Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
triage_dropped_file.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\qcoewlbpwb.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\0vyupr8u8lte8hs
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nspFB82.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tznfsiydnl
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\triage_dropped_file.exe
|
"C:\Users\user\Desktop\triage_dropped_file.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\qcoewlbpwb.exe
|
C:\Users\user\AppData\Local\Temp\qcoewlbpwb.exe C:\Users\user\AppData\Local\Temp\tznfsiydnl
|
|
|
|
C:\Users\user\AppData\Local\Temp\qcoewlbpwb.exe
|
C:\Users\user\AppData\Local\Temp\qcoewlbpwb.exe C:\Users\user\AppData\Local\Temp\tznfsiydnl
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.cortesdisenosroutercnc.com/itq4/
|
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1410000
|
direct allocation
|
page read and write
|
|
|
|
29EB7626000
|
heap
|
page read and write
|
||
|
21212F80000
|
heap
|
page read and write
|
||
|
77C000
|
unkown
|
page read and write
|
||
|
29EB7659000
|
heap
|
page read and write
|
||
|
1D8D969C000
|
heap
|
page read and write
|
||
|
22B0C5C0000
|
heap
|
page read and write
|
||
|
1D8D96AE000
|
heap
|
page read and write
|
||
|
1D8D3E8A000
|
heap
|
page read and write
|
||
|
29EB7700000
|
heap
|
page read and write
|
||
|
EBD000
|
stack
|
page read and write
|
||
|
22B0C5FE000
|
heap
|
page read and write
|
||
|
3E4AC7F000
|
stack
|
page read and write
|
||
|
21213B93000
|
heap
|
page read and write
|
||
|
21213BCF000
|
heap
|
page read and write
|
||
|
1D8D9540000
|
trusted library allocation
|
page read and write
|
||
|
202E5302000
|
heap
|
page read and write
|
||
|
AEF000
|
heap
|
page read and write
|
||
|
1D8D3C40000
|
heap
|
page read and write
|
||
|
28DC89E0000
|
heap
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
16D8D640000
|
heap
|
page read and write
|
||
|
212130ED000
|
heap
|
page read and write
|
||
|
21213B9B000
|
heap
|
page read and write
|
||
|
13D1000
|
unkown
|
page execute read
|
||
|
202E5229000
|
heap
|
page read and write
|
||
|
1D8D96EC000
|
heap
|
page read and write
|
||
|
22B0C62E000
|
heap
|
page read and write
|
||
|
202E5170000
|
heap
|
page read and write
|
||
|
2121303C000
|
heap
|
page read and write
|
||
|
755C8FF000
|
stack
|
page read and write
|
||
|
212130B4000
|
heap
|
page read and write
|
||
|
177B7D70000
|
remote allocation
|
page read and write
|
||
|
21213B92000
|
heap
|
page read and write
|
||
|
5C2BEFE000
|
stack
|
page read and write
|
||
|
202E5C02000
|
heap
|
page read and write
|
||
|
1D8D9400000
|
trusted library allocation
|
page read and write
|
||
|
1D8D96F4000
|
heap
|
page read and write
|
||
|
136E000
|
stack
|
page read and write
|
||
|
28DC8C85000
|
heap
|
page read and write
|
||
|
14FA000
|
heap
|
page read and write
|
||
|
AFA000
|
heap
|
page read and write
|
||
|
132E000
|
stack
|
page read and write
|
||
|
2026E856000
|
heap
|
page read and write
|
||
|
21213116000
|
heap
|
page read and write
|
||
|
13EA000
|
unkown
|
page readonly
|
||
|
1E0CFA02000
|
trusted library allocation
|
page read and write
|
||
|
2026E886000
|
heap
|
page read and write
|
||
|
21213000000
|
heap
|
page read and write
|
||
|
1D8D45D0000
|
trusted library allocation
|
page read and write
|
||
|
7B9000
|
unkown
|
page readonly
|
||
|
13D0000
|
unkown
|
page readonly
|
||
|
755CB7F000
|
stack
|
page read and write
|
||
|
9B7BFFB000
|
stack
|
page read and write
|
||
|
1D8D93EE000
|
trusted library allocation
|
page read and write
|
||
|
21213B7A000
|
heap
|
page read and write
|
||
|
21213B7C000
|
heap
|
page read and write
|
||
|
5C40FFE000
|
stack
|
page read and write
|
||
|
431B3F8000
|
stack
|
page read and write
|
||
|
21213B80000
|
heap
|
page read and write
|
||
|
177B7E58000
|
heap
|
page read and write
|
||
|
21213B7C000
|
heap
|
page read and write
|
||
|
16D8D902000
|
heap
|
page read and write
|
||
|
F44AEFC000
|
stack
|
page read and write
|
||
|
1D8D4718000
|
heap
|
page read and write
|
||
|
ACEFFFF000
|
stack
|
page read and write
