Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
vNcHHC1HKe.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\dtlrkp.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\hzuplybmb
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\q3e3yvw7kwoie
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\C79A3B\B52B3F.exe (copy)
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\C79A3B\B52B3F.lck
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-3853321935-2125563209-4053062332-1002\21c8026919fd094ab07ec3c180a9f210_d06ed635-68f6-4e9a-955c-4899f5f57b9a
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\vNcHHC1HKe.exe
|
"C:\Users\user\Desktop\vNcHHC1HKe.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\dtlrkp.exe
|
C:\Users\user\AppData\Local\Temp\dtlrkp.exe C:\Users\user\AppData\Local\Temp\hzuplybmb
|
|
|
|
C:\Users\user\AppData\Local\Temp\dtlrkp.exe
|
C:\Users\user\AppData\Local\Temp\dtlrkp.exe C:\Users\user\AppData\Local\Temp\hzuplybmb
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://kbfvzoboss.bid/alien/fre.php
|
|
||
|
http://alphastand.win/alien/fre.php
|
|
||
|
http://alphastand.trade/alien/fre.php
|
|
||
|
http://37.0.11.227/sarag/five/fre.php
|
37.0.11.227
|
|
|
|
http://alphastand.top/alien/fre.php
|
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://www.ibsensoftware.com/
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
37.0.11.227
|
unknown
|
Netherlands
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
8B0000
|
direct allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
40A000
|
unkown
|
page write copy
|
||
|
11ABAFA7000
|
heap
|
page read and write
|
||
|
E17887C000
|
stack
|
page read and write
|
||
|
11ABAFA5000
|
heap
|
page read and write
|
||
|
1A8E90E0000
|
heap
|
page read and write
|
||
|
168E3077000
|
heap
|
page read and write
|
||
|
5C9000
|
heap
|
page read and write
|
||
|
17456FF000
|
stack
|
page read and write
|
||
|
11ABAF65000
|
heap
|
page read and write
|
||
|
234B000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
168E8460000
|
trusted library allocation
|
page read and write
|
||
|
168E8800000
|
trusted library allocation
|
page read and write
|
||
|
168E3113000
|
heap
|
page read and write
|
||
|
1A194360000
|
heap
|
page read and write
|
||
|
21B6000
|
direct allocation
|
page read and write
|
||
|
168E8830000
|
trusted library allocation
|
page read and write
|
||
|
11ABAF73000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
15325565000
|
heap
|
page read and write
|
||
|
11ABAF64000
|
heap
|
page read and write
|
||
|
11ABB418000
|
heap
|
page read and write
|
||
|
62E000
|
stack
|
page read and write
|
||
|
11ABAF66000
|
heap
|
page read and write
|
||
|
15325543000
|
heap
|
page read and write
|
||
|
168E8950000
|
trusted library allocation
|
page read and write
|
||
|
21B6000
|
direct allocation
|
page read and write
|
||
|
20A0000
|
direct allocation
|
page read and write
|
||
|
1BDA3428000
|
heap
|
page read and write
|
||
|
168E3959000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
153254E5000
|
heap
|
page read and write
|
||
|
168E3126000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1BDA3C02000
|
trusted library allocation
|
page read and write
|
||
|
1A19446B000
|
heap
|
page read and write
|
||
|
17455FF000
|
stack
|
page read and write
|
||
|
168E30FD000
|
heap
|
page read and write
|
||
|
5C9000
|
heap
|
page read and write
|
||
|
168E3B01000
|
trusted library allocation
|
page read and write
|
||
|
21B6000
|
direct allocation
|
page read and write
