Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
2V7zjcga5L.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
||
C:\ProgramData\Microsoft\Network\Downloader\edb.chk
|
data
|
dropped
|
||
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
MPEG-4 LOAS
|
dropped
|
||
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x15eee0d4, page size 16384, Windows version 10.0
|
dropped
|
||
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
SysEx File -
|
dropped
|
||
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
ASCII text, with no line terminators
|
dropped
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\2V7zjcga5L.dll
|
||
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\2V7zjcga5L.dll",#1
|
||
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\2V7zjcga5L.dll,DllRegisterServer
|
||
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\2V7zjcga5L.dll,DllUnregisterServer
|
||
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\TvhlOU\CPyd.dll"
|
||
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\FkTRnOPTdzmty\VedtYV.dll"
|
||
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\2V7zjcga5L.dll"
|
||
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\2V7zjcga5L.dll",#1
|
||
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
||
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
|
||
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
There are 4 hidden processes, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://23.239.0.12/S9
|
unknown
|
||
https://23.239.0.12/s9
|
unknown
|
||
https://23.239.0.12/
|
23.239.0.12
|
||
https://23.239.0.12/w9
|
unknown
|
||
https://23.239.0.12/q
|
unknown
|
||
https://23.239.0.12/G
|
unknown
|
||
https://www.disneyplus.com/legal/your-california-privacy-rights
|
unknown
|
||
https://www.disneyplus.com/legal/privacy-policy
|
unknown
|
||
https://www.hotspotshield.com/terms/
|
unknown
|
||
https://www.pango.co/privacy
|
unknown
|
||
https://disneyplus.com/legal.
|
unknown
|
||
http://crl.ver)
|
unknown
|
||
https://www.tiktok.com/legal/report/feedback
|
unknown
|
||
http://help.disneyplus.com.
|
unknown
|
||
https://support.hotspotshield.com/
|
unknown
|
There are 5 hidden URLs, click here to show them.
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
23.239.0.12
|
unknown
|
United States
|
||
192.168.2.1
|
unknown
|
unknown
|
||
127.0.0.1
|
unknown
|
unknown
|
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
||
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-100
|
||
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-101
|
||
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-843
|
||
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-844
|
||
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\wuaueng.dll,-400
|
||
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\NgcRecovery.dll,-100
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
F30000
|
direct allocation
|
page execute and read and write
|
||
1050000
|
direct allocation
|
page execute and read and write
|
||
180001000
|
direct allocation
|
page execute read
|
||
180001000
|
direct allocation
|
page execute read
|
||
230423C0000
|
direct allocation
|
page execute and read and write
|
||
28DC9D20000
|
direct allocation
|
page execute and read and write
|
||
180001000
|
direct allocation
|
page execute read
|
||
180001000
|
direct allocation
|
page execute read
|
||
280A8BD9000
|
heap
|
page read and write
|
||
1A1C4A15000
|
heap
|
page read and write
|
||
196C1629000
|
heap
|
page read and write
|
||
1FF3E3BC000
|
heap
|
page read and write
|
||
ED3000
|
heap
|
page read and write
|
||
F22967E000
|
stack
|
page read and write
|
||
28DC9D10000
|
direct allocation
|
page execute and read and write
|
||
1FF3E390000
|
heap
|
page read and write
|
||
1A1BFB59000
|
heap
|
page read and write
|
||
23042320000
|
heap
|
page read and write
|
||
12FF000
|
stack
|
page read and write
|
||
1A1BF316000
|
heap
|
page read and write
|
||
2982EDB000
|
stack
|
page read and write
|
||
