Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
dhGoVvfmul.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\dehbibhar.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\C79A3B\B52B3F.exe (copy)
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\efnvpl
|
DOS executable (COM, 0x8C-variant)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ptq0vlz6htg
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\C79A3B\B52B3F.lck
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-3853321935-2125563209-4053062332-1002\bc49718863ee53e026d805ec372039e9_d06ed635-68f6-4e9a-955c-4899f5f57b9a
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\dhGoVvfmul.exe
|
"C:\Users\user\Desktop\dhGoVvfmul.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\dehbibhar.exe
|
C:\Users\user\AppData\Local\Temp\dehbibhar.exe C:\Users\user\AppData\Local\Temp\efnvpl
|
|
|
|
C:\Users\user\AppData\Local\Temp\dehbibhar.exe
|
C:\Users\user\AppData\Local\Temp\dehbibhar.exe C:\Users\user\AppData\Local\Temp\efnvpl
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://kbfvzoboss.bid/alien/fre.php
|
|
||
|
http://alphastand.win/alien/fre.php
|
|
||
|
http://alphastand.trade/alien/fre.php
|
|
||
|
http://alphastand.top/alien/fre.php
|
|
||
|
http://sempersim.su/gf3/fre.php
|
88.218.168.92
|
|
|
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://www.ibsensoftware.com/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
sempersim.su
|
88.218.168.92
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
88.218.168.92
|
sempersim.su
|
Russian Federation
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
607000
|
heap
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
9E0000
|
direct allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
15BE2C13000
|
heap
|
page read and write
|
||
|
15BE8463000
|
heap
|
page read and write
|
||
|
220DB300000
|
heap
|
page read and write
|
||
|
26AFE5D0000
|
heap
|
page read and write
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
15BE2C9A000
|
heap
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
277F4402000
|
trusted library allocation
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
20D0283C000
|
heap
|
page read and write
|
||
|
65E000
|
stack
|
page read and write
|
||
|
402000
|
unkown
|
page readonly
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
220DB24A000
|
heap
|
page read and write
|
||
|
DDCBBFE000
|
stack
|
page read and write
|
||
|
B9CAFE000
|
stack
|
page read and write
|
||
|
1A2BC86B000
|
heap
|
page read and write
|
||
|
1A2BC864000
|
heap
|
page read and write
|
||
|
2220000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
691000
|
heap
|
page read and write
|
||
|
19AB4B20000
|
heap
|
page read and write
|
||
|
30067BC000
|
stack
|
page read and write
|
||
|
277F3C13000
|
heap
|
page read and write
|
||
|
8611F7E000
|
stack
|
page read and write
|
||
|
B2D647D000
|
stack
|
page read and write
|
||
|
B9C5FB000
|
stack
|
page read and write
|
||
|
B9CCFE000
|
stack
|
page read and write
|
||
|
15BE81C1000
|
trusted library allocation
|
page read and write
|
||
|
15BE2C3F000
|
heap
|
page read and write
|
||
|
15BE3402000
|
heap
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
1ECEE64E000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
15BE84AD000
|
heap
|
page read and write
|
||
|
2406000
|
direct allocation
|
page read and write
|
||
|
15BE8300000
|
remote allocation
|
page read and write
|
||
|
19AB4C29000
|
heap
|
page read and write
|
||
|
20D0288B000
|
heap
|
page read and write
|
||
|
B2D657E000
|
stack
|
page read and write
|
||
|
1ECEE685000
|
heap
|
page read and write
|
||
|
300737E000
|
stack
|
page read and write
|
||
|
19AB4C02000
|
heap
|
page read and write
|
||
|
43B000
|
unkown
|
page readonly
|
||
|
24F0000
|
direct allocation
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
24F0000
|
direct allocation
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
