Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
EPAYMENT.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\ArmouryCrate.AppServiceBridge.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\NeroCmd.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Nysene7.Bru4
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\audio-x-generic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\camera-photo.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\libtclsqlite3.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\list-drag-handle-symbolic.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfA31.tmp\LangDLL.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfA31.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\EPAYMENT.exe
|
"C:\Users\user\Desktop\EPAYMENT.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
|
unknown
|
||
|
https://cdn.discordapp.com/attachments/973717070128771135/973717952987820073/a1.exe
|
|||
|
http://creativecommons.org/licenses/by-sa/4.0/
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
http://www.symauth.com/cps0(
|
unknown
|
||
|
http://www.symauth.com/rpa00
|
unknown
|
||
|
http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
|
unknown
|
||
|
http://ocsp.thawte.com0
|
unknown
|
||
|
http://www.nero.com
|
unknown
|
||
|
https://sectigo.com/CPS0D
|
unknown
|
There are 2 hidden URLs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\snoreloft\Mirakulst
|
Expand String Value
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
329F000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
188A0D70000
|
trusted library allocation
|
page read and write
|
||
|
155D8DA4000
|
heap
|
page read and write
|
||
|
530F07A000
|
stack
|
page read and write
|
||
|
4D5000
|
heap
|
page read and write
|
||
|
188A0CD0000
|
heap
|
page read and write
|
||
|
155D8D9F000
|
heap
|
page read and write
|
||
|
2288A720000
|
heap
|
page read and write
|
||
|
155D8D74000
|
heap
|
page read and write
|
||
|
155D8BC0000
|
remote allocation
|
page read and write
|
||
|
D0D747B000
|
stack
|
page read and write
|
||
|
274D842D000
|
heap
|
page read and write
|
||
|
1D002508000
|
heap
|
page read and write
|
||
|
155D9202000
|
heap
|
page read and write
|
||
|
76C000
|
heap
|
page read and write
|
||
|
2288A884000
|
heap
|
page read and write
|
||
|
1BB9ACB0000
|
trusted library allocation
|
page read and write
|
||
|
274D2C93000
|
heap
|
page read and write
|
||
|
2288A865000
|
heap
|
page read and write
|
||
|
274D8400000
|
heap
|
page read and write
|
||
|
18ADE6CA000
|
heap
|
page read and write
|
||
|
1BB99DB1000
|
heap
|
page read and write
|
||
|
155D9200000
|
heap
|
page read and write
|
||
|
2288A860000
|
heap
|
page read and write
|
||
|
6BB000
|
heap
|
page read and write
|
||
|
274D2C00000
|
heap
|
page read and write
|
||
|
166E9C00000
|
heap
|
page read and write
|
||
|
274D8455000
|
heap
|
page read and write
|
||
|
4C09EFF000
|
stack
|
page read and write
|
||
|
2288A84F000
|
heap
|
page read and write
|
||
|
29F94102000
|
heap
|
page read and write
|
||
|
702000
|
heap
|
page read and write
|
||
|
155D8DAF000
|
heap
|
page read and write
|
||
|
75E000
|
heap
|
page read and write
|
||
|
166E9A10000
|
heap
|
page read and write
|
||
|
274D2CFD000
|
heap
|
page read and write
|
||
|
37A0000
|
trusted library allocation
|
page read and write
|
||
|
155D8D9F000
|
heap
|
page read and write
|
||
|
155D9202000
|
heap
|
page read and write
|
||
|
1FD63868000
|
heap
|
page read and write
|
||
|
155D8D83000
|
heap
|
page read and write
|
||
|
155D8D8B000
|
heap
|
page read and write
|
||
|
29B0478000
|
stack
|
page read and write
|
||
|
274D3558000
|
heap
|
page read and write
|
||
|
1FD76275000
|
heap
|
page read and write
|
||
|
DE6959E000
|
stack
|
page read and write
|
||
|
274D2D02000
|
heap
|
page read and write
|
||
|
155D8DA2000
|
heap
|
page read and write
|
||
|
B47BE7B000
|
stack
|
page read and write
|
||
|
2288A86A000
|
heap
|
page read and write
|
||
|
1FD7602E000
|
heap
|
page read and write
|
||
|
155D8413000
|
heap
|
page read and write
|
||
|
E078FE000
|
stack
|
page read and write
|
||
|
274D8320000
|
trusted library allocation
|
page read and write
|
||
|
274D2B00000
|
heap
|
page read and write
|
||
|
274D8290000
|
trusted library allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
188A0E55000
|
heap
|
