IOC Report
Ru97gvh8ir

loading gif

Files

File Path
Type
Category
Malicious
Ru97gvh8ir.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
initial sample
 malicious
C:\ProgramData\Microsoft\Network\Downloader\edb.chk
data
dropped
C:\ProgramData\Microsoft\Network\Downloader\edb.log
MPEG-4 LOAS
dropped
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
Extensible storage engine DataBase, version 0x620, checksum 0xac4fb833, page size 16384, Windows version 10.0
dropped
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
data
dropped
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
ASCII text, with no line terminators
dropped

Processes

Path
Cmdline
Malicious
C:\Windows\System32\regsvr32.exe
regsvr32.exe /s C:\Users\user\Desktop\Ru97gvh8ir.dll
 malicious
C:\Windows\System32\rundll32.exe
rundll32.exe "C:\Users\user\Desktop\Ru97gvh8ir.dll",#1
 malicious
C:\Windows\System32\rundll32.exe
rundll32.exe C:\Users\user\Desktop\Ru97gvh8ir.dll,DllRegisterServer
 malicious
C:\Windows\System32\rundll32.exe
rundll32.exe C:\Users\user\Desktop\Ru97gvh8ir.dll,DllUnregisterServer
 malicious
C:\Windows\System32\regsvr32.exe
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\CYwMLUBpfJVi\miBCQZcqs.dll"
 malicious
C:\Windows\System32\loaddll64.exe
loaddll64.exe "C:\Users\user\Desktop\Ru97gvh8ir.dll"
C:\Windows\System32\cmd.exe
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\Ru97gvh8ir.dll",#1
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k netsvcs -p
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k netsvcs -p
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k netsvcs -p
There are 2 hidden processes, click here to show them.

URLs

Name
IP
Malicious
https://23.239.0.12/efaultL
unknown
 malicious
https://23.239.0.12/m9
unknown
 malicious
https://23.239.0.12/i9
unknown
 malicious
https://23.239.0.12/
23.239.0.12
 malicious
https://www.disneyplus.com/legal/your-california-privacy-rights
unknown
https://www.disneyplus.com/legal/privacy-policy
unknown
https://www.tiktok.
unknown
https://www.hotspotshield.com/terms/
unknown
https://www.pango.co/privacy
unknown
https://disneyplus.com/legal.
unknown
http://crl.ver)
unknown
https://www.tiktok.com/legal/report/feedback
unknown
http://help.disneyplus.com.
unknown
https://support.hotspotshield.com/
unknown
There are 4 hidden URLs, click here to show them.

IPs

IP
Domain
Country
Malicious
23.239.0.12
unknown
United States
malicious
127.0.0.1
unknown
unknown

Registry

Path
Value
Malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
PerfMMFileName
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
@%SystemRoot%\System32\ci.dll,-100
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
@%SystemRoot%\System32\ci.dll,-101
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
@%SystemRoot%\system32\dnsapi.dll,-103
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
@%SystemRoot%\System32\fveui.dll,-843
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
@%SystemRoot%\System32\fveui.dll,-844
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
@%SystemRoot%\System32\wuaueng.dll,-400
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
@%SystemRoot%\system32\NgcRecovery.dll,-100

