Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
OR098765458900009876540.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\dktozm.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\wyimvgfphnjxg\vxmtbmahtsqaf.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_vxmtbmahtsqaf.ex_cb9e76617add17783445895d2c3df37ac7ad2b_79937427_0fb4cdeb\Report.wer
|
Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_vxmtbmahtsqaf.ex_cb9e76617add17783445895d2c3df37ac7ad2b_79937427_1794bb3d\Report.wer
|
Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9F88.tmp.dmp
|
Mini DuMP crash report, 14 streams, Fri May 27 19:13:54 2022, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA536.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERAA19.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERC0CB.tmp.dmp
|
Mini DuMP crash report, 14 streams, Fri May 27 19:14:03 2022, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERC5BE.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERC745.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\hgwowmqnjcs91i7x
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsa28F1.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tweziehjnh
|
data
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\OR098765458900009876540.exe
|
"C:\Users\user\Desktop\OR098765458900009876540.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\dktozm.exe
|
C:\Users\user\AppData\Local\Temp\dktozm.exe C:\Users\user\AppData\Local\Temp\tweziehjnh
|
|
|
|
C:\Users\user\AppData\Local\Temp\dktozm.exe
|
C:\Users\user\AppData\Local\Temp\dktozm.exe C:\Users\user\AppData\Local\Temp\tweziehjnh
|
|
|
|
C:\Users\user\AppData\Roaming\wyimvgfphnjxg\vxmtbmahtsqaf.exe
|
"C:\Users\user\AppData\Roaming\wyimvgfphnjxg\vxmtbmahtsqaf.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\wyimvgfphnjxg\vxmtbmahtsqaf.exe
|
"C:\Users\user\AppData\Roaming\wyimvgfphnjxg\vxmtbmahtsqaf.exe"
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 6584 -s 636
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 6776 -s 176
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
|
xnfumqdlkjxkua
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
0018800453F4626F
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
A20000
|
direct allocation
|
page read and write
|
|
|
|
70A81FE000
|
stack
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
1B80B474000
|
heap
|
page read and write
|
||
|
212A6E55000
|
heap
|
page read and write
|
||
|
1185000
|
unkown
|
page readonly
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
1A1A2F7000
|
stack
|
page read and write
|
||
|
13CF000
|
stack
|
page read and write
|
||
|
13A86700000
|
heap
|
page read and write
|
||
|
BE0000
|
trusted library allocation
|
page read and write
|
||
|
17DECA5B000
|
heap
|
page read and write
|
||
|
1D38D413000
|
heap
|
page read and write
|
||
|
13A8129F000
|
heap
|
page read and write
|
||
|
1B80B479000
|
heap
|
page read and write
|
||
|
1185000
|
unkown
|
page readonly
|
||
|
2E0FEB02000
|
heap
|
page read and write
|
||
|
14F49E02000
|
trusted library allocation
|
page read and write
|
||
|
17DEC800000
|
heap
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
81C8B6E000
|
stack
|
page read and write
|
||
|
19135F7000
|
stack
|
page read and write
|
||
|
117B000
|
unkown
|
page readonly
|
||
|
14F42ABF000
|
heap
|
page read and write
|
||
|
2E0FEB24000
|
heap
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
13A865D0000
|
trusted library allocation
|
page read and write
|
||
|
13A81020000
|
heap
|
page read and write
|
||
|
1E43086E000
|
heap
|
page read and write
|
||
|
21D0000