1A1C46B0000
|
trusted library allocation
|
page read and write
|
||
21F49ED5000
|
heap
|
page read and write
|
||
1A5A1E03000
|
heap
|
page read and write
|
||
196C1708000
|
heap
|
page read and write
|
||
21F49C46000
|
heap
|
page read and write
|
||
CB0000
|
remote allocation
|
page read and write
|
||
8C89EFE000
|
stack
|
page read and write
|
||
280A8BAE000
|
heap
|
page read and write
|
||
1020000
|
direct allocation
|
page execute and read and write
|
||
7FFA526B6000
|
unkown
|
page read and write
|
||
280A9019000
|
heap
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
7FFA52660000
|
unkown
|
page readonly
|
||
280A8B78000
|
heap
|
page read and write
|
||
F229D77000
|
stack
|
page read and write
|
||
1A1BF28C000
|
heap
|
page read and write
|
||
FA0000
|
heap
|
page read and write
|
||
2830BC90000
|
trusted library allocation
|
page read and write
|
||
21F49C60000
|
heap
|
page read and write
|
||
2830B513000
|
heap
|
page read and write
|
||
B10177F000
|
stack
|
page read and write
|
||
280A8B83000
|
heap
|
page read and write
|
||
1B6D8C6A000
|
heap
|
page read and write
|
||
280A8B95000
|
heap
|
page read and write
|
||
1A1C0630000
|
trusted library allocation
|
page read and write
|
||
196C13C0000
|
heap
|
page read and write
|
||
768EF77000
|
stack
|
page read and write
|
||
ED3000
|
heap
|
page read and write
|
||
1B6D8C84000
|
heap
|
page read and write
|
||
1B6D8C63000
|
heap
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
7FFA52661000
|
unkown
|
page execute read
|
||
1101000
|
heap
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
18A1A708000
|
heap
|
page read and write
|
||
280A8B7B000
|
heap
|
page read and write
|
||
2890000
|
remote allocation
|
page read and write
|
||
1A1C4930000
|
remote allocation
|
page read and write
|
||
21F49B70000
|
heap
|
page read and write
|
||
280A8BAC000
|
heap
|
page read and write
|
||
B101346000
|
stack
|
page read and write
|
||
21F49C56000
|
heap
|
page read and write
|
||
18A1A550000
|
heap
|
page read and write
|
||
280A8B7B000
|
heap
|
page read and write
|
||
18002E000
|
direct allocation
|
page read and write
|
||
280A8B74000
|
heap
|
page read and write
|
||
280A80AB000
|
heap
|
page read and write
|
||
7FFA52661000
|
unkown
|
page execute read
|
||
1FF3E63B000
|
heap
|
page read and write
|
||
8517CFE000
|
stack
|
page read and write
|
||
1FF3E3C8000
|
heap
|
page read and write
|
||
1A1C48A0000
|
trusted library allocation
|
page read and write
|
||
280A8B78000
|
heap
|
page read and write
|
||
18A1A600000
|
heap
|
page read and write
|
||
2F321FE000
|
stack
|
page read and write
|
||
280A80ED000
|
heap
|
page read and write
|
||
2A90000
|
heap
|
page read and write
|
||
1A1C4630000
|
trusted library allocation
|
page read and write
|
||
8C89C7C000
|
stack
|
page read and write
|
||
21F49C60000
|
heap
|
page read and write
|
||
21F49C6D000
|
heap
|
page read and write
|
||
F229DFE000
|
unkown
|
page read and write
|
||
2202E550000
|
trusted library allocation
|
page read and write
|
||
1A1C4A4D000
|
heap
|
page read and write
|
||
2F32777000
|
stack
|
page read and write
|
||
280A8B72000
|
heap
|
page read and write
|
||
1A1BF2A9000
|
heap
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
18A1A64F000
|
heap
|
page read and write
|
||
196C1655000
|
heap
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
28DC8300000
|
heap
|
page read and write
|
||
F2296FD000
|
stack
|
page read and write
|
||
280A88F0000
|
remote allocation
|
page read and write
|
||
1B6D8D13000
|
heap
|
page read and write
|
||
280A80C3000
|
heap
|
page read and write
|
||
1B6D8C00000
|
heap
|
page read and write
|
||
2202D4D0000
|
heap
|
page read and write
|
||
21F49ED0000
|
heap
|
page read and write
|
||
28DC9D60000
|
heap
|
page readonly
|
||
280A8B7A000
|
heap
|
page read and write
|
||
29BC000
|
stack
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
2202D8B0000
|
trusted library allocation
|
page read and write
|
||
E61000
|
heap
|
page read and write
|
||
1B6D9602000