page read and write
|
||
|
1BB9AC60000
|
trusted library allocation
|
page read and write
|
||
|
46EBD1E000
|
stack
|
page read and write
|
||
|
274D2C13000
|
heap
|
page read and write
|
||
|
530F279000
|
stack
|
page read and write
|
||
|
1FD76020000
|
heap
|
page read and write
|
||
|
C36000
|
heap
|
page read and write
|
||
|
1FD63902000
|
heap
|
page read and write
|
||
|
155D8D8F000
|
heap
|
page read and write
|
||
|
29F93F40000
|
heap
|
page read and write
|
||
|
2EB2D7C000
|
stack
|
page read and write
|
||
|
274D81C0000
|
trusted library allocation
|
page read and write
|
||
|
E0752B000
|
stack
|
page read and write
|
||
|
155D8513000
|
heap
|
page read and write
|
||
|
20C66430000
|
heap
|
page read and write
|
||
|
74D000
|
heap
|
page read and write
|
||
|
2288A847000
|
heap
|
page read and write
|
||
|
20C66590000
|
trusted library allocation
|
page read and write
|
||
|
274D3513000
|
heap
|
page read and write
|
||
|
155D8DA2000
|
heap
|
page read and write
|
||
|
155D8D94000
|
heap
|
page read and write
|
||
|
274D8630000
|
trusted library allocation
|
page read and write
|
||
|
1BB9A039000
|
heap
|
page read and write
|
||
|
29F94050000
|
heap
|
page read and write
|
||
|
155D8C02000
|
heap
|
page read and write
|
||
|
274D8290000
|
trusted library allocation
|
page read and write
|
||
|
29F93EE0000
|
heap
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
1FD63813000
|
heap
|
page read and write
|
||
|
274D3500000
|
heap
|
page read and write
|
||
|
274D2CAB000
|
heap
|
page read and write
|
||
|
29F93F70000
|
trusted library allocation
|
page read and write
|
||
|
18ADE540000
|
heap
|
page read and write
|
||
|
1D002453000
|
heap
|
page read and write
|
||
|
155D8D15000
|
heap
|
page read and write
|
||
|
29F94054000
|
heap
|
page read and write
|
||
|
6DC84000
|
unkown
|
page readonly
|
||
|
18ADE600000
|
heap
|
page read and write
|
||
|
155D8DB1000
|
heap
|
page read and write
|
||
|
155D84AB000
|
heap
|
page read and write
|
||
|
188A0E81000
|
heap
|
page read and write
|
||
|
2288A868000
|
heap
|
page read and write
|
||
|
2288A846000
|
heap
|
page read and write
|
||
|
2288A7B0000
|
trusted library allocation
|
page read and write
|
||
|
6462379000
|
stack
|
page read and write
|
||
|
5A30000
|
trusted library allocation
|
page read and write
|
||
|
2288A813000
|
heap
|
page read and write
|
||
|
274D2C9E000
|
heap
|
page read and write
|
||
|
2288A841000
|
heap
|
page read and write
|
||
|
1D00244E000
|
heap
|
page read and write
|
||
|
1FD76024000
|
heap
|
page read and write
|
||
|
530F37C000
|
stack
|
page read and write
|
||
|
20C66700000
|
heap
|
page read and write
|
||
|
155D8D8F000
|
heap
|
page read and write
|
||
|
1FD6383E000
|
heap
|
page read and write
|
||
|
29F94108000
|
heap
|
page read and write
|
||
|
D3E37FE000
|
stack
|
page read and write
|
||
|
274D2CA6000
|
heap
|
page read and write
|
||
|
46EC27B000
|
stack
|
page read and write
|
||
|
18ADE613000
|
heap
|
page read and write
|
||
|
6D4000
|
heap
|
page read and write
|
||
|
155D8DC5000
|
heap
|
page read and write
|
||
|
274D81E0000
|
trusted library allocation
|
page read and write
|
||
|
2713B302000
|
heap
|
page read and write
|
||
|
6F2000
|
heap
|
page read and write
|
||
|
188A0E48000
|
heap
|
page read and write
|
||
|
155D8DA0000
|
heap
|
page read and write
|
||
|
18ADE665000
|
heap
|
page read and write
|
||
|
20C66629000
|
heap
|
page read and write
|
||
|
2EB2A7B000
|
stack
|
page read and write
|
||
|
4C09BFC000
|
stack
|
page read and write
|
||
|
2288B002000
|
trusted library allocation
|
page read and write
|
||
|
155D8D9F000
|
heap
|
page read and write
|
||
|
188A0E49000
|
heap
|
page read and write
|
||
|
1D00248C000
|
heap
|
page read and write
|
||
|
2288A87C000
|
heap
|
page read and write
|
||
|
1FD76044000
|
heap
|
page read and write
|
||
|
20C66655000
|
heap
|
page read and write
|
||
|
29F94048000
|
heap
|
page read and write
|
||
|
155D9219000
|
heap
|
page read and write
|
||
|
155D8516000
|
heap
|
page read and write
|
||
|
155D8D8B000
|
heap
|
page read and write
|
||
|
709000
|
heap
|
page read and write
|
||
|
2713B276000
|
heap
|
page read and write
|
||
|
2288A83D000
|
heap
|
page read and write
|
||
|
155D84CC000
|
heap
|
page read and write
|
||
|
155D8D8D000
|
heap
|
page read and write
|
||
|
2288A82D000
|
heap
|