|
||
|
21213B85000
|
heap
|
page read and write
|
||
|
AFE000
|
heap
|
page read and write
|
||
|
16D8D832000
|
heap
|
page read and write
|
||
|
9EF000
|
stack
|
page read and write
|
||
|
2026E902000
|
heap
|
page read and write
|
||
|
755CC7C000
|
stack
|
page read and write
|
||
|
29EB7648000
|
heap
|
page read and write
|
||
|
29EB7676000
|
heap
|
page read and write
|
||
|
202A3908000
|
heap
|
page read and write
|
||
|
13EA000
|
unkown
|
page readonly
|
||
|
7A6000
|
unkown
|
page read and write
|
||
|
22B0C612000
|
heap
|
page read and write
|
||
|
22261850000
|
heap
|
page read and write
|
||
|
21213113000
|
heap
|
page read and write
|
||
|
1D8D45E0000
|
trusted library allocation
|
page read and write
|
||
|
21213B80000
|
heap
|
page read and write
|
||
|
16D8D840000
|
heap
|
page read and write
|
||
|
21213088000
|
heap
|
page read and write
|
||
|
29EB9070000
|
trusted library allocation
|
page read and write
|
||
|
21213B99000
|
heap
|
page read and write
|
||
|
22B0C5A0000
|
heap
|
page read and write
|
||
|
1D8D96F6000
|
heap
|
page read and write
|
||
|
29EB763D000
|
heap
|
page read and write
|
||
|
1D8D3D40000
|
trusted library allocation
|
page read and write
|
||
|
16D8D864000
|
heap
|
page read and write
|
||
|
1D8D3D50000
|
trusted library section
|
page read and write
|
||
|
1D8D3E88000
|
heap
|
page read and write
|
||
|
3E4A57B000
|
stack
|
page read and write
|
||
|
1D8D9660000
|
heap
|
page read and write
|
||
|
8CE000
|
stack
|
page read and write
|
||
|
1D8D3BE0000
|
heap
|
page read and write
|
||
|
177B7E25000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
16D8D865000
|
heap
|
page read and write
|
||
|
F44AFFE000
|
stack
|
page read and write
|
||
|
22B0C601000
|
heap
|
page read and write
|
||
|
1D8D3F13000
|
heap
|
page read and write
|
||
|
755C57A000
|
stack
|
page read and write
|
||
|
13F0000
|
unkown
|
page write copy
|
||
|
A7CB19A000
|
stack
|
page read and write
|
||
|
13F4000
|
unkown
|
page readonly
|
||
|
432767E000
|
stack
|
page read and write
|
||
|
13D0000
|
unkown
|
page readonly
|
||
|
21213B8E000
|
heap
|
page read and write
|
||
|
1D8D9540000
|
remote allocation
|
page read and write
|
||
|
1D8D3E9C000
|
heap
|
page read and write
|
||
|
E8ECA9B000
|
stack
|
page read and write
|
||
|
1E0CF279000
|
heap
|
page read and write
|
||
|
2026E802000
|
heap
|
page read and write
|
||
|
1D8D9410000
|
trusted library allocation
|
page read and write
|
||
|
14B0000
|
heap
|
page read and write
|
||
|
ACF00FD000
|
stack
|
page read and write
|
||
|
202E5285000
|
heap
|
page read and write
|
||
|
16D8D86C000
|
heap
|
page read and write
|
||
|
22B0C629000
|
heap
|
page read and write
|
||
|
22262202000
|
trusted library allocation
|
page read and write
|
||
|
ACEFA7B000
|
stack
|
page read and write
|
||
|
22B0C540000
|
heap
|
page read and write
|
||
|
2026E829000
|
heap
|
page read and write
|
||
|
2026E7C0000
|
trusted library allocation
|
page read and write
|
||
|
22B0C845000
|
heap
|
page read and write
|
||
|
13CE000
|
stack
|
page read and write
|
||
|
1D8D963E000
|
heap
|
page read and write
|
||
|
755BF2B000
|
stack
|
page read and write
|
||
|
22261A00000
|
heap
|
page read and write
|
||
|
202A3827000
|
heap
|
page read and write
|
||
|
1D8D4602000
|
heap
|
page read and write
|
||
|
16D8D85A000
|
heap
|
page read and write
|
||
|
1D8D3E3F000
|
heap
|
page read and write
|
||
|
202E5100000
|
heap
|
page read and write
|
||
|
1D8D4700000
|
heap
|
page read and write
|
||
|
16D8D842000
|
heap
|
page read and write
|
||
|
2026E86F000
|
heap
|
page read and write
|
||
|
1D8D45B1000
|
trusted library allocation
|
page read and write
|
||
|
1D8D9520000
|
trusted library allocation
|
page read and write
|
||
|
22B0C616000
|
heap
|
page read and write
|
||
|
1D8D4ED0000
|
trusted library section
|
page readonly
|
||
|
AFA000
|
heap
|
page read and write
|
||
|
E8ED37E000
|
stack
|
page read and write
|
||
|
16D8D833000
|
heap
|
page read and write
|
||
|
29EB7613000
|
heap
|
page read and write
|
||
|
21213062000
|
heap
|
page read and write
|
||
|
21213B8F000
|
heap
|
page read and write
