Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
J7XIGd3DCJ.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Recovery\BfsBBmsxHEOpauZphVFNsX.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\RCX4657.tmp
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\RCX4C45.tmp
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\Registry.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Libraries\BfsBBmsxHEOpauZphVFNsX.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Libraries\RCX4956.tmp
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\xx1rvPQXwC.bat
|
DOS batch file, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\Desktop\J7XIGd3DCJ.exe (copy)
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\RCX43F5.tmp
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\8e96dd8ad599f1
|
ASCII text, with very long lines (316), with no line terminators
|
dropped
|
||
|
C:\Recovery\BfsBBmsxHEOpauZphVFNsX.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Recovery\Registry.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Recovery\ee2ad38f3d4382
|
ASCII text, with very long lines (882), with no line terminators
|
dropped
|
||
|
C:\Users\Public\Libraries\8e96dd8ad599f1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\Public\Libraries\BfsBBmsxHEOpauZphVFNsX.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\BfsBBmsxHEOpauZphVFNsX.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\J7XIGd3DCJ.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\Registry.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\LBD9ZEOrYT
|
ASCII text, with no line terminators
|
dropped
|
||
|
\Device\Null
|
ASCII text
|
dropped
|
There are 11 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\J7XIGd3DCJ.exe
|
"C:\Users\user\Desktop\J7XIGd3DCJ.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "RegistryR" /sc MINUTE /mo 7 /tr "'C:\Recovery\Registry.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "Registry" /sc ONLOGON /tr "'C:\Recovery\Registry.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "RegistryR" /sc MINUTE /mo 11 /tr "'C:\Recovery\Registry.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "BfsBBmsxHEOpauZphVFNsXB" /sc MINUTE /mo 6 /tr "'C:\Users\Public\Libraries\BfsBBmsxHEOpauZphVFNsX.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "BfsBBmsxHEOpauZphVFNsX" /sc ONLOGON /tr "'C:\Users\Public\Libraries\BfsBBmsxHEOpauZphVFNsX.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "BfsBBmsxHEOpauZphVFNsXB" /sc MINUTE /mo 10 /tr "'C:\Users\Public\Libraries\BfsBBmsxHEOpauZphVFNsX.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "BfsBBmsxHEOpauZphVFNsXB" /sc MINUTE /mo 13 /tr "'C:\Recovery\BfsBBmsxHEOpauZphVFNsX.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "BfsBBmsxHEOpauZphVFNsX" /sc ONLOGON /tr "'C:\Recovery\BfsBBmsxHEOpauZphVFNsX.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "BfsBBmsxHEOpauZphVFNsXB" /sc MINUTE /mo 6 /tr "'C:\Recovery\BfsBBmsxHEOpauZphVFNsX.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Recovery\BfsBBmsxHEOpauZphVFNsX.exe
|
C:\Recovery\BfsBBmsxHEOpauZphVFNsX.exe
|
|
|
|
C:\Recovery\BfsBBmsxHEOpauZphVFNsX.exe
|
C:\Recovery\BfsBBmsxHEOpauZphVFNsX.exe
|
|
|
|
C:\Recovery\Registry.exe
|
C:\Recovery\Registry.exe
|
|
|
|
C:\Recovery\Registry.exe
|
C:\Recovery\Registry.exe
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /C "C:\Users\user\AppData\Local\Temp\xx1rvPQXwC.bat"
|
|
|
|
C:\Users\Public\Libraries\BfsBBmsxHEOpauZphVFNsX.exe
|
"C:\Users\Public\Libraries\BfsBBmsxHEOpauZphVFNsX.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\w32tm.exe
|
w32tm /stripchart /computer:localhost /period:5 /dataonly /samples:2
|
There are 8 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://cz24519.tw1.ru/@zd3bk5Wa3RHb1FmZlR0X
|
|||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
|
EnableLUA
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
|
PromptOnSecureDesktop
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Action Center\Checks\{C8E6F269-B90A-4053-A3BE-499AFCEC98C4}.check.0
|
CheckSetting
|
||
|
HKEY_CURRENT_USER\SOFTWARE\e52c755239e45889c208b614e24ca7fa8047701e
|
a19b29fb9569855d9aa322a2c03d07f6e9198362
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\cmd.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\cmd.exe.ApplicationCompany
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2BC1000
