Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
file.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_file.exe_6d3b4d56c06fb8741b78b289cb3fee72d597ad_79d846d8_aa5aeb45-8592-43d1-9e07-5f4a14f9e4c5\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER480A.tmp.dmp
|
Mini DuMP crash report, 14 streams, Wed Apr 24 14:02:58 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4953.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER49A2.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\Public\Desktop\Google Chrome.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working
directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:41 2023, mtime=Thu Oct 5 07:36:24 2023,
atime=Wed Sep 27 04:28:27 2023, length=3242272, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RegAsm.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Tmp4943.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Tmp4973.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2246122658-3693405117-2476756634-1003\76b53b3ec448f7ccdda2063b15d2bfc3_9e146be9-c76a-4720-bcdb-53011b87bd06
|
data
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7364 -s 340
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Text
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/sct
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/sc/dk
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
http://tempuri.org/Entity/Id14ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id23ResponseD
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#HexBinary
|
unknown
|
||
|
http://tempuri.org/Entity/Id12Response
|
unknown
|
||
|
http://tempuri.org/
|
unknown
|
||
|
http://tempuri.org/Entity/Id2Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/dk/p_sha1
|
unknown
|
||
|
http://tempuri.org/Entity/Id21Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/2005/02/trust/spnego#GSS_Wrap
|
unknown
|
||
|
http://tempuri.org/Entity/Id9
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID
|
unknown
|
||
|
http://tempuri.org/Entity/Id8
|
unknown
|
||
|
http://tempuri.org/Entity/Id6ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id5
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Prepare
|
unknown
|
||
|
http://tempuri.org/Entity/Id4
|
unknown
|
||
|
http://tempuri.org/Entity/Id7
|
unknown
|
||
|
http://tempuri.org/Entity/Id6
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust#BinarySecret
|
unknown
|
||
|
http://tempuri.org/Entity/Id19Response
|
unknown
|
||
|
http://ns.exif/1
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-rel-token-profile-1.0.pdf#license
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Aborted
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/TerminateSequence
|
unknown
|
||
|
http://tempuri.org/Entity/Id13ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/fault
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey
|
unknown
|
||
|
http://tempuri.org/Entity/Id15Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id5ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Renew
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing/faultp9
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/Register
|
unknown
|
||
|
http://tempuri.org/Entity/Id6Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/SymmetricKey
|
unknown
|
||
|
https://api.ip.sb/ip
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/sc
|
unknown
|
||
|
http://tempuri.org/Entity/Id1ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Volatile2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id9Response
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://tempuri.org/Entity/Id20
|
unknown
|
||
|
http://tempuri.org/Entity/Id21
|
unknown
|
||
|
http://tempuri.org/Entity/Id22
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#Kerberosv5APREQSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id23
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/CK/PSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id24
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/Issue
|
unknown
|
||
|
http://tempuri.org/Entity/Id24Response
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
http://tempuri.org/Entity/Id1Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/AckRequested
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/ReadOnly
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Replay
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Durable2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/SymmetricKey
|
unknown
|
||
|
http://tempuri.org/Entity/Id21ResponseD
|
unknown
|
||
|
http://ns.adp/1.0/X8
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Completion
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust
|
unknown
|
||
|
http://tempuri.org/Entity/Id10
|
unknown
|
||
|
http://tempuri.org/Entity/Id11
|
unknown
|
||
|
http://tempuri.org/Entity/Id10ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id12
|
unknown
|
||
|
http://tempuri.org/Entity/Id16Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContextResponse
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id13
|
unknown
|
||
|
http://tempuri.org/Entity/Id14
|
unknown
|
||
|
http://tempuri.org/Entity/Id15
|
unknown
|
||
|
http://tempuri.org/Entity/Id16
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Nonce
|
unknown
|
||
|
http://tempuri.org/Entity/Id17
|
unknown
|
||
|
http://tempuri.org/Entity/Id18
|
unknown
|
||
|
http://tempuri.org/Entity/Id5Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id19
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dns
|
unknown
|
||
|
http://tempuri.org/Entity/Id15ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id10Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Renew
|
unknown
|
||
|
http://tempuri.org/Entity/Id11ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id8Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/PublicKey
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/SCT
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2006/02/addressingidentity
|
unknown
|
There are 90 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
5.42.65.96
|
unknown
|
Russian Federation
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F1A578C4CB5DE79A370893983FD4DA8B67B2B064
|
Blob
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
||
|
\REGISTRY\A\{211949ad-0083-c0cd-4595-b20befddef98}\Root\InventoryApplicationFile\file.exe|43858f5a1c9fa22
|
ProgramId
|
||
|
\REGISTRY\A\{211949ad-0083-c0cd-4595-b20befddef98}\Root\InventoryApplicationFile\file.exe|43858f5a1c9fa22
|
FileId
|
||
|
\REGISTRY\A\{211949ad-0083-c0cd-4595-b20befddef98}\Root\InventoryApplicationFile\file.exe|43858f5a1c9fa22
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{211949ad-0083-c0cd-4595-b20befddef98}\Root\InventoryApplicationFile\file.exe|43858f5a1c9fa22
|
LongPathHash
|
||
|
\REGISTRY\A\{211949ad-0083-c0cd-4595-b20befddef98}\Root\InventoryApplicationFile\file.exe|43858f5a1c9fa22
|
Name
|
||
|
\REGISTRY\A\{211949ad-0083-c0cd-4595-b20befddef98}\Root\InventoryApplicationFile\file.exe|43858f5a1c9fa22
|
OriginalFileName
|
||
|
\REGISTRY\A\{211949ad-0083-c0cd-4595-b20befddef98}\Root\InventoryApplicationFile\file.exe|43858f5a1c9fa22
|
Publisher
|
||
|
\REGISTRY\A\{211949ad-0083-c0cd-4595-b20befddef98}\Root\InventoryApplicationFile\file.exe|43858f5a1c9fa22
|
Version
|
||
|
\REGISTRY\A\{211949ad-0083-c0cd-4595-b20befddef98}\Root\InventoryApplicationFile\file.exe|43858f5a1c9fa22
|
BinFileVersion
|
||
|
\REGISTRY\A\{211949ad-0083-c0cd-4595-b20befddef98}\Root\InventoryApplicationFile\file.exe|43858f5a1c9fa22
|
BinaryType
|
||
|
\REGISTRY\A\{211949ad-0083-c0cd-4595-b20befddef98}\Root\InventoryApplicationFile\file.exe|43858f5a1c9fa22
|
ProductName
|
||
|
\REGISTRY\A\{211949ad-0083-c0cd-4595-b20befddef98}\Root\InventoryApplicationFile\file.exe|43858f5a1c9fa22
|
ProductVersion
|
||
|
\REGISTRY\A\{211949ad-0083-c0cd-4595-b20befddef98}\Root\InventoryApplicationFile\file.exe|43858f5a1c9fa22
|
LinkDate
|
||
|
\REGISTRY\A\{211949ad-0083-c0cd-4595-b20befddef98}\Root\InventoryApplicationFile\file.exe|43858f5a1c9fa22
|
BinProductVersion
|
||
|
\REGISTRY\A\{211949ad-0083-c0cd-4595-b20befddef98}\Root\InventoryApplicationFile\file.exe|43858f5a1c9fa22
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{211949ad-0083-c0cd-4595-b20befddef98}\Root\InventoryApplicationFile\file.exe|43858f5a1c9fa22
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{211949ad-0083-c0cd-4595-b20befddef98}\Root\InventoryApplicationFile\file.exe|43858f5a1c9fa22
|
Size
|
||
|
\REGISTRY\A\{211949ad-0083-c0cd-4595-b20befddef98}\Root\InventoryApplicationFile\file.exe|43858f5a1c9fa22
|
Language
|
||
|
\REGISTRY\A\{211949ad-0083-c0cd-4595-b20befddef98}\Root\InventoryApplicationFile\file.exe|43858f5a1c9fa22
|
Usn
|
There are 15 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2F21000
|
trusted library allocation
|
page read and write
|
|
|
|
BBB000
|
unkown
|
page read and write
|
|
|
|
2FC8000
|
trusted library allocation
|
page read and write
|
|
|
|
33C1000
|
trusted library allocation
|
page read and write
|
||
|
789B000
|
heap
|
page read and write
|
||
|
4471000
|
trusted library allocation
|
page read and write
|
||
|
42D9000
|
trusted library allocation
|
page read and write
|
||
|
414A000
|
trusted library allocation
|
page read and write
|
||
|
C1D000
|
unkown
|
page readonly
|
||
|
2E94000
|
trusted library allocation
|
page read and write
|
||
|
7839000
|
heap
|