|
||
|
28DC8D02000
|
heap
|
page read and write
|
||
|
21214002000
|
heap
|
page read and write
|
||
|
4FD9FFD000
|
stack
|
page read and write
|
||
|
13D0000
|
unkown
|
page readonly
|
||
|
22B0C62F000
|
heap
|
page read and write
|
||
|
21213B91000
|
heap
|
page read and write
|
||
|
21213BC3000
|
heap
|
page read and write
|
||
|
21213067000
|
heap
|
page read and write
|
||
|
5C2B73B000
|
stack
|
page read and write
|
||
|
202A3861000
|
heap
|
page read and write
|
||
|
29EB7520000
|
heap
|
page read and write
|
||
|
21213052000
|
heap
|
page read and write
|
||
|
13F4000
|
unkown
|
page readonly
|
||
|
755C77A000
|
stack
|
page read and write
|
||
|
1D8D3E91000
|
heap
|
page read and write
|
||
|
13EA000
|
unkown
|
page readonly
|
||
|
202A3800000
|
heap
|
page read and write
|
||
|
16D8D7A0000
|
trusted library allocation
|
page read and write
|
||
|
E8ECB9E000
|
stack
|
page read and write
|
||
|
1E0CF268000
|
heap
|
page read and write
|
||
|
21213BA2000
|
heap
|
page read and write
|
||
|
18EE000
|
stack
|
page read and write
|
||
|
21213B60000
|
heap
|
page read and write
|
||
|
212130A3000
|
heap
|
page read and write
|
||
|
1D8D9410000
|
trusted library allocation
|
page read and write
|
||
|
22261A83000
|
heap
|
page read and write
|
||
|
E8ED07E000
|
stack
|
page read and write
|
||
|
2121305A000
|
heap
|
page read and write
|
||
|
CFE000
|
stack
|
page read and write
|
||
|
22B0C617000
|
heap
|
page read and write
|
||
|
21214002000
|
heap
|
page read and write
|
||
|
13D0000
|
unkown
|
page readonly
|
||
|
13D1000
|
unkown
|
page execute read
|
||
|
1D8D9401000
|
trusted library allocation
|
page read and write
|
||
|
1D8D3F02000
|
heap
|
page read and write
|
||
|
786000
|
unkown
|
page read and write
|
||
|
16D8D844000
|
heap
|
page read and write
|
||
|
A7CB47E000
|
stack
|
page read and write
|
||
|
29EB90B0000
|
trusted library allocation
|
page read and write
|
||
|
1E0000
|
remote allocation
|
page read and write
|
||
|
A7CB5FD000
|
stack
|
page read and write
|
||
|
16D8D87A000
|
heap
|
page read and write
|
||
|
21213065000
|
heap
|
page read and write
|
||
|
4326FFC000
|
stack
|
page read and write
|
||
|
16D8D885000
|
heap
|
page read and write
|
||
|
F44B1FC000
|
stack
|
page read and write
|
||
|
16D8D868000
|
heap
|
page read and write
|
||
|
212130EF000
|
heap
|
page read and write
|
||
|
21213BAC000
|
heap
|
page read and write
|
||
|
202E528A000
|
heap
|
page read and write
|
||
|
1E0CF300000
|
heap
|
page read and write
|
||
|
28DC8C00000
|
heap
|
page read and write
|
||
|
4326BBB000
|
stack
|
page read and write
|
||
|
222617F0000
|
heap
|
page read and write
|
||
|
202A3853000
|
heap
|
page read and write
|
||
|
1E0CF020000
|
heap
|
page read and write
|
||
|
E8ECFFB000
|
stack
|
page read and write
|
||
|
29EB9130000
|
remote allocation
|
page read and write
|
||
|
1D8D9510000
|
trusted library allocation
|
page read and write
|
||
|
177B8602000
|
trusted library allocation
|
page read and write
|
||
|
16D8D857000
|
heap
|
page read and write
|
||
|
3E4AB7F000
|
stack
|
page read and write
|
||
|
1D8D4759000
|
heap
|
page read and write
|
||
|
16D8D85C000
|
heap
|
page read and write
|
||
|
1E0CF302000
|
heap
|
page read and write
|
||
|
755C47A000
|
stack
|
page read and write
|
||
|
1E0CF030000
|
heap
|
page read and write
|
||
|
1D8D4718000
|
heap
|
page read and write
|
||
|
5C2BA7E000
|
stack
|
page read and write
|
||
|
13F0000
|
unkown
|
page read and write
|
||
|
2121305F000
|
heap
|
page read and write
|
||
|
21213B91000
|
heap
|
page read and write
|
||
|
21213B7F000
|
heap
|
page read and write
|
||
|
202A3864000
|
heap
|
page read and write
|
||
|
1D8D3E13000
|
heap
|
page read and write
|
||
|
13D1000
|
unkown
|
page execute read
|
||
|
5C40DFE000
|
stack
|
page read and write
|
||
|
16D8D87C000
|
heap
|
page read and write
|
||
|
21213013000
|
heap
|
page read and write
|
||
|
28DC8D13000
|
heap
|
page read and write
|
||
|
21213B19000
|
heap
|
page read and write
|
||
|
22B0C606000
|
heap
|
page read and write
|
||
|
17EE000
|
stack
|
page read and write
|
||
|
177B7D70000
|
