Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
gunzipped.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\tmp510D.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\mPvIOxEZXJsdYp.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\gunzipped.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\mPvIOxEZXJsdYp.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3p4ptyv4.tie.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_52n2fz0e.fyp.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_g0lbeger.xib.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_weyuahag.4my.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp5B1F.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\188E93\31437F.lck
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2246122658-3693405117-2476756634-1002\bc49718863ee53e026d805ec372039e9_9e146be9-c76a-4720-bcdb-53011b87bd06
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\mPvIOxEZXJsdYp.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\gunzipped.exe
|
"C:\Users\user\Desktop\gunzipped.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\mPvIOxEZXJsdYp.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\mPvIOxEZXJsdYp" /XML "C:\Users\user\AppData\Local\Temp\tmp510D.tmp"
|
|
|
|
C:\Users\user\Desktop\gunzipped.exe
|
"C:\Users\user\Desktop\gunzipped.exe"
|
|
|
|
C:\Users\user\Desktop\gunzipped.exe
|
"C:\Users\user\Desktop\gunzipped.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\mPvIOxEZXJsdYp.exe
|
C:\Users\user\AppData\Roaming\mPvIOxEZXJsdYp.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\mPvIOxEZXJsdYp" /XML "C:\Users\user\AppData\Local\Temp\tmp5B1F.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\mPvIOxEZXJsdYp.exe
|
"C:\Users\user\AppData\Roaming\mPvIOxEZXJsdYp.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\mPvIOxEZXJsdYp.exe
|
"C:\Users\user\AppData\Roaming\mPvIOxEZXJsdYp.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://kbfvzoboss.bid/alien/fre.php
|
|
||
|
http://alphastand.top/alien/fre.php
|
|
||
|
http://45.77.223.48/~blog/?ajax=a
|
45.77.223.48
|
|
|
|
http://alphastand.win/alien/fre.php
|
|
||
|
http://alphastand.trade/alien/fre.php
|
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://45.77.223.48/~blog/index.php?rest_route=/
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://www.ibsensoftware.com/
|
unknown
|
||
|
http://crt.cRa
|
unknown
|
||
|
https://api.w.org/
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
https://www.chiark.greenend.org.uk/~sgtatham/putty/0
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
There are 26 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
45.77.223.48
|
unknown
|
United States
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4A2C000
|
trusted library allocation
|
page read and write
|
|
|
|
47D9000
|
trusted library allocation
|
page read and write
|
|
|
|
3D49000
|
trusted library allocation
|
page read and write
|
|
|
|
76C0000
|
trusted library section
|
page read and write
|
|
|
|
47F3000
|
trusted library allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
4A46000
|
trusted library allocation
|
page read and write
|
|
|
|
C28000
|
heap
|
page read and write
|
|
|
|
302C000
|
trusted library allocation
|
page read and write
|
|
|
|
2DB6000
|
trusted library allocation
|
page read and write
|
|
|
|
335F000
|
stack
|
page read and write
|
||
|
2D41000
|
trusted library allocation
|
page read and write
|
||
|
2FAE000
|
unkown
|
page read and write
|
||
|
AFA000
|
stack
|
page read and write
|
||
|
771E000
|
stack
|
page read and write
|
||
|
7417000
|
trusted library allocation
|
page read and write
|
||
|
7B70000
|
heap
|
page read and write
|
||
|
55DE000
|
heap
|
page read and write
|
||
|
51F8000
|
trusted library allocation
|
page read and write
|
||
|
10CF000
|
stack
|
page read and write
|
||
|
2B46000
|
trusted library allocation
|
page read and write
|
||
|
480D000
|
trusted library allocation
|
page read and write
|
||
|
A270000
|
trusted library section
|
page read and write
|
||
|
49EB000
|
trusted library allocation
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
79C0000
|
heap
|
page read and write
|
||
|
1165000
|
heap
|
page read and write
|
||
|
5200000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B41000
|
trusted library allocation
|
page read and write
|
||
|
75AE000
|
stack
|
page read and write