|
trusted library allocation
|
page read and write
|
|
|
|
2EE1000
|
trusted library allocation
|
page read and write
|
|
|
|
2EB1000
|
trusted library allocation
|
page read and write
|
|
|
|
2E81000
|
trusted library allocation
|
page read and write
|
|
|
|
12BCD000
|
trusted library allocation
|
page read and write
|
|
|
|
2F1F000
|
trusted library allocation
|
page read and write
|
|
|
|
27B1000
|
trusted library allocation
|
page read and write
|
|
|
|
2901000
|
trusted library allocation
|
page read and write
|
|
|
|
2CC1000
|
trusted library allocation
|
page read and write
|
|
|
|
CAF000
|
heap
|
page read and write
|
||
|
B8E000
|
heap
|
page read and write
|
||
|
CCB000
|
heap
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B93A000
|
trusted library allocation
|
page read and write
|
||
|
10C4000
|
heap
|
page read and write
|
||
|
13C5000
|
heap
|
page read and write
|
||
|
2F6A000
|
trusted library allocation
|
page read and write
|
||
|
1BE0A000
|
heap
|
page read and write
|
||
|
9E6000
|
stack
|
page read and write
|
||
|
29C1000
|
trusted library allocation
|
page read and write
|
||
|
150E000
|
stack
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F9C000
|
trusted library allocation
|
page read and write
|
||
|
29C4000
|
trusted library allocation
|
page read and write
|
||
|
12CC8000
|
trusted library allocation
|
page read and write
|
||
|
1BB62000
|
heap
|
page read and write
|
||
|
CEA000
|
heap
|
page read and write
|
||
|
D03000
|
heap
|
page read and write
|
||
|
B8C000
|
heap
|
page read and write
|
||
|
1BDF0000
|
heap
|
page read and write
|
||
|
13612000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
12EE1000
|
trusted library allocation
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1048000
|
heap
|
page read and write
|
||
|
1BBC0000
|
trusted library section
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
27A0000
|
heap
|
page read and write
|
||
|
1A930000
|
trusted library allocation
|
page read and write
|
||
|
1B69E000
|
stack
|
page read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
1B993000
|
stack
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
9E6000
|
stack
|
page read and write
|
||
|
1AE8E000
|
stack
|
page read and write
|
||
|
1BC10000
|
heap
|
page read and write
|
||
|
AF0000
|
unkown
|
page readonly
|
||
|
1B68E000
|
stack
|
page read and write
|
||
|
1B47F000
|
stack
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
12CD1000
|
trusted library allocation
|
page read and write
|
||
|
28AE000
|
stack
|
page read and write
|
||
|
2CBE000
|
stack
|
page read and write
|
||
|
2D41000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1300000
|
heap
|
page execute and read and write
|
||
|
1161000
|
heap
|
page read and write
|
||
|
2D65000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7AC000
|
trusted library allocation
|
page read and write
|
||
|
1B67E000
|
stack
|
page read and write
|
||
|
1BB6C000
|
heap
|
page read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
7FFD9B953000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
7FFD9B782000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
trusted library section
|
page read and write
|
||
|
7FFD9B923000
|
trusted library allocation
|
page read and write
|
||
|
276E000
|
stack
|
page read and write
|
||
|
2D27000
|
trusted library allocation
|
page read and write
|
||
|
1BDF7000
|
heap
|
page read and write
|
||
|
100D000
|
heap
|
page read and write
|
||
|
FE1000
|
heap
|
page read and write
|
||
|
7FFD9B8B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B9E4000
|
trusted library allocation
|
page read and write
|
||
|
1B58E000
|
stack
|
page read and write
|
||
|
1B80E000
|
stack
|
page read and write
|
||
|
135F000
|
stack
|
page read and write
|
||
|
10BE000
|
heap
|
page read and write
|
||
|
2F5E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B794000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
127B1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B806000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B92A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B946000
|
trusted library allocation
|
page read and write
|
||
|
12878000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B77C000
|
trusted library allocation
|
page read and write
|
||
|
21524FA9000
|
heap
|
page read and write