remote allocation
|
page read and write
|
||
|
177B7C40000
|
heap
|
page read and write
|
||
|
43272FC000
|
stack
|
page read and write
|
||
|
ACEFB7E000
|
stack
|
page read and write
|
||
|
2670000
|
heap
|
page read and write
|
||
|
13D1000
|
unkown
|
page execute read
|
||
|
13F0000
|
unkown
|
page write copy
|
||
|
22B0C614000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
29EB7702000
|
heap
|
page read and write
|
||
|
16D8D846000
|
heap
|
page read and write
|
||
|
1D8D964B000
|
heap
|
page read and write
|
||
|
29EB7580000
|
heap
|
page read and write
|
||
|
29EB7602000
|
heap
|
page read and write
|
||
|
21213BC6000
|
heap
|
page read and write
|
||
|
21214002000
|
heap
|
page read and write
|
||
|
1D8D96F0000
|
heap
|
page read and write
|
||
|
21213B60000
|
heap
|
page read and write
|
||
|
177B7BD0000
|
heap
|
page read and write
|
||
|
21213BA2000
|
heap
|
page read and write
|
||
|
16D8D87B000
|
heap
|
page read and write
|
||
|
1E0000
|
remote allocation
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
4FDA27D000
|
stack
|
page read and write
|
||
|
29EB7718000
|
heap
|
page read and write
|
||
|
431AFFE000
|
stack
|
page read and write
|
||
|
29EB9130000
|
remote allocation
|
page read and write
|
||
|
21213B61000
|
heap
|
page read and write
|
||
|
21213064000
|
heap
|
page read and write
|
||
|
14F0000
|
heap
|
page read and write
|
||
|
28DC8C4B000
|
heap
|
page read and write
|
||
|
1D8D4F00000
|
trusted library section
|
page readonly
|
||
|
16D8D847000
|
heap
|
page read and write
|
||
|
16D8D829000
|
heap
|
page read and write
|
||
|
40C000
|
unkown
|
page read and write
|
||
|
5C40EFB000
|
stack
|
page read and write
|
||
|
AC8000
|
heap
|
page read and write
|
||
|
21213880000
|
trusted library allocation
|
page read and write
|
||
|
212130C9000
|
heap
|
page read and write
|
||
|
755C87B000
|
stack
|
page read and write
|
||
|
1D8D9600000
|
heap
|
page read and write
|
||
|
A7CB4FE000
|
stack
|
page read and write
|
||
|
13D1000
|
unkown
|
page execute read
|
||
|
29EB7659000
|
heap
|
page read and write
|
||
|
13F0000
|
unkown
|
page write copy
|
||
|
202A3590000
|
heap
|
page read and write
|
||
|
202E51A0000
|
trusted library allocation
|
page read and write
|
||
|
16D8D87E000
|
heap
|
page read and write
|
||
|
1D8D93E8000
|
trusted library allocation
|
page read and write
|
||
|
21213B91000
|
heap
|
page read and write
|
||
|
21213B68000
|
heap
|
page read and write
|
||
|
13D0000
|
unkown
|
page readonly
|
||
|
2121305C000
|
heap
|
page read and write
|
||
|
1D8D45F0000
|
trusted library allocation
|
page read and write
|
||
|
AFD000
|
heap
|
page read and write
|
||
|
202A3880000
|
heap
|
page read and write
|
||
|
29EB7649000
|
heap
|
page read and write
|
||
|
F44B0FF000
|
stack
|
page read and write
|
||
|
1E0CF213000
|
heap
|
page read and write
|
||
|
1D8D962E000
|
heap
|
page read and write
|
||
|
1D8D3BD0000
|
heap
|
page read and write
|
||
|
21213B9B000
|
heap
|
page read and write
|
||
|
202A3862000
|
heap
|
page read and write
|
||
|
13D1000
|
unkown
|
page execute read
|
||
|
432747B000
|
stack
|
page read and write
|
||
|
3E4A67E000
|
stack
|
page read and write
|
||
|
431AC7C000
|
stack
|
page read and write
|
||
|
22B0C5FA000
|
heap
|
page read and write
|
||
|
431B0F7000
|
stack
|
page read and write
|
||
|
29EB762A000
|
heap
|
page read and write
|
||
|
1E0CF240000
|
heap
|
page read and write
|
||
|
202E5313000
|
heap
|
page read and write
|
||
|
4FD9DFE000
|
stack
|
page read and write
|
||
|
21213B7C000
|
heap
|
page read and write
|
||
|
9B7C177000
|
stack
|
page read and write
|
||
|
4FDA07E000
|
stack
|
page read and write
|
||
|
16D8D87F000
|
heap
|
page read and write
|
||
|
755CAFF000
|
stack
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
4FD9EFF000
|
stack
|
page read and write
|
||
|
13F4000
|
unkown
|
page readonly
|
||
|
3E4A15C000
|
stack
|
page read and write
|
||
|
9B7BBDE000
|
stack
|
page read and write
|
||
|
5C4077C000
|
stack
|
page read and write
|
||
|
29EB7600000
|
heap
|
page read and write
|
||
|
28DC8C79000
|
heap
|
page read and write
|
||
|
21213B85000