page read and write
|
||
|
4414000
|
trusted library allocation
|
page read and write
|
||
|
11E0000
|
trusted library allocation
|
page read and write
|
||
|
128E000
|
stack
|
page read and write
|
||
|
6E8C000
|
stack
|
page read and write
|
||
|
81E000
|
heap
|
page read and write
|
||
|
7BCA000
|
trusted library allocation
|
page read and write
|
||
|
41E8000
|
trusted library allocation
|
page read and write
|
||
|
6D10000
|
trusted library allocation
|
page read and write
|
||
|
5A1E000
|
stack
|
page read and write
|
||
|
57EF000
|
heap
|
page read and write
|
||
|
3300000
|
trusted library allocation
|
page read and write
|
||
|
53D2000
|
trusted library allocation
|
page read and write
|
||
|
432E000
|
trusted library allocation
|
page read and write
|
||
|
40CE000
|
trusted library allocation
|
page read and write
|
||
|
3333000
|
trusted library allocation
|
page read and write
|
||
|
30C8000
|
trusted library allocation
|
page read and write
|
||
|
668E000
|
stack
|
page read and write
|
||
|
4423000
|
trusted library allocation
|
page read and write
|
||
|
55EE000
|
stack
|
page read and write
|
||
|
331A000
|
trusted library allocation
|
page read and write
|
||
|
7795000
|
heap
|
page read and write
|
||
|
4278000
|
trusted library allocation
|
page read and write
|
||
|
7FA50000
|
trusted library allocation
|
page execute and read and write
|
||
|
3349000
|
trusted library allocation
|
page read and write
|
||
|
339A000
|
trusted library allocation
|
page read and write
|
||
|
42A9000
|
trusted library allocation
|
page read and write
|
||
|
7800000
|
heap
|
page read and write
|
||
|
6037000
|
heap
|
page read and write
|
||
|
5A20000
|
trusted library allocation
|
page read and write
|
||
|
7B70000
|
trusted library allocation
|
page execute and read and write
|
||
|
501C000
|
stack
|
page read and write
|
||
|
446000
|
remote allocation
|
page execute and read and write
|
||
|
4323000
|
trusted library allocation
|
page read and write
|
||
|
40ED000
|
trusted library allocation
|
page read and write
|
||
|
4129000
|
trusted library allocation
|
page read and write
|
||
|
2EF0000
|
trusted library allocation
|
page read and write
|
||
|
5A30000
|
trusted library allocation
|
page read and write
|
||
|
6AC0000
|
trusted library allocation
|
page read and write
|
||
|
3152000
|
trusted library allocation
|
page read and write
|
||
|
BFE000
|
unkown
|
page read and write
|
||
|
414F000
|
trusted library allocation
|
page read and write
|
||
|
778A000
|
heap
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
6CC0000
|
trusted library allocation
|
page read and write
|
||
|
7841000
|
heap
|
page read and write
|
||
|
35EF000
|
trusted library allocation
|
page read and write
|
||
|
40D4000
|
trusted library allocation
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
11F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
6A0A000
|
trusted library allocation
|
page read and write
|
||
|
43DA000
|
trusted library allocation
|
page read and write
|
||
|
678E000
|
stack
|
page read and write
|
||
|
4299000
|
trusted library allocation
|
page read and write
|
||
|
6D8C000
|
stack
|
page read and write
|
||
|
4338000
|
trusted library allocation
|
page read and write
|
||
|
777C000
|
stack
|
page read and write
|
||
|
4358000
|
trusted library allocation
|
page read and write
|
||
|
2EBD000
|
trusted library allocation
|
page read and write
|
||
|
6FD000
|
stack
|
page read and write
|
||
|
7871000
|
heap
|
page read and write
|
||
|
43EB000
|
trusted library allocation
|
page read and write
|
||
|
431E000
|
trusted library allocation
|
page read and write
|
||
|
77E6000
|
heap
|
page read and write
|
||
|
5856000
|
heap
|
page read and write
|
||
|
4288000
|
trusted library allocation
|
page read and write
|
||
|
6AE0000
|
trusted library allocation
|
page read and write
|
||
|
6CE0000
|
trusted library allocation
|
page read and write
|
||
|
11F4000
|
trusted library allocation
|
page read and write
|
||
|
40BA000
|
trusted library allocation
|
page read and write
|
||
|
6B40000
|
trusted library allocation
|
page execute and read and write
|
||
|
F65000
|
heap
|
page read and write
|
||
|
7B80000
|
trusted library allocation
|
page read and write
|
||
|
42FF000
|
trusted library allocation
|
page read and write
|
||
|
7BD4000
|
trusted library allocation
|
page read and write
|
||
|
30C1000
|
trusted library allocation
|
page read and write
|
||
|
6CD0000
|
trusted library allocation
|
page read and write
|
||
|
4164000
|
trusted library allocation
|
page read and write
|
||
|
6B90000
|
trusted library allocation
|
page execute and read and write
|
||
|
43CF000
|
trusted library allocation
|
