Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SaturdayNight.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SaturdayNight.exe
|
"C:\Users\user\Desktop\SaturdayNight.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\LogonUI.exe
|
"LogonUI.exe" /flags:0x4 /state0:0xa3fbe055 /state1:0x41c64e6d
|
||
|
C:\Windows\System32\cdd.dll
|
|||
|
C:\Windows\System32\fontdrvhost.exe
|
"fontdrvhost.exe"
|
||
|
C:\Windows\System32\LogonUI.exe
|
"LogonUI.exe" /flags:0x2 /state0:0xa3f48055 /state1:0x41c64e6d
|
||
|
C:\Windows\System32\cdd.dll
|
|||
|
C:\Windows\System32\LogonUI.exe
|
"LogonUI.exe" /flags:0x2 /state0:0xa3f57855 /state1:0x41c64e6d
|
||
|
C:\Windows\System32\fontdrvhost.exe
|
"fontdrvhost.exe"
|
||
|
C:\Windows\System32\cdd.dll
|
|||
|
C:\Windows\System32\fontdrvhost.exe
|
"fontdrvhost.exe"
|
||
|
C:\Windows\System32\LogonUI.exe
|
"LogonUI.exe" /flags:0x2 /state0:0xa3f60855 /state1:0x41c64e6d
|
||
|
C:\Windows\System32\cdd.dll
|
|||
|
C:\Windows\System32\LogonUI.exe
|
"LogonUI.exe" /flags:0x2 /state0:0xa3f68055 /state1:0x41c64e6d
|
||
|
C:\Windows\System32\fontdrvhost.exe
|
"fontdrvhost.exe"
|
||
|
C:\Windows\System32\cdd.dll
|
|||
|
C:\Windows\System32\LogonUI.exe
|
"LogonUI.exe" /flags:0x2 /state0:0xa3f70055 /state1:0x41c64e6d
|
There are 7 hidden processes, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bg.microsoft.map.fastly.net
|
199.232.210.172
|
||
|
api.msn.com
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI
|
IdleTime
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1D2B8F1E000
|
heap
|
page read and write
|
||
|
1D2B8E66000
|
heap
|
page read and write
|
||
|
1D2B8EBC000
|
heap
|
page read and write
|
||
|
1D2BB145000
|
heap
|
page read and write
|
||
|
197E3FE000
|
unkown
|
page readonly
|
||
|
A1585FE000
|
unkown
|
page readonly
|
||
|
1D2B6BCC000
|
heap
|
page read and write
|
||
|
6736D4B000
|
stack
|
page read and write
|
||
|
189F8240000
|
heap
|
page read and write
|
||
|
1D2B6B64000
|
heap
|
page read and write
|
||
|
1D2B8EDA000
|
heap
|
page read and write
|
||
|
1D2BB176000
|
heap
|
page read and write
|
||
|
1D2B8ED4000
|
heap
|
page read and write
|
||
|
225CD7E000
|
stack
|
page read and write
|
||
|
1D2B8E66000
|
heap
|
page read and write
|
||
|
1D2B6B9E000
|
heap
|
page read and write
|
||
|
1D2B8F25000
|
heap
|
page read and write
|
||
|
1D2B8EBC000
|
heap
|
page read and write
|
||
|
1D2B5927000
|
heap
|
page read and write
|
||
|
1D2B8EC6000
|
heap
|
page read and write
|
||
|
1D2B8F1E000
|
heap
|
page read and write
|
||
|
1D2B8E61000
|
heap
|
page read and write
|
||
|
1E9749D0000
|
heap
|
page read and write
|
||
|
197DF7E000
|
stack
|
page read and write
|
||
|
1D2BB149000
|
heap
|
page read and write
|
||
|
1D2BB139000
|
heap
|
page read and write
|
||
|
1D2BB15E000
|
heap
|
page read and write
|
||
|
1D2BB0ED000
|
heap
|
page read and write
|
||
|
1D2B5A83000
|
heap
|
page read and write
|
||
|
1D2B591A000
|
heap
|
page read and write
|
||
|
1D2B5AC3000
|
heap
|
page read and write
|
||
|
3261F1C000
|
stack
|
page read and write
|
||
|
197E17E000
|
stack
|
page read and write
|
||
|
13B1CEE0000
|
heap
|
page read and write
|
||
|
1D2B8F12000
|
heap
|
page read and write
|
||
|
225C93E000
|
stack
|
page read and write
|
||
|
B9F1EFE000
|
stack
|
page read and write
|
||
|
1D2BB0CF000
|
heap
|
page read and write
|
||
|
1D2B8EC4000
|
heap
|
page read and write
|
||
|
1D2B58BC000
|
heap
|
page read and write
|
||
|
1D2B8E72000
|
heap
|
page read and write
|
||
|
189F8330000
|
heap
|
page read and write
|
||
|
1D2BB176000
|
heap
|
page read and write
|
||
|
5B4000
|
unkown
|
page readonly
|
||
|
1D2BB17C000
|
heap
|