Memdumps

Base Address
Regiontype
Protect
Malicious
2890000
direct allocation
page execute and read and write
 malicious
17907800000
direct allocation
page execute and read and write
 malicious
180001000
direct allocation
page execute read
 malicious
4C0000
direct allocation
page execute and read and write
 malicious
180001000
direct allocation
page execute read
 malicious
18A6B430000
direct allocation
page execute and read and write
 malicious
180001000
direct allocation
page execute read
 malicious
180001000
direct allocation
page execute read
 malicious
21F9D520000
heap
page read and write
1CBD67E000
stack
page read and write
1FF1D322000
heap
page read and write
D1C157B000
stack
page read and write
244D79F0000
trusted library allocation
page read and write
2A5FEAA0000
trusted library allocation
page read and write
36E5B7A000
stack
page read and write
1CD74DC0000
trusted library allocation
page read and write
400000
heap
page read and write
2A5FE830000
trusted library allocation
page read and write
634000
heap
page read and write
2A5FD29E000
heap
page read and write
18A6B400000
heap
page read and write
244D7A7F000
heap
page read and write
2A5FE950000
trusted library allocation
page read and write
7FFA532B2000
unkown
page readonly
2A5FEDE0000
trusted library allocation
page read and write
1FF1D339000
heap
page read and write
2A5FD2AD000
heap
page read and write
240EF202000
heap
page read and write
1FF1D290000
heap
page read and write
2A5FE990000
trusted library allocation
page read and write
240EE256000
heap
page read and write
240EE200000
heap
page read and write
28C0000
heap
page readonly
2A5FE994000
trusted library allocation
page read and write
240EED82000
heap
page read and write
2A5FEA2B000
heap
page read and write
244D7A90000
heap
page read and write
1FF1D30D000
heap
page read and write
2A5FD2AA000
heap
page read and write
17905DF0000
heap
page read and write
2A5FEA00000
heap
page read and write
2A5FEC40000
trusted library allocation
page read and write
2A5FE980000
trusted library allocation
page read and write
231ABFA3000
heap
page read and write
6147E7F000
stack
page read and write
562B7C000
stack
page read and write
240EE1A0000
heap
page read and write
5D0000
heap
page read and write
2EBB000
stack
page read and write
240EED98000
heap
page read and write
1CBD8FB000
stack
page read and write
244D7A3C000
heap
page read and write
1FF1D32E000
heap
page read and write
240EE2DA000
heap
page read and write
240EF202000
heap
page read and write
EC2000
heap
page read and write
10A4000
heap
page read and write
36E5C79000
stack
page read and write
18A6B2D9000
heap
page read and write
179078C0000
heap
page read and write
8052CFF000
stack
page read and write
3090000
remote allocation
page read and write
2A5FD2FC000
heap
page read and write
1D041E50000
trusted library allocation
page read and write
240EE213000
heap
page read and write
240EEDA3000
heap
page read and write
1FF1D33E000
heap
page read and write
18A6B290000
heap
page read and write
244D7A13000
heap
page read and write
240EED94000
heap
page read and write
232E000
stack
page read and write
2A5FD256000
heap
page read and write
7FFA532B6000
unkown
page read and write
1FF1D240000
heap
page read and write
F17000
heap
page read and write
B70000
heap
page read and write
7FFA532B9000
unkown
page readonly
2DBF000
stack
page read and write
17905D60000
heap
page read and write
2A5FEC20000
trusted library allocation
page read and write
240EEDB4000
heap
page read and write
1CD7465A000
heap
page read and write
240EEDC7000
heap
page read and write
D1C1FFF000
stack
page read and write
240EEDC6000
heap
page read and write
A404EF7000
stack
page read and write
2A5FD28A000
heap
page read and write
CF91F7F000
stack
page read and write
240EEB00000
remote allocation
page read and write
244D7A00000
heap
page read and write
2A5FD290000
heap
page read and write
CF91C77000
stack
page read and write
36E5CFB000
stack
page read and write
2A5FD213000
heap
page read and write
5628FF000
stack
page read and write
1FF1D33F000
heap
page read and write
40000
heap
page read and write
244D7890000
heap
page read and write
2A5FDD18000
heap
page read and write
244D7A4B000
heap
page read and write
2A5FD2FC000
heap
page read and write
240EED70000
heap
page read and write
2A580000000
trusted library allocation
page read and write
240EE2EE000
heap
page read and write
7FFA532B6000
unkown
page read and write
A4048FB000
stack
page read and write
10E5000
heap
page read and write
1D040ED3000
heap
page read and write
1CD7463C000
heap
page read and write
3DED97E000
stack
page read and write
2A5FE970000