|
||
|
45FE000
|
trusted library allocation
|
page read and write
|
||
|
52E5000
|
trusted library allocation
|
page read and write
|
||
|
2AF2000
|
trusted library allocation
|
page read and write
|
||
|
108D000
|
heap
|
page read and write
|
||
|
8D0000
|
unkown
|
page readonly
|
||
|
79D0000
|
heap
|
page read and write
|
||
|
52E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1158000
|
heap
|
page read and write
|
||
|
D60B000
|
stack
|
page read and write
|
||
|
79DE000
|
heap
|
page read and write
|
||
|
F52000
|
trusted library allocation
|
page read and write
|
||
|
2FCF000
|
trusted library allocation
|
page read and write
|
||
|
114D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5330000
|
trusted library allocation
|
page read and write
|
||
|
F46000
|
trusted library allocation
|
page execute and read and write
|
||
|
58D0000
|
trusted library allocation
|
page read and write
|
||
|
45B0000
|
trusted library allocation
|
page read and write
|
||
|
1134000
|
trusted library allocation
|
page read and write
|
||
|
582D000
|
trusted library allocation
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
7410000
|
trusted library allocation
|
page read and write
|
||
|
829C000
|
stack
|
page read and write
|
||
|
5821000
|
trusted library allocation
|
page read and write
|
||
|
FFE000
|
stack
|
page read and write
|
||
|
3140000
|
heap
|
page read and write
|
||
|
D38E000
|
stack
|
page read and write
|
||
|
2C20000
|
trusted library allocation
|
page read and write
|
||
|
349B000
|
heap
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
7F2E000
|
stack
|
page read and write
|
||
|
2DAE000
|
unkown
|
page read and write
|
||
|
BBE000
|
stack
|
page read and write
|
||
|
48B8000
|
trusted library allocation
|
page read and write
|
||
|
4737000
|
trusted library allocation
|
page read and write
|
||
|
2C90000
|
heap
|
page execute and read and write
|
||
|
2CBD000
|
stack
|
page read and write
|
||
|
D98E000
|
stack
|
page read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
6F20000
|
trusted library allocation
|
page read and write
|
||
|
5720000
|
heap
|
page read and write
|
||
|
2B00000
|
trusted library allocation
|
page read and write
|
||
|
2B70000
|
heap
|
page read and write
|
||
|
3440000
|
heap
|
page read and write
|
||
|
6F2E000
|
trusted library allocation
|
page read and write
|
||
|
572E000
|
heap
|
page read and write
|
||
|
53C000
|
stack
|
page read and write
|
||
|
2FB3000
|
trusted library allocation
|
page read and write
|
||
|
5810000
|
trusted library allocation
|
page read and write
|
||
|
5480000
|
heap
|
page read and write
|
||
|
29FE000
|
stack
|
page read and write
|
||
|
5840000
|
trusted library allocation
|
page execute and read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
327F000
|
stack
|
page read and write
|
||
|
798C000
|
heap
|
page read and write
|
||
|
7770000
|
trusted library allocation
|
page read and write
|
||
|
5504000
|
trusted library section
|
page readonly
|
||
|
D110000
|
heap
|
page read and write
|
||
|
D48F000
|
stack
|
page read and write
|
||
|
BF7000
|
stack
|
page read and write
|
||
|
A0E000
|
stack
|
page read and write
|
||
|
5216000
|
trusted library allocation
|
page read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
52A3000
|
heap
|
page read and write
|
||
|
F3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
760E000
|
stack
|
page read and write
|
||
|
5310000
|
trusted library section
|
page readonly
|
||
|
11FE000
|
stack
|
page read and write
|
||
|
F23000
|
trusted library allocation
|
page execute and read and write
|
||
|
11F7000
|
heap
|
page read and write
|
||
|
1194000
|
heap
|
page read and write
|
||
|
2DEF000
|
unkown
|
page read and write
|
||
|
D10D000
|
stack
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
6F6E000
|
stack
|
page read and write
|
||
|
115E000
|
heap
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
799F000
|
stack
|
page read and write
|
||
|
32CA000
|
trusted library allocation
|
page read and write
|
||
|
4A0000
|
remote allocation
|
page execute and read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
51F5000
|
trusted library allocation
|
page read and write
|
||
|
521D000
|
trusted library allocation
|
page read and write
|
||
|
746E000
|
stack
|
page read and write
|
||
|
F7E000
|
stack
|
page read and write
|
||
|
52E8000
|