page read and write
|
||
|
1D2B6B9E000
|
heap
|
page read and write
|
||
|
1D2B6BB0000
|
heap
|
page read and write
|
||
|
1D2B8E9B000
|
heap
|
page read and write
|
||
|
1D2B58E0000
|
heap
|
page read and write
|
||
|
1D2B6BAA000
|
heap
|
page read and write
|
||
|
225C9BE000
|
stack
|
page read and write
|
||
|
1D2BB0D7000
|
heap
|
page read and write
|
||
|
1D2B8EAB000
|
heap
|
page read and write
|
||
|
1D2BB12B000
|
heap
|
page read and write
|
||
|
7DF44DA11000
|
trusted library allocation
|
page execute read
|
||
|
1D2B8EDA000
|
heap
|
page read and write
|
||
|
1D2B8F3B000
|
heap
|
page read and write
|
||
|
225CEFC000
|
stack
|
page read and write
|
||
|
1D2B6BA1000
|
heap
|
page read and write
|
||
|
1D2B58F8000
|
heap
|
page read and write
|
||
|
1D2B6B84000
|
heap
|
page read and write
|
||
|
1D2B8EC4000
|
heap
|
page read and write
|
||
|
1F440370000
|
heap
|
page read and write
|
||
|
1D2B58C6000
|
heap
|
page read and write
|
||
|
32624FD000
|
stack
|
page read and write
|
||
|
80AB7D000
|
stack
|
page read and write
|
||
|
1D2BB15D000
|
heap
|
page read and write
|
||
|
1D2B8E72000
|
heap
|
page read and write
|
||
|
1D2B58EC000
|
heap
|
page read and write
|
||
|
1D2B8EA6000
|
heap
|
page read and write
|
||
|
1D2B6B9E000
|
heap
|
page read and write
|
||
|
2653B935000
|
heap
|
page read and write
|
||
|
1F440340000
|
heap
|
page read and write
|
||
|
1D2B8E82000
|
heap
|
page read and write
|
||
|
1D2B5920000
|
heap
|
page read and write
|
||
|
2653B5E0000
|
heap
|
page read and write
|
||
|
CA43AFE000
|
stack
|
page read and write
|
||
|
1D2B8EC4000
|
heap
|
page read and write
|
||
|
1D2B6BB4000
|
heap
|
page read and write
|
||
|
1D2BB080000
|
heap
|
page readonly
|
||
|
CD9CAFE000
|
stack
|
page read and write
|
||
|
1D2B6BAF000
|
heap
|
page read and write
|
||
|
1D2B5810000
|
heap
|
page read and write
|
||
|
1D2B6BA1000
|
heap
|
page read and write
|
||
|
1D2B6B97000
|
heap
|
page read and write
|
||
|
1D2B8F1E000
|
heap
|
page read and write
|
||
|
2A2BA4F7000
|
heap
|
page read and write
|
||
|
1D2B58C1000
|
heap
|
page read and write
|
||
|
1D2BB104000
|
heap
|
page read and write
|
||
|
5ED4B7F000
|
stack
|
page read and write
|
||
|
1D2BB102000
|
heap
|
page read and write
|
||
|
13B1CD10000
|
heap
|
page read and write
|
||
|
13B1CFB5000
|
heap
|
page read and write
|
||
|
1D2B8EBE000
|
heap
|
page read and write
|
||
|
326237E000
|
stack
|
page read and write
|
||
|
5FE000
|
stack
|
page read and write
|
||
|
1D2B58ED000
|
heap
|
page read and write
|
||
|
5BA000
|
unkown
|
page readonly
|
||
|
13B1CC40000
|
heap
|
page read and write
|
||
|
1D2B5914000
|
heap
|
page read and write
|
||
|
1D2B6BA1000
|
heap
|
page read and write
|
||
|
1D2B5918000
|
heap
|
page read and write
|
||
|
1D2B6BC4000
|
heap
|
page read and write
|
||
|
1D2BB12C000
|
heap
|
page read and write
|
||
|
1D2B5908000
|
heap
|
page read and write
|
||
|
1E974A77000
|
heap
|
page read and write
|
||
|
2653B76E000
|
heap
|
page read and write
|
||
|
1D2B8E48000
|
heap
|
page read and write
|
||
|
CA43E7E000
|
unkown
|
page readonly
|
||
|
1D2B592E000
|
heap
|
page read and write
|
||
|
1D2B6B9C000
|
heap
|
page read and write
|
||
|
2A2BA45B000
|
heap
|
page read and write
|
||
|
1D2B6BC8000
|
heap
|
page read and write
|
||
|
1D2B57E0000
|
heap
|
page read and write
|
||
|
1D2BB176000
|
heap
|
page read and write
|
||
|
5B9000
|
unkown
|
page read and write
|
||
|
1D2B8EAF000
|
heap
|
page read and write
|
||
|
1F44037B000
|
heap
|
page read and write
|
||
|
2A2BA430000
|
heap
|
page read and write
|
||
|
1D2B590C000
|
heap
|
page read and write
|
||
|
1D2B58A6000
|
heap
|
