Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
6732832.js
|
ASCII text, with very long lines (65438), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\ProgramData\remcos\logs.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\x.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Links\Ekbmajrx.PIF
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\16992.cmd
|
Unicode text, UTF-8 text, with very long lines (577), with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\6770.cmd
|
Unicode text, UTF-8 text, with very long lines (324), with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\neo.cmd
|
Unicode text, UTF-8 text, with very long lines (372), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\Links\Ekbmajrx.url
|
MS Windows 95 Internet shortcut text (URL=<file:"C:\\Users\\user\\Links\\Ekbmajrx.PIF">), ASCII text, with CRLF line terminators
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\6732832.js"
|
|
|
|
C:\Users\user\AppData\Local\Temp\x.exe
|
"C:\Users\user\AppData\Local\Temp\x.exe"
|
|
|
|
C:\Windows\SysWOW64\colorcpl.exe
|
C:\Windows\System32\colorcpl.exe
|
|
|
|
C:\Users\user\Links\Ekbmajrx.PIF
|
"C:\Users\user\Links\Ekbmajrx.PIF"
|
|
|
|
C:\Windows\SysWOW64\colorcpl.exe
|
C:\Windows\System32\colorcpl.exe
|
|
|
|
C:\Users\user\Links\Ekbmajrx.PIF
|
"C:\Users\user\Links\Ekbmajrx.PIF"
|
|
|
|
C:\Windows\SysWOW64\colorcpl.exe
|
C:\Windows\System32\colorcpl.exe
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\\Users\\All Users\\6770.cmd""
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\\Users\\All Users\\16992.cmd""
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://geoplugin.net/json.gp
|
unknown
|
||
|
http://geoplugin.net/json.gp/C
|
unknown
|
||
|
http://www.pmail.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
196.251.83.79
|
unknown
|
Seychelles
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\wscript.exe
|
JScriptSetScriptStateStarted
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Ekbmajrx
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-HRCZR2
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-HRCZR2
|
licence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-HRCZR2
|
time
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-HRCZR2
|
UID
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3000000
|
remote allocation
|
page execute and read and write
|
|
|
|
32B00000
|
heap
|
page read and write
|
|
|
|
7E4F0000
|
direct allocation
|
page read and write
|
|
|
|
32AE0000
|
heap
|
page read and write
|
|
|
|
23DF000
|
direct allocation
|
page read and write
|
|
|
|
32AE8000
|
heap
|
page read and write
|
|
|
|
344BF000
|
stack
|
page read and write
|
|
|
|
2925000
|
direct allocation
|
page execute and read and write
|
|
|
|
2BD0000
|
remote allocation
|
page execute and read and write
|
|
|
|
2E00000
|
remote allocation
|
page execute and read and write
|
|
|
|
30700000
|
heap
|
page read and write
|
|
|
|
7C8000
|
heap
|
page read and write
|
|
|
|
2660000
|
heap
|
page read and write
|
||
|
24EFC638000
|
heap
|
page read and write
|
||
|
20C0E000
|
stack
|
page read and write
|
||
|
20731000
|
direct allocation
|
page read and write
|
||
|
245A000
|
direct allocation
|
page read and write
|
||
|
24EF9802000
|
heap
|
page read and write
|
||
|
306BE000
|
stack
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
7ED9F000
|
direct allocation
|
page read and write
|
||
|
299D000
|
direct allocation
|
page execute and read and write
|
||
|
24EF7BAE000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
24A3000
|
direct allocation
|
page read and write
|
||
|
5A7000
|
unkown
|
page read and write
|
||
|
24EFA64E000
|
heap
|
page read and write
|
||
|
24EF7B48000
|
heap
|
page read and write
|
||
|
24EF9910000
|
heap
|
page read and write
|
||
|
6A6000
|
heap
|
page read and write
|
||
|
2613000
|
heap
|