220DB1E0000
|
remote allocation
|
page read and write
|
||
|
A105CFF000
|
stack
|
page read and write
|
||
|
15BE2C8E000
|
heap
|
page read and write
|
||
|
19AB4D13000
|
heap
|
page read and write
|
||
|
23FC3A00000
|
heap
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
23FC3A66000
|
heap
|
page read and write
|
||
|
19AB4D02000
|
heap
|
page read and write
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
1FB8FAA0000
|
heap
|
page read and write
|
||
|
52A000
|
heap
|
page read and write
|
||
|
643000
|
heap
|
page read and write
|
||
|
15BE8300000
|
trusted library allocation
|
page read and write
|
||
|
78809FD000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
19AB4C60000
|
heap
|
page read and write
|
||
|
300767E000
|
stack
|
page read and write
|
||
|
20D02902000
|
heap
|
page read and write
|
||
|
1A2BC902000
|
heap
|
page read and write
|
||
|
2247000
|
direct allocation
|
page read and write
|
||
|
40C000
|
unkown
|
page read and write
|
||
|
220DB160000
|
trusted library allocation
|
page read and write
|
||
|
8611C7E000
|
stack
|
page read and write
|
||
|
1FB8FC02000
|
heap
|
page read and write
|
||
|
43B000
|
unkown
|
page readonly
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
689000
|
heap
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
20D02926000
|
heap
|
page read and write
|
||
|
2380000
|
direct allocation
|
page read and write
|
||
|
277F3B30000
|
remote allocation
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
B2D6277000
|
stack
|
page read and write
|
||
|
1FB8FD24000
|
heap
|
page read and write
|
||
|
B9CBFF000
|
stack
|
page read and write
|
||
|
277F3B00000
|
trusted library allocation
|
page read and write
|
||
|
425000
|
unkown
|
page read and write
|
||
|
26AFE820000
|
heap
|
page read and write
|
||
|
15BE33A0000
|
trusted library section
|
page readonly
|
||
|
1ECEE510000
|
heap
|
page read and write
|
||
|
15BE3500000
|
heap
|
page read and write
|
||
|
2264BFB000
|
stack
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
19AB4B10000
|
heap
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
9DF000
|
stack
|
page read and write
|
||
|
DDCB8FE000
|
stack
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
15BE842A000
|
heap
|
page read and write
|
||
|
15BE3400000
|
heap
|
page read and write
|
||
|
22F0000
|
direct allocation
|
page read and write
|
||
|
691000
|
heap
|
page read and write
|
||
|
20D02900000
|
heap
|
page read and write
|
||
|
6A3000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
1ECEE66A000
|
heap
|
page read and write
|
||
|
788077E000
|
stack
|
page read and write
|
||
|
23FC3A81000
|
heap
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
15BE8456000
|
heap
|
page read and write
|
||
|
226537F000
|
stack
|
page read and write
|
||
|
300727F000
|
stack
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
7FF000
|
stack
|
page read and write
|
||
|
402000
|
unkown
|
page readonly
|
||
|
30000
|
heap
|
page read and write
|
||
|
414000
|
unkown
|
page read and write
|
||
|
691000
|
heap
|
page read and write
|
||
|
1ECEE65A000
|
heap
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
44A377F000
|
stack
|
page read and write
|
||
|
19AB4C13000
|
heap
|
page read and write
|
||
|
23FC3B08000
|
heap
|
page read and write
|
||
|
1ECEE63B000
|
heap
|
page read and write
|
||
|
15BE2D02000
|
heap
|
page read and write
|
||
|
B9CC7E000
|
stack
|
page read and write
|
||
|
1FB8FC00000
|
heap
|
page read and write
|
||
|
2406000
|
direct allocation
|
page read and write
|
||
|
260F000
|
direct allocation
|
page read and write
|
||
|
15BE81D0000
|
trusted library allocation
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
26AFE913000
|
heap
|
page read and write
|
||
|
2406000
|
direct allocation
|
page read and write
|
||
|
1ECEE632000
|
heap
|
page read and write
|
||
|
3006BFA000
|
stack
|
page read and write
|
||
|
