Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
TedarikciSiparisi_83613 .xlsx
|
CDFV2 Encrypted
|
initial sample
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\vbc[1].exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
downloaded
|
||
C:\Users\user\Desktop\~$TedarikciSiparisi_83613 .xlsx
|
data
|
dropped
|
||
C:\Users\Public\vbc.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\13820A74.png
|
PNG image data, 413 x 220, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\2A09A689.jpeg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x160, frames
3
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\2DC1A5DE.emf
|
Windows Enhanced Metafile (EMF) image data version 0x10000
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\3E390AF6.png
|
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\51ABE6A8.png
|
PNG image data, 139 x 180, 8-bit colormap, non-interlaced
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\57CFF8ED.png
|
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\71BAD9C.jpeg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x160, frames
3
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\74B1E683.png
|
PNG image data, 413 x 220, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\A1E3120A.png
|
PNG image data, 458 x 211, 8-bit/color RGB, non-interlaced
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\AD99E047.png
|
PNG image data, 139 x 180, 8-bit colormap, non-interlaced
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\F549927F.png
|
PNG image data, 458 x 211, 8-bit/color RGB, non-interlaced
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\~DF154F786FDBAE324B.TMP
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\~DF299AB401C235ABC6.TMP
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\~DFDCEA4DA1BBD5FBBA.TMP
|
CDFV2 Encrypted
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\~DFE8FF70B607AC6E32.TMP
|
data
|
dropped
|
There are 9 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE
|
"C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE" -Embedding
|
||
C:\Users\Public\vbc.exe
|
"C:\Users\Public\vbc.exe"
|
||
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
|
"C:\Program Files\Microsoft Office\Office14\EXCEL.EXE" /automation -Embedding
|
||
C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_compiler.exe
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_compiler.exe
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://180.214.238.224/__cloud_for_file/vbc.exe95C:
|
unknown
|
||
http://180.214.238.224/__cloud_for_file/vbc.exeu
|
unknown
|
||
http://180.214.238.224/__cloud_for_file/vbc.exe
|
180.214.238.224
|
||
http://180.214.238.224/__cloud_for_file/vbc.exeX
|
unknown
|
||
http://180.214.238.224/__cloud_for_file/vbc.exehhC:
|
unknown
|
||
www.mentalnayaarifmetika.online/ocgr/
|
|||
http://180.214.238.224/__cloud_for_file/vbc.exej
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
180.214.238.224
|
unknown
|
Viet Nam
|
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
|
0w)
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel
|
MTTT
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\ReviewCycle
|
ReviewToken
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\66519
|
66519
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
VBAFiles
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
|
;!)
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\6B145
|
6B145
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\6D0B7
|
6D0B7
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Place MRU
|
Max Display
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Place MRU
|
Item 1
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Max Display
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 1
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 2
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 3
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 4
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 5
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 6
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 7
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 8
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 9
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 10
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 11
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 12
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 13
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 14
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 15
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 16
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 17
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 18
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 19
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 20
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 21
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Security\Trusted Documents
|
LastPurgeTime
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
|
1033
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
|
1033
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
EXCELFiles
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
ProductFiles
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\6B145
|
6B145
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109E60090400100000000F01FEC\Usage
|
EquationEditorFilesIntl_1033
|
||
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
|
SavedLegacySettings
|
There are 30 hidden registries, click here to show them.