trusted library allocation
page read and write
544000
heap
page read and write
8052AFB000
stack
page read and write
240EE226000
heap
page read and write
1CD74700000
heap
page read and write
1D040F90000
heap
page read and write
1D040FE0000
trusted library allocation
page read and write
5F5000
heap
page read and write
21F9D4C0000
heap
page read and write
1CD74702000
heap
page read and write
2A5FDD18000
heap
page read and write
18002F000
direct allocation
page readonly
240EE229000
heap
page read and write
A404FFF000
stack
page read and write
240EEDA3000
heap
page read and write
470000
heap
page read and write
1D041DD0000
trusted library allocation
page read and write
21F9DE02000
trusted library allocation
page read and write
2A5FDD59000
heap
page read and write
1CBDB7E000
stack
page read and write
F5000
stack
page read and write
180000000
direct allocation
page read and write
21F9D600000
heap
page read and write
2A5FE840000
trusted library allocation
page read and write
2A5FD258000
heap
page read and write
2A5FEA3A000
heap
page read and write
240EE270000
heap
page read and write
240EEDA4000
heap
page read and write
240EEDA1000
heap
page read and write
240EF202000
heap
page read and write
231ABD50000
heap
page read and write
2A5FEC20000
trusted library allocation
page read and write
179079E0000
heap
page read and write
7FFA532B9000
unkown
page readonly
F64000
heap
page read and write
1FF1D324000
heap
page read and write
17905DD0000
heap
page read and write
244D7A24000
heap
page read and write
6147BDE000
stack
page read and write
2A5FDBF0000
trusted library allocation
page read and write
240EED9E000
heap
page read and write
240EED98000
heap
page read and write
244D7B02000
heap
page read and write
240EF200000
heap
page read and write
240EED86000
heap
page read and write
2A5FEC70000
trusted library allocation
page read and write
F65000
heap
page read and write
1FF1D32E000
heap
page read and write
6147B55000
stack
page read and write
240EE251000
heap
page read and write
240EED84000
heap
page read and write
7FFA532B2000
unkown
page readonly
2A5FD23E000
heap
page read and write
1CD74613000
heap
page read and write
2A5FE340000
trusted library allocation
page read and write
CF920FE000
unkown
page read and write
240EED56000
heap
page read and write
151ED16000
stack
page read and write
17905E90000
heap
page read and write
240EE2C7000
heap
page read and write
6147EFF000
stack
page read and write
231ABF90000
heap
page read and write
1FF1D316000
heap
page read and write
240EED11000
heap
page read and write
240EEDB4000
heap
page read and write
7FFA532B9000
unkown
page readonly
1E8E648C000
heap
page read and write
1CD74664000
heap
page read and write
2D40000
trusted library allocation
page read and write
F4E000
heap
page read and write
E80000
heap
page read and write
F1E000
heap
page read and write
1CBDC7E000
stack
page read and write
1CD744B0000
heap
page read and write
10D0000
direct allocation
page execute and read and write
240EE308000
heap
page read and write
2A5FEC80000
trusted library allocation
page read and write
1D041B80000
trusted library allocation
page read and write
18002F000
direct allocation
page readonly
17905EC1000
heap
page read and write
2A5FEAFB000
heap
page read and write
1E8E6460000
heap
page read and write
18A6B2B0000
heap
page read and write
17905E80000
heap
page readonly
420000
heap
page read and write
1D040FD9000
heap
page read and write
7FFA53261000
unkown
page execute read
240EE2AA000
heap
page read and write
240EED89000
heap
page read and write
1D040EFD000
heap
page read and write
2A5FDBC1000
trusted library allocation
page read and write
240EED90000
heap
page read and write
240EED6B000
heap
page read and write
240EE23C000
heap
page read and write
BD0000
remote allocation
page read and write
7FFA53261000
unkown
page execute read
562AFF000
stack
page read and write
CF91E78000
stack
page read and write
1D040D40000
heap
page read and write
240EE302000
heap
page read and write
240EED8E000
heap
page read and write
18002D000
direct allocation
page readonly
4B0000
heap
page read and write
240EED68000
heap
page read and write
2A5FEA13000
heap
page read and write
1FF1D300000
heap
page read and write
2A5FDBE3000
trusted library allocation
page read and write
1E8E9960000
trusted library allocation
page read and write
240EEDC4000
heap
page read and write
1E8E647D000
heap
page read and write
2FCF000
stack
page read and write
244D7A53000
heap
page read and write
24AB000
stack
page read and write
244D7A57000
heap
page read and write
151F0FE000
stack
page read and write
2A5FDC15000
heap
page read and write
F50000
heap