page read and write
|
||
|
41A9000
|
trusted library allocation
|
page read and write
|
||
|
4146000
|
trusted library allocation
|
page read and write
|
||
|
435D000
|
trusted library allocation
|
page read and write
|
||
|
4119000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
C16000
|
unkown
|
page write copy
|
||
|
AF1000
|
unkown
|
page execute read
|
||
|
43A2000
|
trusted library allocation
|
page read and write
|
||
|
40B6000
|
trusted library allocation
|
page read and write
|
||
|
4306000
|
trusted library allocation
|
page read and write
|
||
|
5817000
|
heap
|
page read and write
|
||
|
624E000
|
stack
|
page read and write
|
||
|
434F000
|
trusted library allocation
|
page read and write
|
||
|
C1D000
|
unkown
|
page readonly
|
||
|
11F0000
|
trusted library allocation
|
page read and write
|
||
|
1222000
|
trusted library allocation
|
page read and write
|
||
|
5680000
|
heap
|
page read and write
|
||
|
41DF000
|
trusted library allocation
|
page read and write
|
||
|
32E1000
|
trusted library allocation
|
page read and write
|
||
|
6A6E000
|
trusted library allocation
|
page read and write
|
||
|
41E5000
|
trusted library allocation
|
page read and write
|
||
|
6A15000
|
trusted library allocation
|
page read and write
|
||
|
44D6000
|
trusted library allocation
|
page read and write
|
||
|
F39000
|
heap
|
page read and write
|
||
|
3095000
|
trusted library allocation
|
page read and write
|
||
|
330D000
|
trusted library allocation
|
page read and write
|
||
|
40A3000
|
trusted library allocation
|
page read and write
|
||
|
7BBA000
|
trusted library allocation
|
page read and write
|
||
|
30E9000
|
trusted library allocation
|
page read and write
|
||
|
43C8000
|
trusted library allocation
|
page read and write
|
||
|
7050000
|
trusted library allocation
|
page execute and read and write
|
||
|
D2F000
|
stack
|
page read and write
|
||
|
2E90000
|
trusted library allocation
|
page read and write
|
||
|
79CA000
|
trusted library allocation
|
page read and write
|
||
|
44C9000
|
trusted library allocation
|
page read and write
|
||
|
F72000
|
heap
|
page read and write
|
||
|
6CF0000
|
heap
|
page execute and read and write
|
||
|
41EE000
|
trusted library allocation
|
page read and write
|
||
|
7A5B000
|
stack
|
page read and write
|
||
|
79CC000
|
trusted library allocation
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
424D000
|
trusted library allocation
|
page read and write
|
||
|
418A000
|
trusted library allocation
|
page read and write
|
||
|
6A00000
|
trusted library allocation
|
page read and write
|
||
|
7BE0000
|
trusted library allocation
|
page read and write
|
||
|
34B3000
|
trusted library allocation
|
page read and write
|
||
|
40C3000
|
trusted library allocation
|
page read and write
|
||
|
7010000
|
trusted library allocation
|
page execute and read and write
|
||
|
6900000
|
heap
|
page read and write
|
||
|
6A51000
|
trusted library allocation
|
page read and write
|
||
|
6A9E000
|
trusted library allocation
|
page read and write
|
||
|
3F21000
|
trusted library allocation
|
page read and write
|
||
|
2E80000
|
trusted library allocation
|
page read and write
|
||
|
7BA9000
|
trusted library allocation
|
page read and write
|
||
|
6D20000
|
trusted library allocation
|
page execute and read and write
|
||
|
7B90000
|
heap
|
page read and write
|
||
|
2EB1000
|
trusted library allocation
|
page read and write
|
||
|
6B20000
|
trusted library allocation
|
page read and write
|
||
|
6A95000
|
trusted library allocation
|
page read and write
|
||
|
11FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
41D6000
|
trusted library allocation
|
page read and write
|
||
|
BBB000
|
unkown
|
page write copy
|
||
|
3492000
|
trusted library allocation
|
page read and write
|
||
|
81A000
|
heap
|
page read and write
|
||
|
5690000
|
heap
|
page read and write
|
||
|
6A19000
|
trusted library allocation
|
page read and write
|
||
|
422A000
|
trusted library allocation
|
page read and write
|
||
|
7BA0000
|
trusted library allocation
|
page read and write
|
||
|
3089000
|
trusted library allocation
|
page read and write
|
||
|
43AE000
|
trusted library allocation
|
page read and write
|
||
|
3537000
|
trusted library allocation
|
page read and write
|
||
|
77E0000
|
heap
|
page read and write
|
||
|
AFF000
|
unkown
|
page execute read
|
||
|
3087000
|
trusted library allocation
|
page read and write
|
||
|
327A000
|
trusted library allocation
|
page read and write
|
||
|
7831000
|
heap
|
page read and write
|
||
|
3489000
|
trusted library allocation
|
page read and write
|
||
|
4273000
|
trusted library allocation
|
page read and write
|
||
|
13B0000
|
trusted library allocation
|
