Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SWIFT COPY.pdf.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\SWIFT COPY.pdf.exe.log
|
ASCII text, with CRLF line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmp15D1.tmp
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\bSlxGzdE.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\bSlxGzdE.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SWIFT COPY.pdf.exe
|
'C:\Users\user\Desktop\SWIFT COPY.pdf.exe'
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
'C:\Windows\System32\schtasks.exe' /Create /TN 'Updates\bSlxGzdE' /XML 'C:\Users\user\AppData\Local\Temp\tmp15D1.tmp'
|
|
|
|
C:\Users\user\Desktop\SWIFT COPY.pdf.exe
|
C:\Users\user\Desktop\SWIFT COPY.pdf.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://127.0.0.1:HTTP/1.1
|
unknown
|
|
|
|
https://api.ipify.org%GETMozilla/5.0
|
unknown
|
|
|
|
http://DynDns.comDynDNS
|
unknown
|
|
|
|
https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%ha
|
unknown
|
|
|
|
http://hcVzVgyZjXO8egOI.net
|
unknown
|
|
|
|
https://api.ipify.org%
|
unknown
|
|
|
|
https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip
|
unknown
|
|
|
|
https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css
|
unknown
|
|
|
|
http://hsfZEB.com
|
unknown
|
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mail.esquiresweaters.com
|
192.185.171.219
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.185.171.219
|
mail.esquiresweaters.com
|
United States
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
402000
|
unkown image
|
page execute and read and write
|
|
|
|
28EB000
|
unkown
|
page read and write
|
|
|
|
402000
|
unkown
|
page execute and read and write
|
|
|
|
2BC1000
|
unkown
|
page read and write
|
|
|
|
38C1000
|
unkown
|
page read and write
|
|
|
|
A70000
|
unkown
|
page readonly
|
|
|
|
8B0000
|
unkown
|
page readonly
|
|
|
|
4A5000
|
unkown
|
page read and write
|
|
|
|
5E5E000
|
unkown
|
page read and write
|
|
|
|
556000
|
unkown
|
page read and write
|
|
|
|
A10000
|
unkown
|
page read and write
|
|
|
|
2440000
|
unkown
|
page read and write
|
|
|
|
562E000
|
unkown
|
page read and write
|
|
|
|
A474000
|
unkown
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
968000
|
unkown
|
page read and write
|
|
|
|
725000
|
heap default
|
page read and write
|
|
|
|
A77000
|
unkown
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
120000
|
unkown image
|
page readonly
|
|
|
|
5910000
|
unkown
|
page read and write
|
|
|
|
4A0000
|
unkown
|
page read and write
|
|
|
|
4A0000
|
unkown
|
page read and write
|
|
|
|
AD7000
|
unkown
|
page read and write
|
|
|
|
1CA000
|
unkown image
|
page readonly
|
|
|
|
B22000
|
unkown
|
page execute and read and write
|
|
|
|
A40000
|
unkown
|
page read and write
|
|
|
|
241E000
|
unkown
|
page read and write
|
|
|
|
A20000
|
unkown
|
page read and write
|
|
|
|
AB0000
|
unkown
|
page read and write
|
|
|
|
2398000
|
unkown
|
page read and write
|
|
|
|
5600000
|
unkown
|
page read and write
|
|
|
|
A70000
|
unkown
|
page read and write
|
|
|
|
AF0000
|
unkown
|
page execute and read and write
|
|
|
|
C37000
|
unkown
|
page read and write
|
|
|
|
9EA000
|
unkown
|
page execute and read and write
|
|
|
|
A90000
|
unkown
|
page read and write
|
|
|
|
5690000
|
unkown
|
page readonly
|
|
|
|
7430000