page read and write
|
||
|
8C0000
|
heap
|
page read and write
|
||
|
24EF7D1D000
|
heap
|
page read and write
|
||
|
2C48000
|
remote allocation
|
page execute and read and write
|
||
|
23ED000
|
direct allocation
|
page read and write
|
||
|
20BBF000
|
stack
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
24EFAE52000
|
heap
|
page read and write
|
||
|
24EF7AE0000
|
heap
|
page read and write
|
||
|
7E940000
|
direct allocation
|
page read and write
|
||
|
281C000
|
heap
|
page read and write
|
||
|
29D000
|
stack
|
page read and write
|
||
|
24EFA431000
|
heap
|
page read and write
|
||
|
2080E000
|
stack
|
page execute and read and write
|
||
|
24EF7B84000
|
heap
|
page read and write
|
||
|
482000
|
unkown
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
99D000
|
heap
|
page read and write
|
||
|
206F3000
|
direct allocation
|
page read and write
|
||
|
20FB0000
|
trusted library allocation
|
page read and write
|
||
|
24EF7B85000
|
heap
|
page read and write
|
||
|
24EFC915000
|
heap
|
page read and write
|
||
|
2074D000
|
direct allocation
|
page read and write
|
||
|
7EF10000
|
direct allocation
|
page read and write
|
||
|
24EFA137000
|
heap
|
page read and write
|
||
|
20A7F000
|
stack
|
page read and write
|
||
|
24EFAEF4000
|
heap
|
page read and write
|
||
|
29FE000
|
stack
|
page read and write
|
||
|
972000
|
heap
|
page read and write
|
||
|
24EFCAD9000
|
heap
|
page read and write
|
||
|
30F4000
|
remote allocation
|
page execute and read and write
|
||
|
20718000
|
direct allocation
|
page read and write
|
||
|
24EFAF37000
|
heap
|
page read and write
|
||
|
32AB0000
|
heap
|
page read and write
|
||
|
20708000
|
direct allocation
|
page read and write
|
||
|
24EF9904000
|
heap
|
page read and write
|
||
|
AD6000
|
heap
|
page read and write
|
||
|
7EDB0000
|
direct allocation
|
page read and write
|
||
|
24EF7BAF000
|
heap
|
page read and write
|
||
|
344FB000
|
stack
|
page read and write
|
||
|
345FD000
|
stack
|
page read and write
|
||
|
20738000
|
direct allocation
|
page read and write
|
||
|
24EFC183000
|
heap
|
page read and write
|
||
|
24BE000
|
stack
|
page read and write
|
||
|
FD4F9FE000
|
stack
|
page read and write
|
||
|
2080F000
|
stack
|
page read and write
|
||
|
7FF901152000
|
unkown
|
page readonly
|
||
|
7ED63000
|
direct allocation
|
page read and write
|
||
|
2970000
|
heap
|
page read and write
|
||
|
24EFAF36000
|
heap
|
page read and write
|
||
|
24EF9807000
|
heap
|
page read and write
|
||
|
7E0000
|
direct allocation
|
page execute and read and write
|
||
|
7FF901155000
|
unkown
|
page readonly
|
||
|
24EFCB85000
|
heap
|
page read and write
|
||
|
2494000
|
direct allocation
|
page read and write
|
||
|
7E384000
|
direct allocation
|
page read and write
|
||
|
20FAF000
|
stack
|
page read and write
|
||
|
7EDC0000
|
direct allocation
|
page read and write
|
||
|
7EDB0000
|
direct allocation
|
page read and write
|
||
|
7EDCE000
|
direct allocation
|
page read and write
|
||
|
24EF7B84000
|
heap
|
page read and write
|
||
|
5A7000
|
unkown
|
page read and write
|
||
|
7FF901146000
|
unkown
|
page readonly
|
||
|
24EFB06C000
|
heap
|
page read and write
|
||
|
FD4F2FE000
|
stack
|
page read and write
|
||
|
211F0000
|
trusted library allocation
|
page read and write
|
||
|
977000
|
heap
|
page read and write
|
||
|
24EF9930000
|
heap
|
page read and write
|
||
|
2083B000
|
stack
|
page read and write
|
||
|
7EDCE000
|
direct allocation
|
page read and write
|
||
|
24EFCC0C000
|
heap
|
page read and write
|
||
|
89A000
|
heap
|
page read and write
|
||
|
3089F000
|
stack
|
page read and write
|
||
|
211F5000
|
heap
|
page read and write
|
||
|
24EF9FA4000
|
heap
|
page read and write
|
||
|
ACE000
|
stack
|
page read and write
|
||
|
24EFA4BD000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
24EF7B98000
|
heap
|
page read and write
|
||