|
heap
|
page read and write
|
||
|
2A86AFD000
|
stack
|
page read and write
|
||
|
FBC000
|
stack
|
page read and write
|
||
|
1D38D3C0000
|
heap
|
page read and write
|
||
|
13877800000
|
heap
|
page read and write
|
||
|
17DECA02000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1B80B462000
|
heap
|
page read and write
|
||
|
B10000
|
unkown
|
page read and write
|
||
|
14F42AE3000
|
heap
|
page read and write
|
||
|
1912FFE000
|
stack
|
page read and write
|
||
|
1E43086F000
|
heap
|
page read and write
|
||
|
117B000
|
unkown
|
page readonly
|
||
|
13A81313000
|
heap
|
page read and write
|
||
|
E31000
|
unkown
|
page write copy
|
||
|
1B80B466000
|
heap
|
page read and write
|
||
|
2B8F4FF000
|
stack
|
page read and write
|
||
|
13A811F3000
|
trusted library allocation
|
page read and write
|
||
|
227047E000
|
stack
|
page read and write
|
||
|
1E43088D000
|
heap
|
page read and write
|
||
|
E31000
|
unkown
|
page read and write
|
||
|
410000
|
remote allocation
|
page read and write
|
||
|
13A81B13000
|
heap
|
page read and write
|
||
|
E31000
|
unkown
|
page read and write
|
||
|
212A6E02000
|
heap
|
page read and write
|
||
|
212A6E56000
|
heap
|
page read and write
|
||
|
115E000
|
stack
|
page read and write
|
||
|
1B80B464000
|
heap
|
page read and write
|
||
|
1A19D9E000
|
stack
|
page read and write
|
||
|
1185000
|
unkown
|
page readonly
|
||
|
1008000
|
heap
|
page read and write
|
||
|
E10000
|
unkown
|
page readonly
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
1D38D513000
|
heap
|
page read and write
|
||
|
70A82FE000
|
stack
|
page read and write
|
||
|
B301077000
|
stack
|
page read and write
|
||
|
1E430913000
|
heap
|
page read and write
|
||
|
1160000
|
unkown
|
page readonly
|
||
|
14FE000
|
stack
|
page read and write
|
||
|
1D38D43C000
|
heap
|
page read and write
|
||
|
212A7470000
|
trusted library allocation
|
page read and write
|
||
|
117B000
|
unkown
|
page readonly
|
||
|
440000
|
unkown
|
page readonly
|
||
|
941FFA000
|
stack
|
page read and write
|
||
|
1B80B400000
|
heap
|
page read and write
|
||
|
1E430875000
|
heap
|
page read and write
|
||
|
14FE000
|
stack
|
page read and write
|
||
|
1185000
|
unkown
|
page readonly
|
||
|
86F000
|
stack
|
page read and write
|
||
|
2A86DFE000
|
stack
|
page read and write
|
||
|
2B8F0FB000
|
stack
|
page read and write
|
||
|
1E430813000
|
heap
|
page read and write
|
||
|
14F42A00000
|
heap
|
page read and write
|
||
|
E00000
|
unkown
|
page read and write
|
||
|
1B80B44D000
|
heap
|
page read and write
|
||
|
2E0FEA02000
|
heap
|
page read and write
|
||
|
1D38D44C000
|
heap
|
page read and write
|
||
|
1161000
|
unkown
|
page execute read
|
||
|
13A819E0000
|
trusted library allocation
|
page read and write
|
||
|
81C8AEB000
|
stack
|
page read and write
|
||
|
1E431002000
|
trusted library allocation
|
page read and write
|
||
|
6AE000
|
stack
|
page read and write
|
||
|
14F49450000
|
heap
|
page read and write
|
||
|
1D38D450000
|
heap
|
page read and write
|
||
|
13A86600000
|
heap
|
page read and write
|
||
|
1A19D1E000
|
stack
|
page read and write
|
||
|
14F43130000
|
trusted library allocation
|
page read and write
|
||
|
1E430880000
|
heap
|
page read and write
|
||
|
2E0FEA71000
|
heap
|
page read and write
|
||
|
1160000
|
unkown
|
page readonly
|
||
|
E2B000
|
unkown
|
page readonly
|
||
|
1D38D350000
|
heap
|
page read and write
|
||
|
1912F7B000
|
stack
|
page read and write
|
||
|
E11000
|
unkown
|
page execute read
|
||
|
1161000
|
unkown
|
page execute read
|
||
|
13877813000
|
heap
|
page read and write
|
||
|
212A6CB0000
|
heap
|