|
unkown
|
page read and write
|
|
|
|
5A0F000
|
unkown
|
page read and write
|
|
|
|
5920000
|
unkown
|
page execute and read and write
|
|
|
|
529E000
|
unkown
|
page read and write
|
|
|
|
49EB000
|
unkown
|
page readonly
|
|
|
|
490000
|
heap private
|
page read and write
|
|
|
|
AF0000
|
unkown
|
page read and write
|
|
|
|
4A2000
|
unkown
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
2610000
|
unkown
|
page readonly
|
|
|
|
5A70000
|
unkown
|
page read and write
|
|
|
|
5360000
|
unkown
|
page readonly
|
|
|
|
54E0000
|
unkown
|
page execute and read and write
|
|
|
|
AE0000
|
unkown
|
page read and write
|
|
|
|
968000
|
unkown
|
page read and write
|
|
|
|
A490000
|
unkown
|
page read and write
|
|
|
|
644000
|
unkown
|
page read and write
|
|
|
|
A80000
|
unkown
|
page read and write
|
|
|
|
4A0000
|
unkown
|
page read and write
|
|
|
|
2690000
|
heap private
|
page execute and read and write
|
|
|
|
4A5000
|
unkown
|
page read and write
|
|
|
|
4D80000
|
unkown
|
page read and write
|
|
|
|
567D000
|
unkown
|
page read and write
|
|
|
|
A19000
|
unkown
|
page read and write
|
|
|
|
A00000
|
unkown
|
page read and write
|
|
|
|
984000
|
heap default
|
page read and write
|
|
|
|
4C0000
|
unkown
|
page read and write
|
|
|
|
5600000
|
unkown
|
page read and write
|
|
|
|
4A0000
|
unkown
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
730000
|
unkown
|
page readonly
|
|
|
|
A00000
|
unkown
|
page read and write
|
|
|
|
4A0000
|
unkown
|
page read and write
|
|
|
|
4C20000
|
heap private
|
page read and write
|
|
|
|
552D000
|
unkown
|
page read and write
|
|
|
|
256E000
|
unkown
|
page read and write
|
|
|
|
7430000
|
unkown
|
page read and write
|
|
|
|
B16000
|
unkown
|
page execute and read and write
|
|
|
|
E70000
|
unkown
|
page readonly
|
|
|
|
5BDD000
|
unkown
|
page read and write
|
|
|
|
A02000
|
unkown
|
page read and write
|
|
|
|
5F9E000
|
unkown
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
C12000
|
heap default
|
page read and write
|
|
|
|
E60000
|
heap private
|
page read and write
|
|
|
|
96F000
|
unkown
|
page read and write
|
|
|
|
AD5000
|
unkown
|
page read and write
|
|
|
|
3E9000
|
unkown
|
page read and write
|
|
|
|
2440000
|
unkown
|
page read and write
|
|
|
|
596D000
|
unkown
|
page read and write
|
|
|
|
96E000
|
unkown
|
page read and write
|
|
|
|
3A96000
|
unkown
|
page read and write
|
|
|
|
3E0000
|
unkown
|
page read and write
|
|
|
|
3FE000
|
unkown
|
page read and write
|
|
|
|
96F000
|
unkown
|
page read and write
|
|
|
|
4A0000
|
unkown
|
page read and write
|
|
|
|
2959000
|
unkown
|
page read and write
|
|
|
|
4ACC000
|
unkown
|
page read and write
|
|
|
|
ADA000
|
unkown
|
page read and write
|
|
|
|
5C0000
|
unkown
|
page readonly
|
|
|
|
7430000
|
unkown
|
page read and write
|
|
|
|
BA0000
|
unkown
|
page read and write
|
|
|
|
7F2000
|
unkown
|
page read and write
|
|
|
|
2870000
|
heap private
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
5640000
|
unkown
|
page readonly
|
|
|
|
CB1000
|
unkown
|
page read and write
|
|
|
|
4A0000
|
unkown
|
page read and write
|
|
|
|
5D5E000
|
unkown
|
page read and write
|
|
|
|
2580000
|
unkown
|
page readonly
|
|
|
|
51FE000
|
unkown
|
page read and write
|
|
|
|
9D0000
|
unkown
|
page read and write
|
|
|
|
4A0000
|
unkown
|