260B000
|
direct allocation
|
page read and write
|
||
|
220DB25A000
|
heap
|
page read and write
|
||
|
1FB8FAB0000
|
heap
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
8611CFE000
|
stack
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
691000
|
heap
|
page read and write
|
||
|
DDCBDFF000
|
stack
|
page read and write
|
||
|
220DB23D000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
26AFE908000
|
heap
|
page read and write
|
||
|
15BE2BD1000
|
trusted library allocation
|
page read and write
|
||
|
296F000
|
stack
|
page read and write
|
||
|
24F0000
|
direct allocation
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
44A39FD000
|
stack
|
page read and write
|
||
|
20D02880000
|
heap
|
page read and write
|
||
|
696000
|
heap
|
page read and write
|
||
|
A105EFE000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
15BE2C8A000
|
heap
|
page read and write
|
||
|
20D02800000
|
heap
|
page read and write
|
||
|
15BE3513000
|
heap
|
page read and write
|
||
|
282F000
|
stack
|
page read and write
|
||
|
15BE2C6C000
|
heap
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
26AFE5C0000
|
heap
|
page read and write
|
||
|
7880AFD000
|
stack
|
page read and write
|
||
|
22F0000
|
direct allocation
|
page read and write
|
||
|
44A3A7B000
|
stack
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
260F000
|
direct allocation
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
1ECEE661000
|
heap
|
page read and write
|
||
|
15BE2C88000
|
heap
|
page read and write
|
||
|
1FB8FC28000
|
heap
|
page read and write
|
||
|
78805FE000
|
stack
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
6A3000
|
heap
|
page read and write
|
||
|
1ECEE662000
|
heap
|
page read and write
|
||
|
1A2BC83E000
|
heap
|
page read and write
|
||
|
15BE8270000
|
trusted library allocation
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
B2D637F000
|
stack
|
page read and write
|
||
|
15BE2B10000
|
trusted library section
|
page read and write
|
||
|
19AB4B80000
|
heap
|
page read and write
|
||
|
3006F7E000
|
stack
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
15BE81A8000
|
trusted library allocation
|
page read and write
|
||
|
15BE8010000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
26AFE900000
|
heap
|
page read and write
|
||
|
277F3C40000
|
heap
|
page read and write
|
||
|
23FC3A52000
|
heap
|
page read and write
|
||
|
260B000
|
direct allocation
|
page read and write
|
||
|
61C000
|
heap
|
page read and write
|
||
|
220DB22A000
|
heap
|
page read and write
|
||
|
1A2BD114000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
1ECEF002000
|
trusted library allocation
|
page read and write
|
||
|
79E000
|
stack
|
page read and write
|
||
|
260F000
|
direct allocation
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
220DB24B000
|
heap
|
page read and write
|
||
|
23FC3990000
|
heap
|
page read and write
|
||
|
220DB1E0000
|
remote allocation
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
B9C7FE000
|
stack
|
page read and write
|
||
|
1ECEE625000
|
heap
|
page read and write
|
||
|
26AFE862000
|
heap
|
page read and write
|
||
|
1A2BC640000
|
heap
|
page read and write
|
||
|
A299CFF000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
44A3D7C000
|
stack
|
page read and write
|
||
|
277F3C02000
|
heap
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
15BE8000000
|
trusted library allocation
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
226527E000
|
stack
|
page read and write
|
||
|
22F0000
|
direct allocation
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
15BE2C74000
|
heap
|
page read and write
|
||
|
220DB200000
|
heap
|
page read and write
|
||
|
227E000
|
stack
|
page read and write
|
||
|
9BE000
|
stack
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
23A0000
|
heap
|
page read and write
|
||
|
B9CD7F000
|
stack
|
page read and write
|
||
|
15BE2A00000
|
heap
|
