Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
aqB7l6kvXl.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\aqB7l6kvXl.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Pzpgzqlkyf.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Pzpgzqlkyf.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\loggsdSSC\logs.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Pzpgzqlkyf.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\json[1].json
|
JSON data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\aqB7l6kvXl.exe
|
"C:\Users\user\Desktop\aqB7l6kvXl.exe"
|
|
|
|
C:\Users\user\Desktop\aqB7l6kvXl.exe
|
"C:\Users\user\Desktop\aqB7l6kvXl.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\Pzpgzqlkyf.exe
|
"C:\Users\user\AppData\Roaming\Pzpgzqlkyf.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\Pzpgzqlkyf.exe
|
"C:\Users\user\AppData\Roaming\Pzpgzqlkyf.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\Pzpgzqlkyf.exe
|
"C:\Users\user\AppData\Roaming\Pzpgzqlkyf.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\Pzpgzqlkyf.exe
|
"C:\Users\user\AppData\Roaming\Pzpgzqlkyf.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
areaseguras.con-ip.com
|
|
||
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
|
https://github.com/mgravell/protobuf-neti
|
unknown
|
||
|
https://stackoverflow.com/q/14436606/23354
|
unknown
|
||
|
https://github.com/mgravell/protobuf-netJ
|
unknown
|
||
|
http://geoplugin.net/json.gp/C
|
unknown
|
||
|
https://stackoverflow.com/q/11564914/23354;
|
unknown
|
||
|
https://stackoverflow.com/q/2152978/23354
|
unknown
|
||
|
http://geoplugin.net/json.gpY)
|
unknown
|
||
|
https://wdcp.microsoft.O
|
unknown
|
||
|
https://github.com/mgravell/protobuf-net
|
unknown
|
||
|
http://geoplugin.net/json.gpg.
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://geoplugin.net/json.gpSystem32
|
unknown
|
There are 4 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
areaseguras.con-ip.com
|
86.104.72.183
|
|
|
|
geoplugin.net
|
178.237.33.50
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
86.104.72.183
|
areaseguras.con-ip.com
|
Romania
|
|
|
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Pzpgzqlkyf
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc121455011-7TOVMS
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc121455011-7TOVMS
|
licence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc121455011-7TOVMS
|
time
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
5640000
|
trusted library section
|
page read and write
|
|
|
|
3061000
|
trusted library allocation
|
page read and write
|
|
|
|
10F8000
|
heap
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
2AA1000
|
trusted library allocation
|
page read and write
|
|
|
|
2AD2000
|
trusted library allocation
|
page read and write
|
|
|
|
437E000
|
trusted library allocation
|
page read and write
|
|
|
|
3C0E000
|
trusted library allocation
|
page read and write
|
|
|
|
2CD1000
|
trusted library allocation
|
page read and write
|
|
|
|
4776000
|
trusted library allocation
|
page read and write
|
|
|
|
463B000
|
trusted library allocation
|
page read and write
|
|
|
|
438B000
|
trusted library allocation
|
page read and write
|
|
|
|
B37000
|
heap
|
page read and write
|
|
|
|
3B4E000
|
trusted library allocation
|
page read and write
|
|
|
|
1597000
|
heap
|
page read and write
|
|
|
|
468B000
|
trusted library allocation
|
page read and write
|
|
|
|
4036000
|
trusted library allocation
|
page read and write
|
|
|
|
472B000
|
trusted library allocation
|
page read and write
|
|
|
|
2E4A000
|
trusted library allocation
|
page read and write
|
|
|
|
3CFE000
|
trusted library allocation
|
page read and write
|
|
|
|
4C28000
|
trusted library allocation
|
page read and write
|
||
|
ACC000
|
stack
|
page read and write
|
||
|
2D14000
|
trusted library allocation
|
page read and write
|
||
|
AC5000
|
heap
|
page read and write
|
||
|
39B1000
|
trusted library allocation
|
page read and write
|
||
|
5710000
|
trusted library allocation
|
page read and write
|
||
|
E98000
|
heap
|
page read and write
|
||
|
2F7A000
|
trusted library allocation
|
page read and write
|
||
|
10E0000
|
trusted library allocation
|
page read and write
|