|
||
|
B15000
|
heap
|
page read and write
|
||
|
12EF1000
|
trusted library allocation
|
page read and write
|
||
|
B00000
|
unkown
|
page readonly
|
||
|
7FFD9B84C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1ACF0000
|
trusted library allocation
|
page read and write
|
||
|
1B2EE000
|
stack
|
page read and write
|
||
|
12F78000
|
trusted library allocation
|
page read and write
|
||
|
1BC3A000
|
stack
|
page read and write
|
||
|
1AEE0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B773000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B931000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B750000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
12D0000
|
trusted library allocation
|
page read and write
|
||
|
1116000
|
heap
|
page read and write
|
||
|
EF0000
|
heap
|
page execute and read and write
|
||
|
1098000
|
heap
|
page read and write
|
||
|
1B46D000
|
stack
|
page read and write
|
||
|
21524EA0000
|
heap
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
7FFD9B793000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
1BE57000
|
heap
|
page read and write
|
||
|
7FFD9B95B000
|
trusted library allocation
|
page read and write
|
||
|
215250B0000
|
heap
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
7FFD9B80C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B797000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
CBB000
|
heap
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
1BB3F000
|
stack
|
page read and write
|
||
|
1B700000
|
heap
|
page execute and read and write
|
||
|
1BE10000
|
heap
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
2F64000
|
trusted library allocation
|
page read and write
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
1B590000
|
heap
|
page read and write
|
||
|
1BB52000
|
heap
|
page read and write
|
||
|
2862000
|
trusted library allocation
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
7FFD9B913000
|
trusted library allocation
|
page read and write
|
||
|
DA5000
|
heap
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
12901000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B774000
|
trusted library allocation
|
page read and write
|
||
|
1BB3C000
|
heap
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
21524FA0000
|
heap
|
page read and write
|
||
|
12EBD000
|
trusted library allocation
|
page read and write
|
||
|
1BBA0000
|
trusted library section
|
page read and write
|
||
|
7FFD9B866000
|
trusted library allocation
|
page execute and read and write
|
||
|
BFD000
|
heap
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
12CCD000
|
trusted library allocation
|
page read and write
|
||
|
ED0000
|
heap
|
page execute and read and write
|
||
|
1B18E000
|
stack
|
page read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page execute and read and write
|
||
|
112E000
|
stack
|
page read and write
|
||
|
12EB3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B81C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B943000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B961000
|
trusted library allocation
|
page read and write
|
||
|
28F0000
|
heap
|
page read and write
|
||
|
1AD3D000
|
stack
|
page read and write
|
||
|
7FFD9B7B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8B2000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B90000
|
heap
|
page read and write
|
||
|
7FFD9B763000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CC0000
|
heap
|
page read and write
|
||
|
720000
|
unkown
|
page readonly
|
||
|
1BB0F000
|
heap
|
page read and write
|
||
|
7FFD9B850000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B83C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
12FA8000
|
trusted library allocation
|
page read and write
|
||
|
2D76000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B794000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
2E50000
|
trusted library allocation
|
page read and write
|
||
|
106C000
|
heap
|
page read and write
|
||
|
7FFD9B7B4000
|
trusted library allocation
|
page read and write
|
||
|
1B90E000
|
stack
|
page read and write
|
||
|
1BA04000
|
stack
|
page read and write
|
||
|
AF0000
|
unkown
|
page readonly
|
||
|
108E000
|
heap
|
page read and write
|
||
|
1BB22000
|
heap
|
page read and write
|
||
|
2D56000
|
trusted library allocation
|
page read and write
|
||
|
B58000
|