page read and write
|
||
|
641000
|
heap
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
788010C000
|
stack
|
page read and write
|
||
|
15BE84A2000
|
heap
|
page read and write
|
||
|
1A2BC650000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
260F000
|
direct allocation
|
page read and write
|
||
|
24F0000
|
direct allocation
|
page read and write
|
||
|
15BE844B000
|
heap
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
277F3990000
|
heap
|
page read and write
|
||
|
237F000
|
stack
|
page read and write
|
||
|
1ECEE667000
|
heap
|
page read and write
|
||
|
220DB110000
|
trusted library allocation
|
page read and write
|
||
|
641000
|
heap
|
page read and write
|
||
|
B9C4F7000
|
stack
|
page read and write
|
||
|
1A2BC8CA000
|
heap
|
page read and write
|
||
|
220DB25B000
|
heap
|
page read and write
|
||
|
2264EFE000
|
stack
|
page read and write
|
||
|
44A3B7C000
|
stack
|
page read and write
|
||
|
23FC4402000
|
trusted library allocation
|
page read and write
|
||
|
22F0000
|
direct allocation
|
page read and write
|
||
|
DDCBB7B000
|
stack
|
page read and write
|
||
|
260B000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1ECEE645000
|
heap
|
page read and write
|
||
|
15BE33E0000
|
trusted library section
|
page readonly
|
||
|
1ECEE635000
|
heap
|
page read and write
|
||
|
44A313B000
|
stack
|
page read and write
|
||
|
300717D000
|
stack
|
page read and write
|
||
|
6A5000
|
heap
|
page read and write
|
||
|
1FB8FC13000
|
heap
|
page read and write
|
||
|
23D0000
|
heap
|
page read and write
|
||
|
15BE33C0000
|
trusted library section
|
page readonly
|
||
|
277F3B30000
|
remote allocation
|
page read and write
|
||
|
15BE8300000
|
remote allocation
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
277F3C00000
|
heap
|
page read and write
|
||
|
220DB262000
|
heap
|
page read and write
|
||
|
1FB8FD00000
|
heap
|
page read and write
|
||
|
15BE2CA9000
|
heap
|
page read and write
|
||
|
1A2BC6B0000
|
heap
|
page read and write
|
||
|
20D02802000
|
heap
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
1A2BC913000
|
heap
|
page read and write
|
||
|
23FC3A60000
|
heap
|
page read and write
|
||
|
15BE2C76000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
402000
|
unkown
|
page readonly
|
||
|
286E000
|
stack
|
page read and write
|
||
|
1ECEE600000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
277F3C4A000
|
heap
|
page read and write
|
||
|
15BE33D0000
|
trusted library section
|
page readonly
|
||
|
20D02908000
|
heap
|
page read and write
|
||
|
8DE000
|
stack
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
DDCB87B000
|
stack
|
page read and write
|
||
|
260B000
|
direct allocation
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
696000
|
heap
|
page read and write
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
78804FE000
|
stack
|
page read and write
|
||
|
15BE2D13000
|
heap
|
page read and write
|
||
|
638000
|
heap
|
page read and write
|
||
|
277F3D02000
|
heap
|
page read and write
|
||
|
2820000
|
trusted library allocation
|
page read and write
|
||
|
608000
|
heap
|
page read and write
|
||
|
220DB302000
|
heap
|
page read and write
|
||
|
23FC3A29000
|
heap
|
page read and write
|
||
|
B2D5E7B000
|
stack
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
1ECEE66C000
|
heap
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
15BE84E1000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
20D02848000
|
heap
|
page read and write
|
||
|
260B000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
15BE2C71000
|
heap
|
page read and write
|
||
|
15BE84F6000
|
heap
|
page read and write
|
||
|
1A2BC829000
|
heap
|
page read and write
|
||
|
22F0000
|
direct allocation
|
page read and write
|
||
|
1FB8FC68000
|
heap
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
684000
|
heap
|
page read and write
|
||
|
696000
|
heap
|
page read and write
|
||
|
26AFE860000
|
