Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Comprobante.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\tmp9BE3.tmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\XenoManager\Comprobante.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Comprobante.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\XenoManager\Comprobante.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Comprobante.exe
|
"C:\Users\user\Desktop\Comprobante.exe"
|
|
|
|
C:\Users\user\Desktop\Comprobante.exe
|
C:\Users\user\Desktop\Comprobante.exe
|
|
|
|
C:\Users\user\Desktop\Comprobante.exe
|
C:\Users\user\Desktop\Comprobante.exe
|
|
|
|
C:\Users\user\Desktop\Comprobante.exe
|
C:\Users\user\Desktop\Comprobante.exe
|
|
|
|
C:\Users\user\AppData\Roaming\XenoManager\Comprobante.exe
|
"C:\Users\user\AppData\Roaming\XenoManager\Comprobante.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\XenoManager\Comprobante.exe
|
C:\Users\user\AppData\Roaming\XenoManager\Comprobante.exe
|
|
|
|
C:\Users\user\AppData\Roaming\XenoManager\Comprobante.exe
|
C:\Users\user\AppData\Roaming\XenoManager\Comprobante.exe
|
|
|
|
C:\Users\user\AppData\Roaming\XenoManager\Comprobante.exe
|
C:\Users\user\AppData\Roaming\XenoManager\Comprobante.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"schtasks.exe" /Create /TN "uic" /XML "C:\Users\user\AppData\Local\Temp\tmp9BE3.tmp" /F
|
|
|
|
C:\Users\user\Desktop\Comprobante.exe
|
C:\Users\user\Desktop\Comprobante.exe
|
|
|
|
C:\Users\user\Desktop\Comprobante.exe
|
C:\Users\user\Desktop\Comprobante.exe
|
|
|
|
C:\Users\user\Desktop\Comprobante.exe
|
C:\Users\user\Desktop\Comprobante.exe
|
|
|
|
C:\Users\user\Desktop\Comprobante.exe
|
C:\Users\user\Desktop\Comprobante.exe
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 5608 -s 80
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7280 -s 80
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 8108 -s 80
|
There are 7 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
dns.requimacofradian.site
|
|
||
|
http://go.microsoft.c3
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
dns.requimacofradian.site
|
91.92.243.131
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
91.92.243.131
|
dns.requimacofradian.site
|
Bulgaria
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
32A1000
|
trusted library allocation
|
page read and write
|
|
|
|
2B23000
|
trusted library allocation
|
page read and write
|
|
|
|
28E1000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
26E2000
|
trusted library allocation
|
page read and write
|
|
|
|
24B1000
|
trusted library allocation
|
page read and write
|
|
|
|
1447000
|
trusted library allocation
|
page execute and read and write
|
||
|
117E000
|
stack
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
144B000
|
trusted library allocation
|
page execute and read and write
|
||
|
E9A000
|
heap
|
page read and write
|
||
|
8BDE000
|
stack
|
page read and write
|
||
|
28D0000
|
heap
|
page read and write
|
||
|
41F1000
|
trusted library allocation
|
page read and write
|
||
|
A96000
|
heap
|
page read and write
|
||
|
30A0000
|
heap
|
page read and write
|
||
|
1343000
|
heap
|
page read and write
|
||
|
DB50000
|
trusted library allocation
|
page read and write
|
||
|
F08000
|
heap
|
page read and write
|
||
|
162F000
|
stack
|
page read and write
|
||
|
DB46000
|
trusted library allocation
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
1304000
|
trusted library allocation
|
page read and write
|
||
|
1540000
|
heap
|
page read and write
|
||
|
31EF000
|
stack
|
page read and write
|
||
|
1B50000
|
heap
|
page execute and read and write
|
||
|
2479000
|
trusted library allocation
|
page read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
4E00000
|
heap
|
page read and write
|
||
|
3BF1000
|
trusted library allocation
|
page read and write
|
||
|
DB75000
|
trusted library allocation
|
page read and write
|
||
|
A30000
|
trusted library allocation
|
page read and write
|
||
|
AA7000
|
heap
|
page read and write
|
||
|
2F24000
|
trusted library allocation
|
page read and write
|
||
|
16B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
5D0000
|
unkown
|
page readonly
|
||
|
31EE000
|
stack
|
page read and write
|