page read and write
|
||
|
4292000
|
trusted library allocation
|
page read and write
|
||
|
54A3000
|
heap
|
page read and write
|
||
|
5393000
|
heap
|
page execute and read and write
|
||
|
6A4B000
|
trusted library allocation
|
page read and write
|
||
|
417D000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
heap
|
page execute and read and write
|
||
|
3EC000
|
stack
|
page read and write
|
||
|
6A62000
|
trusted library allocation
|
page read and write
|
||
|
6033000
|
heap
|
page read and write
|
||
|
4113000
|
trusted library allocation
|
page read and write
|
||
|
41C9000
|
trusted library allocation
|
page read and write
|
||
|
2E5C000
|
stack
|
page read and write
|
||
|
41B9000
|
trusted library allocation
|
page read and write
|
||
|
40B0000
|
trusted library allocation
|
page read and write
|
||
|
AFB000
|
unkown
|
page execute read
|
||
|
5892000
|
heap
|
page read and write
|
||
|
6BA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5370000
|
trusted library allocation
|
page read and write
|
||
|
4407000
|
trusted library allocation
|
page read and write
|
||
|
BA0000
|
unkown
|
page execute read
|
||
|
32AA000
|
trusted library allocation
|
page read and write
|
||
|
3F5C000
|
trusted library allocation
|
page read and write
|
||
|
42BD000
|
trusted library allocation
|
page read and write
|
||
|
425A000
|
trusted library allocation
|
page read and write
|
||
|
447B000
|
trusted library allocation
|
page read and write
|
||
|
429F000
|
trusted library allocation
|
page read and write
|
||
|
664E000
|
stack
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
122B000
|
trusted library allocation
|
page execute and read and write
|
||
|
620F000
|
stack
|
page read and write
|
||
|
31C9000
|
trusted library allocation
|
page read and write
|
||
|
53E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
440D000
|
trusted library allocation
|
page read and write
|
||
|
41AE000
|
trusted library allocation
|
page read and write
|
||
|
1240000
|
trusted library allocation
|
page read and write
|
||
|
442B000
|
trusted library allocation
|
page read and write
|
||
|
6A17000
|
trusted library allocation
|
page read and write
|
||
|
5A22000
|
trusted library allocation
|
page read and write
|
||
|
6A9B000
|
trusted library allocation
|
page read and write
|
||
|
437000
|
remote allocation
|
page execute and read and write
|
||
|
3FA2000
|
trusted library allocation
|
page read and write
|
||
|
7CF0000
|
trusted library allocation
|
page read and write
|
||
|
7C00000
|
trusted library allocation
|
page read and write
|
||
|
10F5000
|
heap
|
page read and write
|
||
|
40C8000
|
trusted library allocation
|
page read and write
|
||
|
7829000
|
heap
|
page read and write
|
||
|
33B1000
|
trusted library allocation
|
page read and write
|
||
|
4158000
|
trusted library allocation
|
page read and write
|
||
|
4400000
|
trusted library allocation
|
page read and write
|
||
|
2EF5000
|
trusted library allocation
|
page read and write
|
||
|
588F000
|
heap
|
page read and write
|
||
|
4367000
|
trusted library allocation
|
page read and write
|
||
|
3321000
|
trusted library allocation
|
page read and write
|
||
|
4202000
|
trusted library allocation
|
page read and write
|
||
|
6B10000
|
trusted library allocation
|
page read and write
|
||
|
3556000
|
trusted library allocation
|
page read and write
|
||
|
2EB6000
|
trusted library allocation
|
page read and write
|
||
|
3F5A000
|
trusted library allocation
|
page read and write
|
||
|
2F10000
|
heap
|
page execute and read and write
|
||
|
13AE000
|
stack
|
page read and write
|
||
|
42C2000
|
trusted library allocation
|
page read and write
|
||
|
33CD000
|
trusted library allocation
|
page read and write
|
||
|
77C5000
|
heap
|
page read and write
|
||
|
2EAE000
|
trusted library allocation
|
page read and write
|
||
|
31B1000
|
trusted library allocation
|
page read and write
|
||
|
410C000
|
trusted library allocation
|
page read and write
|
||
|
781C000
|
heap
|
page read and write
|
||
|
7780000
|
heap
|
page read and write
|
||
|
81FE000
|
stack
|
page read and write
|
||
|
7D60000
|
trusted library allocation
|
page read and write
|
||
|
FDA000
|
heap
|
page read and write
|
||
|
1227000
|
trusted library allocation
|
page execute and read and write
|
||
|
30B6000
|
trusted library allocation
|
page read and write
|
||
|
ADF000
|
stack
|
page read and write
|
||
|
59DE000
|
stack
|
page read and write
|
||
|
5896000
|
heap
|
page read and write
|
||
|
4191000
|
trusted library allocation
|
page read and write
|
||
|
2EE0000
|
trusted library allocation
|
page read and write
|
||
|
44C6000
|
trusted library allocation
|
page read and write
|
||
|
7BE8000