trusted library allocation
|
page read and write
|
||
|
55B0000
|
heap
|
page read and write
|
||
|
2A04000
|
heap
|
page read and write
|
||
|
83F0000
|
trusted library allocation
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
83DE000
|
stack
|
page read and write
|
||
|
5870000
|
trusted library section
|
page read and write
|
||
|
8FB000
|
stack
|
page read and write
|
||
|
51F0000
|
trusted library allocation
|
page read and write
|
||
|
5300000
|
trusted library allocation
|
page read and write
|
||
|
2BED000
|
stack
|
page read and write
|
||
|
5211000
|
trusted library allocation
|
page read and write
|
||
|
49CB000
|
trusted library allocation
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
2F60000
|
heap
|
page read and write
|
||
|
C8C000
|
heap
|
page read and write
|
||
|
6E20000
|
heap
|
page read and write
|
||
|
3029000
|
trusted library allocation
|
page read and write
|
||
|
52A0000
|
heap
|
page read and write
|
||
|
DDC000
|
stack
|
page read and write
|
||
|
F87000
|
heap
|
page read and write
|
||
|
46AC000
|
trusted library allocation
|
page read and write
|
||
|
5490000
|
heap
|
page read and write
|
||
|
6E10000
|
heap
|
page read and write
|
||
|
2F51000
|
trusted library allocation
|
page read and write
|
||
|
2B20000
|
trusted library allocation
|
page read and write
|
||
|
2F66000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
2B60000
|
trusted library allocation
|
page read and write
|
||
|
5850000
|
trusted library allocation
|
page execute and read and write
|
||
|
111E000
|
stack
|
page read and write
|
||
|
2B85000
|
trusted library allocation
|
page read and write
|
||
|
3340000
|
heap
|
page read and write
|
||
|
819B000
|
stack
|
page read and write
|
||
|
FC5000
|
heap
|
page read and write
|
||
|
2BA0000
|
heap
|
page read and write
|
||
|
CED0000
|
trusted library allocation
|
page read and write
|
||
|
738E000
|
stack
|
page read and write
|
||
|
3013000
|
trusted library allocation
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
CED5000
|
trusted library allocation
|
page read and write
|
||
|
2B07000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B80000
|
trusted library allocation
|
page read and write
|
||
|
5460000
|
heap
|
page read and write
|
||
|
331E000
|
stack
|
page read and write
|
||
|
F40000
|
trusted library allocation
|
page read and write
|
||
|
2CFA000
|
stack
|
page read and write
|
||
|
2D9E000
|
stack
|
page read and write
|
||
|
2AF0000
|
trusted library allocation
|
page read and write
|
||
|
802E000
|
stack
|
page read and write
|
||
|
3DA1000
|
trusted library allocation
|
page read and write
|
||
|
52E2000
|
trusted library allocation
|
page read and write
|
||
|
58CE000
|
stack
|
page read and write
|
||
|
3048000
|
trusted library allocation
|
page read and write
|
||
|
7970000
|
heap
|
page read and write
|
||
|
557B000
|
stack
|
page read and write
|
||
|
5470000
|
heap
|
page read and write
|
||
|
A9D000
|
stack
|
page read and write
|
||
|
5234000
|
trusted library allocation
|
page read and write
|
||
|
51A0000
|
heap
|
page execute and read and write
|
||
|
51F2000
|
trusted library allocation
|
page read and write
|
||
|
5250000
|
trusted library allocation
|
page read and write
|
||
|
52F0000
|
trusted library allocation
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
F4A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B3E000
|
trusted library allocation
|
page read and write
|
||
|
5690000
|
heap
|
page read and write
|
||
|
5DE000
|
stack
|
page read and write
|
||
|
5515000
|
heap
|
page read and write
|
||
|
11F8000
|
heap
|
page read and write
|
||
|
AB5000
|
heap
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
D34E000
|
stack
|
page read and write
|
||
|
7CAE000
|
stack
|
page read and write
|
||
|
CF3D000
|
stack
|
page read and write
|
||
|
2FEF000
|
unkown
|
page read and write
|
||
|
7DAE000
|
stack
|
page read and write
|
||
|
3094000
|
trusted library allocation
|
page read and write
|
||
|
5240000
|
trusted library allocation
|
page read and write
|
||
|
F5B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5850000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
2B02000
|
trusted library allocation
|
page read and write
|
||
|
2B6E000
|
stack
|
page read and write
|
||
|
5530000
|
heap
|
page read and write
|
||
|
25BE000
|
stack
|
page read and write
|
||
|
D37000