heap
|
page read and write
|
||
|
7FFD9B76C000
|
trusted library allocation
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
1B59F000
|
stack
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
2EC0000
|
trusted library allocation
|
page read and write
|
||
|
12EB8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B762000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B75D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B933000
|
trusted library allocation
|
page read and write
|
||
|
12CC3000
|
trusted library allocation
|
page read and write
|
||
|
16A0000
|
heap
|
page read and write
|
||
|
1BE08000
|
heap
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA22000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
10A4000
|
heap
|
page read and write
|
||
|
12A0000
|
trusted library allocation
|
page read and write
|
||
|
1BB1C000
|
heap
|
page read and write
|
||
|
1085000
|
heap
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B93E000
|
trusted library allocation
|
page read and write
|
||
|
1BB7A000
|
heap
|
page read and write
|
||
|
1B573000
|
stack
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
127C1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
2BB0000
|
heap
|
page read and write
|
||
|
2CE6000
|
trusted library allocation
|
page read and write
|
||
|
1BD33000
|
stack
|
page read and write
|
||
|
D35000
|
heap
|
page read and write
|
||
|
B75000
|
heap
|
page read and write
|
||
|
12911000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B39E000
|
stack
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
1BAF7000
|
heap
|
page read and write
|
||
|
7FFD9B953000
|
trusted library allocation
|
page read and write
|
||
|
10FF000
|
heap
|
page read and write
|
||
|
7FFD9B9F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
16A5000
|
heap
|
page read and write
|
||
|
7FFD9B7A7000
|
trusted library allocation
|
page read and write
|
||
|
1BAE8000
|
heap
|
page read and write
|
||
|
FAC000
|
heap
|
page read and write
|
||
|
100B000
|
heap
|
page read and write
|
||
|
2F70000
|
trusted library allocation
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
||
|
1370000
|
trusted library allocation
|
page read and write
|
||
|
1BC0E000
|
stack
|
page read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
C50000
|
heap
|
page read and write
|
||
|
1BB5A000
|
heap
|
page read and write
|
||
|
7FFD9B79C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B850000
|
trusted library allocation
|
page execute and read and write
|
||
|
CCC000
|
heap
|
page read and write
|
||
|
CB5000
|
heap
|
page read and write
|
||
|
7FFD9B79C000
|
trusted library allocation
|
page read and write
|
||
|
1BC00000
|
trusted library section
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
7FFD9B92C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B90B000
|
trusted library allocation
|
page read and write
|
||
|
119F000
|
stack
|
page read and write
|
||
|
2D73000
|
trusted library allocation
|
page read and write
|
||
|
2D17000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B760000
|
trusted library allocation
|
page read and write
|
||
|
100F000
|
stack
|
page read and write
|
||
|
7FFD9B754000
|
trusted library allocation
|
page read and write
|
||
|
10CF000
|
heap
|
page read and write
|
||
|
CCD000
|
heap
|
page read and write
|
||
|
10BA000
|
heap
|
page read and write
|
||
|
1BD4B000
|
stack
|
page read and write
|
||
|
2EA0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B752000
|
trusted library allocation
|
page read and write
|
||
|
1B8AE000
|
stack
|
page read and write
|
||
|
10FC000
|
heap
|
page read and write
|
||
|
215250C0000
|
heap
|
page read and write
|
||
|
7FFD9B93B000
|
trusted library allocation
|
page read and write
|
||
|
12BC8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9B7000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B793000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B84C000
|
trusted library allocation
|
page execute and read and write
|
||
|
722000
|
unkown
|
page readonly
|
||
|
7FFD9B90C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
114D000
|
heap
|
page read and write
|
||
|
C55000
|
heap
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
2E1D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B800000
|
trusted library allocation
|
page read and write
|
||
|