||
|
24A0000
|
heap
|
page execute and read and write
|
||
|
16A0000
|
trusted library allocation
|
page read and write
|
||
|
5839000
|
trusted library allocation
|
page read and write
|
||
|
590000
|
unkown
|
page execute and read and write
|
||
|
3290000
|
heap
|
page execute and read and write
|
||
|
165E000
|
stack
|
page read and write
|
||
|
5FE000
|
stack
|
page read and write
|
||
|
85DD000
|
stack
|
page read and write
|
||
|
1460000
|
trusted library allocation
|
page read and write
|
||
|
C0E000
|
stack
|
page read and write
|
||
|
DC5000
|
heap
|
page read and write
|
||
|
E0BE000
|
stack
|
page read and write
|
||
|
F88000
|
heap
|
page read and write
|
||
|
2624000
|
trusted library allocation
|
page read and write
|
||
|
EA4000
|
trusted library allocation
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
153A000
|
trusted library allocation
|
page execute and read and write
|
||
|
DB3000
|
trusted library allocation
|
page execute and read and write
|
||
|
B2C000
|
heap
|
page read and write
|
||
|
14F0000
|
trusted library allocation
|
page read and write
|
||
|
2670000
|
trusted library allocation
|
page read and write
|
||
|
2480000
|
trusted library allocation
|
page read and write
|
||
|
DB89000
|
trusted library allocation
|
page read and write
|
||
|
4E9F000
|
stack
|
page read and write
|
||
|
939000
|
stack
|
page read and write
|
||
|
D4E000
|
stack
|
page read and write
|
||
|
968000
|
stack
|
page read and write
|
||
|
530E000
|
stack
|
page read and write
|
||
|
142F000
|
stack
|
page read and write
|
||
|
56CB000
|
stack
|
page read and write
|
||
|
4461000
|
trusted library allocation
|
page read and write
|
||
|
522E000
|
stack
|
page read and write
|
||
|
1AA0000
|
trusted library allocation
|
page read and write
|
||
|
A42E000
|
stack
|
page read and write
|
||
|
265B000
|
trusted library allocation
|
page execute and read and write
|
||
|
90FF000
|
stack
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
2BF1000
|
trusted library allocation
|
page read and write
|
||
|
5C4000
|
unkown
|
page execute and read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
1380000
|
trusted library allocation
|
page read and write
|
||
|
EB000
|
stack
|
page read and write
|
||
|
8E05000
|
trusted library allocation
|
page read and write
|
||
|
A20000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FDE000
|
stack
|
page read and write
|
||
|
CDA000
|
heap
|
page read and write
|
||
|
22C0000
|
trusted library allocation
|
page read and write
|
||
|
835F000
|
stack
|
page read and write
|
||
|
1530000
|
trusted library allocation
|
page read and write
|
||
|
14C8000
|
heap
|
page read and write
|
||
|
4A7E000
|
stack
|
page read and write
|
||
|
16E0000
|
trusted library allocation
|
page read and write
|
||
|
FB5000
|
heap
|
page read and write
|
||
|
13C0000
|
trusted library allocation
|
page read and write
|
||
|
5CFC000
|
stack
|
page read and write
|
||
|
B05000
|
heap
|
page read and write
|
||
|
7A9E000
|
stack
|
page read and write
|
||
|
8DEE000
|
trusted library allocation
|
page read and write
|
||
|
5BFC000
|
stack
|
page read and write
|
||
|
4A7E000
|
stack
|
page read and write
|
||
|
F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
B6B0000
|
trusted library allocation
|
page read and write
|
||
|
15A0000
|
trusted library allocation
|
page read and write
|
||
|
568E000
|
stack
|
page read and write
|
||
|
5720000
|
trusted library allocation
|
page read and write
|
||
|
38E5000
|
trusted library allocation
|
page read and write
|
||
|
8CDF000
|
stack
|
page read and write
|
||
|
4110000
|
trusted library allocation
|
page read and write
|
||
|
4F1C000
|
trusted library allocation
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
DBCE000
|
stack
|
page read and write
|
||
|
630000
|
trusted library allocation
|
page read and write
|
||
|
3F11000
|
trusted library allocation
|
page read and write
|
||
|
644000
|
trusted library allocation
|
page read and write
|
||
|
AA4E000
|
stack
|
page read and write
|
||
|
2710000
|
trusted library section
|
page read and write
|
||
|
EC0000
|
trusted library allocation
|
page read and write
|
||
|
A15000
|
heap
|
page read and write
|
||
|
C77000
|