page read and write
2A5FD302000
heap
page read and write
17905EDE000
heap
page read and write
244D7A71000
heap
page read and write
1E8E6482000
heap
page read and write
1FF1D309000
heap
page read and write
240EEDA3000
heap
page read and write
18A6B420000
direct allocation
page execute and read and write
240EE2B4000
heap
page read and write
240EED97000
heap
page read and write
240EEDB4000
heap
page read and write
EF2000
heap
page read and write
2A5FD314000
heap
page read and write
CF9175C000
stack
page read and write
D1C1CFA000
stack
page read and write
3DED87B000
stack
page read and write
1050000
heap
page read and write
240EE253000
heap
page read and write
1CD74685000
heap
page read and write
1D041DF0000
trusted library allocation
page read and write
D1C1DFC000
stack
page read and write
1FF1D326000
heap
page read and write
1E8E6710000
heap
page read and write
10B0000
heap
page read and write
240EF202000
heap
page read and write
240EE293000
heap
page read and write
244D7880000
heap
page read and write
2A5FEB02000
heap
page read and write
21F9D67A000
heap
page read and write
2A5FDBE0000
trusted library allocation
page read and write
A404DFB000
stack
page read and write
1FF1D0F0000
heap
page read and write
151F17F000
stack
page read and write
3DED9FF000
stack
page read and write
21F9D628000
heap
page read and write
2A5FD1E0000
trusted library allocation
page read and write
D1C1BFA000
stack
page read and write
18002F000
direct allocation
page readonly
1CD744C0000
heap
page read and write
1D041E00000
trusted library allocation
page read and write
2A5FE958000
trusted library allocation
page read and write
2A5FEA5F000
heap
page read and write
1E8E648C000
heap
page read and write
1D041DE0000
heap
page readonly
240EED90000
heap
page read and write
240EEDA3000
heap
page read and write
21F9D702000
heap
page read and write
1FF1D341000
heap
page read and write
BD0000
remote allocation
page read and write
18002E000
direct allocation
page read and write
2A5FEB00000
heap
page read and write
2A5FD2A8000
heap
page read and write
CF91D77000
stack
page read and write
2A5FEC90000
trusted library allocation
page read and write
36E5BFE000
stack
page read and write
240EEDA3000
heap
page read and write
240EE313000
heap
page read and write
17905ED0000
heap
page read and write
244D7A4C000
heap
page read and write
4A0000
heap
page readonly
2A5FD2AD000
heap
page read and write
240EE24B000
heap
page read and write
244D7A50000
heap
page read and write
1CD74629000
heap
page read and write
240EE2E2000
heap
page read and write
1FF1D32E000
heap
page read and write
242E000
stack
page read and write
2A5FE950000
trusted library allocation
page read and write
2A5FDC00000
heap
page read and write
18002D000
direct allocation
page readonly
231ABE90000
heap
page read and write
EF2000
heap
page read and write
1E8E9950000
heap
page read and write
1D040FB0000
heap
page read and write
240EED56000
heap
page read and write
1CBD97E000
stack
page read and write
240EED90000
heap
page read and write
240EEB00000
remote allocation
page read and write
1D041B10000
trusted library allocation
page read and write
240EE24E000
heap
page read and write
1CBD3DB000
stack
page read and write
240EE1D0000
trusted library allocation
page read and write
2A5FEA87000
heap
page read and write
1FF1D220000
heap
page read and write
240EEDA4000
heap
page read and write
244D7A51000
heap
page read and write
17905E40000
heap
page read and write
2A5FEDA0000
trusted library allocation
page read and write
1CD74520000
heap
page read and write
240EF221000
heap
page read and write
240EED82000
heap
page read and write
CF91A7E000
stack
page read and write
240EED82000
heap
page read and write
F1E000
heap
page read and write
7FFA532B9000
unkown
page readonly
A4051FF000
stack
page read and write
1CD74713000
heap
page read and write
17905EDE000
heap
page read and write
240EEB00000
remote allocation
page read and write
240EED5F000
heap
page read and write
151F07F000
stack
page read and write
18A6B326000
heap
page read and write
18002F000
direct allocation
page readonly
A4050FD000
stack
page read and write
10E0000
heap
page read and write
240EF202000
heap
page read and write
1FF1D311000
heap
page read and write
EC2000
heap
page read and write
240EED98000
heap
page read and write
18A6B565000
heap
page read and write
490000
direct allocation
page execute and read and write
244D7B00000
heap
page read and write
244D7B08000
heap
page read and write
10A0000
heap
page read and write
56297F000
stack
page read and write
5629F9000
stack
page read and write
2A5FECB0000
remote allocation
page read and write
7FFA532B6000