|
trusted library allocation
|
page read and write
|
||
2830B390000
|
heap
|
page read and write
|
||
280A8B83000
|
heap
|
page read and write
|
||
23042455000
|
heap
|
page read and write
|
||
1040000
|
heap
|
page read and write
|
||
230420E0000
|
heap
|
page read and write
|
||
F229C7E000
|
stack
|
page read and write
|
||
28DC8350000
|
heap
|
page read and write
|
||
23042150000
|
heap
|
page read and write
|
||
F80000
|
trusted library allocation
|
page read and write
|
||
1A1C4640000
|
trusted library allocation
|
page read and write
|
||
293F000
|
stack
|
page read and write
|
||
280A8B72000
|
heap
|
page read and write
|
||
280A8B72000
|
heap
|
page read and write
|
||
7FFA52660000
|
unkown
|
page readonly
|
||
18A1A650000
|
heap
|
page read and write
|
||
1A1BF213000
|
heap
|
page read and write
|
||
2982FDE000
|
stack
|
page read and write
|
||
280A9002000
|
heap
|
page read and write
|
||
2F325FB000
|
stack
|
page read and write
|
||
2FDF000
|
stack
|
page read and write
|
||
E5A637E000
|
stack
|
page read and write
|
||
79F927C000
|
stack
|
page read and write
|
||
1A1C4B02000
|
heap
|
page read and write
|
||
1A1BF2A4000
|
heap
|
page read and write
|
||
1A1C4930000
|
trusted library allocation
|
page read and write
|
||
280A8B9B000
|
heap
|
page read and write
|
||
23043DD4000
|
heap
|
page read and write
|
||
7FFA526B9000
|
unkown
|
page readonly
|
||
EB1000
|
heap
|
page read and write
|
||
28DC9D50000
|
heap
|
page read and write
|
||
CB0000
|
remote allocation
|
page read and write
|
||
1FF3E3C8000
|
heap
|
page read and write
|
||
1A1BFA02000
|
heap
|
page read and write
|
||
768E9EF000
|
stack
|
page read and write
|
||
1B6D8D00000
|
heap
|
page read and write
|
||
7FFA52661000
|
unkown
|
page execute read
|
||
23043DD0000
|
heap
|
page read and write
|
||
2202E500000
|
trusted library allocation
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
18002D000
|
direct allocation
|
page readonly
|
||
28DC9D54000
|
heap
|
page read and write
|
||
18A1A653000
|
heap
|
page read and write
|
||
CF0A57E000
|
stack
|
page read and write
|
||
280A80C8000
|
heap
|
page read and write
|
||
280A8013000
|
heap
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
1B6D8AD0000
|
heap
|
page read and write
|
||
2830B428000
|
heap
|
page read and write
|
||
18002E000
|
direct allocation
|
page read and write
|
||
196C1713000
|
heap
|
page read and write
|
||
1FF3E5A0000
|
heap
|
page read and write
|
||
280A8B1D000
|
heap
|
page read and write
|
||
2202D59D000
|
heap
|
page read and write
|
||
1A1C4900000
|
trusted library allocation
|
page read and write
|
||
8518077000
|
stack
|
page read and write
|
||
2A3B000
|
stack
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
1FF40110000
|
heap
|
page read and write
|
||
1A1C4C10000
|
trusted library allocation
|
page read and write
|
||
1B6D8C8B000
|
heap
|
page read and write
|
||
2202E4D0000
|
trusted library allocation
|
page read and write
|
||
23042340000
|
heap
|
page read and write
|
||
280A8B95000
|
heap
|
page read and write
|
||
230423B0000
|
direct allocation
|
page execute and read and write
|
||
1FF3E3B2000
|
heap
|
page read and write
|
||
2A94000
|
heap
|
page read and write
|
||
280A8B74000
|
heap
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
79F947E000
|
stack
|
page read and write
|
||
2830B400000
|
heap
|
page read and write
|
||
280A9002000
|
heap
|
page read and write
|
||
280A8000000
|
heap
|
page read and write
|
||
1A1C48A0000
|
trusted library allocation
|
page read and write
|
||
280A88F0000
|
remote allocation
|
page read and write
|
||
280A8B9B000
|
heap
|
page read and write
|
||
EB1000
|
heap
|
page read and write
|
||
230421A2000
|
heap
|
page read and write
|
||
1A1BFA00000
|
heap
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
1000000
|
heap
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
768E8EB000
|
stack
|
page read and write
|
||
F9FB57B000
|
stack
|
page read and write
|
||
1A1C4920000
|
trusted library allocation
|