page read and write
|
|
|
|
23DE000
|
unkown
|
page read and write
|
|
|
|
49C0000
|
unkown
|
page readonly
|
|
|
|
85E000
|
unkown
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
5760000
|
unkown
|
page read and write
|
|
|
|
4A0000
|
unkown
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
71E000
|
unkown
|
page read and write
|
|
|
|
49C7000
|
unkown
|
page readonly
|
|
|
|
3BE7000
|
unkown
|
page read and write
|
|
|
|
A9C000
|
unkown
|
page read and write
|
|
|
|
A70000
|
unkown
|
page read and write
|
|
|
|
A40000
|
unkown
|
page read and write
|
|
|
|
648000
|
unkown
|
page read and write
|
|
|
|
3EC000
|
unkown
|
page read and write
|
|
|
|
7C0000
|
unkown
|
page read and write
|
|
|
|
AB0000
|
unkown
|
page read and write
|
|
|
|
2460000
|
heap private
|
page read and write
|
|
|
|
73E0000
|
unkown
|
page read and write
|
|
|
|
4D81000
|
unkown
|
page read and write
|
|
|
|
4A5000
|
unkown
|
page read and write
|
|
|
|
A90000
|
unkown
|
page read and write
|
|
|
|
50BE000
|
unkown
|
page read and write
|
|
|
|
5A20000
|
unkown
|
page read and write
|
|
|
|
95E000
|
heap default
|
page read and write
|
|
|
|
C2A000
|
unkown
|
page read and write
|
|
|
|
B32000
|
unkown
|
page read and write
|
|
|
|
A40000
|
unkown
|
page read and write
|
|
|
|
96F000
|
unkown
|
page read and write
|
|
|
|
A70000
|
unkown
|
page read and write
|
|
|
|
27A8000
|
unkown
|
page read and write
|
|
|
|
96F000
|
unkown
|
page read and write
|
|
|
|
966000
|
unkown
|
page read and write
|
|
|
|
4A10000
|
unkown
|
page readonly
|
|
|
|
4A5000
|
unkown
|
page read and write
|
|
|
|
4CBD000
|
unkown
|
page read and write
|
|
|
|
5070000
|
unkown
|
page read and write
|
|
|
|
AD2000
|
unkown
|
page read and write
|
|
|
|
B3B000
|
unkown
|
page execute and read and write
|
|
|
|
96F000
|
unkown
|
page read and write
|
|
|
|
4A5000
|
unkown
|
page read and write
|
|
|
|
4A80000
|
unkown
|
page read and write
|
|
|
|
4A0000
|
unkown
|
page read and write
|
|
|
|
5900000
|
unkown
|
page read and write
|
|
|
|
7C2000
|
unkown
|
page execute and read and write
|
|
|
|
4D31000
|
unkown
|
page read and write
|
|
|
|
3BD2000
|
unkown
|
page read and write
|
|
|
|
2440000
|
unkown
|
page readonly
|
|
|
|
3BC1000
|
unkown
|
page read and write
|
|
|
|
E40000
|
unkown
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
4A2000
|
unkown
|
page read and write
|
|
|
|
96E000
|
unkown
|
page read and write
|
|
|
|
5A6D000
|
unkown
|
page read and write
|
|
|
|
A00000
|
unkown
|
page read and write
|
|
|
|
A3E000
|
unkown
|
page read and write
|
|
|
|
A70000
|
unkown
|
page read and write
|
|
|
|
A10000
|
unkown
|
page read and write
|
|
|
|
1CA000
|
unkown image
|
page readonly
|
|
|
|
49BD000
|
unkown
|
page read and write
|
|
|
|
95E000
|
unkown
|
page read and write
|
|
|
|
4A0000
|
unkown
|
page read and write
|
|
|
|
7BA000
|
unkown
|
page execute and read and write
|
|
|
|
2390000
|
unkown
|
page read and write
|
|
|
|
3F2000
|
unkown
|
page read and write
|
|
|
|
7440000
|
unkown
|
page read and write
|
|
|
|
4A5000
|
unkown
|
page read and write
|
|
|
|
7FBD0000
|
unkown
|
page execute and read and write
|
|
|
|
B02000
|
unkown
|
page execute and read and write
|
|
|
|
96F000
|
unkown
|
page read and write
|
|
|
|
BEE000
|
unkown
|
page read and write
|
|
|
|
5740000
|
unkown
|