|
trusted library allocation
|
page read and write
|
||
|
43BB000
|
trusted library allocation
|
page read and write
|
||
|
432000
|
remote allocation
|
page execute and read and write
|
||
|
77B9000
|
heap
|
page read and write
|
||
|
FFC000
|
heap
|
page read and write
|
||
|
341B000
|
trusted library allocation
|
page read and write
|
||
|
7020000
|
trusted library allocation
|
page read and write
|
||
|
C1B000
|
unkown
|
page readonly
|
||
|
7851000
|
heap
|
page read and write
|
||
|
57B4000
|
heap
|
page read and write
|
||
|
4490000
|
trusted library allocation
|
page read and write
|
||
|
3416000
|
trusted library allocation
|
page read and write
|
||
|
7CEE000
|
stack
|
page read and write
|
||
|
7BC5000
|
trusted library allocation
|
page read and write
|
||
|
7B5E000
|
stack
|
page read and write
|
||
|
6A10000
|
trusted library allocation
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
788F000
|
heap
|
page read and write
|
||
|
4421000
|
trusted library allocation
|
page read and write
|
||
|
6A71000
|
trusted library allocation
|
page read and write
|
||
|
2C6E000
|
stack
|
page read and write
|
||
|
446A000
|
trusted library allocation
|
page read and write
|
||
|
3338000
|
trusted library allocation
|
page read and write
|
||
|
121A000
|
trusted library allocation
|
page execute and read and write
|
||
|
31AE000
|
trusted library allocation
|
page read and write
|
||
|
BA0000
|
unkown
|
page execute read
|
||
|
4101000
|
trusted library allocation
|
page read and write
|
||
|
3354000
|
trusted library allocation
|
page read and write
|
||
|
4363000
|
trusted library allocation
|
page read and write
|
||
|
32F4000
|
trusted library allocation
|
page read and write
|
||
|
3545000
|
trusted library allocation
|
page read and write
|
||
|
7BB8000
|
trusted library allocation
|
page read and write
|
||
|
7CFB000
|
trusted library allocation
|
page read and write
|
||
|
FEC000
|
heap
|
page read and write
|
||
|
7808000
|
heap
|
page read and write
|
||
|
12AE000
|
heap
|
page read and write
|
||
|
2EEE000
|
trusted library allocation
|
page read and write
|
||
|
3F2F000
|
trusted library allocation
|
page read and write
|
||
|
32EA000
|
trusted library allocation
|
page read and write
|
||
|
10DE000
|
stack
|
page read and write
|
||
|
41E3000
|
trusted library allocation
|
page read and write
|
||
|
4458000
|
trusted library allocation
|
page read and write
|
||
|
3F63000
|
trusted library allocation
|
page read and write
|
||
|
6D00000
|
trusted library allocation
|
page read and write
|
||
|
7C6D000
|
stack
|
page read and write
|
||
|
80E000
|
stack
|
page read and write
|
||
|
6B30000
|
trusted library allocation
|
page execute and read and write
|
||
|
30AF000
|
trusted library allocation
|
page read and write
|
||
|
3379000
|
trusted library allocation
|
page read and write
|
||
|
6D40000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F42000
|
trusted library allocation
|
page read and write
|
||
|
58DE000
|
stack
|
page read and write
|
||
|
5A50000
|
trusted library allocation
|
page read and write
|
||
|
5A40000
|
trusted library allocation
|
page read and write
|
||
|
120D000
|
trusted library allocation
|
page execute and read and write
|
||
|
40C5000
|
trusted library allocation
|
page read and write
|
||
|
42B2000
|
trusted library allocation
|
page read and write
|
||
|
53D0000
|
trusted library allocation
|
page read and write
|
||
|
7CAE000
|
stack
|
page read and write
|
||
|
7BCF000
|
trusted library allocation
|
page read and write
|
||
|
2EC2000
|
trusted library allocation
|
page read and write
|
||
|
6A40000
|
trusted library allocation
|
page read and write
|
||
|
433E000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
AF0000
|
unkown
|
page readonly
|
||
|
31F5000
|
trusted library allocation
|
page read and write
|
||
|
6810000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
42B7000
|
trusted library allocation
|
page read and write
|
||
|
3386000
|
trusted library allocation
|
page read and write
|
||
|
4155000
|
trusted library allocation
|
page read and write
|
||
|
77EC000
|
heap
|
page read and write
|
||
|
82FE000
|
stack
|
page read and write
|
||
|
44C3000
|
trusted library allocation
|
page read and write
|
||
|
31DA000
|
trusted library allocation
|
page read and write
|
||
|
33A5000
|
trusted library allocation
|
page read and write
|
||
|
42E5000
|
trusted library allocation
|
page read and write
|
||
|
7BF0000
|
trusted library allocation
|
page read and write
|
||
|
77A6000
|
heap
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
6021000
|
heap
|
page read and write
|
||
|
2ED0000
|
trusted library allocation
|
page read and write
|
||
|
78C0000