page read and write
|
||
2830B500000
|
heap
|
page read and write
|
||
18A1B002000
|
trusted library allocation
|
page read and write
|
||
2FEE000
|
stack
|
page read and write
|
||
2830B458000
|
heap
|
page read and write
|
||
280A8B83000
|
heap
|
page read and write
|
||
280A80EB000
|
heap
|
page read and write
|
||
CA0000
|
heap
|
page read and write
|
||
7FFA526B6000
|
unkown
|
page read and write
|
||
1A1BF258000
|
heap
|
page read and write
|
||
1B6D8C69000
|
heap
|
page read and write
|
||
79F84DC000
|
stack
|
page read and write
|
||
18A1A700000
|
heap
|
page read and write
|
||
280A8B75000
|
heap
|
page read and write
|
||
1A1C4814000
|
trusted library allocation
|
page read and write
|
||
1A1BFA15000
|
heap
|
page read and write
|
||
1B6D8B30000
|
heap
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
18002F000
|
direct allocation
|
page readonly
|
||
196C1688000
|
heap
|
page read and write
|
||
280A80EE000
|
heap
|
page read and write
|
||
1A1BF22A000
|
heap
|
page read and write
|
||
1B6D8C57000
|
heap
|
page read and write
|
||
E20000
|
heap
|
page read and write
|
||
1A1BFB18000
|
heap
|
page read and write
|
||
F2293AC000
|
stack
|
page read and write
|
||
1FF3E3CD000
|
heap
|
page read and write
|
||
1FF3E350000
|
heap
|
page read and write
|
||
1FF3E3BC000
|
heap
|
page read and write
|
||
1A1C4A40000
|
heap
|
page read and write
|
||
280A7F20000
|
heap
|
page read and write
|
||
79F8C7E000
|
stack
|
page read and write
|
||
FA5000
|
heap
|
page read and write
|
||
18A1A4F0000
|
heap
|
page read and write
|
||
1A1BF302000
|
heap
|
page read and write
|
||
DB0000
|
heap
|
page read and write
|
||
28DC83A0000
|
heap
|
page read and write
|
||
DB0000
|
heap
|
page read and write
|
||
1A1C48C0000
|
trusted library allocation
|
page read and write
|
||
280A9021000
|
heap
|
page read and write
|
||
1324000
|
heap
|
page read and write
|
||
1B6D8D02000
|
heap
|
page read and write
|
||
280A8029000
|
heap
|
page read and write
|
||
2830B3F0000
|
heap
|
page read and write
|
||
280A8B94000
|
heap
|
page read and write
|
||
E5A64FC000
|
stack
|
page read and write
|
||
280A8B54000
|
heap
|
page read and write
|
||
280A80B1000
|
heap
|
page read and write
|
||
18002D000
|
direct allocation
|
page readonly
|
||
280A9002000
|
heap
|
page read and write
|
||
18A1A63C000
|
heap
|
page read and write
|
||
1A5A1C50000
|
heap
|
page read and write
|
||
2830B46E000
|
heap
|
page read and write
|
||
28DC9E40000
|
heap
|
page read and write
|
||
1A1BF307000
|
heap
|
page read and write
|
||
2202D4B0000
|
heap
|
page read and write
|
||
280A8B94000
|
heap
|
page read and write
|
||
280A8BA5000
|
heap
|
page read and write
|
||
2830B413000
|
heap
|
page read and write
|
||
1A1BF2A7000
|
heap
|
page read and write
|
||
280A8BAC000
|
heap
|
page read and write
|
||
1A1C4B02000
|
heap
|
page read and write
|
||
2202E4E0000
|
heap
|
page readonly
|
||
196C165C000
|
heap
|
page read and write
|
||
280A8B79000
|
heap
|
page read and write
|
||
280A8BDC000
|
heap
|
page read and write
|
||
18A1A4E0000
|
heap
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
EBC000
|
heap
|
page read and write
|
||
280A8B00000
|
heap
|
page read and write
|
||
1A1BFB02000
|
heap
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
18A1A613000
|
heap
|
page read and write
|
||
E5A627F000
|
stack
|
page read and write
|
||
280A8B75000
|
heap
|
page read and write
|
||
1A1C47DE000
|
trusted library allocation
|
page read and write
|
||
2202D920000
|
trusted library allocation
|
page read and write
|
||
1A1BFB13000
|
heap
|
page read and write
|
||
28DC83FC000
|
heap
|
page read and write
|
||
196C1613000
|
heap
|
page read and write
|
||
280A8B8A000
|
heap
|
page read and write
|
||
8517C7B000
|
stack
|
page read and write
|
||
230421DE000
|
heap
|
page read and write
|
||
1B6D8B60000
|
trusted library allocation
|
page read and write
|
||
280A9002000
|
heap
|
page read and write
|
||
1A1C4910000
|
trusted library allocation
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