page readonly
|
|
|
|
4A2000
|
unkown
|
page read and write
|
|
|
|
4A5000
|
unkown
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
7430000
|
unkown
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
B50000
|
heap private
|
page read and write
|
|
|
|
5C1E000
|
unkown
|
page read and write
|
|
|
|
5070000
|
unkown
|
page read and write
|
|
|
|
C5B000
|
heap default
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
4F9B000
|
unkown
|
page readonly
|
|
|
|
4FC0000
|
unkown
|
page read and write
|
|
|
|
590E000
|
unkown
|
page read and write
|
|
|
|
966000
|
heap default
|
page read and write
|
|
|
|
968000
|
unkown
|
page read and write
|
|
|
|
7EA000
|
unkown
|
page execute and read and write
|
|
|
|
4E40000
|
unkown
|
page read and write
|
|
|
|
4F7C000
|
unkown
|
page readonly
|
|
|
|
5A20000
|
unkown
|
page read and write
|
|
|
|
957000
|
unkown
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
8D0000
|
unkown
|
page read and write
|
|
|
|
CC5000
|
unkown
|
page read and write
|
|
|
|
9F0000
|
heap default
|
page read and write
|
|
|
|
5B0000
|
unkown
|
page read and write
|
|
|
|
96E000
|
unkown
|
page read and write
|
|
|
|
4A5000
|
unkown
|
page read and write
|
|
|
|
7CC000
|
unkown
|
page execute and read and write
|
|
|
|
4A0000
|
unkown
|
page read and write
|
|
|
|
A10000
|
unkown
|
page read and write
|
|
|
|
A50000
|
unkown
|
page read and write
|
|
|
|
54EF000
|
unkown
|
page read and write
|
|
|
|
92C000
|
heap default
|
page read and write
|
|
|
|
3F5000
|
unkown
|
page read and write
|
|
|
|
A80000
|
unkown
|
page read and write
|
|
|
|
4A5000
|
unkown
|
page read and write
|
|
|
|
B2A000
|
unkown
|
page execute and read and write
|
|
|
|
4A0000
|
unkown
|
page read and write
|
|
|
|
7430000
|
unkown
|
page read and write
|
|
|
|
5AD000
|
unkown
|
page read and write
|
|
|
|
2430000
|
unkown
|
page read and write
|
|
|
|
4A0000
|
unkown
|
page read and write
|
|
|
|
B37000
|
unkown
|
page execute and read and write
|
|
|
|
4A70000
|
heap private
|
page read and write
|
|
|
|
2390000
|
unkown
|
page read and write
|
|
|
|
4A5000
|
unkown
|
page read and write
|
|
|
|
5A10000
|
unkown
|
page read and write
|
|
|
|
4F70000
|
unkown
|
page readonly
|
|
|
|
515E000
|
unkown
|
page read and write
|
|
|
|
4F30000
|
unkown
|
page read and write
|
|
|
|
2390000
|
unkown
|
page read and write
|
|
|
|
8E0000
|
unkown
|
page execute and read and write
|
|
|
|
120000
|
unkown image
|
page readonly
|
|
|
|
C38000
|
unkown
|
page read and write
|
|
|
|
AD3000
|
unkown
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
750000
|
unkown
|
page read and write
|
|
|
|
54F0000
|
unkown
|
page execute and read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
5C0000
|
unkown
|
page readonly
|
|
|
|
49CC000
|
unkown
|
page readonly
|
|
|
|
A470000
|
unkown
|
page read and write
|
|
|
|
AD2000
|
unkown
|
page read and write
|
|
|
|
58DC000
|
unkown
|
page read and write
|
|
|
|
53CE000
|
unkown
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
96C000
|
unkown
|
page read and write
|
|
|
|
4A0000
|
unkown
|
page read and write
|
|
|
|
4A0000
|
unkown
|
page read and write
|
|
|
|
5D0000
|
unkown
|
page readonly
|
|
|
|
B9E000
|
unkown
|
page read and write
|
|
|
|
54D0000
|
unkown
|
page execute and read and write
|
|
|
|
96F000
|
unkown
|