|
7EC16000
|
direct allocation
|
page read and write
|
||
|
20C0E000
|
stack
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
24EF7B94000
|
heap
|
page read and write
|
||
|
24EFAEF4000
|
heap
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
7EC10000
|
direct allocation
|
page read and write
|
||
|
24EF7B92000
|
heap
|
page read and write
|
||
|
2961000
|
direct allocation
|
page execute read
|
||
|
20FB0000
|
heap
|
page read and write
|
||
|
2444000
|
direct allocation
|
page read and write
|
||
|
24EF9F20000
|
heap
|
page read and write
|
||
|
2084E000
|
stack
|
page read and write
|
||
|
20FA0000
|
heap
|
page read and write
|
||
|
A8F000
|
stack
|
page read and write
|
||
|
7FF901130000
|
unkown
|
page readonly
|
||
|
7FF901150000
|
unkown
|
page read and write
|
||
|
24EFB36E000
|
heap
|
page read and write
|
||
|
24EF7B3B000
|
heap
|
page read and write
|
||
|
2461000
|
direct allocation
|
page read and write
|
||
|
24EF9801000
|
heap
|
page read and write
|
||
|
230C000
|
stack
|
page read and write
|
||
|
7FF901131000
|
unkown
|
page execute read
|
||
|
20F9F000
|
stack
|
page read and write
|
||
|
24B1000
|
direct allocation
|
page read and write
|
||
|
20C0E000
|
stack
|
page read and write
|
||
|
206FF000
|
direct allocation
|
page read and write
|
||
|
24EF7B4A000
|
heap
|
page read and write
|
||
|
24EFAF3F000
|
heap
|
page read and write
|
||
|
62E000
|
stack
|
page read and write
|
||
|
7E9FF000
|
direct allocation
|
page read and write
|
||
|
948000
|
heap
|
page read and write
|
||
|
3447E000
|
stack
|
page read and write
|
||
|
935000
|
heap
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
7EB80000
|
direct allocation
|
page read and write
|
||
|
277E000
|
unkown
|
page read and write
|
||
|
27D0000
|
heap
|
page read and write
|
||
|
96A000
|
heap
|
page read and write
|
||
|
7ED59000
|
direct allocation
|
page read and write
|
||
|
2A0F000
|
unkown
|
page read and write
|
||
|
979000
|
heap
|
page read and write
|
||
|
24EFB2DD000
|
heap
|
page read and write
|
||
|
24EFCBEC000
|
heap
|
page read and write
|
||
|
5A5000
|
unkown
|
page read and write
|
||
|
7ED90000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
24EFA460000
|
heap
|
page read and write
|
||
|
24EF7B72000
|
heap
|
page read and write
|
||
|
7EDB0000
|
direct allocation
|
page read and write
|
||
|
24EFB4FF000
|
heap
|
page read and write
|
||
|
2071C000
|
direct allocation
|
page read and write
|
||
|
20706000
|
direct allocation
|
page read and write
|
||
|
24EF7A20000
|
heap
|
page read and write
|
||
|
24EF7A00000
|
heap
|
page read and write
|
||
|
96E000
|
heap
|
page read and write
|
||
|
24EFAEB2000
|
heap
|
page read and write
|
||
|
7FD30000
|
direct allocation
|
page read and write
|
||
|
24EFAF38000
|
heap
|
page read and write
|
||
|
20D0F000
|
stack
|
page read and write
|
||
|
24EF7B7C000
|
heap
|
page read and write
|
||
|
20D5E000
|
stack
|
page read and write
|
||
|
24EF9950000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7ED60000
|
direct allocation
|
page read and write
|
||
|
24EFAEB3000
|
heap
|
page read and write
|
||
|
7EC60000
|
direct allocation
|
page read and write
|
||
|
27CE000
|
stack
|
page read and write
|
||
|
20D0F000
|
stack
|
page read and write
|
||
|
24EF7D10000
|
heap
|
page read and write
|
||
|
7EB80000
|
direct allocation
|
page read and write
|
||
|
678000
|
heap
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
24B8000
|
direct allocation
|
page read and write
|
||
|
7EDB8000
|
direct allocation
|
page read and write
|
||
|
21537000
|
heap
|
page read and write
|
||
|
20F9F000
|
stack
|
page read and write
|
||
|
24EFCB00000
|
heap
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
FD4F3FE000
|
stack
|
page read and write
|
||
|
24EF7B93000
|
heap
|
page read and write
|
||
|
24EFAC50000
|
heap
|
page read and write
|
||
|
24EF7B91000