8517E7C000
|
stack
|
page read and write
|
||
1FF3E635000
|
heap
|
page read and write
|
||
768EE7B000
|
stack
|
page read and write
|
||
1B6D8C13000
|
heap
|
page read and write
|
||
280A8B78000
|
heap
|
page read and write
|
||
E5A647E000
|
stack
|
page read and write
|
||
79F8D7A000
|
stack
|
page read and write
|
||
1FF3E3C1000
|
heap
|
page read and write
|
||
1A1C47F4000
|
trusted library allocation
|
page read and write
|
||
B1016FC000
|
stack
|
page read and write
|
||
21F49C41000
|
heap
|
page read and write
|
||
768ED7E000
|
stack
|
page read and write
|
||
280A8B9B000
|
heap
|
page read and write
|
||
E00000
|
heap
|
page read and write
|
||
196C1661000
|
heap
|
page read and write
|
||
280A9002000
|
heap
|
page read and write
|
||
21F49C54000
|
heap
|
page read and write
|
||
18002E000
|
direct allocation
|
page read and write
|
||
D90000
|
heap
|
page read and write
|
||
1A1BF2FD000
|
heap
|
page read and write
|
||
1A1C4930000
|
remote allocation
|
page read and write
|
||
1FF3E3A9000
|
heap
|
page read and write
|
||
21F49B90000
|
heap
|
page read and write
|
||
2202D59C000
|
heap
|
page read and write
|
||
1A1BEFD0000
|
heap
|
page read and write
|
||
8C89F79000
|
stack
|
page read and write
|
||
280A8B8F000
|
heap
|
page read and write
|
||
79F8B7B000
|
stack
|
page read and write
|
||
1A1C4800000
|
trusted library allocation
|
page read and write
|
||
1A1C47D0000
|
trusted library allocation
|
page read and write
|
||
F02000
|
heap
|
page read and write
|
||
10BB000
|
heap
|
page read and write
|
||
1A1C4800000
|
trusted library allocation
|
page read and write
|
||
2830B402000
|
heap
|
page read and write
|
||
7FFA52661000
|
unkown
|
page execute read
|
||
1A1BF23D000
|
heap
|
page read and write
|
||
1FF40100000
|
heap
|
page read and write
|
||
F9FB87F000
|
stack
|
page read and write
|
||
1A1BF302000
|
heap
|
page read and write
|
||
28DC83A8000
|
heap
|
page read and write
|
||
280A8B79000
|
heap
|
page read and write
|
||
F9FB67B000
|
stack
|
page read and write
|
||
2F5F000
|
stack
|
page read and write
|
||
1A1C4AB1000
|
heap
|
page read and write
|
||
1A1BFB04000
|
heap
|
page read and write
|
||
7FFA526B6000
|
unkown
|
page read and write
|
||
28DC8320000
|
heap
|
page read and write
|
||
CF0A67E000
|
stack
|
page read and write
|
||
768F07D000
|
stack
|
page read and write
|
||
280A8B9B000
|
heap
|
page read and write
|
||
280A8113000
|
heap
|
page read and write
|
||
2202D550000
|
heap
|
page read and write
|
||
1A1C4C50000
|
trusted library allocation
|
page read and write
|
||
280A9002000
|
heap
|
page read and write
|
||
28DC8380000
|
heap
|
page read and write
|
||
18A1A629000
|
heap
|
page read and write
|
||
28DC83DE000
|
heap
|
page read and write
|
||
280A8B79000
|
heap
|
page read and write
|
||
355B4FD000
|
stack
|
page read and write
|
||
280A8BB0000
|
heap
|
page read and write
|
||
21F49C60000
|
heap
|
page read and write
|
||
1B6D8C46000
|
heap
|
page read and write
|
||
280A80B5000
|
heap
|
page read and write
|
||
1400000
|
heap
|
page read and write
|
||
CF0A77B000
|
stack
|
page read and write
|
||
21F49C30000
|
heap
|
page read and write
|
||
1A1C4AE1000
|
heap
|
page read and write
|
||
7FFA526B6000
|
unkown
|
page read and write
|
||
1A1BF328000
|
heap
|
page read and write
|
||
18A1A68C000
|
heap
|
page read and write
|
||
306F000
|
stack
|
page read and write
|
||
ED3000
|
heap
|
page read and write
|
||
9D0000
|
heap
|
page read and write
|
||
1FF3E630000
|
heap
|
page read and write
|
||
1FF3E398000
|
heap
|
page read and write
|
||
30EB000
|
stack
|
page read and write
|
||
1A1BF26F000
|
heap
|
page read and write
|
||
7FFA526B9000
|
unkown
|
page readonly
|
||
1FF3E3B8000
|
heap
|
page read and write
|
||
E61000
|
heap
|
page read and write
|
||
21F49C46000
|
heap
|
page read and write
|
||
1A1C47F1000
|
trusted library allocation
|
page read and write
|
||
280A8B8C000
|
heap
|
page read and write
|
||
1A1C4AFF000
|
heap
|
page read and write
|
||
1320000
|
heap