page read and write
|
|
|
|
740000
|
unkown
|
page readonly
|
|
|
|
45B000
|
unkown
|
page read and write
|
|
|
|
AF0000
|
unkown
|
page read and write
|
|
|
|
8C0000
|
unkown
|
page readonly
|
|
|
|
C49000
|
heap default
|
page read and write
|
|
|
|
5060000
|
unkown
|
page read and write
|
|
|
|
58CD000
|
unkown
|
page read and write
|
|
|
|
539E000
|
unkown
|
page read and write
|
|
|
|
7430000
|
unkown
|
page read and write
|
|
|
|
DDE000
|
unkown
|
page read and write
|
|
|
|
28C1000
|
unkown
|
page read and write
|
|
|
|
A40000
|
unkown
|
page read and write
|
|
|
|
7FA80000
|
unkown
|
page execute and read and write
|
|
|
|
C29000
|
unkown
|
page read and write
|
|
|
|
56A0000
|
unkown
|
page readonly
|
|
|
|
2CF5000
|
unkown
|
page read and write
|
|
|
|
5A10000
|
unkown
|
page execute and read and write
|
|
|
|
58F0000
|
unkown
|
page read and write
|
|
|
|
AD2000
|
unkown
|
page read and write
|
|
|
|
4D30000
|
unkown
|
page read and write
|
|
|
|
3DC000
|
unkown
|
page read and write
|
|
|
|
AC0000
|
unkown
|
page read and write
|
|
|
|
E30000
|
unkown
|
page readonly
|
|
|
|
96F000
|
unkown
|
page read and write
|
|
|
|
2390000
|
unkown
|
page read and write
|
|
|
|
4A0000
|
unkown
|
page read and write
|
|
|
|
4A0000
|
unkown
|
page read and write
|
|
|
|
7B2000
|
unkown
|
page execute and read and write
|
|
|
|
5060000
|
unkown
|
page read and write
|
|
|
|
2CC1000
|
unkown
|
page read and write
|
|
|
|
4BD0000
|
unkown
|
page read and write
|
|
|
|
4AE000
|
unkown
|
page read and write
|
|
|
|
BD0000
|
heap private
|
page read and write
|
|
|
|
790000
|
heap private
|
page read and write
|
|
|
|
2880000
|
unkown
|
page readonly
|
|
|
|
53ED000
|
unkown
|
page read and write
|
|
|
|
4C10000
|
unkown
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
7440000
|
unkown
|
page read and write
|
|
|
|
4D4F000
|
unkown
|
page read and write
|
|
|
|
7F7000
|
unkown
|
page execute and read and write
|
|
|
|
A60000
|
unkown
|
page read and write
|
|
|
|
968000
|
unkown
|
page read and write
|
|
|
|
A30000
|
unkown
|
page read and write
|
|
|
|
A80000
|
unkown
|
page read and write
|
|
|
|
4A0000
|
unkown
|
page readonly
|
|
|
|
5E0000
|
unkown
|
page read and write
|
|
|
|
A50000
|
unkown
|
page read and write
|
|
|
|
7450000
|
unkown
|
page read and write
|
|
|
|
A50000
|
unkown
|
page read and write
|
|
|
|
A60000
|
unkown
|
page readonly
|
|
|
|
400000
|
unkown image
|
page readonly
|
|
|
|
4D4F000
|
unkown
|
page read and write
|
|
|
|
2430000
|
unkown
|
page readonly
|
|
|
|
727000
|
unkown
|
page read and write
|
|
|
|
2640000
|
unkown
|
page readonly
|
|
|
|
A20000
|
unkown
|
page read and write
|
|
|
|
122000
|
unkown image
|
page readonly
|
|
|
|
C9E000
|
unkown
|
page read and write
|
|
|
|
A10000
|
unkown
|
page read and write
|
|
|
|
96F000
|
unkown
|
page read and write
|
|
|
|
57CE000
|
unkown
|
page read and write
|
|
|
|
5610000
|
unkown
|
page read and write
|
|
|
|
B12000
|
unkown
|
page read and write
|
|
|
|
89C000
|
unkown
|
page read and write
|
|
|
|
5A21000
|
unkown
|
page read and write
|
|
|
|
4C0000
|
unkown
|
page read and write
|
|
|
|
4C0000
|
unkown
|
page read and write
|
|
|
|
2390000
|
unkown
|
page read and write
|
|
|
|
9E2000
|
unkown
|
page execute and read and write
|
|
|
|
7A0000
|
unkown
|
page read and write
|
|
|
|