page read and write
|
||
|
A1586FE000
|
unkown
|
page readonly
|
||
|
1F440330000
|
heap
|
page read and write
|
||
|
1D2B8EC4000
|
heap
|
page read and write
|
||
|
CA43D7E000
|
unkown
|
page readonly
|
||
|
1D2B8E59000
|
heap
|
page read and write
|
||
|
1D2B8E8D000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
1D2B6BA2000
|
heap
|
page read and write
|
||
|
1D2B591A000
|
heap
|
page read and write
|
||
|
1EC5A1B0000
|
heap
|
page read and write
|
||
|
A1587FE000
|
unkown
|
page readonly
|
||
|
1F440417000
|
heap
|
page read and write
|
||
|
1E974A22000
|
heap
|
page read and write
|
||
|
1D2B8E66000
|
heap
|
page read and write
|
||
|
1D2B8EC6000
|
heap
|
page read and write
|
||
|
1D2BB17C000
|
heap
|
page read and write
|
||
|
1D2B5927000
|
heap
|
page read and write
|
||
|
1D2B5AC5000
|
heap
|
page read and write
|
||
|
1D2B6B9C000
|
heap
|
page read and write
|
||
|
1EC5A279000
|
heap
|
page read and write
|
||
|
1D2B8F1E000
|
heap
|
page read and write
|
||
|
1EC5A27B000
|
heap
|
page read and write
|
||
|
1D2B6B9E000
|
heap
|
page read and write
|
||
|
1D2B591A000
|
heap
|
page read and write
|
||
|
1D2BB11F000
|
heap
|
page read and write
|
||
|
1D2B8F1E000
|
heap
|
page read and write
|
||
|
1D2BB0EB000
|
heap
|
page read and write
|
||
|
1D2B5902000
|
heap
|
page read and write
|
||
|
1D2B592D000
|
heap
|
page read and write
|
||
|
1E9749B0000
|
heap
|
page read and write
|
||
|
1D2B5927000
|
heap
|
page read and write
|
||
|
2653B6E0000
|
heap
|
page read and write
|
||
|
1D2B8ED4000
|
heap
|
page read and write
|
||
|
1D2B58F4000
|
heap
|
page read and write
|
||
|
9EE000
|
heap
|
page read and write
|
||
|
1D2B6B97000
|
heap
|
page read and write
|
||
|
1D2B8F1E000
|
heap
|
page read and write
|
||
|
1F81DDE0000
|
heap
|
page read and write
|
||
|
1D2B5918000
|
heap
|
page read and write
|
||
|
1D2BB176000
|
heap
|
page read and write
|
||
|
80ACFD000
|
stack
|
page read and write
|
||
|
1D2B8EA8000
|
heap
|
page read and write
|
||
|
1D2B5927000
|
heap
|
page read and write
|
||
|
1D2BB14D000
|
heap
|
page read and write
|
||
|
1D2B58C7000
|
heap
|
page read and write
|
||
|
CD9CCFF000
|
stack
|
page read and write
|
||
|
1D2BB0C9000
|
heap
|
page read and write
|
||
|
1D2B5920000
|
heap
|
page read and write
|
||
|
8FF000
|
stack
|
page read and write
|
||
|
1D2B8E59000
|
heap
|
page read and write
|
||
|
1D2B8EA6000
|
heap
|
page read and write
|
||
|
1D2BB12B000
|
heap
|
page read and write
|
||
|
1D2B8E59000
|
heap
|
page read and write
|
||
|
9EA000
|
heap
|
page read and write
|
||
|
1D2B8EDB000
|
heap
|
page read and write
|
||
|
1D2BB0C0000
|
heap
|
page read and write
|
||
|
5ED4C7D000
|
stack
|
page read and write
|
||
|
B9F1F7E000
|
unkown
|
page readonly
|
||
|
2A2BA450000
|
heap
|
page read and write
|
||
|
1D2B5929000
|
heap
|
page read and write
|
||
|
197E07E000
|
stack
|
page read and write
|
||
|
1D2B6B50000
|
heap
|
page read and write
|
||
|
1D2B5902000
|
heap
|
page read and write
|
||
|
1D2B58C6000
|
heap
|
page read and write
|
||
|
1D2BB12B000
|
heap
|
page read and write
|
||
|
B9F178C000
|
stack
|
page read and write
|
||
|
1D2BB123000
|
heap
|
page read and write
|
||
|
1D2B58B9000
|
heap
|
page read and write
|
||
|
1D2B5927000
|
heap
|
page read and write
|
||
|
1D2BB12A000
|
heap
|
page read and write
|
||
|
253F63A0000
|
heap
|
page read and write
|
||
|
1D2B6BB0000
|
heap
|
page read and write
|
||
|
5B0000
|
unkown
|
page readonly
|
||
|
1D2B8E59000
|
heap
|
page read and write
|
||
|
1F81DBD0000
|
heap
|
page read and write
|
||
|
673747E000
|
stack
|
page read and write
|
||
|
1D2B591C000
|
heap
|
page read and write
|
||