|
||
|
8A0000
|
direct allocation
|
page execute and read and write
|
||
|
168E8708000
|
heap
|
page read and write
|
||
|
65F12FC000
|
stack
|
page read and write
|
||
|
168E3013000
|
heap
|
page read and write
|
||
|
168E3800000
|
heap
|
page read and write
|
||
|
1A19448B000
|
heap
|
page read and write
|
||
|
AF92D5C000
|
stack
|
page read and write
|
||
|
168E8960000
|
remote allocation
|
page read and write
|
||
|
11ABAFA5000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
11ABAF98000
|
heap
|
page read and write
|
||
|
168E8808000
|
trusted library allocation
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
11ABAFD9000
|
heap
|
page read and write
|
||
|
168E30A0000
|
heap
|
page read and write
|
||
|
306F000
|
stack
|
page read and write
|
||
|
2230000
|
direct allocation
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
BE10FE000
|
stack
|
page read and write
|
||
|
15325550000
|
heap
|
page read and write
|
||
|
17451FA000
|
stack
|
page read and write
|
||
|
11ABAFD9000
|
heap
|
page read and write
|
||
|
168E3815000
|
heap
|
page read and write
|
||
|
67E000
|
stack
|
page read and write
|
||
|
1BDA346F000
|
heap
|
page read and write
|
||
|
234B000
|
direct allocation
|
page read and write
|
||
|
20A0000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
19B000
|
stack
|
page read and write
|
||
|
1A8E916B000
|
heap
|
page read and write
|
||
|
404000
|
unkown
|
page readonly
|
||
|
168E40C0000
|
trusted library section
|
page readonly
|
||
|
2BC8F05C000
|
heap
|
page read and write
|
||
|
AF9337E000
|
stack
|
page read and write
|
||
|
4A0000
|
remote allocation
|
page execute and read and write
|
||
|
18B49282000
|
heap
|
page read and write
|
||
|
168E2FF0000
|
trusted library allocation
|
page read and write
|
||
|
168E8706000
|
heap
|
page read and write
|
||
|
168E86F1000
|
heap
|
page read and write
|
||
|
11ABAFB5000
|
heap
|
page read and write
|
||
|
2BC8EE50000
|
heap
|
page read and write
|
||
|
168E303D000
|
heap
|
page read and write
|
||
|
18B48FB0000
|
heap
|
page read and write
|
||
|
11ABAF65000
|
heap
|
page read and write
|
||
|
2FF9D77000
|
stack
|
page read and write
|
||
|
168E8960000
|
remote allocation
|
page read and write
|
||
|
402000
|
unkown
|
page readonly
|
||
|
2210000
|
heap
|
page read and write
|
||
|
6C3000
|
heap
|
page read and write
|
||
|
168E3102000
|
heap
|
page read and write
|
||
|
2BC8F100000
|
heap
|
page read and write
|
||
|
11ABAF65000
|
heap
|
page read and write
|
||
|
1BDA3402000
|
heap
|
page read and write
|
||
|
18B49263000
|
heap
|
page read and write
|
||
|
168E40F0000
|
trusted library section
|
page readonly
|
||
|
680000
|
heap
|
page read and write
|
||
|
11ABAF64000
|
heap
|
page read and write
|
||
|
168E8600000
|
heap
|
page read and write
|
||
|
168E880E000
|
trusted library allocation
|
page read and write
|
||
|
11ABAF69000
|
heap
|
page read and write
|
||
|
17450F9000
|
stack
|
page read and write
|
||
|
11ABAF8A000
|
heap
|
page read and write
|
||
|
17457FE000
|
stack
|
page read and write
|
||
|
168E86FD000
|
heap
|
page read and write
|
||
|
11ABB402000
|
heap
|
page read and write
|
||
|
11ABAF94000
|
heap
|
page read and write
|
||
|
11ABAFA5000
|
heap
|
page read and write
|
||
|
BE13FC000
|
stack
|
page read and write
|
||
|
E178A77000
|
stack
|
page read and write
|
||
|
21B6000
|
direct allocation
|
page read and write
|
||
|
6BB000
|
heap
|
page read and write
|
||
|
168E8704000
|
heap
|
page read and write
|
||
|
11ABAF66000
|
heap
|
page read and write