heap
|
page read and write
|
||
|
2650000
|
trusted library allocation
|
page read and write
|
||
|
EC3000
|
trusted library allocation
|
page execute and read and write
|
||
|
594E000
|
stack
|
page read and write
|
||
|
592000
|
unkown
|
page execute and read and write
|
||
|
E60000
|
trusted library allocation
|
page read and write
|
||
|
4D8E000
|
stack
|
page read and write
|
||
|
4F19000
|
trusted library allocation
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
9FCE000
|
stack
|
page read and write
|
||
|
84F000
|
stack
|
page read and write
|
||
|
4936000
|
trusted library allocation
|
page read and write
|
||
|
4D50000
|
heap
|
page execute and read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
EA0000
|
trusted library allocation
|
page read and write
|
||
|
2710000
|
heap
|
page execute and read and write
|
||
|
1139000
|
stack
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
56F0000
|
heap
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
E8E000
|
heap
|
page read and write
|
||
|
5040000
|
heap
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
5759000
|
trusted library allocation
|
page read and write
|
||
|
7BEE000
|
stack
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
86B000
|
stack
|
page read and write
|
||
|
E4F000
|
stack
|
page read and write
|
||
|
4DFE000
|
stack
|
page read and write
|
||
|
9FE000
|
stack
|
page read and write
|
||
|
4344000
|
trusted library allocation
|
page read and write
|
||
|
28AC000
|
stack
|
page read and write
|
||
|
1325000
|
heap
|
page read and write
|
||
|
DB40000
|
trusted library allocation
|
page read and write
|
||
|
1510000
|
trusted library allocation
|
page read and write
|
||
|
500E000
|
stack
|
page read and write
|
||
|
A8EE000
|
stack
|
page read and write
|
||
|
2F8C000
|
trusted library allocation
|
page read and write
|
||
|
28CE000
|
stack
|
page read and write
|
||
|
5750000
|
trusted library allocation
|
page read and write
|
||
|
939000
|
stack
|
page read and write
|
||
|
A83000
|
heap
|
page read and write
|
||
|
2F11000
|
trusted library allocation
|
page read and write
|
||
|
4EDE000
|
stack
|
page read and write
|
||
|
4D30000
|
heap
|
page read and write
|
||
|
ECB000
|
trusted library allocation
|
page execute and read and write
|
||
|
EF7000
|
trusted library allocation
|
page execute and read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
249F000
|
trusted library allocation
|
page read and write
|
||
|
83C000
|
stack
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
9DE000
|
stack
|
page read and write
|
||
|
2623000
|
trusted library allocation
|
page execute and read and write
|
||
|
67B000
|
heap
|
page read and write
|
||
|
15FC000
|
heap
|
page read and write
|
||
|
EA7000
|
heap
|
page read and write
|
||
|
F10000
|
trusted library allocation
|
page read and write
|
||
|
E3F000
|
stack
|
page read and write
|
||
|
3DD000
|
stack
|
page read and write
|
||
|
589E000
|
stack
|
page read and write
|
||
|
821E000
|
stack
|
page read and write
|
||
|
11BC000
|
stack
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
2624000
|
trusted library allocation
|
page read and write
|
||
|
89D000
|
stack
|
page read and write
|
||
|
223E000
|
stack
|
page read and write
|
||
|
16E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
5AFC000
|
stack
|
page read and write
|
||
|
94C000
|
stack
|
page read and write
|
||
|
544E000
|
stack
|
page read and write
|
||
|
5710000
|
trusted library allocation
|
page read and write
|
||
|
2630000
|
trusted library allocation
|
page read and write
|
||
|
1581000
|
heap
|
page read and write
|
||
|
5920000
|
heap
|
page execute and read and write
|
||
|
11FE000
|
stack
|
page read and write
|
||
|
572E000
|
stack
|
page read and write
|
||
|
152E000
|
stack
|
page read and write
|
||
|
2DF0000
|
trusted library allocation
|
page read and write
|
||
|
1370000
|
trusted library allocation
|
page read and write
|
||
|
2490000
|
trusted library allocation
|
page read and write
|
||
|
27C0000
|
heap
|
page read and write
|
||
|
22C9000
|
trusted library allocation
|
page read and write
|
||
|
A91000
|
heap
|
page read and write
|
||
|
849E000
|
stack
|
page read and write
|
||
|
48DC000
|
stack