|
heap
|
page read and write
|
||
|
7EDEF000
|
direct allocation
|
page read and write
|
||
|
2418000
|
direct allocation
|
page read and write
|
||
|
31CF000
|
stack
|
page read and write
|
||
|
FD4FAFD000
|
stack
|
page read and write
|
||
|
3075000
|
remote allocation
|
page execute and read and write
|
||
|
5CD000
|
unkown
|
page readonly
|
||
|
206FA000
|
direct allocation
|
page read and write
|
||
|
24EFAE71000
|
heap
|
page read and write
|
||
|
24EF7B30000
|
heap
|
page read and write
|
||
|
2F8E000
|
unkown
|
page read and write
|
||
|
240A000
|
direct allocation
|
page read and write
|
||
|
24EFA650000
|
heap
|
page read and write
|
||
|
2995000
|
direct allocation
|
page execute and read and write
|
||
|
86E000
|
stack
|
page read and write
|
||
|
7ED9F000
|
direct allocation
|
page read and write
|
||
|
7EABF000
|
direct allocation
|
page read and write
|
||
|
24EFC180000
|
heap
|
page read and write
|
||
|
24EFBCFB000
|
heap
|
page read and write
|
||
|
306E8000
|
heap
|
page read and write
|
||
|
2420000
|
direct allocation
|
page read and write
|
||
|
6D5000
|
heap
|
page read and write
|
||
|
20626000
|
direct allocation
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
7ED40000
|
direct allocation
|
page read and write
|
||
|
24EF7B72000
|
heap
|
page read and write
|
||
|
7E3A0000
|
direct allocation
|
page read and write
|
||
|
20771000
|
direct allocation
|
page read and write
|
||
|
24EF7BB7000
|
heap
|
page read and write
|
||
|
7EB30000
|
direct allocation
|
page read and write
|
||
|
3457C000
|
stack
|
page read and write
|
||
|
206D6000
|
direct allocation
|
page read and write
|
||
|
24EFA94A000
|
heap
|
page read and write
|
||
|
24EF7B83000
|
heap
|
page read and write
|
||
|
9A1000
|
heap
|
page read and write
|
||
|
2097E000
|
stack
|
page read and write
|
||
|
205DE000
|
direct allocation
|
page read and write
|
||
|
2087B000
|
stack
|
page read and write
|
||
|
211FF000
|
trusted library allocation
|
page read and write
|
||
|
24C0000
|
heap
|
page read and write
|
||
|
24EFAC6D000
|
heap
|
page read and write
|
||
|
24EF7B9B000
|
heap
|
page read and write
|
||
|
24EFA4BB000
|
heap
|
page read and write
|
||
|
7EB5F000
|
direct allocation
|
page read and write
|
||
|
24EF7B7C000
|
heap
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
2780000
|
heap
|
page read and write
|
||
|
7ED60000
|
direct allocation
|
page read and write
|
||
|
24EFCB01000
|
heap
|
page read and write
|
||
|
B36000
|
heap
|
page read and write
|
||
|
7F950000
|
direct allocation
|
page read and write
|
||
|
2947000
|
direct allocation
|
page read and write
|
||
|
96C000
|
stack
|
page read and write
|
||
|
24EFB8FF000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
7EED1000
|
direct allocation
|
page read and write
|
||
|
206E4000
|
direct allocation
|
page read and write
|
||
|
7EAE0000
|
direct allocation
|
page read and write
|
||
|
7EDDF000
|
direct allocation
|
page read and write
|
||
|
24EFB929000
|
heap
|
page read and write
|
||
|
482000
|
unkown
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
24EFCC46000
|
heap
|
page read and write
|
||
|
7A5000
|
heap
|
page read and write
|
||
|
3453F000
|
stack
|
page read and write
|
||
|
30580000
|
heap
|
page read and write
|
||
|
2072A000
|
direct allocation
|
page read and write
|
||
|
2098E000
|
stack
|
page read and write
|
||
|
23FC000
|
direct allocation
|
page read and write
|
||
|
24EFB474000
|
heap
|
page read and write
|
||
|
3078000
|
remote allocation
|
page execute and read and write
|
||
|
2955000
|
direct allocation
|
page execute and read and write
|
||
|
2097F000
|
stack
|
page read and write
|
||
|
24EFCBEC000
|
heap
|
page read and write
|
||
|
7EB30000
|
direct allocation
|
page read and write
|
||
|
7EB20000
|
direct allocation
|
page read and write
|
||
|
24AA000
|
direct allocation
|