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
3667000
|
trusted library allocation
|
page read and write
|
||
23FA000
|
trusted library allocation
|
page read and write
|
||
629000
|
trusted library section
|
page readonly
|
||
70D0000
|
heap
|
page read and write
|
||
6AEF000
|
trusted library allocation
|
page read and write
|
||
197000
|
trusted library allocation
|
page execute and read and write
|
||
33C000
|
unkown
|
page readonly
|
||
22DA000
|
trusted library allocation
|
page read and write
|
||
2400000
|
trusted library allocation
|
page read and write
|
||
24FC000
|
trusted library allocation
|
page read and write
|
||
2702000
|
trusted library allocation
|
page read and write
|
||
24F6000
|
trusted library allocation
|
page read and write
|
||
23C8000
|
trusted library allocation
|
page read and write
|
||
23E5000
|
trusted library allocation
|
page read and write
|
||
697E000
|
stack
|
page read and write
|
||
2C40000
|
heap
|
page read and write
|
||
2305000
|
trusted library allocation
|
page read and write
|
||
89000
|
stack
|
page read and write
|
||
71DD000
|
stack
|
page read and write
|
||
2504000
|
trusted library allocation
|
page read and write
|
||
7870000
|
trusted library allocation
|
page read and write
|
||
6CEC000
|
stack
|
page read and write
|
||
253A000
|
trusted library allocation
|
page read and write
|
||
6B4000
|
heap
|
page read and write
|
||
35F6000
|
trusted library allocation
|
page read and write
|
||
64E000
|
stack
|
page read and write
|
||
5AE000
|
stack
|
page read and write
|
||
2370000
|
trusted library allocation
|
page read and write
|
||
710000
|
heap
|
page read and write
|
||
870000
|
heap
|
page execute and read and write
|
||
150000
|
trusted library allocation
|
page read and write
|
||
6E2D000
|
stack
|
page read and write
|
||
250B000
|
trusted library allocation
|
page read and write
|
||
1E70000
|
direct allocation
|
page read and write
|
||
25D6000
|
trusted library allocation
|
page read and write
|
||
26E1000
|
trusted library allocation
|
page read and write
|
||
173000
|
trusted library allocation
|
page execute and read and write
|
||
26E5000
|
trusted library allocation
|
page read and write
|
||
23C6000
|
trusted library allocation
|
page read and write
|
||
589000
|
heap
|
page read and write
|
||
2A5F000
|
stack
|
page read and write
|
||
6AB0000
|
trusted library allocation
|
page read and write
|
||
26C6000
|
trusted library allocation
|
page read and write
|
||
24F8000
|
trusted library allocation
|
page read and write
|
||
504E000
|
stack
|
page read and write
|
||
26FE000
|
trusted library allocation
|
page read and write
|
||
26E3000
|
trusted library allocation
|
page read and write
|
||
22FF000
|
trusted library allocation
|
page read and write
|
||
19A000
|
trusted library allocation
|
page execute and read and write
|
||
49BF000
|
stack
|
page read and write
|
||
300000
|
unkown
|
page readonly
|
||
2700000
|
trusted library allocation
|
page read and write
|
||
23CA000
|
trusted library allocation
|
page read and write
|
||
2214000
|
trusted library allocation
|
page read and write
|
||
26F6000
|
trusted library allocation
|
page read and write
|
||
25B3000
|
trusted library allocation
|
page read and write
|
||
47A0000
|
trusted library allocation
|
page read and write
|
||
174000
|
trusted library allocation
|
page read and write
|
||
3514000
|
trusted library allocation
|
page read and write
|
||
220F000
|
trusted library allocation
|
page read and write
|
||
55F000
|
heap
|
page read and write
|
||
2314000
|
trusted library allocation
|
page read and write
|
||
3388000
|
trusted library allocation
|
page read and write
|
||
184000
|
trusted library allocation
|
page read and write
|
||
2472000
|