|
heap
|
page read and write
|
||
|
1D8D4EF0000
|
trusted library section
|
page readonly
|
||
|
9B7BB5E000
|
stack
|
page read and write
|
||
|
21213B8D000
|
heap
|
page read and write
|
||
|
782000
|
unkown
|
page read and write
|
||
|
21213940000
|
remote allocation
|
page read and write
|
||
|
432757C000
|
stack
|
page read and write
|
||
|
1D8D4EC0000
|
trusted library section
|
page readonly
|
||
|
28DC8B40000
|
trusted library allocation
|
page read and write
|
||
|
2026E840000
|
heap
|
page read and write
|
||
|
16D8D6A0000
|
heap
|
page read and write
|
||
|
21213B72000
|
heap
|
page read and write
|
||
|
28DC8C8B000
|
heap
|
page read and write
|
||
|
28DC8C53000
|
heap
|
page read and write
|
||
|
E8ED177000
|
stack
|
page read and write
|
||
|
202A3829000
|
heap
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
22B0C5F0000
|
heap
|
page read and write
|
||
|
21213BB8000
|
heap
|
page read and write
|
||
|
3E4AD7F000
|
stack
|
page read and write
|
||
|
16D8D863000
|
heap
|
page read and write
|
||
|
9B7C07E000
|
stack
|
page read and write
|
||
|
3E4AA7F000
|
stack
|
page read and write
|
||
|
22261B00000
|
heap
|
page read and write
|
||
|
22261A13000
|
heap
|
page read and write
|
||
|
28DC8D00000
|
heap
|
page read and write
|
||
|
4FDA17D000
|
stack
|
page read and write
|
||
|
202A3913000
|
heap
|
page read and write
|
||
|
AEF000
|
heap
|
page read and write
|
||
|
177B7D40000
|
trusted library allocation
|
page read and write
|
||
|
28DC9402000
|
trusted library allocation
|
page read and write
|
||
|
1E0CF25A000
|
heap
|
page read and write
|
||
|
29EB768A000
|
heap
|
page read and write
|
||
|
1D8D92C0000
|
trusted library allocation
|
page read and write
|
||
|
22B0C629000
|
heap
|
page read and write
|
||
|
A7CB6FC000
|
stack
|
page read and write
|
||
|
21213B91000
|
heap
|
page read and write
|
||
|
8D0000
|
trusted library allocation
|
page read and write
|
||
|
202E5200000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2026E813000
|
heap
|
page read and write
|
||
|
1D8D969E000
|
heap
|
page read and write
|
||
|
5C40CFB000
|
stack
|
page read and write
|
||
|
ACEFAFF000
|
stack
|
page read and write
|
||
|
9B7C27E000
|
stack
|
page read and write
|
||
|
212130FD000
|
heap
|
page read and write
|
||
|
ACEFDFE000
|
stack
|
page read and write
|
||
|
5C2BCFE000
|
stack
|
page read and write
|
||
|
21213BB8000
|
heap
|
page read and write
|
||
|
21213B23000
|
heap
|
page read and write
|
||
|
2026E790000
|
heap
|
page read and write
|
||
|
788000
|
unkown
|
page read and write
|
||
|
28DC89D0000
|
heap
|
page read and write
|
||
|
202A3700000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1D8D3EFA000
|
heap
|
page read and write
|
||
|
29EB75B0000
|
trusted library allocation
|
page read and write
|
||
|
16D8D800000
|
heap
|
page read and write
|
||
|
1D8D9500000
|
trusted library allocation
|
page read and write
|
||
|
212130E4000
|
heap
|
page read and write
|
||
|
212130B1000
|
heap
|
page read and write
|
||
|
13F4000
|
unkown
|
page readonly
|
||
|
21214003000
|
heap
|
page read and write
|
||
|
F44ACFE000
|
stack
|
page read and write
|
||
|
13D1000
|
unkown
|
page execute read
|
||
|
21213B9B000
|
heap
|
page read and write
|
||
|
1D8D9613000
|
heap
|
page read and write
|
||
|
22B0C629000
|
heap
|
page read and write
|
||
|
22261B08000
|
heap
|
page read and write
|
||
|
16D8D86A000
|
heap
|
page read and write
|
||
|
21212F70000
|
heap
|
page read and write
|
||
|
16D8D84E000
|
heap
|
page read and write
|
||
|
21213B9E000
|
heap
|
page read and write
|
||
|
1D8D92D0000
|
trusted library allocation
|
page read and write
|
||
|
21213A02000
|
heap
|
page read and write
|
||
|
3E4A77C000
|
stack
|
page read and write
|
||
|
202E52E2000
|
heap
|
page read and write
|
||
|
202E52C5000
|
heap
|
page read and write
|
||
|
2121305D000
|
heap
|
page read and write
|
||
|
755CE7F000
|
stack
|
page read and write
|
||
|
22261A3C000
|
heap
|
page read and write
|
||
|
1D8D9530000
|
trusted library allocation
|
page read and write
|
||
|
202A388B000
|
heap
|
page read and write
|
||
|
5C2B7BE000
|
stack
|