||
|
596A000
|
trusted library allocation
|
page read and write
|
||
|
30FE000
|
stack
|
page read and write
|
||
|
587D000
|
trusted library allocation
|
page read and write
|
||
|
2A3E000
|
stack
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
4952000
|
trusted library allocation
|
page read and write
|
||
|
F56000
|
heap
|
page read and write
|
||
|
5E70000
|
trusted library allocation
|
page execute and read and write
|
||
|
347F000
|
stack
|
page read and write
|
||
|
56E0000
|
trusted library allocation
|
page read and write
|
||
|
5760000
|
trusted library allocation
|
page execute and read and write
|
||
|
5750000
|
trusted library allocation
|
page read and write
|
||
|
2D10000
|
trusted library allocation
|
page read and write
|
||
|
2830000
|
heap
|
page read and write
|
||
|
4810000
|
trusted library allocation
|
page read and write
|
||
|
557B000
|
heap
|
page read and write
|
||
|
F68000
|
heap
|
page read and write
|
||
|
BEA000
|
heap
|
page read and write
|
||
|
56F0000
|
trusted library allocation
|
page read and write
|
||
|
86C000
|
stack
|
page read and write
|
||
|
5CE000
|
stack
|
page read and write
|
||
|
4B58000
|
trusted library allocation
|
page read and write
|
||
|
5958000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
10E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
C65000
|
heap
|
page read and write
|
||
|
5BC6000
|
trusted library allocation
|
page read and write
|
||
|
5C50000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B7E000
|
stack
|
page read and write
|
||
|
5700000
|
trusted library allocation
|
page execute and read and write
|
||
|
382000
|
unkown
|
page readonly
|
||
|
5BD0000
|
trusted library allocation
|
page read and write
|
||
|
56F0000
|
trusted library allocation
|
page read and write
|
||
|
2A50000
|
trusted library allocation
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
42EC000
|
trusted library allocation
|
page read and write
|
||
|
CBD000
|
heap
|
page read and write
|
||
|
5B2E000
|
stack
|
page read and write
|
||
|
5AE9000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
58A4000
|
trusted library allocation
|
page read and write
|
||
|
5950000
|
trusted library allocation
|
page read and write
|
||
|
4A4F000
|
trusted library allocation
|
page read and write
|
||
|
5600000
|
trusted library allocation
|
page read and write
|
||
|
5960000
|
trusted library allocation
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
10D2000
|
trusted library allocation
|
page read and write
|
||
|
5562000
|
heap
|
page read and write
|
||
|
FA3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E41000
|
trusted library allocation
|
page read and write
|
||
|
1210000
|
trusted library allocation
|
page read and write
|
||
|
10CF000
|
stack
|
page read and write
|
||
|
C5C000
|
stack
|
page read and write
|
||
|
2D30000
|
heap
|
page read and write
|
||
|
EAF000
|
heap
|
page read and write
|
||
|
F4E000
|
stack
|
page read and write
|
||
|
122B000
|
trusted library allocation
|
page execute and read and write
|
||
|
E62000
|
trusted library allocation
|
page read and write
|
||
|
5A42000
|
heap
|
page read and write
|
||
|
43D6000
|
trusted library allocation
|
page read and write
|
||
|
27DE000
|
stack
|
page read and write
|
||
|
27E0000
|
trusted library allocation
|
page read and write
|
||
|
5070000
|
trusted library section
|
page read and write
|
||
|
4C3E000
|
stack
|
page read and write
|
||
|
59EC000
|
heap
|
page read and write
|
||
|
5B16000
|
trusted library allocation
|
page read and write
|
||
|
2CC2000
|
trusted library allocation
|
page read and write
|
||
|
5B0A000
|
trusted library allocation
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
A5C000
|
stack
|
page read and write
|
||
|
59EE000
|
stack
|
page read and write
|
||
|
47C0000
|
trusted library allocation
|
page read and write
|
||
|
59D5000
|
trusted library allocation
|
page read and write
|
||
|
5AF0000
|
trusted library allocation
|
page read and write
|
||
|
5610000
|
trusted library allocation
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
1260000
|
trusted library allocation
|
page execute and read and write
|
||
|
5990000
|
trusted library allocation
|