|
page read and write
|
||
21F49B10000
|
heap
|
page read and write
|
||
2F320FC000
|
stack
|
page read and write
|
||
E59000
|
heap
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
1A1C0623000
|
trusted library allocation
|
page read and write
|
||
79F855F000
|
stack
|
page read and write
|
||
196C163C000
|
heap
|
page read and write
|
||
1FF3E3AE000
|
heap
|
page read and write
|
||
F2297FC000
|
stack
|
page read and write
|
||
768F17F000
|
stack
|
page read and write
|
||
1B6D8C29000
|
heap
|
page read and write
|
||
1A1C4AF7000
|
heap
|
page read and write
|
||
18A1A649000
|
heap
|
page read and write
|
||
2202D59D000
|
heap
|
page read and write
|
||
196C167E000
|
heap
|
page read and write
|
||
230421C3000
|
heap
|
page read and write
|
||
280A8B7B000
|
heap
|
page read and write
|
||
1A1BFB00000
|
heap
|
page read and write
|
||
8517D7E000
|
stack
|
page read and write
|
||
7FFA526B9000
|
unkown
|
page readonly
|
||
280A9000000
|
heap
|
page read and write
|
||
280A8B98000
|
heap
|
page read and write
|
||
280A8088000
|
heap
|
page read and write
|
||
2982F5E000
|
stack
|
page read and write
|
||
1FF3E3A6000
|
heap
|
page read and write
|
||
1A1BF277000
|
heap
|
page read and write
|
||
1A1BF200000
|
heap
|
page read and write
|
||
196C1600000
|
heap
|
page read and write
|
||
1A1C47D0000
|
trusted library allocation
|
page read and write
|
||
196C1520000
|
trusted library allocation
|
page read and write
|
||
280A8B9B000
|
heap
|
page read and write
|
||
1A1C4810000
|
trusted library allocation
|
page read and write
|
||
B1017FE000
|
stack
|
page read and write
|
||
7FFA526B2000
|
unkown
|
page readonly
|
||
1A1C4AFF000
|
heap
|
page read and write
|
||
280A9002000
|
heap
|
page read and write
|
||
1A1C4930000
|
remote allocation
|
page read and write
|
||
23042158000
|
heap
|
page read and write
|
||
2890000
|
remote allocation
|
page read and write
|
||
196C1420000
|
heap
|
page read and write
|
||
1A5A1DFD000
|
heap
|
page read and write
|
||
1FF40103000
|
heap
|
page read and write
|
||
B1013CF000
|
stack
|
page read and write
|
||
280A803C000
|
heap
|
page read and write
|
||
280A8B74000
|
heap
|
page read and write
|
||
18A1A67A000
|
heap
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
1A1C4A20000
|
heap
|
page read and write
|
||
18002D000
|
direct allocation
|
page readonly
|
||
CF0A4FF000
|
stack
|
page read and write
|
||
230423F0000
|
heap
|
page readonly
|
||
1A1C4AB4000
|
heap
|
page read and write
|
||
851827F000
|
stack
|
page read and write
|
||
C95000
|
stack
|
page read and write
|
||
21F49C52000
|
heap
|
page read and write
|
||
1112000
|
heap
|
page read and write
|
||
1B6D8C5E000
|
heap
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
2202D919000
|
heap
|
page read and write
|
||
28DC8290000
|
heap
|
page read and write
|
||
23042390000
|
heap
|
page read and write
|
||
768E96E000
|
stack
|
page read and write
|
||
2890000
|
remote allocation
|
page read and write
|
||
F20000
|
direct allocation
|
page execute and read and write
|
||
280A80D6000
|
heap
|
page read and write
|
||
280A8B7B000
|
heap
|
page read and write
|
||
1A1BEFC0000
|
heap
|
page read and write
|
||
1FF3E2C0000
|
heap
|
page read and write
|
||
CF0A6FF000
|
stack
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
1A1C01E0000
|
trusted library allocation
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
18A1A713000
|
heap
|
page read and write
|
||
280A8102000
|
heap
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
280A8B76000
|
heap
|
page read and write
|
||
79F88F8000
|
stack
|
page read and write
|
||
E28000
|
heap
|
page read and write
|
||
1B6D8C67000
|
heap
|
page read and write
|
||
280A8B9B000
|
heap
|
page read and write
|
||
280A8070000
|
heap
|
page read and write
|
||
280A8B98000
|
heap
|
page read and write
|
||
2850000
|
trusted library allocation
|
page read and write
|
||
280A80FA000
|
heap
|
page read and write
|
||
2202D595000
|
heap
|
page read and write
|
||
1FF3E3AD000
|
heap
|