page read and write
|
||
|
274D81E1000
|
trusted library allocation
|
page read and write
|
||
|
1D0023B0000
|
trusted library allocation
|
page read and write
|
||
|
274D84EB000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
2713B229000
|
heap
|
page read and write
|
||
|
DE6951E000
|
stack
|
page read and write
|
||
|
274D8320000
|
remote allocation
|
page read and write
|
||
|
155D847D000
|
heap
|
page read and write
|
||
|
1D00243C000
|
heap
|
page read and write
|
||
|
274D3559000
|
heap
|
page read and write
|
||
|
155D8DA2000
|
heap
|
page read and write
|
||
|
155D8D7E000
|
heap
|
page read and write
|
||
|
BF8D37E000
|
stack
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
155D8D8D000
|
heap
|
page read and write
|
||
|
155D8448000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
6DC80000
|
unkown
|
page readonly
|
||
|
155D8DB4000
|
heap
|
page read and write
|
||
|
274D2D14000
|
heap
|
page read and write
|
||
|
76C000
|
heap
|
page read and write
|
||
|
274D2CA9000
|
heap
|
page read and write
|
||
|
6E5000
|
heap
|
page read and write
|
||
|
274D2D07000
|
heap
|
page read and write
|
||
|
20C6664B000
|
heap
|
page read and write
|
||
|
29B0577000
|
stack
|
page read and write
|
||
|
274D8204000
|
trusted library allocation
|
page read and write
|
||
|
75D000
|
heap
|
page read and write
|
||
|
1FD63880000
|
heap
|
page read and write
|
||
|
188A0E71000
|
heap
|
page read and write
|
||
|
166E9C25000
|
heap
|
page read and write
|
||
|
737000
|
heap
|
page read and write
|
||
|
1D002500000
|
heap
|
page read and write
|
||
|
2EB25FF000
|
stack
|
page read and write
|
||
|
155D8340000
|
heap
|
page read and write
|
||
|
DE69B77000
|
stack
|
page read and write
|
||
|
188A0E00000
|
heap
|
page read and write
|
||
|
2288A878000
|
heap
|
page read and write
|
||
|
155D8D9E000
|
heap
|
page read and write
|
||
|
188A0E8C000
|
heap
|
page read and write
|
||
|
2288A840000
|
heap
|
page read and write
|
||
|
D3E34F7000
|
stack
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
B47BD7B000
|
stack
|
page read and write
|
||
|
1BB99FB0000
|
trusted library allocation
|
page read and write
|
||
|
20C6664F000
|
heap
|
page read and write
|
||
|
46EC47F000
|
stack
|
page read and write
|
||
|
B47BA7C000
|
stack
|
page read and write
|
||
|
155D8DAF000
|
heap
|
page read and write
|
||
|
155D8DA1000
|
heap
|
page read and write
|
||
|
20C66613000
|
heap
|
page read and write
|
||
|
1FD63879000
|
heap
|
page read and write
|
||
|
166E9C02000
|
heap
|
page read and write
|
||
|
2288A845000
|
heap
|
page read and write
|
||
|
2713B213000
|
heap
|
page read and write
|
||
|
18ADE6B9000
|
heap
|
page read and write
|
||
|
1FD63828000
|
heap
|
page read and write
|
||
|
764000
|
heap
|
page read and write
|
||
|
166EA1A0000
|
remote allocation
|
page read and write
|
||
|
46EC377000
|
stack
|
page read and write
|
||
|
20C66670000
|
heap
|
page read and write
|
||
|
1BB9A020000
|
trusted library allocation
|
page read and write
|
||
|
188A0E29000
|
heap
|
page read and write
|
||
|
1FD76021000
|
heap
|
page read and write
|
||
|
155D83A0000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
274D8200000
|
trusted library allocation
|
page read and write
|
||
|
DE6949B000
|
stack
|
page read and write
|
||
|
1FD63913000
|
heap
|
page read and write
|
||
|
BF8D57F000
|
stack
|
page read and write
|
||
|
6462479000
|
stack
|
page read and write
|
||
|
274D2C9E000
|
heap
|
page read and write
|
||
|
274D33F0000
|
trusted library allocation
|
page read and write
|
||
|
29F94070000
|
heap
|
page read and write
|
||
|
3280000
|
trusted library allocation
|
page read and write
|
||
|
230E000
|
stack
|
page read and write
|
||
|
155D8D8A000
|
heap
|
page read and write
|
||
|
74B000
|
heap
|
page read and write
|
||
|
6F7000
|
heap
|
page read and write
|
||
|
D3E3EF9000
|
stack
|
page read and write
|
||
|
274D8461000
|
heap
|
page read and write
|
||
|
155D8DA0000
|
heap
|
page read and write
|
||
|
A8494FF000
|
stack
|
page read and write
|
||
|
D0D76FE000
|
stack
|
page read and write
|
||
|
155D8DB6000
|
heap
|
page read and write
|
||
|
1D00244C000
|
heap
|
page read and write
|
||
|
64623FE000
|
stack
|
page read and write
|
||
|
2344000
|
heap
|
page read and write
|
||
|
1BB9A035000
|
heap
|
page read and write
|
||
|
2288A83A000
|
heap
|
page read and write