page read and write
|
||
|
27F0000
|
heap
|
page read and write
|
||
|
2A89000
|
direct allocation
|
page execute and read and write
|
||
|
6A1000
|
heap
|
page read and write
|
||
|
7EDEF000
|
direct allocation
|
page read and write
|
||
|
30A70000
|
heap
|
page read and write
|
||
|
3BE000
|
stack
|
page read and write
|
||
|
306E0000
|
heap
|
page read and write
|
||
|
97E000
|
stack
|
page read and write
|
||
|
23F4000
|
direct allocation
|
page read and write
|
||
|
655000
|
heap
|
page read and write
|
||
|
6BD000
|
heap
|
page read and write
|
||
|
24EF7920000
|
heap
|
page read and write
|
||
|
24EFAF38000
|
heap
|
page read and write
|
||
|
20D5E000
|
stack
|
page read and write
|
||
|
23FD000
|
stack
|
page read and write
|
||
|
B8F000
|
stack
|
page read and write
|
||
|
9A6000
|
heap
|
page read and write
|
||
|
3280000
|
heap
|
page read and write
|
||
|
20FB0000
|
trusted library allocation
|
page read and write
|
||
|
248D000
|
direct allocation
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
30570000
|
heap
|
page read and write
|
||
|
2B0F000
|
stack
|
page read and write
|
||
|
7E580000
|
direct allocation
|
page read and write
|
||
|
A7E000
|
stack
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
20D5E000
|
stack
|
page read and write
|
||
|
3085E000
|
stack
|
page read and write
|
||
|
20701000
|
direct allocation
|
page read and write
|
||
|
8DA000
|
heap
|
page read and write
|
||
|
24EFAC51000
|
heap
|
page read and write
|
||
|
2280000
|
direct allocation
|
page execute and read and write
|
||
|
24EFCBF4000
|
heap
|
page read and write
|
||
|
2412000
|
direct allocation
|
page read and write
|
||
|
24EFCBF4000
|
heap
|
page read and write
|
||
|
7F840000
|
direct allocation
|
page read and write
|
||
|
7EAF0000
|
direct allocation
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
7ED2A000
|
direct allocation
|
page read and write
|
||
|
211AB000
|
direct allocation
|
page read and write
|
||
|
24EFAF3F000
|
heap
|
page read and write
|
||
|
2403000
|
direct allocation
|
page read and write
|
||
|
7EAFF000
|
direct allocation
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
2070D000
|
direct allocation
|
page read and write
|
||
|
24EF7B98000
|
heap
|
page read and write
|
||
|
34640000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
249C000
|
direct allocation
|
page read and write
|
||
|
FD4EF9A000
|
stack
|
page read and write
|
||
|
24EF7B48000
|
heap
|
page read and write
|
||
|
94A000
|
heap
|
page read and write
|
||
|
2987000
|
direct allocation
|
page read and write
|
||
|
2E78000
|
remote allocation
|
page execute and read and write
|
||
|
7EDC0000
|
direct allocation
|
page read and write
|
||
|
5A5000
|
unkown
|
page read and write
|
||
|
215C9000
|
heap
|
page read and write
|
||
|
24EF7BA3000
|
heap
|
page read and write
|
||
|
2DAC000
|
stack
|
page read and write
|
||
|
7EE20000
|
direct allocation
|
page read and write
|
||
|
23C2000
|
direct allocation
|
page read and write
|
||
|
20E9E000
|
stack
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
2991000
|
direct allocation
|
page read and write
|
||
|
24EFC683000
|
heap
|
page read and write
|
||
|
24EFAF3F000
|
heap
|
page read and write
|
||
|
24EFCBF4000
|
heap
|
page read and write
|
||
|
24EFC68D000
|
heap
|
page read and write
|
||
|
24EFAC8A000
|
heap
|
page read and write
|
||
|
2093F000
|
stack
|
page read and write
|
||
|
20E5E000
|
stack
|
page read and write
|
||
|
81F000
|
stack
|
page read and write
|
||
|
FD4F5FE000
|
stack
|
page read and write
|
||
|
24EFA974000
|
heap
|
page read and write
|
||
|
206D8000
|
direct allocation
|
page read and write
|
||
|
9AC000
|
stack
|
page read and write
|
||
|
24EF7D15000
|
heap
|
page read and write
|
||
|
20ACE000
|
stack
|
page read and write
|
||
|
7F950000
|
direct allocation
|
page read and write
|
||
|
2CC000
|
stack
|