|
||
|
234B000
|
direct allocation
|
page read and write
|
||
|
404000
|
unkown
|
page readonly
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
11ABB402000
|
heap
|
page read and write
|
||
|
78D000
|
stack
|
page read and write
|
||
|
11ABAF75000
|
heap
|
page read and write
|
||
|
265F000
|
stack
|
page read and write
|
||
|
17452FE000
|
stack
|
page read and write
|
||
|
11ABAFC9000
|
heap
|
page read and write
|
||
|
2210000
|
heap
|
page read and write
|
||
|
20A0000
|
direct allocation
|
page read and write
|
||
|
168E86DB000
|
heap
|
page read and write
|
||
|
168E86E0000
|
heap
|
page read and write
|
||
|
168E8821000
|
trusted library allocation
|
page read and write
|
||
|
11ABAF69000
|
heap
|
page read and write
|
||
|
2766000
|
trusted library allocation
|
page read and write
|
||
|
234F000
|
direct allocation
|
page read and write
|
||
|
168E3000000
|
heap
|
page read and write
|
||
|
5EE000
|
stack
|
page read and write
|
||
|
40C000
|
unkown
|
page read and write
|
||
|
1A8E916B000
|
heap
|
page read and write
|
||
|
2BC8F05D000
|
heap
|
page read and write
|
||
|
11ABB402000
|
heap
|
page read and write
|
||
|
59E000
|
stack
|
page read and write
|
||
|
11ABAFAB000
|
heap
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
168E3079000
|
heap
|
page read and write
|
||
|
1A194513000
|
heap
|
page read and write
|
||
|
43B000
|
unkown
|
page readonly
|
||
|
35FC74B000
|
stack
|
page read and write
|
||
|
11ABAFA1000
|
heap
|
page read and write
|
||
|
11ABAF69000
|
heap
|
page read and write
|
||
|
1A8EA020000
|
heap
|
page readonly
|
||
|
18B49308000
|
heap
|
page read and write
|
||
|
81F000
|
stack
|
page read and write
|
||
|
168E30B0000
|
heap
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
1A194402000
|
heap
|
page read and write
|
||
|
2BC8F078000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
AF9347B000
|
stack
|
page read and write
|
||
|
11ABAF69000
|
heap
|
page read and write
|
||
|
20A0000
|
direct allocation
|
page read and write
|
||
|
11ABAF66000
|
heap
|
page read and write
|
||
|
11ABAFA5000
|
heap
|
page read and write
|
||
|
18B4925C000
|
heap
|
page read and write
|
||
|
21B6000
|
direct allocation
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
168E8648000
|
heap
|
page read and write
|
||
|
234F000
|
direct allocation
|
page read and write
|
||
|
1A8EA010000
|
trusted library allocation
|
page read and write
|
||
|
1A194E02000
|
trusted library allocation
|
page read and write
|
||
|
1745B7F000
|
stack
|
page read and write
|
||
|
2BC8F108000
|
heap
|
page read and write
|
||
|
2BC8F002000
|
heap
|
page read and write
|
||
|
11ABAF65000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
234F000
|
direct allocation
|
page read and write
|
||
|
1A194390000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
168E86F5000
|
heap
|
page read and write
|
||
|
2FF975E000
|
stack
|
page read and write
|
||
|
6C6000
|
heap
|
page read and write
|
||
|
168E3913000
|
heap
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
402000
|
unkown
|
page readonly
|
||
|
11ABAFB9000
|
heap
|
page read and write
|
||
|
2BC8F03C000
|
heap
|
page read and write
|
||
|
1A194502000
|
heap
|
page read and write
|
||
|
2230000
|
direct allocation
|
page read and write
|
||
|
2BC8F078000
|
heap
|
page read and write
|
||
|
15325545000
|
heap
|
page read and write
|
||
|
11ABAF69000
|
heap
|
page read and write
|
||
|
2BC8F113000
|
heap
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
168E3902000
|
heap
|