|
189F8260000
|
heap
|
page read and write
|
||
|
1E9749A0000
|
heap
|
page read and write
|
||
|
1D2B5830000
|
heap
|
page read and write
|
||
|
189F8160000
|
heap
|
page read and write
|
||
|
5B9000
|
unkown
|
page write copy
|
||
|
B9F1E7E000
|
unkown
|
page readonly
|
||
|
1D2B8F13000
|
heap
|
page read and write
|
||
|
2A2BA4A2000
|
heap
|
page read and write
|
||
|
1D2B6BA0000
|
heap
|
page read and write
|
||
|
1D2BB10B000
|
heap
|
page read and write
|
||
|
1D2B8F29000
|
heap
|
page read and write
|
||
|
1E9749D9000
|
heap
|
page read and write
|
||
|
1D2B6B97000
|
heap
|
page read and write
|
||
|
1D2B6B9C000
|
heap
|
page read and write
|
||
|
A1588FE000
|
unkown
|
page readonly
|
||
|
189F833A000
|
heap
|
page read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
1D2B8E72000
|
heap
|
page read and write
|
||
|
326247D000
|
stack
|
page read and write
|
||
|
1D2BB139000
|
heap
|
page read and write
|
||
|
1D2B58A1000
|
heap
|
page read and write
|
||
|
CD9C87E000
|
stack
|
page read and write
|
||
|
B9F207E000
|
unkown
|
page readonly
|
||
|
253F6520000
|
heap
|
page read and write
|
||
|
1D2B8E45000
|
heap
|
page read and write
|
||
|
1D2B6B64000
|
heap
|
page read and write
|
||
|
1D2B8EA2000
|
heap
|
page read and write
|
||
|
1D2B8E99000
|
heap
|
page read and write
|
||
|
1D2B6BD2000
|
heap
|
page read and write
|
||
|
1D2BB0D7000
|
heap
|
page read and write
|
||
|
326227E000
|
stack
|
page read and write
|
||
|
2A2BA350000
|
heap
|
page read and write
|
||
|
1D2B8E95000
|
heap
|
page read and write
|
||
|
1D2B8F29000
|
heap
|
page read and write
|
||
|
197E27E000
|
stack
|
page read and write
|
||
|
B9F1FFE000
|
stack
|
page read and write
|
||
|
1D2B8F29000
|
heap
|
page read and write
|
||
|
1D2B591E000
|
heap
|
page read and write
|
||
|
1D2BB0DE000
|
heap
|
page read and write
|
||
|
1D2B591E000
|
heap
|
page read and write
|
||
|
2653B930000
|
heap
|
page read and write
|
||
|
1D2B8EA4000
|
heap
|
page read and write
|
||
|
1D2B8F10000
|
heap
|
page read and write
|
||
|
1D2B6B84000
|
heap
|
page read and write
|
||
|
5B1000
|
unkown
|
page execute read
|
||
|
1D2BB13A000
|
heap
|
page read and write
|
||
|
1D2BB176000
|
heap
|
page read and write
|
||
|
253F652B000
|
heap
|
page read and write
|
||
|
67371FE000
|
stack
|
page read and write
|
||
|
A15857E000
|
stack
|
page read and write
|
||
|
56E000
|
stack
|
page read and write
|
||
|
1D2B58BD000
|
heap
|
page read and write
|
||
|
1D2BB111000
|
heap
|
page read and write
|
||
|
1D2B6BC8000
|
heap
|
page read and write
|
||
|
1D2BB17C000
|
heap
|
page read and write
|
||
|
225CE7D000
|
stack
|
page read and write
|
||
|
1D2BB176000
|
heap
|
page read and write
|
||
|
1D2BB149000
|
heap
|
page read and write
|
||
|
B9F1DFE000
|
stack
|
page read and write
|
||
|
225CF7F000
|
stack
|
page read and write
|
||
|
5ED477B000
|
stack
|
page read and write
|
||
|
1F81DC50000
|
heap
|
page read and write
|
||
|
1D2B8F10000
|
heap
|
page read and write
|
||
|
1D2B58FA000
|
heap
|
page read and write
|
||
|
1D2BB3A0000
|
trusted library allocation
|
page read and write
|
||
|
1D2BB17D000
|
heap
|
page read and write
|
||
|
1D2BB0E4000
|
heap
|
page read and write
|
||
|
1D2B592E000
|
heap
|
page read and write
|
||
|
1D2BB0D7000
|
heap
|
page read and write
|
||
|
1D2B8F29000
|
heap
|
page read and write
|
||
|
B9F1D7E000
|
unkown
|
page readonly
|
||
|
1D2B6B84000
|
heap
|
page read and write
|
||
|
1D2BB17C000
|
heap
|
page read and write
|
||
|
1D2B6B84000
|
heap
|
page read and write
|
||
|
1D2B586C000
|
heap
|
page read and write
|
||
|
1D2B6BAE000
|
heap
|
page read and write
|
||
|
1D2BB172000
|
heap