|
page read and write
|
||
|
1310000
|
trusted library allocation
|
page read and write
|
||
|
F30000
|
trusted library allocation
|
page read and write
|
||
|
2F0E000
|
stack
|
page read and write
|
||
|
84DE000
|
stack
|
page read and write
|
||
|
3240000
|
trusted library allocation
|
page read and write
|
||
|
54E0000
|
heap
|
page execute and read and write
|
||
|
5ABE000
|
stack
|
page read and write
|
||
|
A89000
|
heap
|
page read and write
|
||
|
1B30000
|
trusted library allocation
|
page execute and read and write
|
||
|
CA0000
|
trusted library allocation
|
page read and write
|
||
|
1440000
|
trusted library allocation
|
page read and write
|
||
|
7AA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
A3E000
|
stack
|
page read and write
|
||
|
8FFD000
|
stack
|
page read and write
|
||
|
DB61000
|
trusted library allocation
|
page read and write
|
||
|
1E8000
|
stack
|
page read and write
|
||
|
4951000
|
trusted library allocation
|
page read and write
|
||
|
811E000
|
stack
|
page read and write
|
||
|
171E000
|
stack
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
1303000
|
trusted library allocation
|
page execute and read and write
|
||
|
57EE000
|
stack
|
page read and write
|
||
|
1470000
|
trusted library allocation
|
page execute and read and write
|
||
|
DB4B000
|
trusted library allocation
|
page read and write
|
||
|
1EBE000
|
stack
|
page read and write
|
||
|
4F10000
|
trusted library allocation
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
F0C000
|
heap
|
page read and write
|
||
|
9CE000
|
stack
|
page read and write
|
||
|
2420000
|
heap
|
page read and write
|
||
|
B16000
|
heap
|
page read and write
|
||
|
DCBE000
|
stack
|
page read and write
|
||
|
83C000
|
stack
|
page read and write
|
||
|
BD9000
|
stack
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
2D10000
|
heap
|
page read and write
|
||
|
16C0000
|
heap
|
page execute and read and write
|
||
|
2634000
|
trusted library allocation
|
page read and write
|
||
|
575C000
|
trusted library allocation
|
page read and write
|
||
|
8E29000
|
trusted library allocation
|
page read and write
|
||
|
28B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
262D000
|
trusted library allocation
|
page execute and read and write
|
||
|
738000
|
heap
|
page read and write
|
||
|
63D000
|
trusted library allocation
|
page execute and read and write
|
||
|
123B000
|
stack
|
page read and write
|
||
|
4EF0000
|
heap
|
page execute and read and write
|
||
|
D2E000
|
stack
|
page read and write
|
||
|
914E000
|
stack
|
page read and write
|
||
|
309E000
|
stack
|
page read and write
|
||
|
137D000
|
heap
|
page read and write
|
||
|
4F0E000
|
stack
|
page read and write
|
||
|
F2E000
|
stack
|
page read and write
|
||
|
5840000
|
heap
|
page execute and read and write
|
||
|
1557000
|
trusted library allocation
|
page execute and read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
4FD000
|
stack
|
page read and write
|
||
|
5C2000
|
unkown
|
page readonly
|
||
|
86B000
|
trusted library allocation
|
page execute and read and write
|
||
|
F40000
|
trusted library allocation
|
page read and write
|
||
|
DB5E000
|
trusted library allocation
|
page read and write
|
||
|
38D1000
|
trusted library allocation
|
page read and write
|
||
|
2D9F000
|
stack
|
page read and write
|
||
|
2657000
|
trusted library allocation
|
page execute and read and write
|
||
|
590000
|
unkown
|
page readonly
|
||
|
14C3000
|
heap
|
page read and write
|
||
|
14B0000
|
heap
|
page read and write
|
||
|
52EE000
|
stack
|
page read and write
|
||
|
7F90000
|
trusted library allocation
|
page read and write
|
||
|
15C1000
|
heap
|
page read and write
|
||
|
323E000
|
stack
|
page read and write
|
||
|
C5E000
|
heap
|
page read and write
|
||
|
134F000
|
stack
|
page read and write
|
||
|
2F3E000
|
stack
|
page read and write
|
||
|
2CFE000
|
stack
|
page read and write
|
||
|
1BD000
|
stack
|
page read and write
|
||
|
2D40000
|
heap
|
page execute and read and write
|
||
|
EE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
546F000
|
stack
|
page read and write
|
||
|
14C000
|
stack
|
page read and write
|
||
|
1377000
|
trusted library allocation
|
page execute and read and write