|
stack
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
2B1B000
|
stack
|
page read and write
|
||
|
2E80000
|
trusted library allocation
|
page read and write
|
||
|
5800000
|
heap
|
page read and write
|
||
|
5236000
|
trusted library allocation
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
2BA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
6E1E000
|
heap
|
page read and write
|
||
|
1120000
|
trusted library allocation
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
134E000
|
stack
|
page read and write
|
||
|
2AF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
5485000
|
heap
|
page read and write
|
||
|
3DA9000
|
trusted library allocation
|
page read and write
|
||
|
76AF000
|
stack
|
page read and write
|
||
|
2B70000
|
heap
|
page read and write
|
||
|
D74E000
|
stack
|
page read and write
|
||
|
326A000
|
trusted library allocation
|
page read and write
|
||
|
1046000
|
heap
|
page read and write
|
||
|
2C8C000
|
stack
|
page read and write
|
||
|
2BB8000
|
trusted library allocation
|
page read and write
|
||
|
C39000
|
stack
|
page read and write
|
||
|
5210000
|
trusted library allocation
|
page read and write
|
||
|
100E000
|
heap
|
page read and write
|
||
|
73CE000
|
stack
|
page read and write
|
||
|
1130000
|
trusted library allocation
|
page read and write
|
||
|
1191000
|
heap
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
4A0000
|
remote allocation
|
page execute and read and write
|
||
|
7230000
|
trusted library allocation
|
page read and write
|
||
|
F57000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D3F000
|
stack
|
page read and write
|
||
|
7B80000
|
heap
|
page read and write
|
||
|
5860000
|
trusted library allocation
|
page execute and read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
F24000
|
trusted library allocation
|
page read and write
|
||
|
54E0000
|
trusted library allocation
|
page read and write
|
||
|
7730000
|
trusted library allocation
|
page read and write
|
||
|
2EBD000
|
stack
|
page read and write
|
||
|
7720000
|
trusted library allocation
|
page execute and read and write
|
||
|
706F000
|
stack
|
page read and write
|
||
|
CEF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
FB7000
|
heap
|
page read and write
|
||
|
1200000
|
trusted library allocation
|
page read and write
|
||
|
5880000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B90000
|
trusted library allocation
|
page execute and read and write
|
||
|
FA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
559D000
|
stack
|
page read and write
|
||
|
6E90000
|
trusted library allocation
|
page read and write
|
||
|
520E000
|
trusted library allocation
|
page read and write
|
||
|
2E34000
|
trusted library allocation
|
page read and write
|
||
|
52F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
F2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E9C000
|
stack
|
page read and write
|
||
|
5820000
|
trusted library allocation
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
1178000
|
heap
|
page read and write
|
||
|
5320000
|
heap
|
page read and write
|
||
|
5520000
|
heap
|
page read and write
|
||
|
1214000
|
heap
|
page read and write
|
||
|
5340000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B4D000
|
trusted library allocation
|
page read and write
|
||
|
1035000
|
heap
|
page read and write
|
||
|
52D0000
|
heap
|
page read and write
|
||
|
76BE000
|
stack
|
page read and write
|
||
|
9D4F000
|
trusted library allocation
|
page read and write
|
||
|
52D0000
|
trusted library allocation
|
page read and write
|
||
|
5831000
|
trusted library allocation
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
4914000
|
trusted library allocation
|
page read and write
|
||
|
796E000
|
stack
|
page read and write
|
||
|
7985000
|
heap
|
page read and write
|
||
|
496F000
|
trusted library allocation
|
page read and write
|
||
|
C4E000
|
heap
|
page read and write
|
||
|
5222000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
47F9000
|
trusted library allocation
|
page read and write
|
||
|
51E0000
|
heap
|
page read and write
|
||
|
5260000
|
trusted library allocation
|
page read and write
|
||
|
3110000
|
heap
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
583F000
|
trusted library allocation
|
page read and write
|
||
|
1048000
|
heap
|
page read and write
|
||
|
5500000
|
trusted library section