page read and write
|
||
|
13F4000
|
unkown
|
page readonly
|
||
|
21213102000
|
heap
|
page read and write
|
||
|
1D8D4F10000
|
trusted library section
|
page readonly
|
||
|
28DC8C4E000
|
heap
|
page read and write
|
||
|
1D8D4759000
|
heap
|
page read and write
|
||
|
F44ADFF000
|
stack
|
page read and write
|
||
|
212130EA000
|
heap
|
page read and write
|
||
|
202A385F000
|
heap
|
page read and write
|
||
|
21213B9A000
|
heap
|
page read and write
|
||
|
21213BA2000
|
heap
|
page read and write
|
||
|
29EB7713000
|
heap
|
page read and write
|
||
|
21213B71000
|
heap
|
page read and write
|
||
|
4FD98BC000
|
stack
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
177B7E29000
|
heap
|
page read and write
|
||
|
28DC8C8E000
|
heap
|
page read and write
|
||
|
202A385D000
|
heap
|
page read and write
|
||
|
202E52BD000
|
heap
|
page read and write
|
||
|
222617E0000
|
heap
|
page read and write
|
||
|
1E0CF324000
|
heap
|
page read and write
|
||
|
16D8D876000
|
heap
|
page read and write
|
||
|
3E4AE7E000
|
stack
|
page read and write
|
||
|
5C2BDFE000
|
stack
|
page read and write
|
||
|
13D0000
|
unkown
|
page readonly
|
||
|
4FD9C7E000
|
stack
|
page read and write
|
||
|
13EA000
|
unkown
|
page readonly
|
||
|
13EA000
|
unkown
|
page readonly
|
||
|
21214002000
|
heap
|
page read and write
|
||
|
28DC8C29000
|
heap
|
page read and write
|
||
|
755C377000
|
stack
|
page read and write
|
||
|
29EB7665000
|
heap
|
page read and write
|
||
|
1E0CF200000
|
heap
|
page read and write
|
||
|
177B7E13000
|
heap
|
page read and write
|
||
|
16D8D83D000
|
heap
|
page read and write
|
||
|
1D8D9404000
|
trusted library allocation
|
page read and write
|
||
|
21213BA2000
|
heap
|
page read and write
|
||
|
431AF77000
|
stack
|
page read and write
|
||
|
9B7C37F000
|
stack
|
page read and write
|
||
|
16D8D630000
|
heap
|
page read and write
|
||
|
F44A87B000
|
stack
|
page read and write
|
||
|
1D8D94F0000
|
trusted library allocation
|
page read and write
|
||
|
22B0C613000
|
heap
|
page read and write
|
||
|
22261A4E000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
FBB000
|
stack
|
page read and write
|
||
|
431B47F000
|
unkown
|
page read and write
|
||
|
1D8D96F9000
|
heap
|
page read and write
|
||
|
16D8D85F000
|
heap
|
page read and write
|
||
|
22B0C606000
|
heap
|
page read and write
|
||
|
1400000
|
direct allocation
|
page execute and read and write
|
||
|
202E523E000
|
heap
|
page read and write
|
||
|
16D8D86E000
|
heap
|
page read and write
|
||
|
28DC8C13000
|
heap
|
page read and write
|
||
|
FF0000
|
trusted library allocation
|
page read and write
|
||
|
22261A78000
|
heap
|
page read and write
|
||
|
21213B00000
|
heap
|
page read and write
|
||
|
202A35A0000
|
heap
|
page read and write
|
||
|
202E52CE000
|
heap
|
page read and write
|
||
|
16D8D861000
|
heap
|
page read and write
|
||
|
202A3802000
|
heap
|
page read and write
|
||
|
A7CB578000
|
stack
|
page read and write
|
||
|
16D8D859000
|
heap
|
page read and write
|
||
|
A2E000
|
stack
|
page read and write
|
||
|
29EB75D0000
|
trusted library allocation
|
page read and write
|
||
|
22B0C612000
|
heap
|
page read and write
|
||
|
755C9FE000
|
stack
|
page read and write
|
||
|
16D8D875000
|
heap
|
page read and write
|
||
|
13F0000
|
unkown
|
page write copy
|
||
|
1D8D9700000
|
heap
|
page read and write
|
||
|
22B0C840000
|
heap
|
page read and write
|
||
|
13F0000
|
unkown
|
page write copy
|
||
|
432727E000
|
stack
|
page read and write
|
||
|
21213BA2000
|
heap
|
page read and write
|
||
|
21214002000
|
heap
|
page read and write
|
||
|
29EB7649000
|
heap
|
page read and write
|
||
|
E8ECB1E000
|
stack
|
page read and write
|
||
|
177B7D70000
|
remote allocation
|
page read and write
|
||
|
202A3600000
|
heap
|
page read and write
|
||
|
13EA000
|
unkown
|
page readonly
|
||
|
7B9000
|
unkown
|
page readonly
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
13F0000
|
unkown
|
page write copy
|
||
|
43273FC000
|
stack
|
page read and write
|
||
|
1D8D9621000
|
heap
|
page read and write
|
||
|
21213B81000
|
heap
|
page read and write
|
||
|
28DC8C3C000