page read and write
|
||
|
1A8E8F90000
|
heap
|
page read and write
|
||
|
1A8EA040000
|
trusted library allocation
|
page read and write
|
||
|
168E2DF0000
|
heap
|
page read and write
|
||
|
15325537000
|
heap
|
page read and write
|
||
|
1A8E8F80000
|
heap
|
page read and write
|
||
|
168E2F60000
|
trusted library allocation
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
2BC8F000000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
11ABAF69000
|
heap
|
page read and write
|
||
|
11ABAF69000
|
heap
|
page read and write
|
||
|
174577E000
|
stack
|
page read and write
|
||
|
6C6000
|
heap
|
page read and write
|
||
|
1A194462000
|
heap
|
page read and write
|
||
|
1744BFB000
|
stack
|
page read and write
|
||
|
168E865F000
|
heap
|
page read and write
|
||
|
57E000
|
stack
|
page read and write
|
||
|
11ABAF94000
|
heap
|
page read and write
|
||
|
35FCF7D000
|
stack
|
page read and write
|
||
|
168E8844000
|
trusted library allocation
|
page read and write
|
||
|
168E8800000
|
trusted library allocation
|
page read and write
|
||
|
65F13FF000
|
stack
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
35FC7CE000
|
stack
|
page read and write
|
||
|
1BDA3451000
|
heap
|
page read and write
|
||
|
15325550000
|
heap
|
page read and write
|
||
|
4B8000
|
heap
|
page read and write
|
||
|
11ABA6EC000
|
heap
|
page read and write
|
||
|
2FF9F7D000
|
stack
|
page read and write
|
||
|
2FF96DB000
|
stack
|
page read and write
|
||
|
18B49261000
|
heap
|
page read and write
|
||
|
11ABAF69000
|
heap
|
page read and write
|
||
|
51F000
|
heap
|
page read and write
|
||
|
A1F000
|
stack
|
page read and write
|
||
|
404000
|
unkown
|
page readonly
|
||
|
18B49300000
|
heap
|
page read and write
|
||
|
11ABAF94000
|
heap
|
page read and write
|
||
|
11ABAF7F000
|
heap
|
page read and write
|
||
|
18B49213000
|
heap
|
page read and write
|
||
|
18B49A02000
|
trusted library allocation
|
page read and write
|
||
|
234B000
|
direct allocation
|
page read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
17454FB000
|
stack
|
page read and write
|
||
|
234B000
|
direct allocation
|
page read and write
|
||
|
11ABAF69000
|
heap
|
page read and write
|
||
|
11ABAF69000
|
heap
|
page read and write
|
||
|
18B49200000
|
heap
|
page read and write
|
||
|
11ABAFC6000
|
heap
|
page read and write
|
||
|
11ABA6E9000
|
heap
|
page read and write
|
||
|
11ABA6AB000
|
heap
|
page read and write
|
||
|
168E8920000
|
trusted library allocation
|
page read and write
|
||
|
11ABAF65000
|
heap
|
page read and write
|
||
|
234B000
|
direct allocation
|
page read and write
|
||
|
11ABAF94000
|
heap
|
page read and write
|
||
|
35FCB7C000
|
stack
|
page read and write
|
||
|
6A1000
|
heap
|
page read and write
|
||
|
1A194300000
|
heap
|
page read and write
|
||
|
404000
|
unkown
|
page readonly
|
||
|
97F000
|
stack
|
page read and write
|
||
|
168E86EB000
|
heap
|
page read and write
|
||
|
1A8EA030000
|
trusted library allocation
|
page read and write
|
||
|
168E2FF3000
|
trusted library allocation
|
page read and write
|
||
|
1A194413000
|
heap
|
page read and write
|
||
|
218E000
|
stack
|
page read and write
|
||
|
15325520000
|
heap
|
page read and write
|
||
|
11ABB418000
|
heap
|
page read and write
|
||
|
11ABAF6A000
|
heap
|
page read and write
|
||
|
1A8E9110000
|
heap
|
page read and write
|
||
|
11ABB402000
|
heap
|
page read and write
|
||
|
1BDA33E0000
|
trusted library allocation
|
page read and write
|
||
|
5D5000
|
heap
|
page read and write
|
||
|
2BC8F802000
|