page execute and read and write
|
||
|
337E000
|
stack
|
page read and write
|
||
|
2C60000
|
heap
|
page execute and read and write
|
||
|
59A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5880000
|
trusted library allocation
|
page read and write
|
||
|
5BC0000
|
trusted library allocation
|
page read and write
|
||
|
FBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
D1E000
|
stack
|
page read and write
|
||
|
C23000
|
heap
|
page read and write
|
||
|
CC6000
|
heap
|
page read and write
|
||
|
1590000
|
heap
|
page read and write
|
||
|
54D0000
|
trusted library allocation
|
page read and write
|
||
|
3316000
|
trusted library allocation
|
page read and write
|
||
|
5830000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B14000
|
trusted library allocation
|
page read and write
|
||
|
295E000
|
stack
|
page read and write
|
||
|
E6A000
|
trusted library allocation
|
page execute and read and write
|
||
|
FB0000
|
trusted library allocation
|
page read and write
|
||
|
F5E000
|
heap
|
page read and write
|
||
|
50DF000
|
stack
|
page read and write
|
||
|
5C00000
|
trusted library allocation
|
page execute and read and write
|
||
|
4AC6000
|
trusted library allocation
|
page read and write
|
||
|
597E000
|
stack
|
page read and write
|
||
|
D5E000
|
stack
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
4A9E000
|
trusted library allocation
|
page read and write
|
||
|
380000
|
unkown
|
page readonly
|
||
|
C43000
|
trusted library allocation
|
page execute and read and write
|
||
|
57A4000
|
heap
|
page read and write
|
||
|
FFE000
|
stack
|
page read and write
|
||
|
5C2E000
|
stack
|
page read and write
|
||
|
53E000
|
stack
|
page read and write
|
||
|
2980000
|
trusted library allocation
|
page read and write
|
||
|
5C45000
|
trusted library allocation
|
page read and write
|
||
|
5A1C000
|
heap
|
page read and write
|
||
|
59D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
E66000
|
trusted library allocation
|
page execute and read and write
|
||
|
56C2000
|
trusted library allocation
|
page read and write
|
||
|
5630000
|
trusted library allocation
|
page read and write
|
||
|
D2F000
|
stack
|
page read and write
|
||
|
2CF9000
|
trusted library allocation
|
page read and write
|
||
|
3E41000
|
trusted library allocation
|
page read and write
|
||
|
56FB000
|
trusted library allocation
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
2A60000
|
heap
|
page execute and read and write
|
||
|
FA0000
|
trusted library allocation
|
page read and write
|
||
|
C5D000
|
trusted library allocation
|
page execute and read and write
|
||
|
54E0000
|
trusted library allocation
|
page read and write
|
||
|
5BC4000
|
trusted library allocation
|
page read and write
|
||
|
5874000
|
trusted library allocation
|
page read and write
|
||
|
2C39000
|
trusted library allocation
|
page read and write
|
||
|
409A000
|
trusted library allocation
|
page read and write
|
||
|
178F000
|
stack
|
page read and write
|
||
|
5AE4000
|
trusted library allocation
|
page read and write
|
||
|
5970000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D02000
|
trusted library allocation
|
page read and write
|
||
|
E60000
|
trusted library allocation
|
page read and write
|
||
|
11F0000
|
trusted library allocation
|
page read and write
|
||
|
535E000
|
stack
|
page read and write
|
||
|
5AE7000
|
trusted library allocation
|
page read and write
|
||
|
58A2000
|
trusted library allocation
|
page read and write
|
||
|
474000
|
remote allocation
|
page execute and read and write
|
||
|
323C000
|
stack
|
page read and write
|
||
|
B57000
|
stack
|
page read and write
|
||
|
C40000
|
trusted library allocation
|
page read and write
|
||
|
59C0000
|
trusted library allocation
|
page read and write
|
||
|
3FBE000
|
stack
|
page read and write
|
||
|
57D0000
|
trusted library section
|
page read and write
|
||
|
5720000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FEC000
|
stack
|
page read and write
|
||
|
155E000
|
stack
|
page read and write
|
||
|
2A80000
|
heap
|
page execute and read and write
|
||
|
FAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
56E0000
|
trusted library allocation
|
page read and write
|
||
|
1420000
|
heap