heap
|
page read and write
|
||
|
15BE82D0000
|
trusted library allocation
|
page read and write
|
||
|
1ECEE644000
|
heap
|
page read and write
|
||
|
26AFE630000
|
heap
|
page read and write
|
||
|
15BE2BF3000
|
trusted library allocation
|
page read and write
|
||
|
688000
|
heap
|
page read and write
|
||
|
1FB903B0000
|
trusted library allocation
|
page read and write
|
||
|
4A6000
|
heap
|
page read and write
|
||
|
26AFE813000
|
heap
|
page read and write
|
||
|
260F000
|
direct allocation
|
page read and write
|
||
|
1A2BC800000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
A2999FB000
|
stack
|
page read and write
|
||
|
15BE2BF0000
|
trusted library allocation
|
page read and write
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
688000
|
heap
|
page read and write
|
||
|
4A0000
|
remote allocation
|
page execute and read and write
|
||
|
5D0000
|
trusted library allocation
|
page read and write
|
||
|
1ECEE678000
|
heap
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
20D026D0000
|
heap
|
page read and write
|
||
|
24F0000
|
direct allocation
|
page read and write
|
||
|
15BE33B0000
|
trusted library section
|
page readonly
|
||
|
20D02829000
|
heap
|
page read and write
|
||
|
15BE8502000
|
heap
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
699000
|
heap
|
page read and write
|
||
|
282C000
|
trusted library allocation
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
20D02813000
|
heap
|
page read and write
|
||
|
1ECEE580000
|
heap
|
page read and write
|
||
|
23FC3A02000
|
heap
|
page read and write
|
||
|
15BE3BE0000
|
trusted library allocation
|
page read and write
|
||
|
15BE82B0000
|
trusted library allocation
|
page read and write
|
||
|
15BE2C00000
|
heap
|
page read and write
|
||
|
15BE82C0000
|
trusted library allocation
|
page read and write
|
||
|
B2D617B000
|
stack
|
page read and write
|
||
|
1ECEE66E000
|
heap
|
page read and write
|
||
|
44A38FC000
|
stack
|
page read and write
|
||
|
26AFE83C000
|
heap
|
page read and write
|
||
|
15BE3559000
|
heap
|
page read and write
|
||
|
8612077000
|
stack
|
page read and write
|
||
|
688000
|
heap
|
page read and write
|
||
|
20D02740000
|
heap
|
page read and write
|
||
|
15BE84F8000
|
heap
|
page read and write
|
||
|
20D03202000
|
trusted library allocation
|
page read and write
|
||
|
A105FFC000
|
stack
|
page read and write
|
||
|
26AFE868000
|
heap
|
page read and write
|
||
|
22F0000
|
direct allocation
|
page read and write
|
||
|
22F0000
|
direct allocation
|
page read and write
|
||
|
260B000
|
direct allocation
|
page read and write
|
||
|
23FC3B00000
|
heap
|
page read and write
|
||
|
78808FF000
|
stack
|
page read and write
|
||
|
1ECEE63D000
|
heap
|
page read and write
|
||
|
24F0000
|
direct allocation
|
page read and write
|
||
|
19AB4BB0000
|
trusted library allocation
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
15BE8400000
|
heap
|
page read and write
|
||
|
20D02872000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1ECEE67C000
|
heap
|
page read and write
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
24F0000
|
direct allocation
|
page read and write
|
||
|
B9D07F000
|
stack
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
20D0284C000
|
heap
|
page read and write
|
||
|
15BE84A0000
|
heap
|
page read and write
|
||
|
641000
|
heap
|
page read and write
|
||
|
15BE841C000
|
heap
|
page read and write
|
||
|
8611EFB000
|
stack
|
page read and write
|
||
|
1FB8FC40000
|
heap
|
page read and write
|
||
|
86119DB000
|
stack
|
page read and write
|
||
|
15BE3701000
|
trusted library allocation
|
page read and write
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
15BE2C29000
|
heap
|
page read and write
|
||
|
1ECEE659000
|
heap
|
page read and write
|
||
|
15BE81C0000
|
trusted library allocation
|
page read and write
|
||
|
4A0000
|
remote allocation
|
page execute and read and write
|
||
|