page read and write
|
||
1A1C48A0000
|
trusted library allocation
|
page read and write
|
||
1FF3E3B2000
|
heap
|
page read and write
|
||
1B6D8C61000
|
heap
|
page read and write
|
||
280A7F30000
|
heap
|
page read and write
|
||
280A8B99000
|
heap
|
page read and write
|
||
280A8B14000
|
heap
|
page read and write
|
||
B10167E000
|
stack
|
page read and write
|
||
18A1A64C000
|
heap
|
page read and write
|
||
1A1BF274000
|
heap
|
page read and write
|
||
F22997B000
|
stack
|
page read and write
|
||
79F8A79000
|
stack
|
page read and write
|
||
E8F000
|
heap
|
page read and write
|
||
280A80A4000
|
heap
|
page read and write
|
||
196C1664000
|
heap
|
page read and write
|
||
1A1C4A00000
|
heap
|
page read and write
|
||
196C165A000
|
heap
|
page read and write
|
||
2830BE02000
|
trusted library allocation
|
page read and write
|
||
1B6D8AC0000
|
heap
|
page read and write
|
||
1030000
|
heap
|
page readonly
|
||
18A1A670000
|
heap
|
page read and write
|
||
2F6E000
|
stack
|
page read and write
|
||
280A7F90000
|
heap
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
2202D59C000
|
heap
|
page read and write
|
||
F9FB27B000
|
stack
|
page read and write
|
||
280A8B82000
|
heap
|
page read and write
|
||
23042450000
|
heap
|
page read and write
|
||
280A80E3000
|
heap
|
page read and write
|
||
2304219C000
|
heap
|
page read and write
|
||
28B0000
|
heap
|
page read and write
|
||
1A1C4810000
|
trusted library allocation
|
page read and write
|
||
1B6D8D08000
|
heap
|
page read and write
|
||
2202D540000
|
trusted library allocation
|
page read and write
|
||
1B6D8C64000
|
heap
|
page read and write
|
||
F229A78000
|
stack
|
page read and write
|
||
EBC000
|
heap
|
page read and write
|
||
1A1BF29E000
|
heap
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
1B6D8C65000
|
heap
|
page read and write
|
||
1A1C0620000
|
trusted library allocation
|
page read and write
|
||
10F2000
|
heap
|
page read and write
|
||
2F3297F000
|
stack
|
page read and write
|
||
851817F000
|
stack
|
page read and write
|
||
1B6D8C2F000
|
heap
|
page read and write
|
||
7FFA52660000
|
unkown
|
page readonly
|
||
EB8000
|
heap
|
page read and write
|
||
21F49C57000
|
heap
|
page read and write
|
||
18A1A686000
|
heap
|
page read and write
|
||
280A9003000
|
heap
|
page read and write
|
||
1B6D8C3C000
|
heap
|
page read and write
|
||
280A8A02000
|
heap
|
page read and write
|
||
230421AC000
|
heap
|
page read and write
|
||
1A1C4A63000
|
heap
|
page read and write
|
||
1A1C4A2E000
|
heap
|
page read and write
|
||
7FFA526B9000
|
unkown
|
page readonly
|
||
13AF000
|
stack
|
page read and write
|
||
2F3287F000
|
stack
|
page read and write
|
||
1FF419B0000
|
trusted library allocation
|
page read and write
|
||
280A8B78000
|
heap
|
page read and write
|
||
1A1C4B08000
|
heap
|
page read and write
|
||
28DC8355000
|
heap
|
page read and write
|
||
280A8B74000
|
heap
|
page read and write
|
||
2F3217E000
|
stack
|
page read and write
|
||
18002E000
|
direct allocation
|
page read and write
|
||
196C1700000
|
heap
|
page read and write
|
||
280A8B7B000
|
heap
|
page read and write
|
||
2FE0000
|
heap
|
page read and write
|
||
2202D59F000
|
heap
|
page read and write
|
||
E61000
|
heap
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
2830B43C000
|
heap
|
page read and write
|
||
280A8082000
|
heap
|
page read and write
|
||
1A1BF030000
|
heap
|
page read and write
|
||
18002D000
|
direct allocation
|
page readonly
|
||
280A8B79000
|
heap
|
page read and write
|
||
280A9002000
|
heap
|
page read and write
|
||
298327E000
|
stack
|
page read and write
|
||
8C89DF9000
|
stack
|
page read and write
|
||
18A1A580000
|
trusted library allocation
|
page read and write
|
||
B10187B000
|
stack
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
1B6D8C5C000
|
heap
|
page read and write
|
||
18A1A702000
|
heap
|
page read and write
|
||
1FF3E3A9000
|
heap
|
page read and write
|
||
2202D910000
|
heap
|
page read and write
|
||
8517F7B000
|
stack
|
page read and write