page read and write
|
||
|
7ED60000
|
direct allocation
|
page read and write
|
||
|
FD4F6FF000
|
stack
|
page read and write
|
||
|
70E000
|
stack
|
page read and write
|
||
|
2CFD000
|
stack
|
page read and write
|
||
|
7EDE4000
|
direct allocation
|
page read and write
|
||
|
24EFAC54000
|
heap
|
page read and write
|
||
|
92E000
|
heap
|
page read and write
|
||
|
2CC4000
|
remote allocation
|
page execute and read and write
|
||
|
93F000
|
stack
|
page read and write
|
||
|
206EC000
|
direct allocation
|
page read and write
|
||
|
24EFB823000
|
heap
|
page read and write
|
||
|
298C000
|
direct allocation
|
page read and write
|
||
|
7FAE5000
|
direct allocation
|
page read and write
|
||
|
20666000
|
direct allocation
|
page read and write
|
||
|
7EA0F000
|
direct allocation
|
page read and write
|
||
|
24EF7B9F000
|
heap
|
page read and write
|
||
|
24EF9800000
|
heap
|
page read and write
|
||
|
24EF7BD8000
|
heap
|
page read and write
|
||
|
24EF9A50000
|
heap
|
page read and write
|
||
|
24EFAC6D000
|
heap
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
7ED90000
|
direct allocation
|
page read and write
|
||
|
24EFCC46000
|
heap
|
page read and write
|
||
|
20ABE000
|
stack
|
page read and write
|
||
|
24EFA972000
|
heap
|
page read and write
|
||
|
20A7F000
|
stack
|
page read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
20778000
|
direct allocation
|
page read and write
|
||
|
24EF9803000
|
heap
|
page read and write
|
||
|
24EFCBEC000
|
heap
|
page read and write
|
||
|
7EDEF000
|
direct allocation
|
page read and write
|
||
|
24E0000
|
heap
|
page read and write
|
||
|
AF5000
|
heap
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
24EF7D1B000
|
heap
|
page read and write
|
||
|
20763000
|
direct allocation
|
page read and write
|
||
|
3463F000
|
stack
|
page read and write
|
||
|
24EFAC89000
|
heap
|
page read and write
|
||
|
2D6C000
|
stack
|
page read and write
|
||
|
24EF9FA9000
|
heap
|
page read and write
|
||
|
2A49000
|
direct allocation
|
page execute and read and write
|
||
|
7E9A0000
|
direct allocation
|
page read and write
|
||
|
24EF7B08000
|
heap
|
page read and write
|
||
|
24EFBD80000
|
trusted library allocation
|
page read and write
|
||
|
25FE000
|
stack
|
page read and write
|
||
|
244C000
|
direct allocation
|
page read and write
|
||
|
24EF7CF0000
|
heap
|
page read and write
|
||
|
FD4F8FF000
|
stack
|
page read and write
|
||
|
20714000
|
direct allocation
|
page read and write
|
||
|
24EFAE5B000
|
heap
|
page read and write
|
||
|
24EF7D1B000
|
heap
|
page read and write
|
||
|
24EFAC89000
|
heap
|
page read and write
|
||
|
24EF7B98000
|
heap
|
page read and write
|
||
|
20FBF000
|
trusted library allocation
|
page read and write
|
||
|
2157D000
|
heap
|
page read and write
|
||
|
2094F000
|
stack
|
page read and write
|
||
|
28F1000
|
direct allocation
|
page execute read
|
||
|
670000
|
heap
|
page read and write
|
||
|
24EFA13C000
|
heap
|
page read and write
|
||
|
205D0000
|
direct allocation
|
page read and write
|
||
|
24EFA436000
|
heap
|
page read and write
|
||
|
20BCF000
|
stack
|
page read and write
|
||
|
7E500000
|
direct allocation
|
page read and write
|
||
|
20FA0000
|
heap
|
page read and write
|
||
|
71E000
|
stack
|
page read and write
|
||
|
2FDC000
|
heap
|
page read and write
|
||
|
7ED9F000
|
direct allocation
|
page read and write
|
||
|
20754000
|
direct allocation
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
8E7000
|
heap
|
page read and write
|
||
|
23D0000
|
direct allocation
|
page read and write
|
||
|
24EFB307000
|
heap
|
page read and write
|
||
|
2155D000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
20D0F000
|
stack
|
page read and write
|
||
|
7E361000
|
direct allocation
|
page read and write
|
||
|
20647000
|
direct allocation
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
7EE00000