15BE84FA000
|
heap
|
page read and write
|
||
|
1A2BC8C8000
|
heap
|
page read and write
|
||
|
1A2BD139000
|
heap
|
page read and write
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
1ECEE647000
|
heap
|
page read and write
|
||
|
23FC3B13000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
20D02913000
|
heap
|
page read and write
|
||
|
A10573C000
|
stack
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
23FC3920000
|
heap
|
page read and write
|
||
|
699000
|
heap
|
page read and write
|
||
|
645000
|
heap
|
page read and write
|
||
|
788057E000
|
stack
|
page read and write
|
||
|
B9C6F9000
|
stack
|
page read and write
|
||
|
1FB8FC79000
|
heap
|
page read and write
|
||
|
A1061FE000
|
stack
|
page read and write
|
||
|
638000
|
heap
|
page read and write
|
||
|
691000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
B9CE7B000
|
stack
|
page read and write
|
||
|
220DB318000
|
heap
|
page read and write
|
||
|
15BE8411000
|
heap
|
page read and write
|
||
|
638000
|
heap
|
page read and write
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
696000
|
heap
|
page read and write
|
||
|
788087D000
|
stack
|
page read and write
|
||
|
480000
|
trusted library allocation
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
15BE2C58000
|
heap
|
page read and write
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
220DCD02000
|
heap
|
page read and write
|
||
|
15BE82F0000
|
trusted library allocation
|
page read and write
|
||
|
689000
|
heap
|
page read and write
|
||
|
19B000
|
stack
|
page read and write
|
||
|
220DB010000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
2264E7E000
|
stack
|
page read and write
|
||
|
24E0000
|
heap
|
page read and write
|
||
|
1FB90402000
|
trusted library allocation
|
page read and write
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
6A4000
|
heap
|
page read and write
|
||
|
15BE81C4000
|
trusted library allocation
|
page read and write
|
||
|
15BE3415000
|
heap
|
page read and write
|
||
|
15BE81A0000
|
trusted library allocation
|
page read and write
|
||
|
277F3A00000
|
heap
|
page read and write
|
||
|
19AB4C5F000
|
heap
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
26AFE880000
|
heap
|
page read and write
|
||
|
1FB8FC55000
|
heap
|
page read and write
|
||
|
300747F000
|
stack
|
page read and write
|
||
|
44A387F000
|
stack
|
page read and write
|
||
|
220DB213000
|
heap
|
page read and write
|
||
|
220DB25B000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1ECEE67B000
|
heap
|
page read and write
|
||
|
220DB1E0000
|
remote allocation
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
1ECEE640000
|
heap
|
page read and write
|
||
|
20D0284F000
|
heap
|
page read and write
|
||
|
1ECEE657000
|
heap
|
page read and write
|
||
|
61D000
|
heap
|
page read and write
|
||
|
26AFE800000
|
heap
|
page read and write
|
||
|
260F000
|
direct allocation
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
861227F000
|
stack
|
page read and write
|
||
|
B9CB7F000
|
stack
|
page read and write
|
||
|
15BE33F0000
|
trusted library section
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
15BE3518000
|
heap
|
page read and write
|
||
|
44A3C7E000
|
stack
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
15BE8300000
|
remote allocation
|
page read and write
|
||
|
20D026E0000
|
heap
|
page read and write
|
||
|
23FC3A13000
|
heap
|
page read and write
|
||
|
788067E000
|
stack
|
page read and write
|
||
|
281F000
|
stack
|
page read and write
|
||
|
1ECEE65F000
|
heap
|
page read and write
|
||
|
1A2BC813000
|
heap
|
page read and write
|
||
|
689000
|
heap
|
page read and write
|
||
|
688000
|
heap
|
page read and write
|
||
|
A105B7F000
|
stack
|
page read and write
|
||
|
1ECEE642000
|
heap
|
page read and write
|
||
|
300757E000
|
stack
|
page read and write
|
||
|
689000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
26AFE854000
|
heap
|