|
||
|
299F000
|
trusted library allocation
|
page read and write
|
||
|
1D002402000
|
heap
|
page read and write
|
||
|
E07A7E000
|
stack
|
page read and write
|
||
|
B47C07E000
|
stack
|
page read and write
|
||
|
274D8476000
|
heap
|
page read and write
|
||
|
1FD76016000
|
heap
|
page read and write
|
||
|
2288A84E000
|
heap
|
page read and write
|
||
|
274D2C8C000
|
heap
|
page read and write
|
||
|
20C66600000
|
heap
|
page read and write
|
||
|
20C66681000
|
heap
|
page read and write
|
||
|
155D9221000
|
heap
|
page read and write
|
||
|
2288A844000
|
heap
|
page read and write
|
||
|
29F93ED0000
|
heap
|
page read and write
|
||
|
29B0679000
|
stack
|
page read and write
|
||
|
166E9C13000
|
heap
|
page read and write
|
||
|
758000
|
heap
|
page read and write
|
||
|
2EB2B77000
|
stack
|
page read and write
|
||
|
452000
|
unkown
|
page readonly
|
||
|
155D8D85000
|
heap
|
page read and write
|
||
|
20C66E02000
|
trusted library allocation
|
page read and write
|
||
|
2288A84B000
|
heap
|
page read and write
|
||
|
2288A864000
|
heap
|
page read and write
|
||
|
155D8DAE000
|
heap
|
page read and write
|
||
|
274D8449000
|
heap
|
page read and write
|
||
|
2340000
|
heap
|
page read and write
|
||
|
746000
|
heap
|
page read and write
|
||
|
1D002429000
|
heap
|
page read and write
|
||
|
155D8D8C000
|
heap
|
page read and write
|
||
|
46EBD9D000
|
stack
|
page read and write
|
||
|
6DC86000
|
unkown
|
page readonly
|
||
|
762000
|
heap
|
page read and write
|
||
|
1BB99F50000
|
heap
|
page read and write
|
||
|
1FD76021000
|
heap
|
page read and write
|
||
|
1D002413000
|
heap
|
page read and write
|
||
|
530F0FF000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
155D8D8B000
|
heap
|
page read and write
|
||
|
29F94047000
|
heap
|
page read and write
|
||
|
274D84F6000
|
heap
|
page read and write
|
||
|
3790000
|
trusted library allocation
|
page read and write
|
||
|
1FD7602E000
|
heap
|
page read and write
|
||
|
29F94802000
|
trusted library allocation
|
page read and write
|
||
|
155D9202000
|
heap
|
page read and write
|
||
|
274D2C6F000
|
heap
|
page read and write
|
||
|
1D002320000
|
heap
|
page read and write
|
||
|
155D9203000
|
heap
|
page read and write
|
||
|
462000
|
unkown
|
page readonly
|
||
|
18ADE6E2000
|
heap
|
page read and write
|
||
|
155D8BC0000
|
remote allocation
|
page read and write
|
||
|
E079FC000
|
stack
|
page read and write
|
||
|
155D84B5000
|
heap
|
page read and write
|
||
|
274D81F0000
|
trusted library allocation
|
page read and write
|
||
|
2EB257B000
|
stack
|
page read and write
|
||
|
1D002C02000
|
trusted library allocation
|
page read and write
|
||
|
188A0F08000
|
heap
|
page read and write
|
||
|
155D8D13000
|
heap
|
page read and write
|
||
|
274D81E4000
|
trusted library allocation
|
page read and write
|
||
|
1D002480000
|
heap
|
page read and write
|
||
|
29B077F000
|
stack
|
page read and write
|
||
|
3680000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page read and write
|
||
|
D3E30CB000
|
stack
|
page read and write
|
||
|
155D8D9C000
|
heap
|
page read and write
|
||
|
D0D74FE000
|
stack
|
page read and write
|
||
|
155D8508000
|
heap
|
page read and write
|
||
|
DE69E7F000
|
stack
|
page read and write
|
||
|
274D8478000
|
heap
|
page read and write
|
||
|
274D2CA6000
|
heap
|
page read and write
|
||
|
46EBC9B000
|
stack
|
page read and write
|
||
|
DE69A7B000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
155D8D74000
|
heap
|
page read and write
|
||
|
4D2F000
|
stack
|
page read and write
|
||
|
385C000
|
stack
|
page read and write
|
||
|
155D8D9F000
|
heap
|
page read and write
|
||
|
188A0E13000
|
heap
|
page read and write
|
||
|
1FD63900000
|
heap
|
page read and write
|
||
|
29F9404C000
|
heap
|
page read and write
|
||
|
A84977B000
|
stack
|
page read and write
|
||
|
1FD75FD0000
|
heap
|
page read and write
|
||
|
18ADE644000
|
heap
|
page read and write
|
||
|
274D82F0000
|
trusted library allocation
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
188A0D40000
|
heap
|
page read and write
|
||
|
761000
|
heap
|
page read and write
|
||
|
155D8D7F000
|
heap
|
page read and write
|
||
|
274D2C8A000
|
heap
|
page read and write
|
||
|
BF8CC7B000
|
stack
|
page read and write
|
||
|
155D8D9F000
|
heap
|
page read and write
|
||
|
18ADE66F000
|
heap
|
page read and write