|
heap
|
page read and write
|
||
|
30CD000
|
trusted library allocation
|
page read and write
|
||
|
325E000
|
trusted library allocation
|
page read and write
|
||
|
6ECE000
|
stack
|
page read and write
|
||
|
419C000
|
trusted library allocation
|
page read and write
|
||
|
7027000
|
trusted library allocation
|
page read and write
|
||
|
44BD000
|
trusted library allocation
|
page read and write
|
||
|
6A05000
|
trusted library allocation
|
page read and write
|
||
|
443E000
|
trusted library allocation
|
page read and write
|
||
|
81BE000
|
stack
|
page read and write
|
||
|
42B5000
|
trusted library allocation
|
page read and write
|
||
|
79C0000
|
trusted library allocation
|
page read and write
|
||
|
813E000
|
stack
|
page read and write
|
||
|
30D2000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
344E000
|
trusted library allocation
|
page read and write
|
||
|
2E60000
|
heap
|
page read and write
|
||
|
42A6000
|
trusted library allocation
|
page read and write
|
||
|
1016000
|
heap
|
page read and write
|
||
|
332C000
|
trusted library allocation
|
page read and write
|
||
|
30A2000
|
trusted library allocation
|
page read and write
|
||
|
EF7000
|
stack
|
page read and write
|
||
|
BB9000
|
stack
|
page read and write
|
||
|
4153000
|
trusted library allocation
|
page read and write
|
||
|
579F000
|
stack
|
page read and write
|
||
|
4133000
|
trusted library allocation
|
page read and write
|
||
|
44BA000
|
trusted library allocation
|
page read and write
|
||
|
42F2000
|
trusted library allocation
|
page read and write
|
||
|
33B6000
|
trusted library allocation
|
page read and write
|
||
|
C07000
|
unkown
|
page execute and read and write
|
||
|
41A3000
|
trusted library allocation
|
page read and write
|
||
|
444B000
|
trusted library allocation
|
page read and write
|
||
|
44AD000
|
trusted library allocation
|
page read and write
|
||
|
78B8000
|
heap
|
page read and write
|
||
|
7D5E000
|
stack
|
page read and write
|
||
|
333D000
|
trusted library allocation
|
page read and write
|
||
|
4318000
|
trusted library allocation
|
page read and write
|
||
|
4426000
|
trusted library allocation
|
page read and write
|
||
|
582F000
|
heap
|
page read and write
|
||
|
6A08000
|
trusted library allocation
|
page read and write
|
||
|
31BE000
|
trusted library allocation
|
page read and write
|
||
|
3026000
|
trusted library allocation
|
page read and write
|
||
|
40E0000
|
trusted library allocation
|
page read and write
|
||
|
3393000
|
trusted library allocation
|
page read and write
|
||
|
628E000
|
stack
|
page read and write
|
||
|
7BA5000
|
trusted library allocation
|
page read and write
|
||
|
44B3000
|
trusted library allocation
|
page read and write
|
||
|
54A0000
|
heap
|
page read and write
|
||
|
79A0000
|
trusted library allocation
|
page read and write
|
||
|
4389000
|
trusted library allocation
|
page read and write
|
||
|
42AF000
|
trusted library allocation
|
page read and write
|
||
|
41DA000
|
trusted library allocation
|
page read and write
|
||
|
4432000
|
trusted library allocation
|
page read and write
|
||
|
4139000
|
trusted library allocation
|
page read and write
|
||
|
43E6000
|
trusted library allocation
|
page read and write
|
||
|
6FCE000
|
stack
|
page read and write
|
||
|
7B60000
|
trusted library allocation
|
page read and write
|
||
|
C1B000
|
unkown
|
page readonly
|
||
|
4418000
|
trusted library allocation
|
page read and write
|
||
|
441D000
|
trusted library allocation
|
page read and write
|
||
|
803E000
|
stack
|
page read and write
|
||
|
4476000
|
trusted library allocation
|
page read and write
|
||
|
5880000
|
heap
|
page read and write
|
||
|
585A000
|
heap
|
page read and write
|
||
|
31D0000
|
trusted library allocation
|
page read and write
|
||
|
12A4000
|
heap
|
page read and write
|
||
|
6AA0000
|
trusted library allocation
|
page read and write
|
||
|
537E000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
31EA000
|
trusted library allocation
|
page read and write
|
||
|
312F000
|
trusted library allocation
|
page read and write
|
||
|
319F000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
trusted library allocation
|
page read and write
|
||
|
41D0000
|
trusted library allocation
|
page read and write
|
||
|
4487000
|
trusted library allocation
|
page read and write
|
||
|
319C000
|
trusted library allocation
|
page read and write
|
||
|
700E000
|
stack
|
page read and write
|
||
|
7BD0000
|
trusted library allocation
|
page read and write
|
||
|
7BBF000
|
trusted library allocation
|
page read and write
|
||
|
7D10000
|
trusted library allocation
|
page execute and read and write
|
||
|
BA7000
|
unkown
|
page readonly
|
||
|