|
direct allocation
|
page read and write
|
||
|
24EF9F4A000
|
heap
|
page read and write
|
||
|
2921000
|
direct allocation
|
page execute read
|
||
|
8DE000
|
heap
|
page read and write
|
||
|
294C000
|
direct allocation
|
page read and write
|
||
|
7F950000
|
direct allocation
|
page read and write
|
||
|
20FBF000
|
trusted library allocation
|
page read and write
|
||
|
2810000
|
heap
|
page read and write
|
||
|
7FC01000
|
direct allocation
|
page read and write
|
||
|
7EBEF000
|
direct allocation
|
page read and write
|
||
|
24EF7B3A000
|
heap
|
page read and write
|
||
|
290D000
|
stack
|
page read and write
|
||
|
24EFCC0A000
|
heap
|
page read and write
|
||
|
24EFC60E000
|
heap
|
page read and write
|
||
|
911000
|
heap
|
page read and write
|
||
|
29BE000
|
unkown
|
page read and write
|
||
|
24EFAC5B000
|
heap
|
page read and write
|
||
|
24EFAF50000
|
heap
|
page read and write
|
||
|
7FD2E000
|
direct allocation
|
page read and write
|
||
|
AE0000
|
direct allocation
|
page execute and read and write
|
||
|
24EF7BD8000
|
heap
|
page read and write
|
||
|
20693000
|
direct allocation
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
24BE000
|
stack
|
page read and write
|
||
|
2951000
|
direct allocation
|
page read and write
|
||
|
24EFAC53000
|
heap
|
page read and write
|
||
|
24EF7B4A000
|
heap
|
page read and write
|
||
|
482000
|
unkown
|
page write copy
|
||
|
7E500000
|
direct allocation
|
page read and write
|
||
|
24EF7B78000
|
heap
|
page read and write
|
||
|
7ED40000
|
direct allocation
|
page read and write
|
||
|
7EDF4000
|
direct allocation
|
page read and write
|
||
|
7DFE0000
|
direct allocation
|
page read and write
|
||
|
24EFC60B000
|
heap
|
page read and write
|
||
|
5A5000
|
unkown
|
page read and write
|
||
|
24EF7B91000
|
heap
|
page read and write
|
||
|
7EC01000
|
direct allocation
|
page read and write
|
||
|
2470000
|
direct allocation
|
page read and write
|
||
|
24EFAEF4000
|
heap
|
page read and write
|
||
|
32E20000
|
heap
|
page read and write
|
||
|
24EFBD25000
|
heap
|
page read and write
|
||
|
24EFCBC6000
|
heap
|
page read and write
|
||
|
7FE4E000
|
direct allocation
|
page read and write
|
||
|
7F9E0000
|
direct allocation
|
page read and write
|
||
|
20E5E000
|
stack
|
page read and write
|
||
|
24EF7B73000
|
heap
|
page read and write
|
||
|
7ED50000
|
direct allocation
|
page read and write
|
||
|
7EA40000
|
direct allocation
|
page read and write
|
||
|
24EFCB84000
|
heap
|
page read and write
|
||
|
7FC01000
|
direct allocation
|
page read and write
|
||
|
756000
|
heap
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
7E590000
|
direct allocation
|
page read and write
|
||
|
206DD000
|
direct allocation
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
370000
|
heap
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
245C000
|
stack
|
page read and write
|
||
|
86C000
|
stack
|
page read and write
|
||
|
482000
|
unkown
|
page read and write
|
||
|
24EFB7F9000
|
heap
|
page read and write
|
||
|
7E568000
|
direct allocation
|
page read and write
|
||
|
7EDC0000
|
direct allocation
|
page read and write
|
||
|
24EF7D1D000
|
heap
|
page read and write
|
||
|
2323000
|
heap
|
page read and write
|
||
|
24EF9A4A000
|
heap
|
page read and write
|
||
|
2EF4000
|
remote allocation
|
page execute and read and write
|
||
|
24E3000
|
heap
|
page read and write
|
||
|
7FB30000
|
direct allocation
|
page read and write
|
||
|
20723000
|
direct allocation
|
page read and write
|
||
|
24EFCB42000
|
heap
|
page read and write
|
||
|
7EE7F000
|
direct allocation
|
page read and write
|
||
|
34650000
|
heap
|
page read and write
|
||
|
7EA60000
|
direct allocation
|
page read and write
|
||
|
3FF000
|
stack
|
page read and write
|
||
|
7EC39000
|
direct allocation
|
page read and write
|
||
|
20BBF000
|
stack
|
page read and write
|
||