|
||
|
155D8DA2000
|
heap
|
page read and write
|
||
|
462000
|
unkown
|
page readonly
|
||
|
2713B255000
|
heap
|
page read and write
|
||
|
155D84C5000
|
heap
|
page read and write
|
||
|
155D8DB5000
|
heap
|
page read and write
|
||
|
1FD636F0000
|
heap
|
page read and write
|
||
|
155D8D7E000
|
heap
|
page read and write
|
||
|
4C098FE000
|
stack
|
page read and write
|
||
|
29F94113000
|
heap
|
page read and write
|
||
|
1FD75EA0000
|
heap
|
page read and write
|
||
|
4C0000
|
trusted library allocation
|
page read and write
|
||
|
274D849A000
|
heap
|
page read and write
|
||
|
1D002487000
|
heap
|
page read and write
|
||
|
155D8D83000
|
heap
|
page read and write
|
||
|
2713B23D000
|
heap
|
page read and write
|
||
|
274D4001000
|
trusted library allocation
|
page read and write
|
||
|
762000
|
heap
|
page read and write
|
||
|
2288A830000
|
heap
|
page read and write
|
||
|
A84997F000
|
stack
|
page read and write
|
||
|
1FD76022000
|
heap
|
page read and write
|
||
|
2288A842000
|
heap
|
page read and write
|
||
|
1FD76011000
|
heap
|
page read and write
|
||
|
18ADE713000
|
heap
|
page read and write
|
||
|
166E9BE0000
|
trusted library allocation
|
page read and write
|
||
|
1BB99CE0000
|
heap
|
page read and write
|
||
|
274D8610000
|
trusted library allocation
|
page read and write
|
||
|
155D8DDD000
|
heap
|
page read and write
|
||
|
18ADE702000
|
heap
|
page read and write
|
||
|
274D8030000
|
trusted library allocation
|
page read and write
|
||
|
155D8D86000
|
heap
|
page read and write
|
||
|
155D8DA5000
|
heap
|
page read and write
|
||
|
274D2B90000
|
trusted library allocation
|
page read and write
|
||
|
155D8D8F000
|
heap
|
page read and write
|
||
|
18ADEE02000
|
heap
|
page read and write
|
||
|
BF8D27E000
|
stack
|
page read and write
|
||
|
155D8DA2000
|
heap
|
page read and write
|
||
|
155D844C000
|
heap
|
page read and write
|
||
|
1BB99DD1000
|
heap
|
page read and write
|
||
|
188A0E51000
|
heap
|
page read and write
|
||
|
688000
|
heap
|
page read and write
|
||
|
B47BF7F000
|
stack
|
page read and write
|
||
|
1BB9A9F0000
|
trusted library allocation
|
page read and write
|
||
|
1D002447000
|
heap
|
page read and write
|
||
|
74D000
|
heap
|
page read and write
|
||
|
6DC81000
|
unkown
|
page execute read
|
||
|
274D8200000
|
trusted library allocation
|
page read and write
|
||
|
188A0F00000
|
heap
|
page read and write
|
||
|
188A0E4D000
|
heap
|
page read and write
|
||
|
274D8320000
|
remote allocation
|
page read and write
|
||
|
530F2FF000
|
stack
|
page read and write
|
||
|
1FD76100000
|
heap
|
page read and write
|
||
|
155D8D9F000
|
heap
|
page read and write
|
||
|
274D2D02000
|
heap
|
page read and write
|
||
|
1BB99DA9000
|
heap
|
page read and write
|
||
|
274D843C000
|
heap
|
page read and write
|
||
|
1FD63750000
|
heap
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
274D2C29000
|
heap
|
page read and write
|
||
|
18ADE667000
|
heap
|
page read and write
|
||
|
1BB9AC40000
|
heap
|
page readonly
|
||
|
274D3518000
|
heap
|
page read and write
|
||
|
155D8DAE000
|
heap
|
page read and write
|
||
|
274D8020000
|
trusted library allocation
|
page read and write
|
||
|
20C66652000
|
heap
|
page read and write
|
||
|
2288A839000
|
heap
|
page read and write
|
||
|
274D3BE0000
|
trusted library allocation
|
page read and write
|
||
|
166E9C57000
|
heap
|
page read and write
|
||
|
D3E3DFC000
|
stack
|
page read and write
|
||
|
155D8DAE000
|
heap
|
page read and write
|
||
|
2288A82E000
|
heap
|
page read and write
|
||
|
29F94000000
|
heap
|
page read and write
|
||
|
274D8502000
|
heap
|
page read and write
|
||
|
29F94100000
|
heap
|
page read and write
|
||
|
1BB99FC0000
|
trusted library allocation
|
page read and write
|
||
|
1FD63800000
|
heap
|
page read and write
|
||
|
2288A862000
|
heap
|
page read and write
|
||
|
2288A829000
|
heap
|
page read and write
|
||
|
29AFE8B000
|
stack
|
page read and write
|
||
|
20C66649000
|
heap
|
page read and write
|
||
|
2288A863000
|
heap
|
page read and write
|
||
|
166E99A0000
|
heap
|
page read and write
|
||
|
29AFF0F000
|
stack
|
page read and write
|
||
|
274D81C0000
|
trusted library allocation
|
page read and write
|
||
|
73B000
|
heap
|
page read and write
|
||
|
155D8502000
|
heap
|
page read and write
|
||
|
274D2B60000
|
heap
|
page read and write