8F9000
|
unkown
|
page read and write
|
|
|
|
2632000
|
unkown
|
page read and write
|
|
|
|
A80000
|
unkown
|
page read and write
|
|
|
|
A480000
|
unkown
|
page read and write
|
|
|
|
4A0000
|
unkown
|
page read and write
|
|
|
|
2630000
|
unkown
|
page read and write
|
|
|
|
B10000
|
unkown
|
page read and write
|
|
|
|
A00000
|
unkown
|
page read and write
|
|
|
|
6DE000
|
unkown
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
4D33000
|
unkown
|
page read and write
|
|
|
|
CC8000
|
unkown
|
page read and write
|
|
|
|
A70000
|
unkown
|
page read and write
|
|
|
|
96F000
|
unkown
|
page read and write
|
|
|
|
2D41000
|
unkown
|
page read and write
|
|
|
|
5600000
|
unkown
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
2390000
|
unkown
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
23A0000
|
unkown
|
page read and write
|
|
|
|
B2C000
|
unkown
|
page execute and read and write
|
|
|
|
54CD000
|
unkown
|
page read and write
|
|
|
|
5CAF000
|
unkown
|
page read and write
|
|
|
|
A16000
|
unkown
|
page read and write
|
|
|
|
7447000
|
unkown
|
page read and write
|
|
|
|
BC0000
|
unkown
|
page read and write
|
|
|
|
A30000
|
unkown
|
page read and write
|
|
|
|
E1E000
|
unkown
|
page read and write
|
|
|
|
2CEF000
|
unkown
|
page read and write
|
|
|
|
5600000
|
unkown
|
page read and write
|
|
|
|
96C000
|
unkown
|
page read and write
|
|
|
|
2390000
|
unkown
|
page read and write
|
|
|
|
122000
|
unkown image
|
page readonly
|
|
|
|
BE0000
|
heap default
|
page read and write
|
|
|
|
3FB000
|
unkown
|
page read and write
|
|
|
|
4A0000
|
unkown
|
page read and write
|
|
|
|
7430000
|
unkown
|
page read and write
|
|
|
|
7DA000
|
unkown
|
page execute and read and write
|
|
|
|
A50000
|
unkown
|
page read and write
|
|
|
|
720000
|
heap default
|
page read and write
|
|
|
|
400000
|
unkown image
|
page execute and read and write
|
|
|
|
4A0000
|
unkown
|
page read and write
|
|
|
|
120000
|
unkown image
|
page readonly
|
|
|
|
4AA000
|
unkown image
|
page readonly
|
|
|
|
3C36000
|
unkown
|
page read and write
|
|
|
|
4E80000
|
unkown
|
page readonly
|
|
|
|
968000
|
unkown
|
page read and write
|
|
|
|
279E000
|
unkown
|
page read and write
|
|
|
|
BEA000
|
heap default
|
page read and write
|
|
|
|
5ADE000
|
unkown
|
page read and write
|
|
|
|
8F0000
|
heap default
|
page read and write
|
|
|
|
A70000
|
unkown
|
page read and write
|
|
|
|
400000
|
unkown
|
page execute and read and write
|
|
|
|
5630000
|
unkown
|
page readonly
|
|
|
|
BF0000
|
unkown
|
page readonly
|
|
|
|
A86000
|
unkown
|
page read and write
|
|
|
|
3A68000
|
unkown
|
page read and write
|
|
|
|
5BAE000
|
unkown
|
page read and write
|
|
|
|
3EF000
|
unkown
|
page read and write
|
|
|
|
2390000
|
unkown
|
page read and write
|
|
|
|
A30000
|
unkown
|
page read and write
|
|
|
|
2CBD000
|
unkown
|
page read and write
|
|
|
|
AE0000
|
unkown
|
page read and write
|
|
|
|
AA0000
|
unkown
|
page read and write
|
|
|
|
B20000
|
unkown
|
page read and write
|
|
|
|
50FE000
|
unkown
|
page read and write
|
|
|
|
96E000
|
unkown
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
C39000
|
unkown
|
page read and write
|
|
|
|
4C30000
|
unkown
|
page read and write
|
|
|
|
577E000
|
unkown
|
page read and write
|
|
|
|
2431000
|
unkown
|
page read and write
|
|
|
|
810000
|