|
5A9000
|
unkown
|
page write copy
|
||
|
24EFC635000
|
heap
|
page read and write
|
||
|
305A0000
|
heap
|
page read and write
|
||
|
7EEF4000
|
direct allocation
|
page read and write
|
||
|
24EFCC08000
|
heap
|
page read and write
|
||
|
24EFA45B000
|
heap
|
page read and write
|
||
|
24EFCBC6000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
2076A000
|
direct allocation
|
page read and write
|
||
|
2370000
|
heap
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
24EFCB42000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
20E9E000
|
stack
|
page read and write
|
||
|
FD4FCFB000
|
stack
|
page read and write
|
||
|
24EF7B77000
|
heap
|
page read and write
|
||
|
24EF7BB1000
|
heap
|
page read and write
|
||
|
24EF7B9E000
|
heap
|
page read and write
|
||
|
7ED40000
|
direct allocation
|
page read and write
|
||
|
2453000
|
direct allocation
|
page read and write
|
||
|
24EF9A5F000
|
heap
|
page read and write
|
||
|
24EFAE50000
|
heap
|
page read and write
|
||
|
2468000
|
direct allocation
|
page read and write
|
||
|
24EF9A93000
|
heap
|
page read and write
|
||
|
2411000
|
direct allocation
|
page read and write
|
||
|
20746000
|
direct allocation
|
page read and write
|
||
|
20E5E000
|
stack
|
page read and write
|
||
|
24EF9C26000
|
heap
|
page read and write
|
||
|
30C000
|
stack
|
page read and write
|
||
|
FD4F7FF000
|
stack
|
page read and write
|
||
|
2080B000
|
stack
|
page read and write
|
||
|
2320000
|
heap
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
345BF000
|
stack
|
page read and write
|
||
|
2610000
|
heap
|
page read and write
|
||
|
7E1C0000
|
direct allocation
|
page read and write
|
||
|
7ED50000
|
direct allocation
|
page read and write
|
||
|
7F770000
|
direct allocation
|
page read and write
|
||
|
7EAEF000
|
direct allocation
|
page read and write
|
||
|
2E75000
|
remote allocation
|
page execute and read and write
|
||
|
20ABE000
|
stack
|
page read and write
|
||
|
243D000
|
direct allocation
|
page read and write
|
||
|
5AE000
|
unkown
|
page readonly
|
||
|
24EFC847000
|
heap
|
page read and write
|
||
|
20EAE000
|
stack
|
page read and write
|
||
|
7EA90000
|
direct allocation
|
page read and write
|
||
|
7EB30000
|
direct allocation
|
page read and write
|
||
|
3081F000
|
stack
|
page read and write
|
||
|
20E60000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
24EFCBC6000
|
heap
|
page read and write
|
||
|
7FAF0000
|
direct allocation
|
page read and write
|
||
|
7EEDF000
|
direct allocation
|
page read and write
|
||
|
20A8F000
|
stack
|
page read and write
|
||
|
7FC10000
|
direct allocation
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
24EFBD37000
|
heap
|
page read and write
|
||
|
7EEA0000
|
direct allocation
|
page read and write
|
||
|
24EFB040000
|
heap
|
page read and write
|
||
|
7EA30000
|
direct allocation
|
page read and write
|
||
|
24EFA948000
|
heap
|
page read and write
|
||
|
24EFC851000
|
heap
|
page read and write
|
||
|
7ED30000
|
direct allocation
|
page read and write
|
||
|
7E5FF000
|
direct allocation
|
page read and write
|
||
|
74E000
|
stack
|
page read and write
|
||
|
24EF7B8C000
|
heap
|
page read and write
|
||
|
7EB80000
|
direct allocation
|
page read and write
|
||
|
B7F000
|
stack
|
page read and write
|
||
|
927000
|
heap
|
page read and write
|
||
|
2075C000
|
direct allocation
|
page read and write
|
||
|
2917000
|
direct allocation
|
page read and write
|
||
|
28F0000
|
direct allocation
|
page readonly
|
||
|
7EE10000
|
direct allocation
|
page read and write
|
||
|
2A19000
|
direct allocation
|
page execute and read and write
|
||
|
2C45000
|
remote allocation
|
page execute and read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
24EF7A90000
|
heap
|
page read and write
|
||
|
24EFAC5C000
|
heap
|
page read and write
|
There are 573 hidden memdumps, click here to show them.