trusted library allocation
|
page read and write
|
||
|
2BC8F08A000
|
heap
|
page read and write
|
||
|
1A8E9D50000
|
trusted library allocation
|
page read and write
|
||
|
2230000
|
direct allocation
|
page read and write
|
||
|
168E86F9000
|
heap
|
page read and write
|
||
|
20A0000
|
direct allocation
|
page read and write
|
||
|
11ABAF6E000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
11ABAF6C000
|
heap
|
page read and write
|
||
|
1A8E8F95000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
234B000
|
direct allocation
|
page read and write
|
||
|
1A194454000
|
heap
|
page read and write
|
||
|
168E309E000
|
heap
|
page read and write
|
||
|
1BDA3270000
|
heap
|
page read and write
|
||
|
2230000
|
direct allocation
|
page read and write
|
||
|
427000
|
unkown
|
page read and write
|
||
|
11ABAF69000
|
heap
|
page read and write
|
||
|
404000
|
unkown
|
page readonly
|
||
|
1A19442C000
|
heap
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
168E8702000
|
heap
|
page read and write
|
||
|
1A194462000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
550000
|
trusted library allocation
|
page read and write
|
||
|
11ABAF6D000
|
heap
|
page read and write
|
||
|
2FF9BFB000
|
stack
|
page read and write
|
||
|
BE11FF000
|
stack
|
page read and write
|
||
|
234F000
|
direct allocation
|
page read and write
|
||
|
11ABB340000
|
remote allocation
|
page read and write
|
||
|
11ABAF69000
|
heap
|
page read and write
|
||
|
65F137F000
|
stack
|
page read and write
|
||
|
168E8930000
|
trusted library allocation
|
page read and write
|
||
|
168E862D000
|
heap
|
page read and write
|
||
|
15325537000
|
heap
|
page read and write
|
||
|
11ABAF96000
|
heap
|
page read and write
|
||
|
BE137F000
|
stack
|
page read and write
|
||
|
65F16F9000
|
stack
|
page read and write
|
||
|
2230000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
435000
|
unkown
|
page read and write
|
||
|
168E8708000
|
heap
|
page read and write
|
||
|
645000
|
heap
|
page read and write
|
||
|
BE107A000
|
stack
|
page read and write
|
||
|
1BDA3413000
|
heap
|
page read and write
|
||
|
11ABA6AC000
|
heap
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
168E2F70000
|
trusted library section
|
page read and write
|
||
|
59A000
|
heap
|
page read and write
|
||
|
11ABAF69000
|
heap
|
page read and write
|
||
|
2240000
|
direct allocation
|
page read and write
|
||
|
11ABAF69000
|
heap
|
page read and write
|
||
|
168E8820000
|
trusted library allocation
|
page read and write
|
||
|
11ABAF69000
|
heap
|
page read and write
|
||
|
168E8700000
|
heap
|
page read and write
|
||
|
11ABAFD5000
|
heap
|
page read and write
|
||
|
272F000
|
stack
|
page read and write
|
||
|
11ABAF94000
|
heap
|
page read and write
|
||
|
5CE000
|
heap
|
page read and write
|
||
|
402000
|
unkown
|
page readonly
|
||
|
404000
|
unkown
|
page readonly
|
||
|
65F167C000
|
stack
|
page read and write
|
||
|
11ABAF69000
|
heap
|
page read and write
|
||
|
1A8E9120000
|
heap
|
page read and write
|
||
|
402000
|
unkown
|
page readonly
|
||
|
18B49020000
|
heap
|
page read and write
|
||
|
11ABAF7E000
|
heap
|
page read and write
|
||
|
E17897B000
|
stack
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
9D000
|
stack
|
page read and write
|
||
|
11ABAF8A000
|
heap
|
page read and write
|
||
|
402000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1A8E9DC0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
2240000
|
direct allocation
|
page read and write
|
||
|
11ABAF65000
|
heap
|