|
page read and write
|
||
|
1D2B58D6000
|
heap
|
page read and write
|
||
|
A15887E000
|
stack
|
page read and write
|
||
|
1D2BB171000
|
heap
|
page read and write
|
||
|
CA43BFE000
|
stack
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
1D2B6BC8000
|
heap
|
page read and write
|
||
|
189F89B0000
|
heap
|
page read and write
|
||
|
1D2B8F2F000
|
heap
|
page read and write
|
||
|
1D2B6B97000
|
heap
|
page read and write
|
||
|
1E974A14000
|
heap
|
page read and write
|
||
|
CD9C97D000
|
stack
|
page read and write
|
||
|
1D2B8ED4000
|
heap
|
page read and write
|
||
|
1D2B5905000
|
heap
|
page read and write
|
||
|
1D2B8E91000
|
heap
|
page read and write
|
||
|
1D2BB17C000
|
heap
|
page read and write
|
||
|
1D2BB0D0000
|
heap
|
page read and write
|
||
|
80A78E000
|
stack
|
page read and write
|
||
|
1D2B8E52000
|
heap
|
page read and write
|
||
|
67370FF000
|
stack
|
page read and write
|
||
|
253F6480000
|
heap
|
page read and write
|
||
|
5B0000
|
unkown
|
page readonly
|
||
|
CA43DFE000
|
stack
|
page read and write
|
||
|
1D2BB145000
|
heap
|
page read and write
|
||
|
80AA7D000
|
stack
|
page read and write
|
||
|
1D2BB123000
|
heap
|
page read and write
|
||
|
1D2BB145000
|
heap
|
page read and write
|
||
|
13B1CC00000
|
heap
|
page read and write
|
||
|
253F64A0000
|
heap
|
page read and write
|
||
|
2653BE33000
|
heap
|
page read and write
|
||
|
1D2B58E0000
|
heap
|
page read and write
|
||
|
1D2B8F29000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
67372FD000
|
stack
|
page read and write
|
||
|
1D2BB5E0000
|
heap
|
page read and write
|
||
|
2653B8A0000
|
heap
|
page read and write
|
||
|
1F81DF85000
|
heap
|
page read and write
|
||
|
1D2B8F10000
|
heap
|
page read and write
|
||
|
1D2BB176000
|
heap
|
page read and write
|
||
|
1D2B8E66000
|
heap
|
page read and write
|
||
|
197E47E000
|
stack
|
page read and write
|
||
|
1D2B6BB2000
|
heap
|
page read and write
|
||
|
2653B73B000
|
heap
|
page read and write
|
||
|
5B4000
|
unkown
|
page readonly
|
||
|
1D2B6BA7000
|
heap
|
page read and write
|
||
|
1D2BB0D7000
|
heap
|
page read and write
|
||
|
A15811C000
|
stack
|
page read and write
|
||
|
1D2B8F1C000
|
heap
|
page read and write
|
||
|
1D2BB104000
|
heap
|
page read and write
|
||
|
1D2B5904000
|
heap
|
page read and write
|
||
|
B9F1CFE000
|
stack
|
page read and write
|
||
|
1F81DEE0000
|
heap
|
page read and write
|
||
|
1D2B8E8D000
|
heap
|
page read and write
|
||
|
1D2B6B84000
|
heap
|
page read and write
|
||
|
1D2B57F0000
|
heap
|
page read and write
|
||
|
1D2B5AC0000
|
heap
|
page read and write
|
||
|
CA43CFE000
|
stack
|
page read and write
|
||
|
1D2B8E91000
|
heap
|
page read and write
|
||
|
253F6660000
|
heap
|
page read and write
|
||
|
1D2BB0D3000
|
heap
|
page read and write
|
||
|
1D2B8EBC000
|
heap
|
page read and write
|
||
|
1D2B58B7000
|
heap
|
page read and write
|
||
|
2653B6C0000
|
heap
|
page read and write
|
||
|
80AD7E000
|
stack
|
page read and write
|
||
|
32623FD000
|
stack
|
page read and write
|
||
|
1D2B58A0000
|
heap
|
page read and write
|
||
|
673737E000
|
stack
|
page read and write
|
||
|
1D2B8EC4000
|
heap
|
page read and write
|
||
|
1D2B8F10000
|
heap
|
page read and write
|
||
|
189F85D0000
|
heap
|
page read and write
|
||
|
1D2B6BCC000
|
heap
|
page read and write
|
||
|
CD9CE7F000
|
stack
|
page read and write
|
||
|
1D2B8F1E000
|
heap
|
page read and write
|
||
|
1D2BB0F1000
|
heap
|
page read and write
|
||
|
CD9C8FE000
|
stack
|
page read and write
|
||
|
1D2BB0F6000
|
heap
|
page read and write
|
||
|
1D2B8E72000
|
heap
|
page read and write
|
||
|
67373FD000
|
stack
|
page read and write
|