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
C14000
|
heap
|
page read and write
|
||
|
2C70000
|
trusted library allocation
|
page read and write
|
||
|
40BF000
|
stack
|
page read and write
|
||
|
FA4000
|
trusted library allocation
|
page read and write
|
||
|
F5B000
|
heap
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
160D000
|
heap
|
page read and write
|
||
|
5B12000
|
trusted library allocation
|
page read and write
|
||
|
C50000
|
trusted library allocation
|
page read and write
|
||
|
D75000
|
heap
|
page read and write
|
||
|
BC7000
|
stack
|
page read and write
|
||
|
5A10000
|
heap
|
page read and write
|
||
|
5634000
|
trusted library allocation
|
page read and write
|
||
|
2848000
|
trusted library allocation
|
page read and write
|
||
|
96C000
|
stack
|
page read and write
|
||
|
43E6000
|
trusted library allocation
|
page read and write
|
||
|
29A0000
|
heap
|
page execute and read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
CB8000
|
heap
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
552C000
|
heap
|
page read and write
|
||
|
4AAE000
|
stack
|
page read and write
|
||
|
C4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
10D6000
|
trusted library allocation
|
page execute and read and write
|
||
|
F3A000
|
heap
|
page read and write
|
||
|
EBA000
|
heap
|
page read and write
|
||
|
333F000
|
stack
|
page read and write
|
||
|
F90000
|
trusted library allocation
|
page read and write
|
||
|
2E63000
|
trusted library allocation
|
page read and write
|
||
|
1560000
|
heap
|
page read and write
|
||
|
43CE000
|
trusted library allocation
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
4570000
|
trusted library allocation
|
page read and write
|
||
|
5780000
|
trusted library section
|
page read and write
|
||
|
E7B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5BDA000
|
trusted library allocation
|
page read and write
|
||
|
ABD000
|
stack
|
page read and write
|
||
|
2960000
|
trusted library allocation
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
11F4000
|
trusted library allocation
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
5765000
|
trusted library allocation
|
page read and write
|
||
|
2C47000
|
trusted library allocation
|
page read and write
|
||
|
ED1000
|
heap
|
page read and write
|
||
|
2C5D000
|
stack
|
page read and write
|
||
|
4898000
|
trusted library allocation
|
page read and write
|
||
|
4F5E000
|
stack
|
page read and write
|
||
|
5778000
|
heap
|
page read and write
|
||
|
1607000
|
heap
|
page read and write
|
||
|
4856000
|
trusted library allocation
|
page read and write
|
||
|
59E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
5820000
|
trusted library allocation
|
page read and write
|
||
|
10EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
27F0000
|
trusted library allocation
|
page read and write
|
||
|
121A000
|
trusted library allocation
|
page execute and read and write
|
||
|
F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
54F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
15DB000
|
heap
|
page read and write
|
||
|
5C00000
|
trusted library allocation
|
page execute and read and write
|
||
|
56E4000
|
trusted library allocation
|
page read and write
|
||
|
103E000
|
stack
|
page read and write
|
||
|
296F000
|
trusted library allocation
|
page read and write
|
||
|
4AA8000
|
trusted library allocation
|
page read and write
|
||
|
1290000
|
heap
|
page read and write
|
||
|
545F000
|
stack
|
page read and write
|
||
|
474000
|
remote allocation
|
page execute and read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
59B0000
|
trusted library allocation
|
page read and write
|
||
|
5870000
|
trusted library allocation
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
2CC1000
|
trusted library allocation
|
page read and write
|
||
|
10E2000
|
trusted library allocation
|
page read and write
|
||
|
11CF000
|
stack
|
page read and write
|
||
|
11FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
474000
|
remote allocation
|
page execute and read and write
|
||
|
5AA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
478000
|
remote allocation
|
page execute and read and write
|
||
|
BEE000
|
heap
|