heap
|
page read and write
|
||
674000
|
heap
|
page read and write
|
||
29F000
|
stack
|
page read and write
|
||
2500000
|
trusted library allocation
|
page read and write
|
||
546000
|
heap
|
page read and write
|
||
531E000
|
stack
|
page read and write
|
||
26EA000
|
trusted library allocation
|
page read and write
|
||
71C000
|
heap
|
page read and write
|
||
25BB000
|
trusted library allocation
|
page read and write
|
||
251B000
|
trusted library allocation
|
page read and write
|
||
2E0000
|
trusted library allocation
|
page execute and read and write
|
||
4D0000
|
trusted library allocation
|
page read and write
|
||
23CC000
|
trusted library allocation
|
page read and write
|
||
6A70000
|
heap
|
page read and write
|
||
33C000
|
unkown
|
page readonly
|
||
711000
|
heap
|
page read and write
|
||
6F2D000
|
stack
|
page read and write
|
||
302000
|
unkown
|
page execute read
|
||
23C2000
|
trusted library allocation
|
page read and write
|
||
4ABE000
|
stack
|
page read and write
|
||
71C000
|
heap
|
page read and write
|
||
2C0000
|
heap
|
page read and write
|
||
69BE000
|
stack
|
page read and write
|
||
2CBE000
|
stack
|
page read and write
|
||
600000
|
trusted library allocation
|
page read and write
|
||
696000
|
heap
|
page read and write
|
||
25B1000
|
trusted library allocation
|
page read and write
|
||
25AF000
|
trusted library allocation
|
page read and write
|
||
25B7000
|
trusted library allocation
|
page read and write
|
||
251D000
|
trusted library allocation
|
page read and write
|
||
25BE000
|
trusted library allocation
|
page read and write
|
||
251F000
|
trusted library allocation
|
page read and write
|
||
7870000
|
trusted library allocation
|
page read and write
|
||
25D0000
|
trusted library allocation
|
page read and write
|
||
340000
|
trusted library allocation
|
page read and write
|
||
2523000
|
trusted library allocation
|
page read and write
|
||
728000
|
trusted library allocation
|
page read and write
|
||
23F2000
|
trusted library allocation
|
page read and write
|
||
22F7000
|
trusted library allocation
|
page read and write
|
||
48E000
|
stack
|
page read and write
|
||
597000
|
heap
|
page read and write
|
||
702D000
|
stack
|
page read and write
|
||
7870000
|
trusted library allocation
|
page read and write
|
||
25CE000
|
trusted library allocation
|
page read and write
|
||
2CC4000
|
heap
|
page read and write
|
||
72F000
|
heap
|
page read and write
|
||
4D0000
|
trusted library section
|
page read and write
|
||
31E1000
|
trusted library allocation
|
page read and write
|
||
699000
|
heap
|
page read and write
|
||
520000
|
heap
|
page read and write
|
||
324A000
|
trusted library allocation
|
page read and write
|
||
6CAF000
|
stack
|
page read and write
|
||
2454000
|
heap
|
page read and write
|
||
2536000
|
trusted library allocation
|
page read and write
|
||
68E000
|
stack
|
page read and write
|
||
380000
|
heap
|
page read and write
|
||
25B5000
|
trusted library allocation
|
page read and write
|
||
728000
|
heap
|
page read and write
|
||
302000
|
unkown
|
page execute read
|
||
3309000
|
trusted library allocation
|
page read and write
|
||
22FD000
|
trusted library allocation
|
page read and write
|
||
250000
|
heap
|
page read and write
|
||
600000
|
trusted library allocation
|
page read and write
|
||
22E0000
|
trusted library allocation
|
page read and write
|
||
30E000
|
stack
|
page read and write
|
||
6B0000
|
heap
|
page read and write
|
||
6E9000
|
heap
|
page read and write
|
||
22DE000
|
trusted library allocation
|
page read and write
|
||
71C000
|
heap
|
page read and write
|
||
6CF3000
|
heap
|
page read and write
|
||
2508000
|
trusted library allocation
|
page read and write
|
||
25CC000
|
trusted library allocation