||
|
13B1CEC0000
|
heap
|
page read and write
|
||
|
1D2B8E9C000
|
heap
|
page read and write
|
||
|
1D2B6BC6000
|
heap
|
page read and write
|
||
|
1D2B6BCD000
|
heap
|
page read and write
|
||
|
32622FD000
|
stack
|
page read and write
|
||
|
1D2BB17C000
|
heap
|
page read and write
|
||
|
13B1CFB0000
|
heap
|
page read and write
|
||
|
1D2B8E40000
|
heap
|
page read and write
|
||
|
1D2B8EC4000
|
heap
|
page read and write
|
||
|
CA437FE000
|
stack
|
page read and write
|
||
|
1D2B8F32000
|
heap
|
page read and write
|
||
|
1D2B6BD2000
|
heap
|
page read and write
|
||
|
1D2B8F28000
|
heap
|
page read and write
|
||
|
1D2BB149000
|
heap
|
page read and write
|
||
|
5ED4CFE000
|
stack
|
page read and write
|
||
|
225CDFD000
|
stack
|
page read and write
|
||
|
253F66F0000
|
heap
|
page read and write
|
||
|
1EC5A270000
|
heap
|
page read and write
|
||
|
1D2BB126000
|
heap
|
page read and write
|
||
|
1D2B8EBC000
|
heap
|
page read and write
|
||
|
1D2B6B53000
|
heap
|
page read and write
|
||
|
253F6760000
|
heap
|
page read and write
|
||
|
1D2B5927000
|
heap
|
page read and write
|
||
|
1D2B590C000
|
heap
|
page read and write
|
||
|
1EC5A2C2000
|
heap
|
page read and write
|
||
|
1D2BB149000
|
heap
|
page read and write
|
||
|
1D2BB176000
|
heap
|
page read and write
|
||
|
225CCFF000
|
stack
|
page read and write
|
||
|
CD9CB7D000
|
stack
|
page read and write
|
||
|
3DC000
|
stack
|
page read and write
|
||
|
1D2BB17C000
|
heap
|
page read and write
|
||
|
1D2B6BD2000
|
heap
|
page read and write
|
||
|
1D2B6BBF000
|
heap
|
page read and write
|
||
|
1D2B8E95000
|
heap
|
page read and write
|
||
|
1D2B5928000
|
heap
|
page read and write
|
||
|
1D2B6BA6000
|
heap
|
page read and write
|
||
|
5ED4AFD000
|
stack
|
page read and write
|
||
|
1D2B6BB5000
|
heap
|
page read and write
|
||
|
1F81DC10000
|
heap
|
page read and write
|
||
|
CD9CA7C000
|
stack
|
page read and write
|
||
|
1D2BB14F000
|
heap
|
page read and write
|
||
|
1D2B8EDA000
|
heap
|
page read and write
|
||
|
1D2BB12B000
|
heap
|
page read and write
|
||
|
1D2B8E62000
|
heap
|
page read and write
|
||
|
1D2BB0F3000
|
heap
|
page read and write
|
||
|
1D2B6BAA000
|
heap
|
page read and write
|
||
|
1D2B58D0000
|
heap
|
page read and write
|
||
|
1D2BB128000
|
heap
|
page read and write
|
||
|
1D2BB109000
|
heap
|
page read and write
|
||
|
1D2BB0E4000
|
heap
|
page read and write
|
||
|
1D2B8F1E000
|
heap
|
page read and write
|
||
|
1D2B5918000
|
heap
|
page read and write
|
||
|
B9F1BFF000
|
stack
|
page read and write
|
||
|
1D2B591C000
|
heap
|
page read and write
|
||
|
673707E000
|
stack
|
page read and write
|
||
|
CA43B7E000
|
unkown
|
page readonly
|
||
|
5ED4BFC000
|
stack
|
page read and write
|
||
|
1D2B583B000
|
heap
|
page read and write
|
||
|
5BA000
|
unkown
|
page readonly
|
||
|
CD9CBFB000
|
stack
|
page read and write
|
||
|
1D2B6BB6000
|
heap
|
page read and write
|
||
|
1D2B5ACD000
|
heap
|
page read and write
|
||
|
1D2B8E47000
|
heap
|
page read and write
|
||
|
673727C000
|
stack
|
page read and write
|
||
|
1D2BB149000
|
heap
|
page read and write
|
||
|
1D2B6BB5000
|
heap
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
1D2B8F3A000
|
heap
|
page read and write
|
||
|
1D2BB158000
|
heap
|
page read and write
|
||
|
1D2B8F10000
|
heap
|
page read and write
|
||
|
1D2B8F10000
|
heap
|
page read and write
|
||
|
1EC5A1C0000
|
heap
|
page read and write
|
||
|
1D2B58D5000
|
heap
|
page read and write
|
||
|
1EC5A2DC000
|
heap
|
page read and write
|
||
|
1D2BB14C000
|
heap
|
page read and write
|
||
|
1D2B6B9E000
|
heap
|
page read and write
|
||
|
1D2B8E90000
|
heap
|