heap private
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
5600000
|
unkown
|
page read and write
|
|
|
|
5E9E000
|
unkown
|
page read and write
|
|
|
|
E67000
|
heap private
|
page read and write
|
|
|
|
A53000
|
unkown
|
page read and write
|
|
|
|
8F6000
|
unkown
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
A50000
|
unkown
|
page read and write
|
|
|
|
A1E000
|
unkown
|
page read and write
|
|
|
|
AD2000
|
unkown
|
page read and write
|
|
|
|
5061000
|
unkown
|
page read and write
|
|
|
|
AA0000
|
unkown
|
page read and write
|
|
|
|
5600000
|
unkown
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
7D7000
|
unkown
|
page execute and read and write
|
|
|
|
4A0000
|
unkown
|
page read and write
|
|
|
|
2390000
|
unkown
|
page execute and read and write
|
|
|
|
523E000
|
unkown
|
page read and write
|
|
|
|
A20000
|
unkown
|
page read and write
|
|
|
|
3F8000
|
unkown
|
page read and write
|
|
|
|
533F000
|
unkown
|
page read and write
|
|
|
|
968000
|
unkown
|
page read and write
|
|
|
|
8A0000
|
unkown
|
page read and write
|
|
|
|
1200000
|
unkown
|
page readonly
|
|
|
|
4C0000
|
unkown
|
page readonly
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
525E000
|
unkown
|
page read and write
|
|
|
|
4F77000
|
unkown
|
page readonly
|
|
|
|
A70000
|
unkown
|
page read and write
|
|
|
|
5370000
|
unkown
|
page execute and read and write
|
|
|
|
5A71000
|
unkown
|
page read and write
|
|
|
|
CC8000
|
unkown
|
page read and write
|
|
|
|
A60000
|
unkown
|
page read and write
|
|
|
|
7FB000
|
unkown
|
page execute and read and write
|
|
|
|
5F0000
|
unkown
|
page read and write
|
|
|
|
2630000
|
unkown
|
page read and write
|
|
|
|
A460000
|
unkown
|
page read and write
|
|
|
|
57DE000
|
unkown
|
page read and write
|
|
|
|
900000
|
unkown
|
page readonly
|
|
|
|
CC8000
|
heap default
|
page read and write
|
|
|
|
7E2000
|
unkown
|
page execute and read and write
|
|
|
|
402000
|
unkown image
|
page readonly
|
|
|
|
268E000
|
unkown
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
4A5000
|
unkown
|
page read and write
|
|
|
|
A00000
|
unkown
|
page read and write
|
|
|
|
E20000
|
unkown
|
page readonly
|
|
|
|
9F5000
|
heap default
|
page read and write
|
|
|
|
4D4E000
|
unkown
|
page read and write
|
|
|
|
5D1D000
|
unkown
|
page read and write
|
|
|
|
4C0000
|
unkown
|
page read and write
|
|
|
|
4CC0000
|
unkown
|
page readonly
|
|
|
|
4BCD000
|
unkown
|
page read and write
|
|
|
|
5050000
|
unkown
|
page execute and read and write
|
|
|
|
2390000
|
unkown
|
page read and write
|
|
|
|
C79000
|
unkown
|
page read and write
|
|
|
|
C99000
|
unkown
|
page read and write
|
|
|
|
5630000
|
unkown
|
page readonly
|
|
|
|
B1A000
|
unkown
|
page execute and read and write
|
|
|
|
2570000
|
heap private
|
page execute and read and write
|
|
|
|
E50000
|
unkown
|
page execute and read and write
|
|
|
|
5600000
|
unkown
|
page read and write
|
|
|
|
96A000
|
unkown
|
page read and write
|
|
|
|
A70000
|
unkown
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
AEF000
|
unkown
|
page read and write
|
|
|
|
4A5000
|
unkown
|
page read and write
|
|
|
|
690000
|
unkown
|
page read and write
|
|
|
|
AD0000
|
unkown
|
page read and write
|
|
|
|
53B000
|
unkown
|
page read and write
|
|
There are 462 hidden memdumps, click here to show them.