|
page read and write
|
||
86E000
|
stack
|
page read and write
|
||
519F000
|
stack
|
page read and write
|
||
2527000
|
trusted library allocation
|
page read and write
|
||
6F0000
|
trusted library allocation
|
page read and write
|
||
23EB000
|
trusted library allocation
|
page read and write
|
||
4370000
|
heap
|
page read and write
|
||
2C1F000
|
stack
|
page read and write
|
||
22D3000
|
trusted library allocation
|
page read and write
|
||
23FE000
|
trusted library allocation
|
page read and write
|
||
24FE000
|
trusted library allocation
|
page read and write
|
||
6A0000
|
trusted library allocation
|
page read and write
|
||
10000
|
heap
|
page read and write
|
||
26CA000
|
trusted library allocation
|
page read and write
|
||
295F000
|
stack
|
page read and write
|
||
26CD000
|
trusted library allocation
|
page read and write
|
||
25A1000
|
trusted library allocation
|
page read and write
|
||
6E9000
|
heap
|
page read and write
|
||
2CC0000
|
heap
|
page read and write
|
||
21E1000
|
trusted library allocation
|
page read and write
|
||
62F000
|
trusted library section
|
page readonly
|
||
22E4000
|
trusted library allocation
|
page read and write
|
||
504000
|
heap
|
page read and write
|
||
72DE000
|
stack
|
page read and write
|
||
4B10000
|
heap
|
page execute and read and write
|
||
2402000
|
trusted library allocation
|
page read and write
|
||
26FA000
|
trusted library allocation
|
page read and write
|
||
25D4000
|
trusted library allocation
|
page read and write
|
||
18A000
|
stack
|
page read and write
|
||
180000
|
trusted library allocation
|
page read and write
|
||
2CCB000
|
heap
|
page read and write
|
||
6ACD000
|
trusted library allocation
|
page read and write
|
||
44CE000
|
stack
|
page read and write
|
||
709000
|
heap
|
page read and write
|
||
205D000
|
stack
|
page read and write
|
||
2515000
|
trusted library allocation
|
page read and write
|
||
344000
|
trusted library allocation
|
page read and write
|
||
25D2000
|
trusted library allocation
|
page read and write
|
||
20AE000
|
stack
|
page read and write
|
||
21DF000
|
stack
|
page read and write
|
||
25E3000
|
trusted library allocation
|
page read and write
|
||
5EE000
|
stack
|
page read and write
|
||
26DD000
|
trusted library allocation
|
page read and write
|
||
620000
|
trusted library section
|
page readonly
|
||
52A000
|
heap
|
page read and write
|
||
26DB000
|
trusted library allocation
|
page read and write
|
||
23E1000
|
trusted library allocation
|
page read and write
|
||
624000
|
trusted library section
|
page readonly
|
||
25B9000
|
trusted library allocation
|
page read and write
|
||
4E0000
|
heap
|
page read and write
|
||
2301000
|
trusted library allocation
|
page read and write
|
||
690000
|
trusted library allocation
|
page read and write
|
||
4A0000
|
trusted library allocation
|
page read and write
|
||
3D0000
|
heap
|
page read and write
|
||
490000
|
trusted library section
|
page read and write
|
||
69FC000
|
stack
|
page read and write
|
||
160000
|
heap
|
page read and write
|
||
6CF000
|
heap
|
page read and write
|
||
71E000
|
heap
|
page read and write
|
||
26E7000
|
trusted library allocation
|
page read and write
|
||
26C8000
|
trusted library allocation
|
page read and write
|
||
490000
|
trusted library allocation
|
page read and write
|
||
6CD000
|
heap
|
page read and write
|
||
23DD000
|
trusted library allocation
|
page read and write
|
||
6F1000
|
heap
|
page read and write
|
||
3482000
|
trusted library allocation
|
page read and write
|
||
23E7000
|
trusted library allocation
|
page read and write
|
||
300000
|
unkown
|
page readonly
|
||
600000
|
trusted library allocation
|
page read and write
|
||
705000
|
heap
|
page read and write
|
||
23FC000
|