page read and write
|
||
|
65F187E000
|
stack
|
page read and write
|
||
|
11ABB402000
|
heap
|
page read and write
|
||
|
65F177E000
|
stack
|
page read and write
|
||
|
11ABAF69000
|
heap
|
page read and write
|
||
|
153254E0000
|
heap
|
page read and write
|
||
|
168E30AE000
|
heap
|
page read and write
|
||
|
2BC8F102000
|
heap
|
page read and write
|
||
|
2BC8F052000
|
heap
|
page read and write
|
||
|
6C6000
|
heap
|
page read and write
|
||
|
1A19444E000
|
heap
|
page read and write
|
||
|
2BC8F05E000
|
heap
|
page read and write
|
||
|
1A8E9100000
|
trusted library allocation
|
page read and write
|
||
|
168E3900000
|
heap
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
11ABAF8C000
|
heap
|
page read and write
|
||
|
1A8E9210000
|
trusted library allocation
|
page read and write
|
||
|
2FF9E7E000
|
stack
|
page read and write
|
||
|
11ABAF75000
|
heap
|
page read and write
|
||
|
1A8E916D000
|
heap
|
page read and write
|
||
|
11ABAF73000
|
heap
|
page read and write
|
||
|
2BC8F05A000
|
heap
|
page read and write
|
||
|
2247000
|
direct allocation
|
page read and write
|
||
|
11ABAF63000
|
heap
|
page read and write
|
||
|
2BC8EE60000
|
heap
|
page read and write
|
||
|
168E3918000
|
heap
|
page read and write
|
||
|
18B49313000
|
heap
|
page read and write
|
||
|
21B6000
|
direct allocation
|
page read and write
|
||
|
425000
|
unkown
|
page read and write
|
||
|
15325549000
|
heap
|
page read and write
|
||
|
11ABAF69000
|
heap
|
page read and write
|
||
|
168E8830000
|
trusted library allocation
|
page read and write
|
||
|
174597E000
|
stack
|
page read and write
|
||
|
21B6000
|
direct allocation
|
page read and write
|
||
|
11ABAFA5000
|
heap
|
page read and write
|
||
|
174587F000
|
stack
|
page read and write
|
||
|
15325532000
|
heap
|
page read and write
|
||
|
168E2FD1000
|
trusted library allocation
|
page read and write
|
||
|
11ABAF69000
|
heap
|
page read and write
|
||
|
1BDA3400000
|
heap
|
page read and write
|
||
|
11ABAF94000
|
heap
|
page read and write
|
||
|
1744FF7000
|
stack
|
page read and write
|
||
|
1A19443C000
|
heap
|
page read and write
|
||
|
234F000
|
direct allocation
|
page read and write
|
||
|
168E8653000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
87F000
|
stack
|
page read and write
|
||
|
2BC8EEC0000
|
heap
|
page read and write
|
||
|
2BC8F013000
|
heap
|
page read and write
|
||
|
18B4922A000
|
heap
|
page read and write
|
||
|
168E86B0000
|
heap
|
page read and write
|
||
|
5C9000
|
heap
|
page read and write
|
||
|
18B49302000
|
heap
|
page read and write
|
||
|
168E306F000
|
heap
|
page read and write
|
||
|
5CF000
|
heap
|
page read and write
|
||
|
168E8940000
|
trusted library allocation
|
page read and write
|
||
|
2FF97DE000
|
stack
|
page read and write
|
||
|
168E8699000
|
heap
|
page read and write
|
||
|
21EE000
|
stack
|
page read and write
|
||
|
168E863B000
|
heap
|
page read and write
|
||
|
18B49299000
|
heap
|
page read and write
|
||
|
1A194429000
|
heap
|
page read and write
|
||
|
E178C7F000
|
stack
|
page read and write
|
||
|
153254A0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1BDA3500000
|
heap
|
page read and write
|
||
|
88E000
|
stack
|
page read and write
|
||
|
11ABB340000
|
remote allocation
|
page read and write
|
||
|
1A8E918F000
|
heap
|
page read and write
|
||
|
11ABB340000
|
remote allocation
|
page read and write
|
||
|
11ABAF65000
|
heap
|
page read and write
|
||
|
18B4923C000
|
heap
|
page read and write
|
||
|
168E40D0000
|
trusted library section
|