page read and write
|
||
|
11F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1212000
|
trusted library allocation
|
page read and write
|
||
|
291E000
|
stack
|
page read and write
|
||
|
C30000
|
trusted library allocation
|
page read and write
|
||
|
E30000
|
heap
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
57A8000
|
heap
|
page read and write
|
||
|
5AE0000
|
trusted library allocation
|
page read and write
|
||
|
5980000
|
trusted library allocation
|
page read and write
|
||
|
5620000
|
trusted library allocation
|
page read and write
|
||
|
5BF0000
|
trusted library allocation
|
page read and write
|
||
|
471000
|
remote allocation
|
page execute and read and write
|
||
|
5890000
|
trusted library allocation
|
page read and write
|
||
|
5956000
|
trusted library allocation
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
12FC000
|
stack
|
page read and write
|
||
|
1100000
|
trusted library allocation
|
page read and write
|
||
|
49FF000
|
trusted library allocation
|
page read and write
|
||
|
29B1000
|
trusted library allocation
|
page read and write
|
||
|
12EE000
|
stack
|
page read and write
|
||
|
4F3E000
|
stack
|
page read and write
|
||
|
2820000
|
trusted library allocation
|
page read and write
|
||
|
E77000
|
trusted library allocation
|
page execute and read and write
|
||
|
CDB000
|
heap
|
page read and write
|
||
|
5EC000
|
stack
|
page read and write
|
||
|
114E000
|
stack
|
page read and write
|
||
|
F1C000
|
stack
|
page read and write
|
||
|
C0E000
|
stack
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
5960000
|
trusted library allocation
|
page read and write
|
||
|
5AED000
|
trusted library allocation
|
page read and write
|
||
|
58A6000
|
trusted library allocation
|
page read and write
|
||
|
4170000
|
trusted library allocation
|
page read and write
|
||
|
139F000
|
stack
|
page read and write
|
||
|
5BE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B00000
|
trusted library allocation
|
page read and write
|
||
|
15F6000
|
heap
|
page read and write
|
||
|
36FF000
|
stack
|
page read and write
|
||
|
EDE000
|
stack
|
page read and write
|
||
|
4BD1000
|
trusted library allocation
|
page read and write
|
||
|
58A0000
|
trusted library allocation
|
page read and write
|
||
|
471000
|
remote allocation
|
page execute and read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
5730000
|
trusted library allocation
|
page execute and read and write
|
||
|
49D7000
|
trusted library allocation
|
page read and write
|
||
|
10DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B10000
|
trusted library allocation
|
page read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
2972000
|
trusted library allocation
|
page read and write
|
||
|
5D10000
|
trusted library allocation
|
page execute and read and write
|
||
|
31FF000
|
stack
|
page read and write
|
||
|
1415000
|
heap
|
page read and write
|
||
|
4470000
|
trusted library allocation
|
page read and write
|
||
|
2A40000
|
trusted library allocation
|
page execute and read and write
|
||
|
5240000
|
trusted library section
|
page read and write
|
||
|
56E6000
|
trusted library allocation
|
page read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
5770000
|
trusted library allocation
|
page execute and read and write
|
||
|
56C0000
|
trusted library allocation
|
page read and write
|
||
|
4910000
|
trusted library allocation
|
page read and write
|
||
|
5528000
|
heap
|
page read and write
|
||
|
2D20000
|
heap
|
page execute and read and write
|
||
|
C6E000
|
heap
|
page read and write
|
||
|
2C80000
|
trusted library allocation
|
page read and write
|
||
|
1227000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CEE000
|
stack
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
BCF000
|
stack
|
page read and write
|
||
|
35FE000
|
stack
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
4F60000
|
heap
|
page execute and read and write
|
||
|
589A000
|
trusted library allocation
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
550A000
|
heap
|
page read and write
|
||
|
1222000
|
trusted library allocation
|
page read and write
|
||
|
2B88000
|
trusted library allocation
|
page read and write
|
||
|
5A90000
|
trusted library allocation