12903000
|
trusted library allocation
|
page read and write
|
||
|
12F24000
|
trusted library allocation
|
page read and write
|
||
|
12EE8000
|
trusted library allocation
|
page read and write
|
||
|
1B370000
|
heap
|
page execute and read and write
|
||
|
1A7E0000
|
trusted library allocation
|
page read and write
|
||
|
1BE4E000
|
stack
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page execute and read and write
|
||
|
1143000
|
heap
|
page read and write
|
||
|
7FFD9B91B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B866000
|
trusted library allocation
|
page execute and read and write
|
||
|
102E000
|
stack
|
page read and write
|
||
|
1BC60000
|
trusted library section
|
page read and write
|
||
|
EA0000
|
trusted library allocation
|
page read and write
|
||
|
29B8000
|
trusted library allocation
|
page read and write
|
||
|
B7B000
|
heap
|
page read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page read and write
|
||
|
1B43D000
|
stack
|
page read and write
|
||
|
F80000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
B6B000
|
heap
|
page read and write
|
||
|
12EED000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B78B000
|
trusted library allocation
|
page execute and read and write
|
||
|
C98000
|
heap
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page execute and read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
7FFD9B796000
|
trusted library allocation
|
page read and write
|
||
|
10D4000
|
heap
|
page read and write
|
||
|
7FFD9B964000
|
trusted library allocation
|
page read and write
|
||
|
1B930000
|
heap
|
page read and write
|
||
|
1405000
|
heap
|
page read and write
|
||
|
2CC0000
|
trusted library allocation
|
page read and write
|
||
|
1056000
|
heap
|
page read and write
|
||
|
2B40000
|
trusted library section
|
page read and write
|
||
|
EC0000
|
trusted library allocation
|
page read and write
|
||
|
D4F000
|
stack
|
page read and write
|
||
|
2C42000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B767000
|
trusted library allocation
|
page read and write
|
||
|
14CF000
|
stack
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
D77000
|
heap
|
page read and write
|
||
|
127BD000
|
trusted library allocation
|
page read and write
|
||
|
1C0EE000
|
stack
|
page read and write
|
||
|
129C8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
1B1E0000
|
heap
|
page read and write
|
||
|
1BA9E000
|
stack
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
1B290000
|
heap
|
page read and write
|
||
|
7FFD9B8C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
29B2000
|
trusted library allocation
|
page read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
7FFD9B876000
|
trusted library allocation
|
page execute and read and write
|
||
|
1390000
|
trusted library allocation
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
1390000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B080000
|
trusted library allocation
|
page read and write
|
||
|
13C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B93C000
|
trusted library allocation
|
page read and write
|
||
|
BBB000
|
heap
|
page read and write
|
||
|
2EDF000
|
stack
|
page read and write
|
||
|
7FFD9B92E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B87E000
|
stack
|
page read and write
|
||
|
7FFD9BA10000
|
trusted library allocation
|
page read and write
|
||
|
DE07D7F000
|
stack
|
page read and write
|
||
|
127B8000
|
trusted library allocation
|
page read and write
|
||
|
1BAA0000
|
heap
|
page read and write
|
||
|
B00000
|
unkown
|
page readonly
|
||
|
F75000
|
heap
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
1096000
|
heap
|
page read and write
|
||
|
CFB000
|
heap
|
page read and write
|
||
|
7FFD9B8B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page execute and read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
D2E000
|
heap
|
page read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
2EBD000
|
trusted library allocation
|
page read and write
|
||
|
EE5000
|
heap
|
page read and write
|
||
|
1C76E000
|
stack
|
page read and write
|
||
|
1B89A000
|
stack
|
page read and write
|
||
|
10A2000
|
heap
|
page read and write
|
||
|
DB6000
|
stack
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A3000
|
trusted library allocation
|
page read and write
|
||
|
1BA93000
|
stack
|
page read and write