unkown
page read and write
A4049FE000
stack
page read and write
240EE140000
heap
page read and write
1E8E6476000
heap
page read and write
A404CFB000
stack
page read and write
28F0000
heap
page read and write
1E8E6479000
heap
page read and write
1E8E6400000
heap
page read and write
21F9D613000
heap
page read and write
240EE24A000
heap
page read and write
E74000
stack
page read and write
BE0000
heap
page read and write
240EEDA3000
heap
page read and write
240EE2F5000
heap
page read and write
1CD74600000
heap
page read and write
7FFA532B2000
unkown
page readonly
240EEDA3000
heap
page read and write
2A5FEC60000
trusted library allocation
page read and write
2E3C000
stack
page read and write
244D8202000
trusted library allocation
page read and write
1D040E90000
heap
page read and write
1E8E63E0000
heap
page read and write
244D7A4D000
heap
page read and write
1D040F03000
heap
page read and write
80529FB000
stack
page read and write
240EED99000
heap
page read and write
2A5FD307000
heap
page read and write
240EEC02000
heap
page read and write
F50000
heap
page read and write
61480FB000
stack
page read and write
240EF202000
heap
page read and write
240EED6B000
heap
page read and write
2A5FE971000
trusted library allocation
page read and write
240EF202000
heap
page read and write
244D7A55000
heap
page read and write
6147FFE000
stack
page read and write
1D040F03000
heap
page read and write
21F9D657000
heap
page read and write
2A5FDD04000
heap
page read and write
5DB000
heap
page read and write
1FF1D339000
heap
page read and write
1D040EDB000
heap
page read and write
17905ECE000
heap
page read and write
240EE248000
heap
page read and write
240EEDA3000
heap
page read and write
240EF203000
heap
page read and write
240EE2A3000
heap
page read and write
D1C0F2B000
stack
page read and write
4B5000
heap
page read and write
244D7A4E000
heap
page read and write
7FFA532B6000
unkown
page read and write
179079E4000
heap
page read and write
2A5FD140000
heap
page read and write
F4E000
heap
page read and write
1D040D50000
trusted library allocation
page read and write
18A6B337000
heap
page read and write
240EE255000
heap
page read and write
1E8E6488000
heap
page read and write
240EED69000
heap
page read and write
240EED86000
heap
page read and write
1E8E6482000
heap
page read and write
240EE316000
heap
page read and write
2A5FDD00000
heap
page read and write
2A5FD150000
heap
page read and write
1CD7465C000
heap
page read and write
CF9207A000
stack
page read and write
240EED86000
heap
page read and write
7FFA53260000
unkown
page readonly
2A5FE7C0000
trusted library allocation
page read and write
EEF000
heap
page read and write
17905E75000
heap
page read and write
1E8E6491000
heap
page read and write
240EE24D000
heap
page read and write
240EED86000
heap
page read and write
36E5AF9000
stack
page read and write
550000
heap
page read and write
240EED8F000
heap
page read and write
1D040E97000
heap
page read and write
2A5FEAF0000
heap
page read and write
240EED92000
heap
page read and write
1D040EDB000
heap
page read and write
240EED4E000
heap
page read and write
18A6CE60000
heap
page read and write
1FF1D343000
heap
page read and write
18A6B315000
heap
page read and write
56287A000
stack
page read and write
240EE249000
heap
page read and write
7FFA532B2000
unkown
page readonly
18002E000
direct allocation
page read and write
1FF1D316000
heap
page read and write
21F9DDC0000
trusted library allocation
page read and write
17905E98000
heap
page read and write
2A5FD26E000
heap
page read and write
240EEDA3000
heap
page read and write
2A5FEA47000
heap
page read and write
1E8E6479000
heap
page read and write
17905E60000
direct allocation
page execute and read and write
17905EDE000
heap
page read and write
18A6B460000
heap
page readonly
1E8E6468000
heap
page read and write
1F6F000
stack
page read and write
D1C147A000
stack
page read and write
240EED6B000
heap
page read and write
240EED98000
heap
page read and write
2A5FDD02000
heap
page read and write
240EED7E000
heap
page read and write
21F9D602000
heap
page read and write
1FF1D325000
heap
page read and write
240EF202000
heap
page read and write
306E000
stack
page read and write
18A6B470000
heap
page read and write
240EE250000
heap
page read and write
6147F7E000
stack
page read and write
18002D000
direct allocation
page readonly
180000000
direct allocation
page read and write
D1C167E000
stack
page read and write
2A5FEA52000
heap
page read and write
1E8E6370000
heap
page read and write
2A5FE95E000
trusted library allocation
page read and write
240EEDB4000
heap
page read and write
1D040EDB000
heap
page read and write