|
heap
|
page read and write
|
||
|
202A3902000
|
heap
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
13F4000
|
unkown
|
page readonly
|
||
|
21213029000
|
heap
|
page read and write
|
||
|
3E4A87F000
|
stack
|
page read and write
|
||
|
AEC000
|
heap
|
page read and write
|
||
|
F44AA7D000
|
stack
|
page read and write
|
||
|
22261A6A000
|
heap
|
page read and write
|
||
|
21213B53000
|
heap
|
page read and write
|
||
|
432787F000
|
stack
|
page read and write
|
||
|
16D8D825000
|
heap
|
page read and write
|
||
|
28DC8D08000
|
heap
|
page read and write
|
||
|
1D8D4EE0000
|
trusted library section
|
page readonly
|
||
|
22B0C611000
|
heap
|
page read and write
|
||
|
21213B5F000
|
heap
|
page read and write
|
||
|
177B7E02000
|
heap
|
page read and write
|
||
|
28DC8C71000
|
heap
|
page read and write
|
||
|
1D8D4713000
|
heap
|
page read and write
|
||
|
212130C2000
|
heap
|
page read and write
|
||
|
22261B02000
|
heap
|
page read and write
|
||
|
21214000000
|
heap
|
page read and write
|
||
|
ACEFEF7000
|
stack
|
page read and write
|
||
|
3E4A97D000
|
stack
|
page read and write
|
||
|
16D8D813000
|
heap
|
page read and write
|
||
|
21213940000
|
remote allocation
|
page read and write
|
||
|
13D0000
|
unkown
|
page readonly
|
||
|
21213B7C000
|
heap
|
page read and write
|
||
|
29EB7510000
|
heap
|
page read and write
|
||
|
CBF000
|
stack
|
page read and write
|
||
|
29EB7658000
|
heap
|
page read and write
|
||
|
4FD9D7E000
|
stack
|
page read and write
|
||
|
2ABF000
|
stack
|
page read and write
|
||
|
A9E000
|
stack
|
page read and write
|
||
|
1D8D5260000
|
trusted library allocation
|
page read and write
|
||
|
431B1F9000
|
stack
|
page read and write
|
||
|
29EB9202000
|
trusted library allocation
|
page read and write
|
||
|
F44ABFE000
|
stack
|
page read and write
|
||
|
431ACFE000
|
stack
|
page read and write
|
||
|
16EE000
|
stack
|
page read and write
|
||
|
212130AA000
|
heap
|
page read and write
|
||
|
177B7F02000
|
heap
|
page read and write
|
||
|
16D8D878000
|
heap
|
page read and write
|
||
|
22261A49000
|
heap
|
page read and write
|
||
|
21213BB3000
|
heap
|
page read and write
|
||
|
1E0CF090000
|
heap
|
page read and write
|
||
|
2026E865000
|
heap
|
page read and write
|
||
|
16D8D83B000
|
heap
|
page read and write
|
||
|
2026E85A000
|
heap
|
page read and write
|
||
|
2026E730000
|
heap
|
page read and write
|
||
|
22261A73000
|
heap
|
page read and write
|
||
|
21213B85000
|
heap
|
page read and write
|
||
|
202A385E000
|
heap
|
page read and write
|
||
|
22261A2A000
|
heap
|
page read and write
|
||
|
1D8D3E6E000
|
heap
|
page read and write
|
||
|
1D8D4600000
|
heap
|
page read and write
|
||
|
202E5270000
|
heap
|
page read and write
|
||
|
21213B92000
|
heap
|
page read and write
|
||
|
22261B13000
|
heap
|
page read and write
|
||
|
22261A53000
|
heap
|
page read and write
|
||
|
28DC8C49000
|
heap
|
page read and write
|
||
|
13EA000
|
unkown
|
page readonly
|
||
|
28DC8C47000
|
heap
|
page read and write
|
||
|
1D8D3E74000
|
heap
|
page read and write
|
||
|
1D8D93E0000
|
trusted library allocation
|
page read and write
|
||
|
21212FE0000
|
heap
|
page read and write
|
||
|
4FD9CFE000
|
stack
|
page read and write
|
||
|
202E5D00000
|
heap
|
page read and write
|
||
|
1E0CF190000
|
trusted library allocation
|
page read and write
|
||
|
21213B99000
|
heap
|
page read and write
|
||
|
22261A47000
|
heap
|
page read and write
|
||
|
16D8D860000
|
heap
|
page read and write
|
||
|
177B7E00000
|
heap
|
page read and write
|
||
|
1D8D45D3000
|
trusted library allocation
|
page read and write
|
||
|
1D8D93E0000
|
trusted library allocation
|
page read and write
|
||
|
1D8D4DE0000
|
trusted library allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
431AD7E000
|
stack
|
page read and write
|
||
|
755C67E000
|
stack
|
page read and write
|
||
|
21214002000
|
heap
|
page read and write
|
||
|
21213BA2000
|
heap
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
16D8D845000
|
heap
|
page read and write
|
||
|
13F4000
|
unkown
|
page readonly
|
||
|
21214021000
|
heap
|
page read and write
|
||