|
||
|
155D8D53000
|
heap
|
page read and write
|
||
|
1FD76042000
|
heap
|
page read and write
|
||
|
6461EBC000
|
stack
|
page read and write
|
||
|
155D8D9F000
|
heap
|
page read and write
|
||
|
155D8D9F000
|
heap
|
page read and write
|
||
|
1FD63780000
|
trusted library allocation
|
page read and write
|
||
|
155D8400000
|
heap
|
page read and write
|
||
|
29B08FE000
|
unkown
|
page read and write
|
||
|
18ADEF00000
|
heap
|
page read and write
|
||
|
2713B060000
|
heap
|
page read and write
|
||
|
1D00247E000
|
heap
|
page read and write
|
||
|
228C000
|
stack
|
page read and write
|
||
|
1BB99DB1000
|
heap
|
page read and write
|
||
|
274D82A0000
|
trusted library allocation
|
page read and write
|
||
|
155D8D8B000
|
heap
|
page read and write
|
||
|
155D84F1000
|
heap
|
page read and write
|
||
|
155D8D83000
|
heap
|
page read and write
|
||
|
1FD7602E000
|
heap
|
page read and write
|
||
|
188A0E3C000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
274D4020000
|
trusted library allocation
|
page read and write
|
||
|
2288A876000
|
heap
|
page read and write
|
||
|
2288A849000
|
heap
|
page read and write
|
||
|
155D9202000
|
heap
|
page read and write
|
||
|
274D3504000
|
heap
|
page read and write
|
||
|
E07DFD000
|
stack
|
page read and write
|
||
|
758000
|
heap
|
page read and write
|
||
|
4E60000
|
trusted library allocation
|
page read and write
|
||
|
155D8DA2000
|
heap
|
page read and write
|
||
|
18ADE5D0000
|
trusted library allocation
|
page read and write
|
||
|
4E6E000
|
trusted library allocation
|
page read and write
|
||
|
155D9202000
|
heap
|
page read and write
|
||
|
1BB9AC30000
|
trusted library allocation
|
page read and write
|
||
|
D3E36FA000
|
stack
|
page read and write
|
||
|
2713BA02000
|
trusted library allocation
|
page read and write
|
||
|
1D002451000
|
heap
|
page read and write
|
||
|
4E70000
|
trusted library allocation
|
page read and write
|
||
|
4C09CFE000
|
stack
|
page read and write
|
||
|
46EC17F000
|
stack
|
page read and write
|
||
|
274D80A0000
|
trusted library allocation
|
page read and write
|
||
|
155D8D72000
|
heap
|
page read and write
|
||
|
BF8D07E000
|
stack
|
page read and write
|
||
|
E07CFE000
|
stack
|
page read and write
|
||
|
155D83D0000
|
trusted library allocation
|
page read and write
|
||
|
155D8DA0000
|
heap
|
page read and write
|
||
|
452000
|
unkown
|
page readonly
|
||
|
D0D78FF000
|
stack
|
page read and write
|
||
|
74D000
|
heap
|
page read and write
|
||
|
166E9D02000
|
heap
|
page read and write
|
||
|
1BB9AC50000
|
trusted library allocation
|
page read and write
|
||
|
1D002450000
|
heap
|
page read and write
|
||
|
18ADE530000
|
heap
|
page read and write
|
||
|
155D8D8B000
|
heap
|
page read and write
|
||
|
274D2C58000
|
heap
|
page read and write
|
||
|
4C09AFB000
|
stack
|
page read and write
|
||
|
274D80B0000
|
trusted library allocation
|
page read and write
|
||
|
1FD7602E000
|
heap
|
page read and write
|
||
|
274D33F3000
|
trusted library allocation
|
page read and write
|
||
|
166EA202000
|
trusted library allocation
|
page read and write
|
||
|
1D002448000
|
heap
|
page read and write
|
||
|
288F000
|
stack
|
page read and write
|
||
|
274D2C3E000
|
heap
|
page read and write
|
||
|
4E61000
|
trusted library allocation
|
page read and write
|
||
|
BF8D17D000
|
stack
|
page read and write
|
||
|
6C1000
|
heap
|
page read and write
|
||
|
DE69C7F000
|
stack
|
page read and write
|
||
|
18ADE6C3000
|
heap
|
page read and write
|
||
|
155D84DE000
|
heap
|
page read and write
|
||
|
274D2C74000
|
heap
|
page read and write
|
||
|
155D8D83000
|
heap
|
page read and write
|
||
|
155D8D8D000
|
heap
|
page read and write
|
||
|
274D2C78000
|
heap
|
page read and write
|
||
|
1BB9A030000
|
heap
|
page read and write
|
||
|
BF8CA7B000
|
stack
|
page read and write
|
||
|
155D8471000
|
heap
|
page read and write
|
||
|
274D2AF0000
|
heap
|
page read and write
|
||
|
20C6664C000
|
heap
|
page read and write
|
||
|
20C66708000
|
heap
|
page read and write
|
||
|
155D843C000
|
heap
|
page read and write
|
||
|
155D8D8B000
|
heap
|
page read and write
|
||
|
20C6663C000
|
heap
|
page read and write
|
||
|
29F94029000
|
heap
|
page read and write
|
||
|
D0D79FF000
|
stack
|
page read and write
|
||
|
DE69D7F000
|
stack
|
page read and write
|
||
|
274D8310000
|