|
page readonly
|
||
|
F33000
|
trusted library allocation
|
page read and write
|
||
|
13EF000
|
stack
|
page read and write
|
||
|
2D9E000
|
trusted library allocation
|
page read and write
|
||
|
ECE000
|
stack
|
page read and write
|
||
|
5323000
|
heap
|
page read and write
|
||
|
2B20000
|
trusted library allocation
|
page read and write
|
||
|
77EF000
|
stack
|
page read and write
|
||
|
F15000
|
heap
|
page read and write
|
||
|
55F0000
|
heap
|
page read and write
|
||
|
1186000
|
heap
|
page read and write
|
||
|
1247000
|
heap
|
page read and write
|
||
|
2B0B000
|
trusted library allocation
|
page execute and read and write
|
||
|
51E0000
|
trusted library allocation
|
page read and write
|
||
|
55B9000
|
heap
|
page read and write
|
||
|
F20000
|
trusted library allocation
|
page read and write
|
||
|
114E000
|
stack
|
page read and write
|
||
|
7B6E000
|
stack
|
page read and write
|
||
|
1143000
|
trusted library allocation
|
page read and write
|
||
|
F42000
|
trusted library allocation
|
page read and write
|
||
|
8D2000
|
unkown
|
page readonly
|
||
|
2B65000
|
trusted library allocation
|
page read and write
|
||
|
51F0000
|
trusted library allocation
|
page read and write
|
||
|
5280000
|
trusted library allocation
|
page read and write
|
||
|
5320000
|
heap
|
page execute and read and write
|
||
|
5255000
|
trusted library allocation
|
page read and write
|
||
|
48D4000
|
trusted library allocation
|
page read and write
|
||
|
567E000
|
stack
|
page read and write
|
||
|
5510000
|
heap
|
page read and write
|
||
|
2C30000
|
heap
|
page execute and read and write
|
||
|
2FCC000
|
trusted library allocation
|
page read and write
|
||
|
74CF000
|
stack
|
page read and write
|
||
|
1140000
|
trusted library allocation
|
page read and write
|
||
|
4797000
|
trusted library allocation
|
page read and write
|
||
|
2FE4000
|
trusted library allocation
|
page read and write
|
||
|
582F000
|
trusted library allocation
|
page read and write
|
||
|
113D000
|
trusted library allocation
|
page execute and read and write
|
||
|
D84E000
|
stack
|
page read and write
|
||
|
2AFA000
|
trusted library allocation
|
page execute and read and write
|
||
|
E8E000
|
stack
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
D24D000
|
stack
|
page read and write
|
||
|
F70000
|
trusted library allocation
|
page read and write
|
||
|
2EFA000
|
stack
|
page read and write
|
||
|
2DA1000
|
trusted library allocation
|
page read and write
|
||
|
55A0000
|
heap
|
page read and write
|
||
|
5230000
|
trusted library allocation
|
page read and write
|
||
|
4E3C000
|
stack
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
5190000
|
trusted library allocation
|
page read and write
|
||
|
14EF000
|
stack
|
page read and write
|
||
|
545B000
|
stack
|
page read and write
|
||
|
52E0000
|
trusted library allocation
|
page read and write
|
||
|
464C000
|
trusted library allocation
|
page read and write
|
||
|
1133000
|
trusted library allocation
|
page execute and read and write
|
||
|
76EE000
|
stack
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
750E000
|
stack
|
page read and write
|
||
|
82DD000
|
stack
|
page read and write
|
||
|
1210000
|
trusted library allocation
|
page read and write
|
||
|
11AE000
|
stack
|
page read and write
|
||
|
D88E000
|
stack
|
page read and write
|
||
|
314A000
|
heap
|
page read and write
|
||
|
3490000
|
heap
|
page read and write
|
||
|
133E000
|
stack
|
page read and write
|
||
|
7420000
|
trusted library allocation
|
page execute and read and write
|
||
|
CDC000
|
stack
|
page read and write
|
||
|
F30000
|
trusted library allocation
|
page read and write
|
||
|
756E000
|
stack
|
page read and write
|
||
|
D70C000
|
stack
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
789E000
|
stack
|
page read and write
|
||
|
3D41000
|
trusted library allocation
|
page read and write
|
||
|
1008000
|
heap
|
page read and write
|
||
|
7220000
|
trusted library allocation
|
page execute and read and write
|
||
|
7DED000
|
stack
|
page read and write
|
||
|
2B52000
|
trusted library allocation
|
page read and write
|
||
|
6EB2000
|
trusted library allocation
|
page read and write
|
||
|
5680000
|
heap
|
page read and write
|
||
|
C46D000
|
stack
|
page read and write
|
||
|
7EEE000
|
stack
|
page read and write
|
There are 360 hidden memdumps, click here to show them.