|
177B7E3D000
|
heap
|
page read and write
|
||
|
21213B9B000
|
heap
|
page read and write
|
||
|
1D8D9702000
|
heap
|
page read and write
|
||
|
1D8D9424000
|
trusted library allocation
|
page read and write
|
||
|
9B7BADC000
|
stack
|
page read and write
|
||
|
16D8D858000
|
heap
|
page read and write
|
||
|
21213B1B000
|
heap
|
page read and write
|
||
|
16D8D841000
|
heap
|
page read and write
|
||
|
202A3813000
|
heap
|
page read and write
|
||
|
1D8D3EA4000
|
heap
|
page read and write
|
||
|
21213B7D000
|
heap
|
page read and write
|
||
|
E8ED27E000
|
stack
|
page read and write
|
||
|
16D8D867000
|
heap
|
page read and write
|
||
|
21213B7D000
|
heap
|
page read and write
|
||
|
1D8D3E5A000
|
heap
|
page read and write
|
||
|
755C97F000
|
stack
|
page read and write
|
||
|
1E0000
|
remote allocation
|
page read and write
|
||
|
21213B82000
|
heap
|
page read and write
|
||
|
177B7BE0000
|
heap
|
page read and write
|
||
|
21213B7A000
|
heap
|
page read and write
|
||
|
1E0CF228000
|
heap
|
page read and write
|
||
|
1D8D9420000
|
trusted library allocation
|
page read and write
|
||
|
21213B7C000
|
heap
|
page read and write
|
||
|
202A3900000
|
heap
|
page read and write
|
||
|
21213B7C000
|
heap
|
page read and write
|
||
|
202A383C000
|
heap
|
page read and write
|
||
|
22B0C612000
|
heap
|
page read and write
|
||
|
1D8D965E000
|
heap
|
page read and write
|
||
|
202E5110000
|
heap
|
page read and write
|
||
|
22B0C5F6000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
21213B67000
|
heap
|
page read and write
|
||
|
1D8D94B0000
|
trusted library allocation
|
page read and write
|
||
|
432717E000
|
stack
|
page read and write
|
||
|
28DC8A40000
|
heap
|
page read and write
|
||
|
1D8D3E29000
|
heap
|
page read and write
|
||
|
21213B7D000
|
heap
|
page read and write
|
||
|
2026E800000
|
heap
|
page read and write
|
||
|
1D8D9540000
|
remote allocation
|
page read and write
|
||
|
264F000
|
stack
|
page read and write
|
||
|
AEC000
|
heap
|
page read and write
|
||
|
2026E913000
|
heap
|
page read and write
|
||
|
16D8D862000
|
heap
|
page read and write
|
||
|
1D8D3E00000
|
heap
|
page read and write
|
||
|
1E0CF202000
|
heap
|
page read and write
|
||
|
21213B91000
|
heap
|
page read and write
|
||
|
431B2FE000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
21213940000
|
remote allocation
|
page read and write
|
||
|
21213B90000
|
heap
|
page read and write
|
||
|
755CA7F000
|
stack
|
page read and write
|
||
|
1D8D4615000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
21213108000
|
heap
|
page read and write
|
||
|
ACEFD7B000
|
stack
|
page read and write
|
||
|
21213082000
|
heap
|
page read and write
|
||
|
202A4002000
|
trusted library allocation
|
page read and write
|
||
|
16D8E002000
|
trusted library allocation
|
page read and write
|
||
|
1D8D4702000
|
heap
|
page read and write
|
||
|
1D8D9540000
|
remote allocation
|
page read and write
|
||
|
21213B84000
|
heap
|
page read and write
|
||
|
1E0CF263000
|
heap
|
page read and write
|
||
|
21213B9E000
|
heap
|
page read and write
|
||
|
22261A4B000
|
heap
|
page read and write
|
||
|
21213BDC000
|
heap
|
page read and write
|
||
|
1D8D96FC000
|
heap
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
21214002000
|
heap
|
page read and write
|
||
|
22261950000
|
trusted library allocation
|
page read and write
|
||
|
29EB9130000
|
remote allocation
|
page read and write
|
||
|
7B3000
|
unkown
|
page read and write
|
||
|
1D8D3E78000
|
heap
|
page read and write
|
||
|
432777F000
|
stack
|
page read and write
|
||
|
202E5213000
|
heap
|
page read and write
|
||
|
22261A8F000
|
heap
|
page read and write
|
||
|
5C2BBFE000
|
stack
|
page read and write
|
||
|
21213082000
|
heap
|
page read and write
|
||
|
21213B55000
|
heap
|
page read and write
|
||
|
A7CB67F000
|
stack
|
page read and write
|
||
|
ADD000
|
heap
|
page read and write
|
||
|
ACEFC7B000
|
stack
|
page read and write
|
||
|
2026E720000
|
heap
|
page read and write
|
||
|
2026F202000
|
trusted library allocation
|
page read and write
|
There are 645 hidden memdumps, click here to show them.