|
||
|
825E000
|
stack
|
page read and write
|
||
|
850000
|
trusted library allocation
|
page read and write
|
||
|
169E000
|
stack
|
page read and write
|
||
|
1387000
|
trusted library allocation
|
page execute and read and write
|
||
|
F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
48E0000
|
trusted library allocation
|
page read and write
|
||
|
6A9E000
|
stack
|
page read and write
|
||
|
540E000
|
stack
|
page read and write
|
||
|
103C000
|
stack
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
34B1000
|
trusted library allocation
|
page read and write
|
||
|
113D000
|
stack
|
page read and write
|
||
|
ADC000
|
stack
|
page read and write
|
||
|
2670000
|
trusted library allocation
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
1349000
|
heap
|
page read and write
|
||
|
48F0000
|
trusted library allocation
|
page read and write
|
||
|
A40000
|
trusted library allocation
|
page read and write
|
||
|
1210000
|
heap
|
page execute and read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
4940000
|
trusted library allocation
|
page read and write
|
||
|
A9A000
|
heap
|
page read and write
|
||
|
12F0000
|
trusted library allocation
|
page read and write
|
||
|
B22000
|
heap
|
page read and write
|
||
|
A7EE000
|
stack
|
page read and write
|
||
|
A5E000
|
stack
|
page read and write
|
||
|
2B34000
|
trusted library allocation
|
page read and write
|
||
|
8DA000
|
stack
|
page read and write
|
||
|
1314000
|
trusted library allocation
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
306B000
|
heap
|
page read and write
|
||
|
26EE000
|
stack
|
page read and write
|
||
|
2CBE000
|
stack
|
page read and write
|
||
|
85A000
|
trusted library allocation
|
page execute and read and write
|
||
|
175F000
|
stack
|
page read and write
|
||
|
137A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1385000
|
heap
|
page read and write
|
||
|
6E7000
|
heap
|
page read and write
|
||
|
28D1000
|
trusted library allocation
|
page read and write
|
||
|
2F82000
|
trusted library allocation
|
page read and write
|
||
|
634000
|
trusted library allocation
|
page read and write
|
||
|
40E000
|
remote allocation
|
page execute and read and write
|
||
|
15B0000
|
trusted library allocation
|
page read and write
|
||
|
2690000
|
trusted library allocation
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
328C000
|
stack
|
page read and write
|
||
|
A47000
|
trusted library allocation
|
page read and write
|
||
|
FB6000
|
heap
|
page read and write
|
||
|
2280000
|
trusted library allocation
|
page execute and read and write
|
||
|
5C2000
|
unkown
|
page execute and read and write
|
||
|
867000
|
trusted library allocation
|
page execute and read and write
|
||
|
A8F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
42A5000
|
trusted library allocation
|
page read and write
|
||
|
5830000
|
trusted library allocation
|
page read and write
|
||
|
A67000
|
heap
|
page read and write
|
||
|
1B40000
|
trusted library allocation
|
page read and write
|
||
|
8DE0000
|
trusted library allocation
|
page read and write
|
||
|
52CF000
|
stack
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
B39000
|
heap
|
page read and write
|
||
|
15F8000
|
heap
|
page read and write
|
||
|
27F0000
|
heap
|
page read and write
|
||
|
554F000
|
stack
|
page read and write
|
||
|
15D0000
|
heap
|
page read and write
|
||
|
72EE000
|
stack
|
page read and write
|
||
|
5939000
|
stack
|
page read and write
|
||
|
536E000
|
stack
|
page read and write
|
||
|
416A000
|
trusted library allocation
|
page read and write
|
||
|
57BE000
|
stack
|
page read and write
|
||
|
28C0000
|
trusted library allocation
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
928E000
|
stack
|
page read and write
|
||
|
157B000
|
heap
|
page read and write
|
||
|
92CE000
|
stack
|
page read and write
|
||
|
286F000
|
stack
|
page read and write
|
||
|
B180000
|
trusted library allocation
|
page read and write
|
||
|
1CDE000
|
stack
|
page read and write
|
||
|
42A1000
|
trusted library allocation
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
691000
|
heap
|
page read and write
|
||
|
9F5000
|
heap
|
page read and write
|
||
|
EE0000
|
trusted library allocation
