|
page read and write
|
||
|
3343000
|
trusted library allocation
|
page read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
FE4000
|
stack
|
page read and write
|
||
|
332C000
|
trusted library allocation
|
page read and write
|
||
|
352D000
|
trusted library allocation
|
page read and write
|
||
|
3498000
|
trusted library allocation
|
page read and write
|
||
|
2DA3000
|
trusted library allocation
|
page read and write
|
||
|
302A000
|
trusted library allocation
|
page read and write
|
||
|
355C000
|
trusted library allocation
|
page read and write
|
||
|
1BC70000
|
heap
|
page read and write
|
||
|
3540000
|
trusted library allocation
|
page read and write
|
||
|
1BA73000
|
heap
|
page read and write
|
||
|
2DF7000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
32EC000
|
trusted library allocation
|
page read and write
|
||
|
32F9000
|
trusted library allocation
|
page read and write
|
||
|
34A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EFC000
|
trusted library allocation
|
page read and write
|
||
|
330C000
|
trusted library allocation
|
page read and write
|
||
|
2E79000
|
trusted library allocation
|
page read and write
|
||
|
1273000
|
trusted library allocation
|
page read and write
|
||
|
331F000
|
trusted library allocation
|
page read and write
|
||
|
13041000
|
trusted library allocation
|
page read and write
|
||
|
32E8000
|
trusted library allocation
|
page read and write
|
||
|
2D75000
|
trusted library allocation
|
page read and write
|
||
|
2ECD000
|
trusted library allocation
|
page read and write
|
||
|
2EEB000
|
trusted library allocation
|
page read and write
|
||
|
34FE000
|
trusted library allocation
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
7FFD9B793000
|
trusted library allocation
|
page read and write
|
||
|
32D5000
|
trusted library allocation
|
page read and write
|
||
|
3478000
|
trusted library allocation
|
page read and write
|
||
|
2A61000
|
trusted library allocation
|
page read and write
|
||
|
3502000
|
trusted library allocation
|
page read and write
|
||
|
1B3C0000
|
heap
|
page read and write
|
||
|
3511000
|
trusted library allocation
|
page read and write
|
||
|
3428000
|
trusted library allocation
|
page read and write
|
||
|
34C2000
|
trusted library allocation
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
331F000
|
trusted library allocation
|
page read and write
|
||
|
332A000
|
trusted library allocation
|
page read and write
|
||
|
33C4000
|
trusted library allocation
|
page read and write
|
||
|
2E7D000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
2F29000
|
trusted library allocation
|
page read and write
|
||
|
34C7000
|
trusted library allocation
|
page read and write
|
||
|
2D5F000
|
trusted library allocation
|
page read and write
|
||
|
345C000
|
trusted library allocation
|
page read and write
|
||
|
2B8F000
|
trusted library allocation
|
page read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
34AD000
|
trusted library allocation
|
page read and write
|
||
|
20C17320000
|
heap
|
page read and write
|
||
|
34AB000
|
trusted library allocation
|
page read and write
|
||
|
2F0D000
|
trusted library allocation
|
page read and write
|
||
|
2D5B000
|
trusted library allocation
|
page read and write
|
||
|
339E000
|
trusted library allocation
|
page read and write
|
||
|
33A2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
305A000
|
trusted library allocation
|
page read and write
|
||
|
350D000
|
trusted library allocation
|
page read and write
|
||
|
344C000
|
trusted library allocation
|
page read and write
|
||
|
2E6A000
|
trusted library allocation
|
page read and write
|
||
|
3520000
|
trusted library allocation
|
page read and write
|
||
|
33F1000
|
trusted library allocation
|
page read and write
|
||
|
AF4000
|
stack
|
page read and write
|
||
|
2B5B000
|
trusted library allocation
|
page read and write
|
||
|
3055000
|
trusted library allocation
|
page read and write
|
||
|
334F000
|
trusted library allocation
|
page read and write
|
||
|
350B000
|
trusted library allocation
|
page read and write
|
||
|
34ED000
|
trusted library allocation
|
page read and write
|
||
|
2BB3000
|
trusted library allocation
|
page read and write
|
||
|
2D53000
|
trusted library allocation
|
page read and write
|
||
|
1BA7A000
|
heap
|
page read and write
|
||
|
334D000
|
trusted library allocation
|
page read and write
|
||
|
2F4B000
|
trusted library allocation
|
page read and write
|
||
|
2ED8000
|
trusted library allocation
|
page read and write
|
||
|
19111B10000
|
heap
|
page read and write
|
||
|
2DFA000
|
trusted library allocation
|
page read and write
|
||
|
330A000
|
trusted library allocation
|
page read and write
|
||
|
342A000
|
trusted library allocation
|
page read and write
|
||
|
20C172A0000
|
heap
|
page read and write
|
||
|
348B000
|
trusted library allocation
|
page read and write
|
||
|
33B7000
|
trusted library allocation
|
page read and write
|
||
|
2B20000
|
trusted library allocation
|
page read and write
|
||
|
3333000
|