|
||
79F8E7B000
|
stack
|
page read and write
|
||
18002F000
|
direct allocation
|
page readonly
|
||
2830B502000
|
heap
|
page read and write
|
||
D55000
|
stack
|
page read and write
|
||
280A9002000
|
heap
|
page read and write
|
||
280A8B8A000
|
heap
|
page read and write
|
||
2202E4F0000
|
trusted library allocation
|
page read and write
|
||
2202D440000
|
heap
|
page read and write
|
||
280A8BA6000
|
heap
|
page read and write
|
||
F60000
|
heap
|
page readonly
|
||
196C168F000
|
heap
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
E5A5F8A000
|
stack
|
page read and write
|
||
18002F000
|
direct allocation
|
page readonly
|
||
2202D558000
|
heap
|
page read and write
|
||
230421B0000
|
heap
|
page read and write
|
||
1A1BF130000
|
trusted library allocation
|
page read and write
|
||
280A7FC0000
|
trusted library allocation
|
page read and write
|
||
23043D50000
|
heap
|
page read and write
|
||
2304219E000
|
heap
|
page read and write
|
||
280A8B8E000
|
heap
|
page read and write
|
||
EBC000
|
heap
|
page read and write
|
||
280A8B8D000
|
heap
|
page read and write
|
||
280A8B74000
|
heap
|
page read and write
|
||
2202D915000
|
heap
|
page read and write
|
||
1A1C4A61000
|
heap
|
page read and write
|
||
2F3267E000
|
stack
|
page read and write
|
||
196C165E000
|
heap
|
page read and write
|
||
E8E000
|
heap
|
page read and write
|
||
1A1C47D8000
|
trusted library allocation
|
page read and write
|
||
E5A62FF000
|
stack
|
page read and write
|
||
CF0A5FE000
|
stack
|
page read and write
|
||
8C89E79000
|
stack
|
page read and write
|
||
2202E290000
|
trusted library allocation
|
page read and write
|
||
280A8BAE000
|
heap
|
page read and write
|
||
7FFA526B2000
|
unkown
|
page readonly
|
||
280A8B98000
|
heap
|
page read and write
|
||
18002F000
|
direct allocation
|
page readonly
|
||
D90000
|
heap
|
page read and write
|
||
7FFA526B2000
|
unkown
|
page readonly
|
||
F22987E000
|
stack
|
page read and write
|
||
1FF3E330000
|
heap
|
page read and write
|
||
21F49C6C000
|
heap
|
page read and write
|
||
F229B77000
|
stack
|
page read and write
|
||
2202E280000
|
trusted library allocation
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
1A1C4AAD000
|
heap
|
page read and write
|
||
E5A63F8000
|
stack
|
page read and write
|
||
1A1C46C0000
|
trusted library allocation
|
page read and write
|
||
1A5A1DF0000
|
heap
|
page read and write
|
||
280A88F0000
|
remote allocation
|
page read and write
|
||
1405000
|
heap
|
page read and write
|
||
F9FB77B000
|
stack
|
page read and write
|
||
196C1E02000
|
trusted library allocation
|
page read and write
|
||
1A1C4AE6000
|
heap
|
page read and write
|
||
2830B380000
|
heap
|
page read and write
|
||
1A1BF279000
|
heap
|
page read and write
|
||
280A8B94000
|
heap
|
page read and write
|
||
7FFA526B2000
|
unkown
|
page readonly
|
||
1A5A1D90000
|
heap
|
page read and write
|
||
7FFA52660000
|
unkown
|
page readonly
|
||
196C1702000
|
heap
|
page read and write
|
||
1A1BF293000
|
heap
|
page read and write
|
||
2EDE000
|
stack
|
page read and write
|
||
10B0000
|
heap
|
page read and write
|
||
280A9003000
|
heap
|
page read and write
|
||
2202D450000
|
trusted library allocation
|
page read and write
|
||
280A8B74000
|
heap
|
page read and write
|
||
2202D560000
|
heap
|
page read and write
|
||
F03000
|
heap
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
1A1C48F0000
|
trusted library allocation
|
page read and write
|
||
280A8B92000
|
heap
|
page read and write
|
||
1A1C48E0000
|
trusted library allocation
|
page read and write
|
||
1A1BFB18000
|
heap
|
page read and write
|
||
1A1BFB59000
|
heap
|
page read and write
|
||
1A1BF2FD000
|
heap
|
page read and write
|
||
196C13B0000
|
heap
|
page read and write
|
||
CF0A476000
|
stack
|
page read and write
|
||
2202D5BF000
|
heap
|
page read and write
|
||
280A80AC000
|
heap
|
page read and write
|
||
1A1C47F0000
|
trusted library allocation
|
page read and write
|
There are 608 hidden memdumps, click here to show them.