page read and write
|
||
|
1D2BB0B0000
|
heap
|
page read and write
|
||
|
1D2B8E98000
|
heap
|
page read and write
|
||
|
1D2B591C000
|
heap
|
page read and write
|
||
|
225C8BB000
|
stack
|
page read and write
|
||
|
80ABFC000
|
stack
|
page read and write
|
||
|
1D2B5914000
|
heap
|
page read and write
|
||
|
1D2B8E4C000
|
heap
|
page read and write
|
||
|
1D2B6BCC000
|
heap
|
page read and write
|
||
|
13B1CDF0000
|
heap
|
page read and write
|
||
|
1D2B6BD2000
|
heap
|
page read and write
|
||
|
1D2B5ACE000
|
heap
|
page read and write
|
||
|
5ED47FF000
|
stack
|
page read and write
|
||
|
1F81DBE0000
|
heap
|
page read and write
|
||
|
1D2BB070000
|
trusted library allocation
|
page read and write
|
||
|
1F440401000
|
heap
|
page read and write
|
||
|
1D2B6BC9000
|
heap
|
page read and write
|
||
|
CA43C7E000
|
unkown
|
page readonly
|
||
|
673717D000
|
stack
|
page read and write
|
||
|
1D2B58E0000
|
heap
|
page read and write
|
||
|
225CC7D000
|
stack
|
page read and write
|
||
|
CA43EFE000
|
stack
|
page read and write
|
||
|
1F81DC1B000
|
heap
|
page read and write
|
||
|
197DE7D000
|
stack
|
page read and write
|
||
|
1D2B8E66000
|
heap
|
page read and write
|
||
|
1D2BB145000
|
heap
|
page read and write
|
||
|
1D2B8F24000
|
heap
|
page read and write
|
||
|
1D2B6BB4000
|
heap
|
page read and write
|
||
|
1D2B6B97000
|
heap
|
page read and write
|
||
|
1D2B8F1E000
|
heap
|
page read and write
|
||
|
1D2BB157000
|
heap
|
page read and write
|
||
|
5ED4A7F000
|
stack
|
page read and write
|
||
|
1D2B6BB3000
|
heap
|
page read and write
|
||
|
1D2BB135000
|
heap
|
page read and write
|
||
|
1D2B6BB0000
|
heap
|
page read and write
|
||
|
A15877E000
|
stack
|
page read and write
|
||
|
1D2B5A80000
|
heap
|
page read and write
|
||
|
1D2BB113000
|
heap
|
page read and write
|
||
|
1D2BB126000
|
heap
|
page read and write
|
||
|
1D2B8F13000
|
heap
|
page read and write
|
||
|
1D2BB132000
|
heap
|
page read and write
|
||
|
1D2BB17C000
|
heap
|
page read and write
|
||
|
5B1000
|
unkown
|
page execute read
|
||
|
BDF000
|
stack
|
page read and write
|
||
|
1D2B8E95000
|
heap
|
page read and write
|
||
|
1D2BB15D000
|
heap
|
page read and write
|
||
|
1D2B6BAF000
|
heap
|
page read and write
|
||
|
1D2B8ED4000
|
heap
|
page read and write
|
||
|
1D2BB5D0000
|
trusted library allocation
|
page read and write
|
||
|
1D2BB0DC000
|
heap
|
page read and write
|
||
|
6736DCE000
|
stack
|
page read and write
|
||
|
1D2B6B64000
|
heap
|
page read and write
|
||
|
1D2B8F10000
|
heap
|
page read and write
|
||
|
1D2B6BAD000
|
heap
|
page read and write
|
||
|
189F836E000
|
heap
|
page read and write
|
||
|
B9F1AFF000
|
stack
|
page read and write
|
||
|
1D2B8E4B000
|
heap
|
page read and write
|
||
|
1D2B6B9F000
|
heap
|
page read and write
|
||
|
1D2B8E72000
|
heap
|
page read and write
|
||
|
1D2B592E000
|
heap
|
page read and write
|
||
|
1D2B8EAE000
|
heap
|
page read and write
|
||
|
1D2BB126000
|
heap
|
page read and write
|
||
|
197E37E000
|
stack
|
page read and write
|
||
|
1D2B6BA2000
|
heap
|
page read and write
|
||
|
80AAFF000
|
stack
|
page read and write
|
||
|
1D2B6BAC000
|
heap
|
page read and write
|
||
|
1D2B5904000
|
heap
|
page read and write
|
||
|
1D2B58A5000
|
heap
|
page read and write
|
||
|
197E1FE000
|
unkown
|
page readonly
|
||
|
1D2B8E53000
|
heap
|
page read and write
|
||
|
1D2BB0F4000
|
heap
|
page read and write
|
||
|
1D2B8E45000
|
heap
|
page read and write
|
||
|
1E9749DB000
|
heap
|
page read and write
|
||
|
7DF44DA21000
|
trusted library allocation
|
page execute read
|
||
|
1D2B58B7000
|
heap
|
page read and write
|
||
|
1D2B6B9C000
|
heap
|