|
||
|
1BA4E000
|
stack
|
page read and write
|
||
|
12D88000
|
trusted library allocation
|
page read and write
|
||
|
104C000
|
heap
|
page read and write
|
||
|
1BB4E000
|
stack
|
page read and write
|
||
|
7FFD9B923000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
1BA3F000
|
stack
|
page read and write
|
||
|
1BC43000
|
stack
|
page read and write
|
||
|
7FFD9B9D2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7AC000
|
trusted library allocation
|
page read and write
|
||
|
10CF000
|
heap
|
page read and write
|
||
|
1B49F000
|
stack
|
page read and write
|
||
|
7FFD9B8BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
10FA000
|
heap
|
page read and write
|
||
|
12EE3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A4000
|
trusted library allocation
|
page read and write
|
||
|
DC6000
|
stack
|
page read and write
|
||
|
D2C000
|
heap
|
page read and write
|
||
|
7FFD9B92C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C86B000
|
stack
|
page read and write
|
||
|
7FFD9B7B4000
|
trusted library allocation
|
page read and write
|
||
|
CC6000
|
heap
|
page read and write
|
||
|
7FFD9B876000
|
trusted library allocation
|
page execute and read and write
|
||
|
89E000
|
unkown
|
page readonly
|
||
|
2C70000
|
trusted library allocation
|
page read and write
|
||
|
FDF000
|
heap
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
2CB6000
|
trusted library allocation
|
page read and write
|
||
|
1B24D000
|
stack
|
page read and write
|
||
|
BB7000
|
heap
|
page read and write
|
||
|
21524F80000
|
heap
|
page read and write
|
||
|
132E000
|
stack
|
page read and write
|
||
|
1AF10000
|
trusted library allocation
|
page read and write
|
||
|
1BE01000
|
heap
|
page read and write
|
||
|
2BB0000
|
heap
|
page read and write
|
||
|
1B69F000
|
stack
|
page read and write
|
||
|
7FFD9B816000
|
trusted library allocation
|
page read and write
|
||
|
1B940000
|
heap
|
page read and write
|
||
|
1BE45000
|
heap
|
page read and write
|
||
|
2CDD000
|
trusted library allocation
|
page read and write
|
||
|
CAB000
|
heap
|
page read and write
|
||
|
1B270000
|
heap
|
page execute and read and write
|
||
|
7FFD9B7BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BC70000
|
trusted library section
|
page read and write
|
||
|
7FFD9B7BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
FD4000
|
heap
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B793000
|
trusted library allocation
|
page execute and read and write
|
||
|
113A000
|
heap
|
page read and write
|
||
|
28B0000
|
trusted library allocation
|
page read and write
|
||
|
29BD000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B792000
|
trusted library allocation
|
page read and write
|
||
|
2660000
|
trusted library allocation
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
12EC1000
|
trusted library allocation
|
page read and write
|
||
|
2DD7000
|
trusted library allocation
|
page read and write
|
||
|
D32000
|
heap
|
page read and write
|
||
|
1BBF0000
|
trusted library section
|
page read and write
|
||
|
EB0000
|
trusted library allocation
|
page read and write
|
||
|
10D1000
|
heap
|
page read and write
|
||
|
7FF4838D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7A7000
|
trusted library allocation
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
7FFD9B76D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
1B14D000
|
stack
|
page read and write
|
||
|
7FFD9B7B0000
|
trusted library allocation
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
2F6C000
|
trusted library allocation
|
page read and write
|
||
|
1B910000
|
heap
|
page execute and read and write
|
||
|
C6E000
|
unkown
|
page readonly
|
||
|
7FFD9B793000
|
trusted library allocation
|
page read and write
|
||
|
EAF000
|
stack
|
page read and write
|
||
|
1B8D0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
1B77E000
|
stack
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A4000
|
trusted library allocation
|
page read and write
|
||
|
DE07C7B000
|
stack
|
page read and write
|
||
|
7FFD9B764000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8FC000
|
trusted library allocation
|
page read and write
|
||
|
1ABF0000
|
trusted library allocation
|
page read and write
|
||
|
1B87E000
|
stack
|
page read and write
|
||
|
1BB00000
|
heap
|
page read and write
|
||
|
2D90000
|
heap
|