page read and write
|
||
|
A1060FC000
|
stack
|
page read and write
|
||
|
A299BFF000
|
stack
|
page read and write
|
||
|
26AFE902000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
19A000
|
stack
|
page read and write
|
||
|
5BE000
|
stack
|
page read and write
|
||
|
15BE2CF8000
|
heap
|
page read and write
|
||
|
8611DFC000
|
stack
|
page read and write
|
||
|
15BE8500000
|
heap
|
page read and write
|
||
|
15BE81E0000
|
trusted library allocation
|
page read and write
|
||
|
68A000
|
heap
|
page read and write
|
||
|
DDCB97E000
|
stack
|
page read and write
|
||
|
585000
|
heap
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
1A2BC7B0000
|
trusted library allocation
|
page read and write
|
||
|
15BE84F2000
|
heap
|
page read and write
|
||
|
2406000
|
direct allocation
|
page read and write
|
||
|
220DB130000
|
trusted library allocation
|
page read and write
|
||
|
B2D5F7E000
|
stack
|
page read and write
|
||
|
1A2BD002000
|
heap
|
page read and write
|
||
|
15BE29A0000
|
heap
|
page read and write
|
||
|
15BE2B00000
|
trusted library allocation
|
page read and write
|
||
|
A299AFB000
|
stack
|
page read and write
|
||
|
260F000
|
direct allocation
|
page read and write
|
||
|
A105DFE000
|
stack
|
page read and write
|
||
|
220DB273000
|
heap
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
1A2BC886000
|
heap
|
page read and write
|
||
|
277F3C51000
|
heap
|
page read and write
|
||
|
634000
|
heap
|
page read and write
|
||
|
1FB8FD02000
|
heap
|
page read and write
|
||
|
47E000
|
stack
|
page read and write
|
||
|
1ECEE5B0000
|
trusted library allocation
|
page read and write
|
||
|
19AB4C88000
|
heap
|
page read and write
|
||
|
4A0000
|
remote allocation
|
page execute and read and write
|
||
|
DDCBEFE000
|
stack
|
page read and write
|
||
|
68E000
|
heap
|
page read and write
|
||
|
220DB24B000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
1ECEE520000
|
heap
|
page read and write
|
||
|
15BE81D0000
|
trusted library allocation
|
page read and write
|
||
|
230F000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
15BE843E000
|
heap
|
page read and write
|
||
|
24F0000
|
direct allocation
|
page read and write
|
||
|
B9C9FB000
|
stack
|
page read and write
|
||
|
15BE8080000
|
trusted library allocation
|
page read and write
|
||
|
1ECEE613000
|
heap
|
page read and write
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
688000
|
heap
|
page read and write
|
||
|
15BE81AE000
|
trusted library allocation
|
page read and write
|
||
|
220DB202000
|
heap
|
page read and write
|
||
|
23FC3930000
|
heap
|
page read and write
|
||
|
15BE8090000
|
trusted library allocation
|
page read and write
|
||
|
19AB4C00000
|
heap
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
B9C8FA000
|
stack
|
page read and write
|
||
|
277F3B30000
|
remote allocation
|
page read and write
|
||
|
1FB8FC63000
|
heap
|
page read and write
|
||
|
22F0000
|
direct allocation
|
page read and write
|
||
|
696000
|
heap
|
page read and write
|
||
|
15BE84FC000
|
heap
|
page read and write
|
||
|
220DAFA0000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
691000
|
heap
|
page read and write
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
15BE3518000
|
heap
|
page read and write
|
||
|
1A2BC8C0000
|
heap
|
page read and write
|
||
|
2406000
|
direct allocation
|
page read and write
|
||
|
26AFE85C000
|
heap
|
page read and write
|
||
|
220DB313000
|
heap
|
page read and write
|
||
|
1ECEE646000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
510000
|
direct allocation
|
page execute and read and write
|
||
|
220DAFB0000
|
heap
|
page read and write
|
||
|
1ECEE641000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
2406000
|
direct allocation
|
page read and write
|
||
|
15BE2990000
|
heap
|
page read and write
|
||
|
44A357C000
|
stack
|
page read and write
|
||
|
427000
|
unkown
|
page read and write
|
||
|
260F000