trusted library allocation
|
page read and write
|
||
22EF000
|
trusted library allocation
|
page read and write
|
||
725000
|
heap
|
page read and write
|
||
34D000
|
stack
|
page read and write
|
||
3585000
|
trusted library allocation
|
page read and write
|
||
1A7000
|
trusted library allocation
|
page execute and read and write
|
||
259F000
|
trusted library allocation
|
page read and write
|
||
220D000
|
trusted library allocation
|
page read and write
|
||
2B5000
|
stack
|
page read and write
|
||
2CC8000
|
heap
|
page read and write
|
||
26DF000
|
trusted library allocation
|
page read and write
|
||
CB000
|
stack
|
page read and write
|
||
242E000
|
stack
|
page read and write
|
||
25AB000
|
trusted library allocation
|
page read and write
|
||
6AF4000
|
trusted library allocation
|
page read and write
|
||
23E9000
|
trusted library allocation
|
page read and write
|
||
22E6000
|
trusted library allocation
|
page read and write
|
||
22E8000
|
trusted library allocation
|
page read and write
|
||
25AD000
|
trusted library allocation
|
page read and write
|
||
26FC000
|
trusted library allocation
|
page read and write
|
||
2519000
|
trusted library allocation
|
page read and write
|
||
2525000
|
trusted library allocation
|
page read and write
|
||
2450000
|
heap
|
page read and write
|
||
69D000
|
heap
|
page read and write
|
||
2506000
|
trusted library allocation
|
page read and write
|
||
617000
|
heap
|
page read and write
|
||
6ADF000
|
trusted library allocation
|
page read and write
|
||
600000
|
trusted library allocation
|
page read and write
|
||
2502000
|
trusted library allocation
|
page read and write
|
||
657000
|
heap
|
page read and write
|
||
6CF0000
|
heap
|
page read and write
|
||
23C4000
|
trusted library allocation
|
page read and write
|
||
47A0000
|
trusted library allocation
|
page read and write
|
||
1AB000
|
trusted library allocation
|
page execute and read and write
|
||
3245000
|
trusted library allocation
|
page read and write
|
||
23CF000
|
trusted library allocation
|
page read and write
|
||
22F9000
|
trusted library allocation
|
page read and write
|
||
4E7000
|
heap
|
page read and write
|
||
4374000
|
heap
|
page read and write
|
||
52C000
|
heap
|
page read and write
|
||
22DC000
|
trusted library allocation
|
page read and write
|
||
4392000
|
heap
|
page read and write
|
||
706D000
|
stack
|
page read and write
|
||
258F000
|
stack
|
page read and write
|
||
347D000
|
trusted library allocation
|
page read and write
|
||
650000
|
heap
|
page read and write
|
||
705000
|
heap
|
page read and write
|
||
490000
|
trusted library allocation
|
page read and write
|
||
26F8000
|
trusted library allocation
|
page read and write
|
||
6A3D000
|
stack
|
page read and write
|
||
350000
|
trusted library allocation
|
page execute and read and write
|
||
236F000
|
stack
|
page read and write
|
||
23E3000
|
trusted library allocation
|
page read and write
|
||
21DE000
|
stack
|
page read and write | page guard
|
||
610000
|
heap
|
page read and write
|
||
340000
|
trusted library allocation
|
page read and write
|
||
23DF000
|
trusted library allocation
|
page read and write
|
||
10000
|
heap
|
page read and write
|
||
7E0000
|
heap
|
page execute and read and write
|
||
2303000
|
trusted library allocation
|
page read and write
|
||
7440000
|
heap
|
page read and write
|
||
431E000
|
stack
|
page read and write
|
||
6F2000
|
heap
|
page read and write
|
||
2F0000
|
trusted library allocation
|
page read and write
|
||
3630000
|
trusted library allocation
|
page read and write
|
||
690000
|
trusted library allocation
|
page read and write
|
||
22E2000
|
trusted library allocation
|
page read and write
|
There are 262 hidden memdumps, click here to show them.