trusted library allocation
|
page read and write
|
||
|
155D8BC0000
|
remote allocation
|
page read and write
|
||
|
D3E39FB000
|
stack
|
page read and write
|
||
|
155D8429000
|
heap
|
page read and write
|
||
|
1FD76016000
|
heap
|
page read and write
|
||
|
274D8290000
|
trusted library allocation
|
page read and write
|
||
|
155D8330000
|
heap
|
page read and write
|
||
|
155D8D9F000
|
heap
|
page read and write
|
||
|
274D2CBB000
|
heap
|
page read and write
|
||
|
2EB2C7E000
|
stack
|
page read and write
|
||
|
274D8300000
|
trusted library allocation
|
page read and write
|
||
|
D0D757E000
|
stack
|
page read and write
|
||
|
155D8D7F000
|
heap
|
page read and write
|
||
|
64622F9000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
155D8451000
|
heap
|
page read and write
|
||
|
274D8320000
|
remote allocation
|
page read and write
|
||
|
1FD636E0000
|
heap
|
page read and write
|
||
|
29AFF8E000
|
stack
|
page read and write
|
||
|
2288A848000
|
heap
|
page read and write
|
||
|
274D84FC000
|
heap
|
page read and write
|
||
|
155D8D64000
|
heap
|
page read and write
|
||
|
1D002380000
|
heap
|
page read and write
|
||
|
4C0997B000
|
stack
|
page read and write
|
||
|
155D8450000
|
heap
|
page read and write
|
||
|
2713B200000
|
heap
|
page read and write
|
||
|
4D30000
|
trusted library allocation
|
page read and write
|
||
|
278D000
|
stack
|
page read and write
|
||
|
1FD76270000
|
heap
|
page read and write
|
||
|
D3E314F000
|
stack
|
page read and write
|
||
|
166E9C3D000
|
heap
|
page read and write
|
||
|
274D82E0000
|
trusted library allocation
|
page read and write
|
||
|
20C66713000
|
heap
|
page read and write
|
||
|
4C09DFD000
|
stack
|
page read and write
|
||
|
22C0000
|
heap
|
page read and write
|
||
|
D3E38FD000
|
stack
|
page read and write
|
||
|
274D3415000
|
heap
|
page read and write
|
||
|
188A0E02000
|
heap
|
page read and write
|
||
|
2288A780000
|
heap
|
page read and write
|
||
|
2288A831000
|
heap
|
page read and write
|
||
|
274D3402000
|
heap
|
page read and write
|
||
|
A84957F000
|
stack
|
page read and write
|
||
|
274D84F0000
|
heap
|
page read and write
|
||
|
155D9202000
|
heap
|
page read and write
|
||
|
274D81C8000
|
trusted library allocation
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
166E9C29000
|
heap
|
page read and write
|
||
|
BF8CE7C000
|
stack
|
page read and write
|
||
|
2713B070000
|
heap
|
page read and write
|
||
|
155D84F9000
|
heap
|
page read and write
|
||
|
2713B313000
|
heap
|
page read and write
|
||
|
2713B202000
|
heap
|
page read and write
|
||
|
4C09A7C000
|
stack
|
page read and write
|
||
|
1FD63864000
|
heap
|
page read and write
|
||
|
155D8DB4000
|
heap
|
page read and write
|
||
|
2288A861000
|
heap
|
page read and write
|
||
|
274D82D0000
|
trusted library allocation
|
page read and write
|
||
|
2EB287E000
|
stack
|
page read and write
|
||
|
741000
|
heap
|
page read and write
|
||
|
18ADE5A0000
|
heap
|
page read and write
|
||
|
1FD76000000
|
heap
|
page read and write
|
||
|
46EC57E000
|
stack
|
page read and write
|
||
|
20C66490000
|
heap
|
page read and write
|
||
|
4C097FE000
|
stack
|
page read and write
|
||
|
1BB99D68000
|
heap
|
page read and write
|
||
|
1D002400000
|
heap
|
page read and write
|
||
|
1FD63856000
|
heap
|
page read and write
|
||
|
155D8455000
|
heap
|
page read and write
|
||
|
530F17E000
|
stack
|
page read and write
|
||
|
274D2C9C000
|
heap
|
page read and write
|
||
|
4E70000
|
trusted library allocation
|
page read and write
|
||
|
1FD7602E000
|
heap
|
page read and write
|
||
|
274D8420000
|
heap
|
page read and write
|
||
|
274D8506000
|
heap
|
page read and write
|
||
|
274D81F0000
|
trusted library allocation
|
page read and write
|
||
|
155D8D94000
|
heap
|
page read and write
|
||
|
155D8D78000
|
heap
|
page read and write
|
||
|
18ADE629000
|
heap
|
page read and write
|
||
|
D0D77FE000
|
stack
|
page read and write
|
||
|
C3B000
|
heap
|
page read and write
|
||
|
1BB99DB1000
|
heap
|
page read and write
|
||
|
166E99B0000
|
heap
|
page read and write
|
||
|
155D8D00000
|
heap
|
page read and write
|
||
|
1D002310000
|
heap
|
page read and write
|
||
|
274D3518000
|
heap
|
page read and write
|
||
|
155D8D7F000
|
heap
|
page read and write
|
||
|
188A1602000
|
trusted library allocation
|
page read and write
|
||
|
155D8D8B000
|
heap
|