|
direct allocation
|
page read and write
|
||
|
1ECEE658000
|
heap
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
19AB4C40000
|
heap
|
page read and write
|
||
|
B2D5EFE000
|
stack
|
page read and write
|
||
|
3006D7F000
|
stack
|
page read and write
|
||
|
26AFE802000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page read and write
|
||
|
1FB8FB10000
|
heap
|
page read and write
|
||
|
402000
|
unkown
|
page readonly
|
||
|
402000
|
unkown
|
page readonly
|
||
|
3006E7D000
|
stack
|
page read and write
|
||
|
272E000
|
stack
|
page read and write
|
||
|
26AFE829000
|
heap
|
page read and write
|
||
|
75E000
|
stack
|
page read and write
|
||
|
19AB5602000
|
trusted library allocation
|
page read and write
|
||
|
15BE84FE000
|
heap
|
page read and write
|
||
|
861217F000
|
stack
|
page read and write
|
||
|
15BE81E4000
|
trusted library allocation
|
page read and write
|
||
|
688000
|
heap
|
page read and write
|
||
|
15BE3502000
|
heap
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
2406000
|
direct allocation
|
page read and write
|
||
|
226517E000
|
stack
|
page read and write
|
||
|
435000
|
unkown
|
page read and write
|
||
|
691000
|
heap
|
page read and write
|
||
|
DDCBCF7000
|
stack
|
page read and write
|
||
|
23FC3B02000
|
heap
|
page read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1A2BC8B9000
|
heap
|
page read and write
|
||
|
260B000
|
direct allocation
|
page read and write
|
||
|
226507E000
|
stack
|
page read and write
|
||
|
4E0000
|
trusted library allocation
|
page read and write
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
1ECEE67F000
|
heap
|
page read and write
|
||
|
19AB4C6A000
|
heap
|
page read and write
|
||
|
15BE82E0000
|
trusted library allocation
|
page read and write
|
||
|
15BE4000000
|
trusted library allocation
|
page read and write
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
1ECEE702000
|
heap
|
page read and write
|
||
|
260B000
|
direct allocation
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
220DB1A0000
|
trusted library allocation
|
page read and write
|
||
|
A2994AB000
|
stack
|
page read and write
|
||
|
44A3E7F000
|
stack
|
page read and write
|
||
|
23FC39C0000
|
trusted library allocation
|
page read and write
|
||
|
2240000
|
direct allocation
|
page read and write
|
||
|
402000
|
unkown
|
page readonly
|
||
|
300707E000
|
stack
|
page read and write
|
||
|
23FC3A8B000
|
heap
|
page read and write
|
||
|
19AB4C70000
|
heap
|
page read and write
|
||
|
277F3C2A000
|
heap
|
page read and write
|
||
|
26AFE88A000
|
heap
|
page read and write
|
||
|
20D02770000
|
trusted library allocation
|
page read and write
|
||
|
643000
|
heap
|
page read and write
|
||
|
26AFF002000
|
trusted library allocation
|
page read and write
|
||
|
1ECEE65C000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
1A2BD100000
|
heap
|
page read and write
|
||
|
1ECEE629000
|
heap
|
page read and write
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
15BE84DC000
|
heap
|
page read and write
|
||
|
20D02854000
|
heap
|
page read and write
|
||
|
19AB4C5B000
|
heap
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
277F39A0000
|
heap
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
220DCC02000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
688000
|
heap
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
15BE81A0000
|
trusted library allocation
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
1ECEE660000
|
heap
|
page read and write
|
||
|
8FF000
|
stack
|
page read and write
|
||
|
15BE3559000
|
heap
|
page read and write
|
||
|
23FC3A3C000
|
heap
|
page read and write
|
||
|
26AFE730000
|
trusted library allocation
|
page read and write
|
||
|
89F000
|
stack
|
page read and write
|
||
|
2406000
|
direct allocation
|
page read and write
|
||
|
B9C09B000
|
stack
|
page read and write
|
There are 657 hidden memdumps, click here to show them.