|
page read and write
|
||
|
409E000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
trusted library allocation
|
page read and write
|
||
|
56C8000
|
trusted library allocation
|
page read and write
|
||
|
506E000
|
stack
|
page read and write
|
||
|
4995000
|
trusted library allocation
|
page read and write
|
||
|
56D2000
|
trusted library allocation
|
page read and write
|
||
|
2FAE000
|
stack
|
page read and write
|
||
|
2CFF000
|
trusted library allocation
|
page read and write
|
||
|
537E000
|
stack
|
page read and write
|
||
|
4B16000
|
trusted library allocation
|
page read and write
|
||
|
3180000
|
trusted library allocation
|
page read and write
|
||
|
118D000
|
stack
|
page read and write
|
||
|
56FF000
|
stack
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
EDE000
|
stack
|
page read and write
|
||
|
48C0000
|
trusted library allocation
|
page read and write
|
||
|
E5F000
|
stack
|
page read and write
|
||
|
8F7000
|
stack
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
E72000
|
trusted library allocation
|
page read and write
|
||
|
2A70000
|
trusted library allocation
|
page read and write
|
||
|
3AA1000
|
trusted library allocation
|
page read and write
|
||
|
54C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C68000
|
heap
|
page read and write
|
||
|
C87000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
596B000
|
trusted library allocation
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
1216000
|
trusted library allocation
|
page execute and read and write
|
||
|
4242000
|
trusted library allocation
|
page read and write
|
||
|
2A90000
|
heap
|
page read and write
|
||
|
2BB3000
|
trusted library allocation
|
page read and write
|
||
|
55FE000
|
stack
|
page read and write
|
||
|
43A6000
|
trusted library allocation
|
page read and write
|
||
|
5770000
|
heap
|
page read and write
|
||
|
2E3F000
|
stack
|
page read and write
|
||
|
FAC000
|
stack
|
page read and write
|
||
|
E7E000
|
stack
|
page read and write
|
||
|
5740000
|
trusted library allocation
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
5877000
|
trusted library allocation
|
page read and write
|
||
|
FF5000
|
heap
|
page read and write
|
||
|
2962000
|
trusted library allocation
|
page read and write
|
||
|
EC7000
|
heap
|
page read and write
|
||
|
C07000
|
heap
|
page read and write
|
||
|
4FDE000
|
stack
|
page read and write
|
||
|
3D9B000
|
trusted library allocation
|
page read and write
|
||
|
3D0E000
|
trusted library allocation
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
11E0000
|
trusted library allocation
|
page read and write
|
||
|
D5C000
|
stack
|
page read and write
|
||
|
120D000
|
trusted library allocation
|
page execute and read and write
|
||
|
46AF000
|
trusted library allocation
|
page read and write
|
||
|
2CF2000
|
trusted library allocation
|
page read and write
|
||
|
587E000
|
stack
|
page read and write
|
||
|
2DE5000
|
trusted library allocation
|
page read and write
|
||
|
FCD000
|
stack
|
page read and write
|
||
|
CA1000
|
heap
|
page read and write
|
||
|
2BBB000
|
trusted library allocation
|
page read and write
|
||
|
5BC8000
|
trusted library allocation
|
page read and write
|
||
|
554000
|
unkown
|
page readonly
|
||
|
3A88000
|
trusted library allocation
|
page read and write
|
||
|
5954000
|
trusted library allocation
|
page read and write
|
||
|
5D00000
|
trusted library allocation
|
page read and write
|
||
|
5AEF000
|
stack
|
page read and write
|
||
|
2CF0000
|
trusted library allocation
|
page read and write
|
||
|
57D2000
|
heap
|
page read and write
|
||
|
59E0000
|
heap
|
page read and write
|
||
|
31FF000
|
trusted library allocation
|
page read and write
|
||
|
E2E000
|
stack
|
page read and write
|
||
|
56CF000
|
trusted library allocation
|
page read and write
|
||
|
C44000
|
trusted library allocation
|
page read and write
|
||
|
1250000
|
trusted library allocation
|
page read and write
|
||
|
2968000
|
trusted library allocation
|
page read and write
|
||
|
5990000
|
trusted library allocation
|
page execute and read and write
|
||
|
5879000
|
trusted library allocation
|
page read and write
|
There are 407 hidden memdumps, click here to show them.