page read and write
|
||
|
14F42A3E000
|
heap
|
page read and write
|
||
|
1E43084C000
|
heap
|
page read and write
|
||
|
17DECA13000
|
heap
|
page read and write
|
||
|
F7E000
|
stack
|
page read and write
|
||
|
693000
|
heap
|
page read and write
|
||
|
13A811F0000
|
trusted library allocation
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
14F42AC6000
|
heap
|
page read and write
|
||
|
1D38D508000
|
heap
|
page read and write
|
||
|
A10000
|
direct allocation
|
page execute and read and write
|
||
|
1E430F30000
|
trusted library allocation
|
page read and write
|
||
|
118A000
|
heap
|
page read and write
|
||
|
13A81B02000
|
heap
|
page read and write
|
||
|
1B80B430000
|
heap
|
page read and write
|
||
|
13877881000
|
heap
|
page read and write
|
||
|
13A86610000
|
heap
|
page read and write
|
||
|
17DECA65000
|
heap
|
page read and write
|
||
|
1B80B43D000
|
heap
|
page read and write
|
||
|
13877913000
|
heap
|
page read and write
|
||
|
2A861EB000
|
stack
|
page read and write
|
||
|
13BE000
|
stack
|
page read and write
|
||
|
13A8128B000
|
heap
|
page read and write
|
||
|
1B80B477000
|
heap
|
page read and write
|
||
|
B3010FF000
|
stack
|
page read and write
|
||
|
13A8690E000
|
trusted library allocation
|
page read and write
|
||
|
13A86900000
|
trusted library allocation
|
page read and write
|
||
|
6B5000
|
heap
|
page read and write
|
||
|
2E0FE9B0000
|
trusted library allocation
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
E2B000
|
unkown
|
page readonly
|
||
|
B300F7B000
|
stack
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
2E0FE980000
|
heap
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
E2B000
|
unkown
|
page readonly
|
||
|
1161000
|
unkown
|
page execute read
|
||
|
F3C000
|
stack
|
page read and write
|
||
|
1E43083C000
|
heap
|
page read and write
|
||
|
1E430902000
|
heap
|
page read and write
|
||
|
1E430880000
|
heap
|
page read and write
|
||
|
1161000
|
unkown
|
page execute read
|
||
|
13A86A10000
|
trusted library allocation
|
page read and write
|
||
|
E35000
|
unkown
|
page readonly
|
||
|
42C000
|
unkown
|
page readonly
|
||
|
1D38D452000
|
heap
|
page read and write
|
||
|
B7C000
|
stack
|
page read and write
|
||
|
E2B000
|
unkown
|
page readonly
|
||
|
17DECA00000
|
heap
|
page read and write
|
||
|
13A866A1000
|
heap
|
page read and write
|
||
|
1A1A5FE000
|
stack
|
page read and write
|
||
|
118A000
|
heap
|
page read and write
|
||
|
22705FF000
|
stack
|
page read and write
|
||
|
13A865C0000
|
trusted library allocation
|
page read and write
|
||
|
1B80B413000
|
heap
|
page read and write
|
||
|
13A8129D000
|
heap
|
page read and write
|
||
|
FBC000
|
stack
|
page read and write
|
||
|
13A866EA000
|
heap
|
page read and write
|
||
|
212A6E88000
|
heap
|
page read and write
|
||
|
FBC000
|
stack
|
page read and write
|
||
|
212A6F02000
|
heap
|
page read and write
|
||
|
2CC0000
|
trusted library allocation
|
page read and write
|
||
|
14F42A29000
|
heap
|
page read and write
|
||
|
1D38D502000
|
heap
|
page read and write
|
||
|
1DB000
|
stack
|
page read and write
|
||
|
212A6F00000
|
heap
|
page read and write
|
||
|
1B80B483000
|
heap
|
page read and write
|
||
|
E11000
|
unkown
|
page execute read
|
||
|
E11000
|
unkown
|
page execute read
|
||
|
E35000
|
unkown
|
page readonly
|
||
|
118A000
|
heap
|
page read and write
|
||
|
6BA000
|
heap
|
page read and write
|
||
|
9420FA000
|
stack
|
page read and write
|
||
|
227097D000
|
stack
|
page read and write
|
||
|
212A6F13000
|
heap
|
page read and write
|
||
|
B3012FC000
|
stack
|
page read and write
|
||
|
14F43332000
|
heap
