Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
PHHOjspjmp.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Drivers\csrss.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\4KPV6A~1\state (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\4kPv6aJG8e\state.tmp
|
ASCII text, with CRLF line terminators
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\PHHOjspjmp.exe
|
"C:\Users\user\Desktop\PHHOjspjmp.exe"
|
|
|
|
C:\Users\user\Desktop\PHHOjspjmp.exe
|
"C:\Users\user\Desktop\PHHOjspjmp.exe"
|
|
|
|
C:\ProgramData\Drivers\csrss.exe
|
"C:\ProgramData\Drivers\csrss.exe"
|
|
|
|
C:\ProgramData\Drivers\csrss.exe
|
"C:\ProgramData\Drivers\csrss.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://x5outc76j5k4qrzaqdj2m6eq4amkkpndbqyvmvaz6yl4mmfco6oqxsqd.onionT/reg.php?upd.php?/task.php?/re
|
unknown
|
|
|
|
https://curl.se/docs/hsts.html
|
unknown
|
||
|
http://www.openssl.org/support/faq.htmlTYPE=2OpenSSL
|
unknown
|
||
|
https://www.torproject.org/
|
unknown
|
||
|
https://curl.se/docs/alt-svc.html
|
unknown
|
||
|
https:///phpMyAdmin//PhpMyAdmin//pma/rootmysqlimapssmtpspop3sscp://your_IP_is_greylisted_README.txt2
|
unknown
|
||
|
https://curl.se/docs/http-cookies.html
|
unknown
|
||
|
https://www.torproject.org/documentation.html
|
unknown
|
||
|
http://www.openssl.org/support/faq.html
|
unknown
|
||
|
https://trac.torproject.org/projects/tor/ticket/14917.
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
127.0.0.1
|
unknown
|
unknown
|
|
|
|
171.25.193.9
|
unknown
|
Sweden
|
||
|
85.10.240.250
|
unknown
|
Germany
|
||
|
45.66.33.45
|
unknown
|
Netherlands
|
||
|
195.201.94.113
|
unknown
|
Germany
|
||
|
8.209.79.125
|
unknown
|
Singapore
|
||
|
143.107.229.120
|
unknown
|
Brazil
|
||
|
51.158.147.25
|
unknown
|
France
|
||
|
95.216.154.139
|
unknown
|
Germany
|
||
|
86.59.21.38
|
unknown
|
Austria
|
||
|
93.186.202.32
|
unknown
|
Germany
|
||
|
154.35.175.225
|
unknown
|
United States
|
||
|
128.31.0.39
|
unknown
|
United States
|
||
|
62.78.194.4
|
unknown
|
Finland
|
||
|
51.91.121.255
|
unknown
|
France
|
||
|
195.154.106.60
|
unknown
|
France
|
||
|
47.56.94.99
|
unknown
|
United States
|
||
|
185.220.101.205
|
unknown
|
Germany
|
||
|
204.13.164.118
|
unknown
|
United States
|
||
|
109.70.100.14
|
unknown
|
Austria
|
||
|
188.195.109.45
|
unknown
|
Germany
|
||
|
46.105.227.109
|
unknown
|
France
|
||
|
151.197.240.154
|
unknown
|
United States
|
||
|
23.129.64.239
|
unknown
|
United States
|
||
|
185.65.205.10
|
unknown
|
Turkey
|
||
|
104.149.129.210
|
unknown
|
United States
|
||
|
37.187.23.232
|
unknown
|
France
|
||
|
167.86.94.107
|
unknown
|
Germany
|
||
|
217.160.255.217
|
unknown
|
Germany
|
||
|
149.56.98.216
|
unknown
|
Canada
|
||
|
88.88.79.90
|
unknown
|
Norway
|
||
|
198.245.49.18
|
unknown
|
Canada
|
||
|
31.127.34.9
|
unknown
|
United Kingdom
|
||
|
193.218.118.100
|
unknown
|
Ukraine
|
||
|
212.8.243.229
|
unknown
|
Netherlands
|
||
|
80.66.135.13
|
unknown
|
Belgium
|
||
|
131.188.40.189
|
unknown
|
Germany
|
||
|
188.68.53.92
|
unknown
|
Germany
|
||
|
185.220.101.20
|
unknown
|
Germany
|
||
|
46.188.6.64
|
unknown
|
Russian Federation
|
||
|
45.153.160.131
|
unknown
|
Czech Republic
|
||
|
134.249.185.176
|
unknown
|
Ukraine
|
||
|
130.225.244.90
|
unknown
|
Denmark
|
||
|
199.58.81.140
|
unknown
|
Canada
|
||
|
212.47.227.71
|
unknown
|
France
|
||
|
192.0.128.86
|
unknown
|
Canada
|
||
|
91.121.160.6
|
unknown
|
France
|
||
|
75.176.45.87
|
unknown
|
United States
|
||
|
209.58.180.90
|
unknown
|
Singapore
|
||
|
50.7.8.141
|
unknown
|
United States
|
||
|
51.15.246.170
|
unknown
|
France
|
||
|
51.38.65.160
|
unknown
|
France
|
||
|
173.249.63.227
|
unknown
|
Germany
|
There are 43 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\System\Config
|
i
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
|
CSRSS
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
9B7000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2C6E000
|
stack
|
page read and write
|
||
|
29C7000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
29D3000
|
heap
|
page read and write
|
||
|
419000
|
unkown
|
page write copy
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
29FC000
|
heap
|
page read and write
|
||
|
29CA000
|
heap
|
page read and write
|
||
|
29EA000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
824000
|
remote allocation
|
page execute and read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
419000
|
unkown
|
page write copy
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
843000
|
remote allocation
|
page execute and read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
29C6000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
29C7000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2B88000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
432E000
|
stack
|
page read and write
|
||
|
29DB000
|
heap
|
page read and write
|
||
|
29C6000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2BA5000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
824000
|
remote allocation
|
page execute and read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
412000
|
unkown
|
page readonly
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2C2E000
|
stack
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
843000
|
remote allocation
|
page execute and read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
412000
|
unkown
|
page readonly
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
29DC000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
477F000
|
stack
|
page read and write
|
||
|
41F000
|
unkown
|
page write copy
|
||
|
29F1000
|
heap
|
page read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
2E40000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
9B5000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
29DB000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
29E5000
|
heap
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
29FB000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29B7000
|
heap
|
page read and write
|
||
|
2A90000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
29D7000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29F1000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
6501000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
A13000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2CFE000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
440A000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
41C6000
|
unkown
|
page readonly
|
||
|
29EA000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