244D7B13000
heap
page read and write
F1E000
heap
page read and write
240EED68000
heap
page read and write
240EED13000
heap
page read and write
240EED6B000
heap
page read and write
36E574C000
stack
page read and write
1E8E647E000
heap
page read and write
18002E000
direct allocation
page read and write
18002D000
direct allocation
page readonly
655000
heap
page read and write
2A5FD1B0000
heap
page read and write
2A5FDD13000
heap
page read and write
1D041B20000
trusted library allocation
page read and write
1D040FD5000
heap
page read and write
18A6B474000
heap
page read and write
240EED99000
heap
page read and write
CF917DE000
stack
page read and write
17905E70000
heap
page read and write
3120000
heap
page read and write
28E0000
trusted library allocation
page read and write
F17000
heap
page read and write
240EEDA3000
heap
page read and write
1E8E6760000
heap
page read and write
231ABF9D000
heap
page read and write
18A6B150000
heap
page read and write
3090000
remote allocation
page read and write
2A5FDD58000
heap
page read and write
1CD74E02000
trusted library allocation
page read and write
2A5FD276000
heap
page read and write
1FF1D295000
heap
page read and write
7FFA53261000
unkown
page execute read
240EED00000
heap
page read and write
1CBDA77000
stack
page read and write
1CD74651000
heap
page read and write
7FFA53261000
unkown
page execute read
80524FB000
stack
page read and write
2A5FD229000
heap
page read and write
240EEDA3000
heap
page read and write
7FFA53260000
unkown
page readonly
240EED68000
heap
page read and write
2A5FDC02000
heap
page read and write
180000000
direct allocation
page read and write
1E8E649D000
heap
page read and write
240EED6B000
heap
page read and write
1CD7465F000
heap
page read and write
240EED68000
heap
page read and write
21F9D700000
heap
page read and write
2A5FEB02000
heap
page read and write
21F9D63E000
heap
page read and write
21F9D713000
heap
page read and write
540000
heap
page read and write
240EED3F000
heap
page read and write
1FF1D339000
heap
page read and write
240EED81000
heap
page read and write
17905EBB000
heap
page read and write
240EEDCE000
heap
page read and write
2A5FECB0000
remote allocation
page read and write
2A5FEAFD000
heap
page read and write
240EE247000
heap
page read and write
7FFA53260000
unkown
page readonly
240EE2EE000
heap
page read and write
180000000
direct allocation
page read and write
2A5FEAB0000
trusted library allocation
page read and write
18A6B341000
heap
page read and write
2A5FD302000
heap
page read and write
244D78F0000
heap
page read and write
E88000
heap
page read and write
240EE130000
heap
page read and write
240EED94000
heap
page read and write
244D7A4A000
heap
page read and write
240EED80000
heap
page read and write
18A6B2D0000
heap
page read and write
F50000
heap
page read and write
2A5FE974000
trusted library allocation
page read and write
1CBD7FB000
stack
page read and write
240EE2C1000
heap
page read and write
2A5FEC20000
trusted library allocation
page read and write
1E8E6765000
heap
page read and write
240EEDA3000
heap
page read and write
8DED0FD000
stack
page read and write
1D040FD0000
heap
page read and write
21F9D4B0000
heap
page read and write
2A5FEA1D000
heap
page read and write
1CD74708000
heap
page read and write
23AC000
stack
page read and write
310E000
stack
page read and write
1CBD6FE000
stack
page read and write
D1C1377000
stack
page read and write
2A5FEAF5000
heap
page read and write
3DED8FD000
stack
page read and write
562A78000
stack
page read and write
D1C177B000
stack
page read and write
670000
heap
page read and write
1D041B90000
trusted library allocation
page read and write
18A6B560000
heap
page read and write
3090000
remote allocation
page read and write
2A5FECB0000
remote allocation
page read and write
1EEF000
stack
page read and write
2A5FEAA5000
heap
page read and write
2A5FD200000
heap
page read and write
244D7A89000
heap
page read and write
240EEDA3000
heap
page read and write
2A5FD278000
heap
page read and write
151ED9F000
stack
page read and write
1E8E9953000
heap
page read and write
2A5FE980000
trusted library allocation
page read and write
8052BFF000
stack
page read and write
2A5FD273000
heap
page read and write
240EED88000
heap
page read and write
240EE2B1000
heap
page read and write
1E8E676B000
heap
page read and write
7FFA53260000
unkown
page readonly
18002E000
direct allocation
page read and write
A40497E000
stack
page read and write
614807F000
stack
page read and write
F4E000
heap
page read and write
1E8E97A0000
heap
page read and write
There are 571 hidden memdumps, click here to show them.