trusted library allocation
|
page read and write
|
||
|
157F000
|
stack
|
page read and write
|
||
|
3487000
|
trusted library allocation
|
page read and write
|
||
|
2E2B000
|
trusted library allocation
|
page read and write
|
||
|
304A000
|
trusted library allocation
|
page read and write
|
||
|
730000
|
unkown
|
page readonly
|
||
|
19113680000
|
heap
|
page read and write
|
||
|
335A000
|
trusted library allocation
|
page read and write
|
||
|
347E000
|
trusted library allocation
|
page read and write
|
||
|
133F000
|
heap
|
page read and write
|
||
|
2DAD000
|
trusted library allocation
|
page read and write
|
||
|
2BD2000
|
trusted library allocation
|
page read and write
|
||
|
32DB000
|
trusted library allocation
|
page read and write
|
||
|
32FD000
|
trusted library allocation
|
page read and write
|
||
|
32DD000
|
trusted library allocation
|
page read and write
|
||
|
12A61000
|
trusted library allocation
|
page read and write
|
||
|
20C17362000
|
heap
|
page read and write
|
||
|
2D63000
|
trusted library allocation
|
page read and write
|
||
|
2E6E000
|
trusted library allocation
|
page read and write
|
||
|
5547C7C000
|
stack
|
page read and write
|
||
|
3531000
|
trusted library allocation
|
page read and write
|
||
|
2EE9000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page execute and read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
2F1A000
|
trusted library allocation
|
page read and write
|
||
|
2EBA000
|
trusted library allocation
|
page read and write
|
||
|
FAC000
|
heap
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
34BA000
|
trusted library allocation
|
page read and write
|
||
|
2EDE000
|
trusted library allocation
|
page read and write
|
||
|
32F9000
|
trusted library allocation
|
page read and write
|
||
|
13D5000
|
heap
|
page read and write
|
||
|
12F5000
|
heap
|
page read and write
|
||
|
7FFD9B7DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F5E000
|
trusted library allocation
|
page read and write
|
||
|
33C0000
|
trusted library allocation
|
page read and write
|
||
|
2DA0000
|
trusted library allocation
|
page read and write
|
||
|
2B19000
|
trusted library allocation
|
page read and write
|
||
|
1B9D0000
|
heap
|
page read and write
|
||
|
33B5000
|
trusted library allocation
|
page read and write
|
||
|
3476000
|
trusted library allocation
|
page read and write
|
||
|
1B330000
|
heap
|
page read and write
|
||
|
20C17362000
|
heap
|
page read and write
|
||
|
2D9A000
|
trusted library allocation
|
page read and write
|
||
|
32FF000
|
trusted library allocation
|
page read and write
|
||
|
742000
|
unkown
|
page readonly
|
||
|
E70000
|
trusted library allocation
|
page read and write
|
||
|
2AF7000
|
trusted library allocation
|
page read and write
|
||
|
2F4F000
|
trusted library allocation
|
page read and write
|
||
|
1BF7F000
|
stack
|
page read and write
|
||
|
333F000
|
trusted library allocation
|
page read and write
|
||
|
2FFB000
|
trusted library allocation
|
page read and write
|
||
|
3458000
|
trusted library allocation
|
page read and write
|
||
|
1B4A0000
|
heap
|
page read and write
|
||
|
351A000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
3369000
|
trusted library allocation
|
page read and write
|
||
|
20C174F0000
|
heap
|
page read and write
|
||
|
7FFD9B793000
|
trusted library allocation
|
page execute and read and write
|
||
|
3345000
|
trusted library allocation
|
page read and write
|
||
|
2F88000
|
trusted library allocation
|
page read and write
|
||
|
3406000
|
trusted library allocation
|
page read and write
|
||
|
19111B90000
|
heap
|
page read and write
|
||
|
1B99F000
|
stack
|
page read and write
|
||
|
1780000
|
heap
|
page read and write
|
||
|
2F51000
|
trusted library allocation
|
page read and write
|
||
|
3321000
|
trusted library allocation
|
page read and write
|
||
|
3535000
|
trusted library allocation
|
page read and write
|
||
|
34FC000
|
trusted library allocation
|
page read and write
|
||
|
2F4D000
|
trusted library allocation
|
page read and write
|
||
|
34D1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
3417000
|
trusted library allocation
|
page read and write
|
||
|
2E9C000
|
trusted library allocation
|
page read and write
|
||
|
34CF000
|
trusted library allocation
|
page read and write
|
||
|
2B11000
|
trusted library allocation
|
page read and write
|
||
|
1082000
|
heap
|
page read and write
|
||
|
34FA000
|
trusted library allocation
|
page read and write
|
||
|
33FB000
|
trusted library allocation
|
page read and write
|
||
|
20C17290000
|
heap
|
page read and write
|
||
|
33A6000
|
trusted library allocation
|
page read and write
|
||
|
100C000
|
heap
|
page read and write
|
||
|
3520000
|
trusted library allocation
|
page read and write
|
||
|
19111B60000
|
heap
|
page read and write
|
||
|
2B8A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
33D7000
|
trusted library allocation
|
page read and write
|
||
|
2A5E000
|
stack
|
page read and write
|
||
|
33B3000
|
trusted library allocation
|
page read and write
|