page execute and read and write
|
||
|
7FFD9B7A3000
|
trusted library allocation
|
page read and write
|
||
|
29BA000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
2790000
|
heap
|
page execute and read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
7FFD9B753000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EBB000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
127B3000
|
trusted library allocation
|
page read and write
|
||
|
1BB87000
|
heap
|
page read and write
|
||
|
7FFD9B777000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
7FFD9B957000
|
trusted library allocation
|
page read and write
|
||
|
294D000
|
trusted library allocation
|
page read and write
|
||
|
2EC2000
|
trusted library allocation
|
page read and write
|
||
|
12EB1000
|
trusted library allocation
|
page read and write
|
||
|
2ACE000
|
stack
|
page read and write
|
||
|
2D12000
|
trusted library allocation
|
page read and write
|
||
|
2DCE000
|
stack
|
page read and write
|
||
|
7FFD9B8F0000
|
trusted library allocation
|
page read and write
|
||
|
FCE000
|
heap
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
C50000
|
heap
|
page read and write
|
||
|
7FFD9B8C2000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page read and write
|
||
|
C7E000
|
unkown
|
page readonly
|
||
|
7FFD9B93C000
|
trusted library allocation
|
page read and write
|
||
|
1B794000
|
stack
|
page read and write
|
||
|
7FFD9B7BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
12BC1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
CBF000
|
heap
|
page read and write
|
||
|
1BBE0000
|
trusted library section
|
page read and write
|
||
|
1290D000
|
trusted library allocation
|
page read and write
|
||
|
1094000
|
heap
|
page read and write
|
||
|
21524FB6000
|
heap
|
page read and write
|
||
|
DE07CFF000
|
stack
|
page read and write
|
||
|
1B99A000
|
stack
|
page read and write
|
||
|
2EC9000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B77B000
|
trusted library allocation
|
page execute and read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
1BF3E000
|
stack
|
page read and write
|
||
|
BC6000
|
stack
|
page read and write
|
||
|
2BA0000
|
trusted library section
|
page read and write
|
||
|
1B79E000
|
stack
|
page read and write
|
||
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
||
|
2B50000
|
heap
|
page execute and read and write
|
||
|
F25000
|
heap
|
page read and write
|
||
|
109C000
|
heap
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
1BB2D000
|
heap
|
page read and write
|
||
|
7FFD9B974000
|
trusted library allocation
|
page read and write
|
||
|
12908000
|
trusted library allocation
|
page read and write
|
||
|
7D6000
|
stack
|
page read and write
|
||
|
1BB03000
|
stack
|
page read and write
|
||
|
FA6000
|
heap
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
B8A000
|
heap
|
page read and write
|
||
|
7FFD9B76D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BA0E000
|
trusted library allocation
|
page read and write
|
||
|
12CC1000
|
trusted library allocation
|
page read and write
|
||
|
122E000
|
stack
|
page read and write
|
||
|
1C52E000
|
stack
|
page read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
CF8000
|
heap
|
page read and write
|
||
|
1BE41000
|
heap
|
page read and write
|
||
|
CF6000
|
heap
|
page read and write
|
||
|
1BE3E000
|
stack
|
page read and write
|
||
|
7FFD9B936000
|
trusted library allocation
|
page read and write
|
||
|
89A000
|
unkown
|
page readonly
|
||
|
7FFD9B943000
|
trusted library allocation
|
page read and write
|
||
|
720000
|
unkown
|
page readonly
|
||
|
1370000
|
trusted library allocation
|
page read and write
|
||
|
1B894000
|
stack
|
page read and write
|
||
|
2D70000
|
trusted library allocation
|
page read and write
|
||
|
FCA000
|
heap
|
page read and write
|
||
|
F05000
|
heap
|
page read and write
|
||
|
7FFD9B763000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B797000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
7FFD9B870000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BF4E000
|
stack
|
page read and write
|
||
|
129E000
|
stack
|
page read and write
|
||
|
1BDED000
|
stack
|
page read and write
|
||
|
7FFD9BA02000
|
trusted library allocation
|
page read and write
|
||
|
2B9F000
|
stack
|
page read and write
|
There are 564 hidden memdumps, click here to show them.