|
page read and write
|
||
|
216E000
|
stack
|
page read and write
|
||
|
410000
|
remote allocation
|
page read and write
|
||
|
1181000
|
unkown
|
page write copy
|
||
|
1D38D500000
|
heap
|
page read and write
|
||
|
1B80B447000
|
heap
|
page read and write
|
||
|
1185000
|
unkown
|
page readonly
|
||
|
14F49651000
|
heap
|
page read and write
|
||
|
2E0FEA13000
|
heap
|
page read and write
|
||
|
117B000
|
unkown
|
page readonly
|
||
|
1D38D42A000
|
heap
|
page read and write
|
||
|
16F0000
|
heap
|
page read and write
|
||
|
1181000
|
unkown
|
page write copy
|
||
|
13A820E0000
|
trusted library allocation
|
page read and write
|
||
|
1B80B460000
|
heap
|
page read and write
|
||
|
EBD000
|
stack
|
page read and write
|
||
|
1E430872000
|
heap
|
page read and write
|
||
|
2A86BFF000
|
stack
|
page read and write
|
||
|
E2B000
|
unkown
|
page readonly
|
||
|
212A6E4B000
|
heap
|
page read and write
|
||
|
13A82200000
|
trusted library section
|
page readonly
|
||
|
1E430770000
|
heap
|
page read and write
|
||
|
2A866FD000
|
stack
|
page read and write
|
||
|
17DECA29000
|
heap
|
page read and write
|
||
|
1161000
|
unkown
|
page execute read
|
||
|
13A819F0000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
13CF000
|
stack
|
page read and write
|
||
|
1B80B441000
|
heap
|
page read and write
|
||
|
14F49613000
|
heap
|
page read and write
|
||
|
941EF8000
|
stack
|
page read and write
|
||
|
2E0FEA3E000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
2E0FEA79000
|
heap
|
page read and write
|
||
|
212A6E6F000
|
heap
|
page read and write
|
||
|
1B80B444000
|
heap
|
page read and write
|
||
|
13877846000
|
heap
|
page read and write
|
||
|
137E000
|
stack
|
page read and write
|
||
|
1D38D486000
|
heap
|
page read and write
|
||
|
14F495F0000
|
remote allocation
|
page read and write
|
||
|
117B000
|
unkown
|
page readonly
|
||
|
13A81271000
|
heap
|
page read and write
|
||
|
1D38D44F000
|
heap
|
page read and write
|
||
|
1E430855000
|
heap
|
page read and write
|
||
|
12CE000
|
stack
|
page read and write
|
||
|
212A6E13000
|
heap
|
page read and write
|
||
|
1B80B43A000
|
heap
|
page read and write
|
||
|
E31000
|
unkown
|
page write copy
|
||
|
13A86663000
|
heap
|
page read and write
|
||
|
13BE000
|
stack
|
page read and write
|
||
|
16F0000
|
heap
|
page read and write
|
||
|
17DEC790000
|
heap
|
page read and write
|
||
|
14F49702000
|
heap
|
page read and write
|
||
|
1E430800000
|
heap
|
page read and write
|
||
|
1E430760000
|
heap
|
page read and write
|
||
|
14F42960000
|
heap
|
page read and write
|
||
|
13A81A02000
|
heap
|
page read and write
|
||
|
13A81B18000
|
heap
|
page read and write
|
||
|
62E000
|
stack
|
page read and write
|
||
|
1185000
|
unkown
|
page readonly
|
||
|
1160000
|
unkown
|
page readonly
|
||
|
E60000
|
direct allocation
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
B300D7E000
|
stack
|
page read and write
|
||
|
E2B000
|
unkown
|
page readonly
|
||
|
1A1A4FC000
|
stack
|
page read and write
|
||
|
1A1A3FE000
|
stack
|
page read and write
|
||
|
13A81B18000
|
heap
|
page read and write
|
||
|
13A821F0000
|
trusted library section
|
page readonly
|
||
|
1D38D360000
|
heap
|
page read and write
|
||
|
1D38D454000
|
heap
|
page read and write
|
||
|
1B80B469000
|
heap
|
page read and write
|
||
|
13A812FE000
|
heap
|
page read and write
|
||
|
212A6E3C000
|
heap
|
page read and write
|
||
|
212A6D10000
|
heap
|
page read and write
|
||
|
1B80B424000
|
heap
|
page read and write
|
||
|
21B0000
|
heap
|
page read and write
|
||
|
13A812BC000
|
heap
|
page read and write
|
||
|
1387783C000