page readonly
|
||
|
2FF9C7E000
|
stack
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
1A194500000
|
heap
|
page read and write
|
||
|
4A0000
|
remote allocation
|
page execute and read and write
|
||
|
11ABAF73000
|
heap
|
page read and write
|
||
|
168E84F0000
|
trusted library allocation
|
page read and write
|
||
|
11ABAF94000
|
heap
|
page read and write
|
||
|
18B48FC0000
|
heap
|
page read and write
|
||
|
1A8EA090000
|
trusted library allocation
|
page read and write
|
||
|
168E8910000
|
trusted library allocation
|
page read and write
|
||
|
11ABAF69000
|
heap
|
page read and write
|
||
|
1532554A000
|
heap
|
page read and write
|
||
|
1A8E9DD0000
|
trusted library allocation
|
page read and write
|
||
|
4E0000
|
trusted library allocation
|
page read and write
|
||
|
168E4100000
|
trusted library section
|
page readonly
|
||
|
1A1942F0000
|
heap
|
page read and write
|
||
|
11ABAF64000
|
heap
|
page read and write
|
||
|
174567E000
|
stack
|
page read and write
|
||
|
E17877E000
|
stack
|
page read and write
|
||
|
168E8960000
|
trusted library allocation
|
page read and write
|
||
|
BE117E000
|
stack
|
page read and write
|
||
|
168E3093000
|
heap
|
page read and write
|
||
|
11ABB402000
|
heap
|
page read and write
|
||
|
1BDA3513000
|
heap
|
page read and write
|
||
|
227E000
|
stack
|
page read and write
|
||
|
168E86FB000
|
heap
|
page read and write
|
||
|
11ABAFC9000
|
heap
|
page read and write
|
||
|
15325560000
|
heap
|
page read and write
|
||
|
2230000
|
direct allocation
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
6BB000
|
heap
|
page read and write
|
||
|
2230000
|
direct allocation
|
page read and write
|
||
|
168E4110000
|
trusted library section
|
page readonly
|
||
|
168E3074000
|
heap
|
page read and write
|
||
|
18B4925E000
|
heap
|
page read and write
|
||
|
1A8E916B000
|
heap
|
page read and write
|
||
|
1BDA32E0000
|
heap
|
page read and write
|
||
|
43B000
|
unkown
|
page readonly
|
||
|
234F000
|
direct allocation
|
page read and write
|
||
|
11ABAF65000
|
heap
|
page read and write
|
||
|
168E3FE0000
|
trusted library allocation
|
page read and write
|
||
|
630000
|
trusted library allocation
|
page read and write
|
||
|
11ABAF66000
|
heap
|
page read and write
|
||
|
15325527000
|
heap
|
page read and write
|
||
|
1A8E8F99000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page read and write
|
||
|
20A0000
|
direct allocation
|
page read and write
|
||
|
168E305A000
|
heap
|
page read and write
|
||
|
11ABB462000
|
heap
|
page read and write
|
||
|
1BDA3502000
|
heap
|
page read and write
|
||
|
1A194400000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
11ABAF69000
|
heap
|
page read and write
|
||
|
2BC8F082000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
168E8470000
|
trusted library allocation
|
page read and write
|
||
|
65F17F9000
|
stack
|
page read and write
|
||
|
168E3959000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
168E88D0000
|
trusted library allocation
|
page read and write
|
||
|
168E870B000
|
heap
|
page read and write
|
||
|
1A8E9156000
|
heap
|
page read and write
|
||
|
414000
|
unkown
|
page read and write
|
||
|
168E3028000
|
heap
|
page read and write
|
||
|
35FCA7F000
|
stack
|
page read and write
|
||
|
53E000
|
stack
|
page read and write
|
||
|
2BC8F059000
|
heap
|
page read and write
|
||
|
168E8840000
|
trusted library allocation
|
page read and write
|
||
|
11ABB402000
|
heap
|
page read and write
|
||
|
1A8E9164000
|
heap
|
page read and write
|
||
|