29F6000
|
heap
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
29F6000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
41A000
|
unkown
|
page write copy
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
29E5000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
29FA000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
44BF000
|
heap
|
page execute and read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
451F000
|
heap
|
page read and write
|
||
|
2BCF000
|
stack
|
page read and write
|
||
|
29E5000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2C30000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
41C6000
|
unkown
|
page readonly
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2A90000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
5D8000
|
unkown
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
83D000
|
remote allocation
|
page execute and read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29BE000
|
heap
|
page read and write
|
||
|
29F9000
|
heap
|
page read and write
|
||
|
6401000
|
heap
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
29F9000
|
heap
|
page read and write
|
||
|
29E7000
|
heap
|
page read and write
|
||
|
4A3F000
|
stack
|
page read and write
|
||
|
29BE000
|
heap
|
page read and write
|
||
|
2A00000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
41C4000
|
unkown
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
62A0000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2A01000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
29C6000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29DC000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29E7000
|
heap
|
page read and write
|
||
|
41C6000
|
unkown
|
page readonly
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
29FB000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29C6000
|
heap
|
page read and write
|
||
|
29E5000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
29CB000
|
heap
|
page read and write
|
||
|
4400000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
41F0000
|
heap
|
page read and write
|
||
|
4500000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
29CB000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2800000
|
heap
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29AD000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
960000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
41F000
|
unkown
|
page write copy
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
B45000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
C49000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29C7000
|
heap
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
412000
|
unkown
|
page readonly
|
||
|
29F6000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29C7000
|
heap
|
page read and write
|
||
|
29EA000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
4700000
|
heap
|
page execute and read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
4512000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
29F6000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2A90000
|
trusted library allocation
|
page read and write
|
||
|
412000
|
unkown
|
page readonly
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29BE000
|
heap
|
page read and write
|
||
|
6270000
|
heap
|
page read and write
|
||
|
29D2000
|
heap
|
page read and write
|
||
|
29D3000
|
heap
|
page read and write
|
||
|
2A90000
|
trusted library allocation
|
page read and write
|
||
|
412000
|
unkown
|
page readonly
|
||
|
99E000
|
stack
|
page read and write
|
||
|
29E5000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29C7000
|
heap
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29C6000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2812000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
D6F000
|
stack
|
page read and write
|
||
|
63DE000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
29F6000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
61E0000
|
direct allocation
|
page execute and read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29EA000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
41F000
|
unkown
|
page write copy
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
41C6000
|
unkown
|
page readonly
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
19B000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
41F000
|
unkown
|
page write copy
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
A02000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
42B0000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2A90000
|
trusted library allocation
|
page read and write
|
||
|
2A90000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2A90000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
46D0000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
C25000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2A01000
|
heap
|
page read and write
|
||
|
442C000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2C70000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
42E0000
|
heap
|
page read and write
|
||
|
2A90000
|
trusted library allocation
|
page read and write
|
||
|
41C6000
|
unkown
|
page readonly
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
D01000
|
heap
|
page read and write
|
||
|
95E000
|
stack
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2E70000
|
trusted library allocation
|
page read and write
|
||
|
4412000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
29B7000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
41F000
|
unkown
|
page write copy
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
33AF000
|
stack
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
29C2000
|
heap
|
page read and write
|
||
|
43BA000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
97E000
|
stack
|
page read and write
|
||
|
A13000
|
heap
|
page read and write
|
||
|
29C7000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29FB000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29DB000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
29E5000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2990000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2990000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
27E0000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
29E5000
|
heap
|
page read and write
|
||
|
2990000
|
heap
|
page read and write
|
||
|
960000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2A00000
|
heap