page read and write
|
||
|
1D2B592E000
|
heap
|
page read and write
|
||
|
1D2B58E0000
|
heap
|
page read and write
|
||
|
1D2B8F10000
|
heap
|
page read and write
|
||
|
A15867E000
|
stack
|
page read and write
|
||
|
2DC000
|
stack
|
page read and write
|
||
|
A15897F000
|
stack
|
page read and write
|
||
|
1D2BB128000
|
heap
|
page read and write
|
||
|
1F440379000
|
heap
|
page read and write
|
||
|
2560000
|
heap
|
page read and write
|
||
|
1D2B8F30000
|
heap
|
page read and write
|
||
|
1D2B8E85000
|
heap
|
page read and write
|
||
|
1D2BB14D000
|
heap
|
page read and write
|
||
|
CD9C58C000
|
stack
|
page read and write
|
||
|
1D2B6BB4000
|
heap
|
page read and write
|
||
|
1D2B8EB2000
|
heap
|
page read and write
|
||
|
80A68C000
|
stack
|
page read and write
|
||
|
1D2B6BA5000
|
heap
|
page read and write
|
||
|
1D2BB15B000
|
heap
|
page read and write
|
||
|
197E2FE000
|
unkown
|
page readonly
|
||
|
1D2BB10C000
|
heap
|
page read and write
|
||
|
1D2B8EB2000
|
heap
|
page read and write
|
||
|
1D2BB127000
|
heap
|
page read and write
|
||
|
1D2BB126000
|
heap
|
page read and write
|
||
|
1D2B591E000
|
heap
|
page read and write
|
||
|
1D2B8F15000
|
heap
|
page read and write
|
||
|
1D2B6BCC000
|
heap
|
page read and write
|
||
|
13B1CEC3000
|
heap
|
page read and write
|
||
|
253F6765000
|
heap
|
page read and write
|
||
|
1D2B8EDA000
|
heap
|
page read and write
|
||
|
1F81DF80000
|
heap
|
page read and write
|
||
|
A15847E000
|
stack
|
page read and write
|
||
|
80A70E000
|
stack
|
page read and write
|
||
|
1EC5A317000
|
heap
|
page read and write
|
||
|
1D2BB0CA000
|
heap
|
page read and write
|
||
|
1F4403B4000
|
heap
|
page read and write
|
||
|
13B1CC0A000
|
heap
|
page read and write
|
||
|
1D2B8EDA000
|
heap
|
page read and write
|
||
|
1D2B8EA3000
|
heap
|
page read and write
|
||
|
1D2B8EA7000
|
heap
|
page read and write
|
||
|
1D2B6BB0000
|
heap
|
page read and write
|
||
|
CD9C9FF000
|
stack
|
page read and write
|
||
|
1D2B8F29000
|
heap
|
page read and write
|
||
|
1D2B8E72000
|
heap
|
page read and write
|
||
|
1D2B8F21000
|
heap
|
page read and write
|
||
|
326257C000
|
stack
|
page read and write
|
||
|
1D2B6BCE000
|
heap
|
page read and write
|
||
|
CA436FC000
|
stack
|
page read and write
|
||
|
1D2B8E66000
|
heap
|
page read and write
|
||
|
1D2B592E000
|
heap
|
page read and write
|
||
|
1D2B58D5000
|
heap
|
page read and write
|
||
|
CDF000
|
stack
|
page read and write
|
||
|
189F85D5000
|
heap
|
page read and write
|
||
|
1D2BB10C000
|
heap
|
page read and write
|
||
|
1D2BB0F0000
|
heap
|
page read and write
|
||
|
2653BE30000
|
heap
|
page read and write
|
||
|
3261F9E000
|
stack
|
page read and write
|
||
|
1D2B5914000
|
heap
|
page read and write
|
||
|
1F4403C2000
|
heap
|
page read and write
|
||
|
1D2BB12D000
|
heap
|
page read and write
|
||
|
80AC7E000
|
stack
|
page read and write
|
||
|
1D2B6290000
|
heap
|
page read and write
|
||
|
253F66F3000
|
heap
|
page read and write
|
||
|
13B1CE10000
|
heap
|
page read and write
|
||
|
1D2B8EA2000
|
heap
|
page read and write
|
||
|
2653B730000
|
heap
|
page read and write
|
||
|
1D2B6BC3000
|
heap
|
page read and write
|
||
|
1D2BB0E3000
|
heap
|
page read and write
|
||
|
1D2B5920000
|
heap
|
page read and write
|
||
|
1D2B8F1F000
|
heap
|
page read and write
|
||
|
1D2B8E72000
|
heap
|
page read and write
|
||
|
1D2B6B52000
|
heap
|
page read and write
|
||
|
1D2B5929000
|
heap
|
page read and write
|
||
|
1D2B8E91000
|
heap
|
page read and write
|
||
|
197E0FE000
|
unkown
|
page readonly
|
||
|
1D2B6B9C000
|
heap
|
page read and write
|
There are 569 hidden memdumps, click here to show them.