||
|
B4F000
|
heap
|
page read and write
|
||
|
345A000
|
trusted library allocation
|
page read and write
|
||
|
2F6D000
|
trusted library allocation
|
page read and write
|
||
|
3531000
|
trusted library allocation
|
page read and write
|
||
|
3391000
|
trusted library allocation
|
page read and write
|
||
|
2B4C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
3386000
|
trusted library allocation
|
page read and write
|
||
|
2F3C000
|
trusted library allocation
|
page read and write
|
||
|
1785000
|
heap
|
page read and write
|
||
|
2E26000
|
trusted library allocation
|
page read and write
|
||
|
3439000
|
trusted library allocation
|
page read and write
|
||
|
350B000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
2D81000
|
trusted library allocation
|
page read and write
|
||
|
2B91000
|
trusted library allocation
|
page read and write
|
||
|
1338000
|
heap
|
page read and write
|
||
|
2F5A000
|
trusted library allocation
|
page read and write
|
||
|
33D1000
|
trusted library allocation
|
page read and write
|
||
|
3393000
|
trusted library allocation
|
page read and write
|
||
|
1BA70000
|
heap
|
page execute and read and write
|
||
|
3430000
|
trusted library allocation
|
page read and write
|
||
|
3311000
|
trusted library allocation
|
page read and write
|
||
|
34A0000
|
trusted library allocation
|
page read and write
|
||
|
2D9C000
|
trusted library allocation
|
page read and write
|
||
|
3020000
|
trusted library allocation
|
page read and write
|
||
|
34AB000
|
trusted library allocation
|
page read and write
|
||
|
336F000
|
trusted library allocation
|
page read and write
|
||
|
3439000
|
trusted library allocation
|
page read and write
|
||
|
34BE000
|
trusted library allocation
|
page read and write
|
||
|
7FF4DF440000
|
trusted library allocation
|
page execute and read and write
|
||
|
34CB000
|
trusted library allocation
|
page read and write
|
||
|
333D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
C02000
|
heap
|
page read and write
|
||
|
337C000
|
trusted library allocation
|
page read and write
|
||
|
19111B20000
|
heap
|
page read and write
|
||
|
3373000
|
trusted library allocation
|
page read and write
|
||
|
2DE4000
|
trusted library allocation
|
page read and write
|
||
|
32FB000
|
trusted library allocation
|
page read and write
|
||
|
349A000
|
trusted library allocation
|
page read and write
|
||
|
2F75000
|
trusted library allocation
|
page read and write
|
||
|
3489000
|
trusted library allocation
|
page read and write
|
||
|
2D8D000
|
trusted library allocation
|
page read and write
|
||
|
338F000
|
trusted library allocation
|
page read and write
|
||
|
2D30000
|
trusted library allocation
|
page read and write
|
||
|
2DD1000
|
trusted library allocation
|
page read and write
|
||
|
353E000
|
trusted library allocation
|
page read and write
|
||
|
34AF000
|
trusted library allocation
|
page read and write
|
||
|
33F7000
|
trusted library allocation
|
page read and write
|
||
|
342D000
|
trusted library allocation
|
page read and write
|
||
|
2DC6000
|
trusted library allocation
|
page read and write
|
||
|
2E68000
|
trusted library allocation
|
page read and write
|
||
|
34AD000
|
trusted library allocation
|
page read and write
|
||
|
2F30000
|
trusted library allocation
|
page read and write
|
||
|
3347000
|
trusted library allocation
|
page read and write
|
||
|
19113685000
|
heap
|
page read and write
|
||
|
7FFD9B7BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
33D7000
|
trusted library allocation
|
page read and write
|
||
|
2AD5000
|
trusted library allocation
|
page read and write
|
||
|
336B000
|
trusted library allocation
|
page read and write
|
||
|
3302000
|
trusted library allocation
|
page read and write
|
||
|
34E7000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B866000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F71000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D2E000
|
trusted library allocation
|
page read and write
|
||
|
EC5000
|
heap
|
page read and write
|
||
|
2BCB000
|
trusted library allocation
|
page read and write
|
||
|
33EB000
|
trusted library allocation
|
page read and write
|
||
|
3456000
|
trusted library allocation
|
page read and write
|
||
|
2B00000
|
trusted library allocation
|
page read and write
|
||
|
348F000
|
trusted library allocation
|
page read and write
|
||
|
34EB000
|
trusted library allocation
|
page read and write
|
||
|
2E20000
|
heap
|
page read and write
|
||
|
2F00000
|
trusted library allocation
|
page read and write
|
||
|
33AF000
|
trusted library allocation
|
page read and write
|
||
|
34D3000
|
trusted library allocation
|
page read and write
|
||
|
1ADE5000
|
heap
|
page read and write
|
||
|
337E000
|
trusted library allocation
|
page read and write
|
||
|
2BF3000
|
trusted library allocation
|
page read and write
|
||
|
1BE7D000
|
stack
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
34DE000
|
trusted library allocation
|
page read and write
|
There are 680 hidden memdumps, click here to show them.