|
page read and write
|
||
|
C7E000
|
stack
|
page read and write
|
||
|
51CE000
|
stack
|
page read and write
|
||
|
F1B000
|
heap
|
page read and write
|
||
|
51E0000
|
heap
|
page execute and read and write
|
||
|
1589000
|
heap
|
page read and write
|
||
|
6CAE000
|
stack
|
page read and write
|
||
|
DFBF000
|
stack
|
page read and write
|
||
|
539E000
|
stack
|
page read and write
|
||
|
493B000
|
trusted library allocation
|
page read and write
|
||
|
799E000
|
stack
|
page read and write
|
||
|
265B000
|
trusted library allocation
|
page execute and read and write
|
||
|
DCFE000
|
stack
|
page read and write
|
||
|
14BB000
|
heap
|
page read and write
|
||
|
7BF0000
|
trusted library allocation
|
page read and write
|
||
|
4965000
|
trusted library allocation
|
page read and write
|
||
|
EC4000
|
trusted library allocation
|
page read and write
|
||
|
1630000
|
heap
|
page read and write
|
||
|
ED0000
|
trusted library allocation
|
page read and write
|
||
|
22D0000
|
heap
|
page read and write
|
||
|
9CF000
|
unkown
|
page read and write
|
||
|
8E6E000
|
stack
|
page read and write
|
||
|
2470000
|
trusted library allocation
|
page read and write
|
||
|
155B000
|
trusted library allocation
|
page execute and read and write
|
||
|
583D000
|
stack
|
page read and write
|
||
|
38E1000
|
trusted library allocation
|
page read and write
|
||
|
204F000
|
stack
|
page read and write
|
||
|
303F000
|
stack
|
page read and write
|
||
|
2610000
|
trusted library allocation
|
page read and write
|
||
|
4970000
|
heap
|
page execute and read and write
|
||
|
2630000
|
trusted library allocation
|
page read and write
|
||
|
57CD000
|
stack
|
page read and write
|
||
|
45AE000
|
stack
|
page read and write
|
||
|
8DDB000
|
trusted library allocation
|
page read and write
|
||
|
C3E000
|
stack
|
page read and write
|
||
|
6FD000
|
stack
|
page read and write
|
||
|
2634000
|
trusted library allocation
|
page read and write
|
||
|
ABE000
|
stack
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
1560000
|
heap
|
page read and write
|
||
|
8E2F000
|
trusted library allocation
|
page read and write
|
||
|
227E000
|
stack
|
page read and write
|
||
|
1328000
|
heap
|
page read and write
|
||
|
31F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
241E000
|
stack
|
page read and write
|
||
|
1BD0000
|
heap
|
page read and write
|
||
|
1AEE000
|
stack
|
page read and write
|
||
|
C63000
|
heap
|
page read and write
|
||
|
3461000
|
trusted library allocation
|
page read and write
|
||
|
C6A000
|
heap
|
page read and write
|
||
|
2801000
|
trusted library allocation
|
page read and write
|
||
|
6EFE000
|
stack
|
page read and write
|
||
|
A9D000
|
heap
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
12AE000
|
stack
|
page read and write
|
||
|
A1C000
|
stack
|
page read and write
|
||
|
2720000
|
heap
|
page execute and read and write
|
||
|
460000
|
heap
|
page read and write
|
||
|
57FE000
|
stack
|
page read and write
|
||
|
8DF1000
|
trusted library allocation
|
page read and write
|
||
|
AD7000
|
heap
|
page read and write
|
||
|
4306000
|
trusted library allocation
|
page read and write
|
||
|
B140000
|
trusted library allocation
|
page read and write
|
||
|
1596000
|
heap
|
page read and write
|
||
|
F85000
|
heap
|
page read and write
|
||
|
FA4000
|
heap
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
B59000
|
heap
|
page read and write
|
||
|
65E000
|
heap
|
page read and write
|
||
|
1E7E000
|
stack
|
page read and write
|
||
|
A66E000
|
stack
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
592000
|
unkown
|
page readonly
|
||
|
5BE000
|
stack
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
DEBE000
|
stack
|
page read and write
|
||
|
7DCE000
|
stack
|
page read and write
|
||
|
ED5000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
27EE000
|
stack
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
4D10000
|
trusted library allocation
|
page read and write
|
||
|
4D20000
|
trusted library allocation
|
page read and write
|
||
|
A7A000
|
heap
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
880000
|
trusted library allocation
|
page read and write
|
||
|
8E20000
|
trusted library allocation
|