page read and write
|
||
|
5230000
|
trusted library allocation
|
page read and write
|
||
|
361E000
|
stack
|
page read and write
|
||
|
29B087A000
|
stack
|
page read and write
|
||
|
1FD76021000
|
heap
|
page read and write
|
||
|
2288A710000
|
heap
|
page read and write
|
||
|
2288A800000
|
heap
|
page read and write
|
||
|
D3E40FE000
|
stack
|
page read and write
|
||
|
1D002502000
|
heap
|
page read and write
|
||
|
188A0F13000
|
heap
|
page read and write
|
||
|
155D8DB6000
|
heap
|
page read and write
|
||
|
1BB9A040000
|
trusted library allocation
|
page read and write
|
||
|
155D8D9F000
|
heap
|
page read and write
|
||
|
2288A867000
|
heap
|
page read and write
|
||
|
A849877000
|
stack
|
page read and write
|
||
|
BF8D47F000
|
stack
|
page read and write
|
||
|
29F94013000
|
heap
|
page read and write
|
||
|
155D8D9F000
|
heap
|
page read and write
|
||
|
1BB99F30000
|
heap
|
page read and write
|
||
|
155D8DB1000
|
heap
|
page read and write
|
||
|
274D81CE000
|
trusted library allocation
|
page read and write
|
||
|
29F9403C000
|
heap
|
page read and write
|
||
|
2EB2E7F000
|
stack
|
page read and write
|
||
|
742000
|
heap
|
page read and write
|
||
|
29B037F000
|
stack
|
page read and write
|
||
|
A84947B000
|
stack
|
page read and write
|
||
|
155D9203000
|
heap
|
page read and write
|
||
|
166EA1A0000
|
remote allocation
|
page read and write
|
||
|
1FD63802000
|
heap
|
page read and write
|
||
|
4C0947B000
|
stack
|
page read and write
|
||
|
DE6997E000
|
stack
|
page read and write
|
||
|
188A0CE0000
|
heap
|
page read and write
|
||
|
20C66702000
|
heap
|
page read and write
|
||
|
1D002471000
|
heap
|
page read and write
|
||
|
188A0F02000
|
heap
|
page read and write
|
||
|
1BB99D60000
|
heap
|
page read and write
|
||
|
274D3502000
|
heap
|
page read and write
|
||
|
274D3400000
|
heap
|
page read and write
|
||
|
2713B0D0000
|
heap
|
page read and write
|
||
|
395B000
|
stack
|
page read and write
|
||
|
155D8485000
|
heap
|
page read and write
|
||
|
155D9202000
|
heap
|
page read and write
|
||
|
BF8D67F000
|
stack
|
page read and write
|
||
|
274D2CFD000
|
heap
|
page read and write
|
||
|
155D84E6000
|
heap
|
page read and write
|
||
|
738000
|
heap
|
page read and write
|
||
|
2288A87E000
|
heap
|
page read and write
|
||
|
E07C7E000
|
stack
|
page read and write
|
||
|
426000
|
unkown
|
page read and write
|
||
|
2288A902000
|
heap
|
page read and write
|
||
|
99000
|
stack
|
page read and write
|
||
|
155D8D9E000
|
heap
|
page read and write
|
||
|
1D00244D000
|
heap
|
page read and write
|
||
|
29F94089000
|
heap
|
page read and write
|
||
|
2288A875000
|
heap
|
page read and write
|
||
|
2288A831000
|
heap
|
page read and write
|
||
|
155D8D8B000
|
heap
|
page read and write
|
||
|
155D84AC000
|
heap
|
page read and write
|
||
|
2288A87B000
|
heap
|
page read and write
|
||
|
166E9C23000
|
heap
|
page read and write
|
||
|
155D8D8A000
|
heap
|
page read and write
|
||
|
155D9202000
|
heap
|
page read and write
|
||
|
2713B1D0000
|
trusted library allocation
|
page read and write
|
||
|
BF8CD7F000
|
stack
|
page read and write
|
||
|
1D002513000
|
heap
|
page read and write
|
||
|
2713B25B000
|
heap
|
page read and write
|
||
|
530F1F9000
|
stack
|
page read and write
|
||
|
762000
|
heap
|
page read and write
|
||
|
188A0E7F000
|
heap
|
page read and write
|
||
|
737000
|
heap
|
page read and write
|
||
|
D3E35FC000
|
stack
|
page read and write
|
||
|
155D8D11000
|
heap
|
page read and write
|
||
|
274D8503000
|
heap
|
page read and write
|
||
|
20C66420000
|
heap
|
page read and write
|
||
|
155D8DC6000
|
heap
|
page read and write
|
||
|
20C66676000
|
heap
|
page read and write
|
||
|
274D8410000
|
heap
|
page read and write
|
||
|
1FD64002000
|
trusted library allocation
|
page read and write
|
||
|
155D8D78000
|
heap
|
page read and write
|
||
|
46EC67F000
|
stack
|
page read and write
|
||
|
2890000
|
heap
|
page read and write
|
||
|
155D84F1000
|
heap
|
page read and write
|
||
|
4C0967C000
|
stack
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
166EA1A0000
|
remote allocation
|
page read and write
|
||
|
1BB99CF0000
|
trusted library allocation
|
page read and write
|
||
|
20C66648000
|
heap
|
page read and write
|
||
|
A849A7F000
|
stack
|
page read and write
|
There are 660 hidden memdumps, click here to show them.