234B000
|
direct allocation
|
page read and write
|
||
|
20A0000
|
direct allocation
|
page read and write
|
||
|
AF9327B000
|
stack
|
page read and write
|
||
|
E178B7F000
|
stack
|
page read and write
|
||
|
15325480000
|
heap
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
11ABA6A4000
|
heap
|
page read and write
|
||
|
234F000
|
direct allocation
|
page read and write
|
||
|
11ABAF8A000
|
heap
|
page read and write
|
||
|
168E4460000
|
trusted library allocation
|
page read and write
|
||
|
168E8615000
|
heap
|
page read and write
|
||
|
35FCD77000
|
stack
|
page read and write
|
||
|
21B6000
|
direct allocation
|
page read and write
|
||
|
15325567000
|
heap
|
page read and write
|
||
|
11ABAF8A000
|
heap
|
page read and write
|
||
|
6C3000
|
heap
|
page read and write
|
||
|
54E000
|
stack
|
page read and write
|
||
|
1A8E9118000
|
heap
|
page read and write
|
||
|
1A8E90C0000
|
heap
|
page read and write
|
||
|
15325550000
|
heap
|
page read and write
|
||
|
275F000
|
stack
|
page read and write
|
||
|
11ABB402000
|
heap
|
page read and write
|
||
|
11ABAF65000
|
heap
|
page read and write
|
||
|
168E3802000
|
heap
|
page read and write
|
||
|
35FCE7F000
|
stack
|
page read and write
|
||
|
1A194508000
|
heap
|
page read and write
|
||
|
E17867C000
|
stack
|
page read and write
|
||
|
168E2E60000
|
heap
|
page read and write
|
||
|
1BDA3440000
|
heap
|
page read and write
|
||
|
234F000
|
direct allocation
|
page read and write
|
||
|
11ABAF69000
|
heap
|
page read and write
|
||
|
BE127E000
|
stack
|
page read and write
|
||
|
18B49120000
|
trusted library allocation
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
2BC8F02A000
|
heap
|
page read and write
|
||
|
AF9357E000
|
stack
|
page read and write
|
||
|
11ABAF5C000
|
heap
|
page read and write
|
||
|
20A0000
|
direct allocation
|
page read and write
|
||
|
168E84E0000
|
trusted library allocation
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
2BC8EFC0000
|
trusted library allocation
|
page read and write
|
||
|
168E40E0000
|
trusted library section
|
page readonly
|
||
|
11ABAF94000
|
heap
|
page read and write
|
||
|
1A8E9D60000
|
trusted library allocation
|
page read and write
|
||
|
168E86AD000
|
heap
|
page read and write
|
||
|
15325561000
|
heap
|
page read and write
|
||
|
168E861F000
|
heap
|
page read and write
|
||
|
22E0000
|
heap
|
page read and write
|
||
|
15325350000
|
heap
|
page read and write
|
||
|
168E8960000
|
remote allocation
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
1A8E917C000
|
heap
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
35FCC7B000
|
stack
|
page read and write
|
||
|
4A0000
|
remote allocation
|
page execute and read and write
|
||
|
11ABAFA3000
|
heap
|
page read and write
|
||
|
1BDA3280000
|
heap
|
page read and write
|
||
|
17453FA000
|
stack
|
page read and write
|
||
|
1C0000
|
remote allocation
|
page read and write
|
||
|
BE12F8000
|
stack
|
page read and write
|
||
|
2230000
|
direct allocation
|
page read and write
|
||
|
168E308C000
|
heap
|
page read and write
|
||
|
18B49277000
|
heap
|
page read and write
|
||
|
168E8824000
|
trusted library allocation
|
page read and write
|
||
|
E1786FE000
|
stack
|
page read and write
|
||
|
402000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
168E2E00000
|
heap
|
page read and write
|
||
|
5C9000
|
heap
|
page read and write
|
||
|
69E000
|
heap
|
page read and write
|
||
|
168E3918000
|
heap
|
page read and write
|
There are 552 hidden memdumps, click here to show them.