page read and write
|
||
|
F9F000
|
heap
|
page read and write
|
||
|
14AE000
|
stack
|
page read and write
|
||
|
16BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
DBE000
|
stack
|
page read and write
|
||
|
A7AE000
|
stack
|
page read and write
|
||
|
150D000
|
trusted library allocation
|
page execute and read and write
|
||
|
25F0000
|
heap
|
page read and write
|
||
|
12F9000
|
stack
|
page read and write
|
||
|
26FD000
|
stack
|
page read and write
|
||
|
1B60000
|
trusted library allocation
|
page read and write
|
||
|
1B2C000
|
stack
|
page read and write
|
||
|
56E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1500000
|
trusted library allocation
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
EFB000
|
trusted library allocation
|
page execute and read and write
|
||
|
F14000
|
heap
|
page read and write
|
||
|
7F80000
|
trusted library allocation
|
page execute and read and write
|
||
|
2657000
|
trusted library allocation
|
page execute and read and write
|
||
|
A900000
|
trusted library allocation
|
page read and write
|
||
|
98E000
|
unkown
|
page read and write
|
||
|
EBF000
|
stack
|
page read and write
|
||
|
2290000
|
trusted library allocation
|
page read and write
|
||
|
582E000
|
stack
|
page read and write
|
||
|
558E000
|
stack
|
page read and write
|
||
|
C48000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
22CC000
|
trusted library allocation
|
page read and write
|
||
|
A6AE000
|
stack
|
page read and write
|
||
|
5760000
|
heap
|
page read and write
|
||
|
DB80000
|
trusted library allocation
|
page read and write
|
||
|
51CF000
|
stack
|
page read and write
|
||
|
1536000
|
trusted library allocation
|
page execute and read and write
|
||
|
2680000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F20000
|
heap
|
page execute and read and write
|
||
|
49DE000
|
stack
|
page read and write
|
||
|
ED4000
|
trusted library allocation
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
16C0000
|
trusted library allocation
|
page read and write
|
||
|
ECD000
|
trusted library allocation
|
page execute and read and write
|
||
|
117E000
|
stack
|
page read and write
|
||
|
4D9E000
|
stack
|
page read and write
|
||
|
620000
|
trusted library allocation
|
page read and write
|
||
|
4D20000
|
trusted library allocation
|
page read and write
|
||
|
16F0000
|
heap
|
page read and write
|
||
|
532E000
|
stack
|
page read and write
|
||
|
8DD6000
|
trusted library allocation
|
page read and write
|
||
|
5A2E000
|
stack
|
page read and write
|
||
|
31AE000
|
stack
|
page read and write
|
||
|
EEA000
|
trusted library allocation
|
page execute and read and write
|
||
|
DBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
AFE000
|
stack
|
page read and write
|
||
|
16EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
A52D000
|
stack
|
page read and write
|
||
|
93CE000
|
stack
|
page read and write
|
||
|
30EF000
|
stack
|
page read and write
|
||
|
1503000
|
trusted library allocation
|
page execute and read and write
|
||
|
133E000
|
heap
|
page read and write
|
||
|
EC7000
|
trusted library allocation
|
page execute and read and write
|
||
|
CF9000
|
stack
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
518E000
|
stack
|
page read and write
|
||
|
13A0000
|
trusted library allocation
|
page read and write
|
||
|
E92000
|
heap
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
C010000
|
trusted library allocation
|
page read and write
|
||
|
AB4000
|
heap
|
page read and write
|
||
|
2BEF000
|
stack
|
page read and write
|
||
|
26BE000
|
stack
|
page read and write
|
||
|
ADE000
|
heap
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
699E000
|
stack
|
page read and write
|
||
|
9ECE000
|
stack
|
page read and write
|
||
|
3801000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
heap
|
page read and write
|
||
|
F50000
|
trusted library allocation
|
page read and write
|
||
|
494E000
|
trusted library allocation
|
page read and write
|
||
|
8E10000
|
trusted library allocation
|
page read and write
|
||
|
CD8000
|
heap
|
page read and write
|
||
|
1338000
|
stack
|
page read and write
|
||
|
4FD000
|
stack
|
page read and write
|
||
|
2FE0000
|
heap
|
page execute and read and write