|
page read and write
|
||
|
29F9000
|
heap
|
page read and write
|
||
|
2ACE000
|
stack
|
page read and write
|
||
|
960000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
601F000
|
stack
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
29C7000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29F1000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
29E5000
|
heap
|
page read and write
|
||
|
29E2000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
29F9000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
29C6000
|
heap
|
page read and write
|
||
|
29BE000
|
heap
|
page read and write
|
||
|
29C7000
|
heap
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29EA000
|
heap
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
29D3000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
66FF000
|
stack
|
page read and write
|
||
|
B20000
|
unclassified section
|
page read and write
|
||
|
2F6F000
|
unkown
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
29E5000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
29AD000
|
heap
|
page read and write
|
||
|
29FC000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29C9000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
288C000
|
stack
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2A90000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page execute and read and write
|
||
|
ABF000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29E5000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2E40000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29E5000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2B80000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
A13000
|
heap
|
page read and write
|
||
|
29EA000
|
heap
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
29C2000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29C7000
|
heap
|
page read and write
|
||
|
4202000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
493E000
|
stack
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
29E5000
|
heap
|
page read and write
|
||
|
29D7000
|
heap
|
page read and write
|
||
|
19B000
|
stack
|
page read and write
|
||
|
29C7000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
29CB000
|
heap
|
page read and write
|
||
|
29C7000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
29F9000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2A90000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
6020000
|
direct allocation
|
page execute and read and write
|
||
|
29FC000
|
heap
|
page read and write
|
||
|
419000
|
unkown
|
page write copy
|
||
|
29AE000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
29C2000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
29E5000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
29E5000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2A90000
|
trusted library allocation
|
page read and write
|
||
|
29EA000
|
heap
|
page read and write
|
||
|
29CE000
|
heap
|
page read and write
|
||
|
29BE000
|
heap
|
page read and write
|
||
|
41C6000
|
unkown
|
page readonly
|
||
|
29F9000
|
heap
|
page read and write
|
||
|
29F6000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
41F000
|
unkown
|
page write copy
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2901000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
29E5000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
29C7000
|
heap
|
page read and write
|
||
|
419000
|
unkown
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
31AF000
|
unkown
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29DC000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
EFF000
|
stack
|
page read and write
|
||
|
2C80000
|
trusted library allocation
|
page read and write
|
||
|
29F6000
|
heap
|
page read and write
|
||
|
C12000
|
heap
|
page read and write
|
||
|
281C000
|
heap
|
page read and write
|
||
|
29B7000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
29E5000
|
heap
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
29C7000
|
heap
|
page read and write
|
||
|
298B000
|
stack
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29E5000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page execute and read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
29F9000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
41C4000
|
unkown
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
43BE000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
29D7000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29EA000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29D7000
|
heap
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
29C2000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
419000
|
unkown
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
29E5000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29C6000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2A90000
|
trusted library allocation
|
page read and write
|
||
|
29BE000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
41A000
|
unkown
|
page write copy
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29EA000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
B78000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
29E5000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
29DC000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
2A90000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
436E000
|
stack
|
page read and write
|
||
|
29C6000
|
heap
|
page read and write
|
||
|
29F9000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
412000
|
unkown
|
page readonly
|
||
|
29F9000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29D3000
|
heap
|
page read and write
|
||
|
A13000
|
heap
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29B7000
|
heap
|
page read and write
|
||
|
29D7000
|
heap
|
page read and write
|
||
|
29E5000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29B7000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
419000
|
unkown
|
page write copy
|
||
|
29EA000
|
heap
|
page read and write
|
||
|
83C000
|
remote allocation
|
page execute and read and write
|
||
|
29EE000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
C33000
|
heap
|
page read and write
|
||
|
2D71000
|
heap
|
page read and write
|
||
|
29BE000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
2A03000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
43B0000
|
heap
|
page read and write
|
||
|
29DC000
|
heap
|
page read and write
|
There are 715 hidden memdumps, click here to show them.