41C3000
|
trusted library allocation
|
page read and write
|
||
|
31D5000
|
trusted library allocation
|
page read and write
|
||
|
AF1000
|
unkown
|
page execute read
|
||
|
40A9000
|
trusted library allocation
|
page read and write
|
||
|
57A0000
|
heap
|
page read and write
|
||
|
1290000
|
trusted library allocation
|
page execute and read and write
|
||
|
43F7000
|
trusted library allocation
|
page read and write
|
||
|
31E3000
|
trusted library allocation
|
page read and write
|
||
|
3550000
|
trusted library allocation
|
page read and write
|
||
|
785D000
|
heap
|
page read and write
|
||
|
4170000
|
trusted library allocation
|
page read and write
|
||
|
C16000
|
unkown
|
page read and write
|
||
|
6A56000
|
trusted library allocation
|
page read and write
|
||
|
AF0000
|
unkown
|
page readonly
|
||
|
35F8000
|
trusted library allocation
|
page read and write
|
||
|
4311000
|
trusted library allocation
|
page read and write
|
||
|
434B000
|
trusted library allocation
|
page read and write
|
||
|
31AA000
|
trusted library allocation
|
page read and write
|
||
|
5877000
|
heap
|
page read and write
|
||
|
40BF000
|
trusted library allocation
|
page read and write
|
||
|
44D1000
|
trusted library allocation
|
page read and write
|
||
|
35EB000
|
trusted library allocation
|
page read and write
|
||
|
2E9B000
|
trusted library allocation
|
page read and write
|
||
|
3218000
|
trusted library allocation
|
page read and write
|
||
|
43E1000
|
trusted library allocation
|
page read and write
|
||
|
4261000
|
trusted library allocation
|
page read and write
|
||
|
779D000
|
heap
|
page read and write
|
||
|
583A000
|
heap
|
page read and write
|
||
|
32F2000
|
trusted library allocation
|
page read and write
|
||
|
AFB000
|
unkown
|
page execute read
|
||
|
109E000
|
stack
|
page read and write
|
||
|
352C000
|
trusted library allocation
|
page read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
336D000
|
trusted library allocation
|
page read and write
|
||
|
4140000
|
trusted library allocation
|
page read and write
|
||
|
1225000
|
trusted library allocation
|
page execute and read and write
|
||
|
53C0000
|
heap
|
page read and write
|
||
|
6A90000
|
trusted library allocation
|
page read and write
|
||
|
1210000
|
trusted library allocation
|
page read and write
|
||
|
426C000
|
trusted library allocation
|
page read and write
|
||
|
BA7000
|
unkown
|
page readonly
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
654F000
|
stack
|
page read and write
|
||
|
79E000
|
stack
|
page read and write
|
||
|
435A000
|
trusted library allocation
|
page read and write
|
||
|
AFF000
|
unkown
|
page execute read
|
||
|
78B0000
|
heap
|
page read and write
|
||
|
33AC000
|
trusted library allocation
|
page read and write
|
||
|
6AD0000
|
trusted library allocation
|
page read and write
|
||
|
817E000
|
stack
|
page read and write
|
||
|
57E2000
|
heap
|
page read and write
|
||
|
44CB000
|
trusted library allocation
|
page read and write
|
||
|
4345000
|
trusted library allocation
|
page read and write
|
||
|
2D6E000
|
stack
|
page read and write
|
||
|
30DE000
|
trusted library allocation
|
page read and write
|
||
|
445F000
|
trusted library allocation
|
page read and write
|
||
|
427D000
|
trusted library allocation
|
page read and write
|
||
|
4354000
|
trusted library allocation
|
page read and write
|
||
|
6AB0000
|
trusted library allocation
|
page read and write
|
||
|
1212000
|
trusted library allocation
|
page read and write
|
||
|
307C000
|
trusted library allocation
|
page read and write
|
||
|
4240000
|
trusted library allocation
|
page read and write
|
||
|
6A80000
|
trusted library allocation
|
page read and write
|
||
|
2F00000
|
trusted library allocation
|
page read and write
|
||
|
31A2000
|
trusted library allocation
|
page read and write
|
||
|
3227000
|
trusted library allocation
|
page read and write
|
||
|
2D88000
|
trusted library allocation
|
page read and write
|
||
|
BEF000
|
unkown
|
page read and write
|
||
|
7BA2000
|
trusted library allocation
|
page read and write
|
||
|
411E000
|
trusted library allocation
|
page read and write
|
||
|
40FA000
|
trusted library allocation
|
page read and write
|
||
|
77D0000
|
heap
|
page read and write
|
||
|
4396000
|
trusted library allocation
|
page read and write
|
||
|
415E000
|
trusted library allocation
|
page read and write
|
||
|
6830000
|
trusted library allocation
|
page execute and read and write
|
||
|
1216000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A38000
|
trusted library allocation
|
page read and write
|
||
|
326E000
|
trusted library allocation
|
page read and write
|
There are 480 hidden memdumps, click here to show them.