|
||
|
1504000
|
trusted library allocation
|
page read and write
|
||
|
DB4000
|
trusted library allocation
|
page read and write
|
||
|
26FE000
|
trusted library allocation
|
page read and write
|
||
|
130D000
|
trusted library allocation
|
page execute and read and write
|
||
|
DB00000
|
trusted library section
|
page read and write
|
||
|
839E000
|
stack
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
1550000
|
trusted library allocation
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
4372000
|
trusted library allocation
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
99E000
|
stack
|
page read and write
|
||
|
A94E000
|
stack
|
page read and write
|
||
|
1360000
|
trusted library allocation
|
page read and write
|
||
|
1BAE000
|
stack
|
page read and write
|
||
|
16C4000
|
trusted library allocation
|
page read and write
|
||
|
14A7000
|
heap
|
page read and write
|
||
|
7AEE000
|
stack
|
page read and write
|
||
|
1230000
|
trusted library allocation
|
page read and write
|
||
|
2700000
|
trusted library allocation
|
page execute and read and write
|
||
|
4970000
|
trusted library section
|
page read and write
|
||
|
DA0000
|
trusted library allocation
|
page read and write
|
||
|
11CE000
|
stack
|
page read and write
|
||
|
633000
|
trusted library allocation
|
page execute and read and write
|
||
|
138B000
|
trusted library allocation
|
page execute and read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
5727000
|
trusted library allocation
|
page read and write
|
||
|
120D000
|
stack
|
page read and write
|
||
|
49CE000
|
stack
|
page read and write
|
||
|
73EF000
|
stack
|
page read and write
|
||
|
640000
|
trusted library allocation
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
14D6000
|
heap
|
page read and write
|
||
|
FAA000
|
heap
|
page read and write
|
||
|
A56E000
|
stack
|
page read and write
|
||
|
276E000
|
stack
|
page read and write
|
||
|
1740000
|
heap
|
page read and write
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
1650000
|
heap
|
page read and write
|
||
|
508D000
|
stack
|
page read and write
|
||
|
14DE000
|
stack
|
page read and write
|
||
|
16B4000
|
trusted library allocation
|
page read and write
|
||
|
F5C000
|
stack
|
page read and write
|
||
|
2499000
|
trusted library allocation
|
page read and write
|
||
|
4A5000
|
heap
|
page read and write
|
||
|
1514000
|
trusted library allocation
|
page read and write
|
||
|
3516000
|
trusted library allocation
|
page read and write
|
||
|
31F1000
|
trusted library allocation
|
page read and write
|
||
|
6B7000
|
heap
|
page read and write
|
||
|
856000
|
trusted library allocation
|
page execute and read and write
|
||
|
16D0000
|
heap
|
page read and write
|
||
|
E77000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
1350000
|
trusted library allocation
|
page read and write
|
||
|
246E000
|
stack
|
page read and write
|
||
|
CA8000
|
heap
|
page read and write
|
||
|
1520000
|
heap
|
page read and write
|
||
|
1567000
|
heap
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
34B5000
|
trusted library allocation
|
page read and write
|
||
|
2623000
|
trusted library allocation
|
page execute and read and write
|
||
|
A7E000
|
heap
|
page read and write
|
||
|
59FD000
|
stack
|
page read and write
|
||
|
13B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
57AE000
|
stack
|
page read and write
|
||
|
3050000
|
trusted library allocation
|
page read and write
|
||
|
169C000
|
stack
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
161E000
|
stack
|
page read and write
|
||
|
134D000
|
stack
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
2650000
|
trusted library allocation
|
page read and write
|
||
|
135D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1353000
|
trusted library allocation
|
page execute and read and write
|
||
|
1354000
|
trusted library allocation
|
page read and write
|
||
|
2E10000
|
heap
|
page read and write
|
||
|
26A0000
|
heap
|
page execute and read and write
|
||
|
918E000
|
stack
|
page read and write
|
||
|
23DE000
|
stack
|
page read and write
|
||
|
26F0000
|
trusted library allocation
|
page read and write
|
There are 609 hidden memdumps, click here to show them.