|
heap
|
page read and write
|
||
|
1181000
|
unkown
|
page write copy
|
||
|
262F000
|
stack
|
page read and write
|
||
|
9421FF000
|
stack
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
13A86900000
|
trusted library allocation
|
page read and write
|
||
|
40B000
|
unkown
|
page read and write
|
||
|
1B80B47A000
|
heap
|
page read and write
|
||
|
421000
|
unkown
|
page read and write
|
||
|
14F495C0000
|
trusted library allocation
|
page read and write
|
||
|
1D38D3F0000
|
trusted library allocation
|
page read and write
|
||
|
1020000
|
trusted library allocation
|
page read and write
|
||
|
E10000
|
unkown
|
page readonly
|
||
|
1B80B3C0000
|
trusted library allocation
|
page read and write
|
||
|
2B8EE7C000
|
stack
|
page read and write
|
||
|
1A1A1FB000
|
stack
|
page read and write
|
||
|
FD0000
|
remote allocation
|
page read and write
|
||
|
E10000
|
unkown
|
page readonly
|
||
|
1D38D44D000
|
heap
|
page read and write
|
||
|
13A8664C000
|
heap
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
DC000
|
stack
|
page read and write
|
||
|
13A81279000
|
heap
|
page read and write
|
||
|
212A6E50000
|
heap
|
page read and write
|
||
|
B300C7B000
|
stack
|
page read and write
|
||
|
117B000
|
unkown
|
page readonly
|
||
|
13A866A7000
|
heap
|
page read and write
|
||
|
137E000
|
stack
|
page read and write
|
||
|
212A6E00000
|
heap
|
page read and write
|
||
|
13A869F0000
|
trusted library allocation
|
page read and write
|
||
|
14FE000
|
stack
|
page read and write
|
||
|
FBB594B000
|
stack
|
page read and write
|
||
|
1B80B502000
|
heap
|
page read and write
|
||
|
212A6E49000
|
heap
|
page read and write
|
||
|
14F4962A000
|
heap
|
page read and write
|
||
|
70000
|
heap
|
page read and write
|
||
|
2B8F2FF000
|
stack
|
page read and write
|
||
|
13A865E0000
|
trusted library allocation
|
page read and write
|
||
|
1D38D47A000
|
heap
|
page read and write
|
||
|
227037E000
|
stack
|
page read and write
|
||
|
1E430829000
|
heap
|
page read and write
|
||
|
13A81213000
|
heap
|
page read and write
|
||
|
9424FF000
|
stack
|
page read and write
|
||
|
520000
|
trusted library allocation
|
page read and write
|
||
|
14F42A6E000
|
heap
|
page read and write
|
||
|
212A7602000
|
trusted library allocation
|
page read and write
|
||
|
2734000
|
trusted library allocation
|
page read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
1D38D453000
|
heap
|
page read and write
|
||
|
1E430900000
|
heap
|
page read and write
|
||
|
227077F000
|
stack
|
page read and write
|
||
|
13A86924000
|
trusted library allocation
|
page read and write
|
||
|
13877790000
|
trusted library allocation
|
page read and write
|
||
|
1020000
|
trusted library allocation
|
page read and write
|
||
|
B7C000
|
stack
|
page read and write
|
||
|
1D38D400000
|
heap
|
page read and write
|
||
|
212A6F08000
|
heap
|
page read and write
|
||
|
1690000
|
heap
|
page read and write
|
||
|
FBE000
|
stack
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
2CC0000
|
heap
|
page read and write
|
||
|
272F000
|
stack
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
13A821C0000
|
trusted library section
|
page readonly
|
||
|
1B80B463000
|
heap
|
page read and write
|
||
|
1600000
|
remote allocation
|
page read and write
|
||
|
212A6E58000
|
heap
|
page read and write
|
||
|
13A81B00000
|
heap
|
page read and write
|
||
|
E31000
|
unkown
|
page read and write
|
||
|
16F0000
|
heap
|
page read and write
|
||
|
1181000
|
unkown
|
page write copy
|
||
|
2CC0000
|
trusted library allocation
|
page read and write
|
||
|
2E0FE910000
|
heap
|
page read and write
|
||
|
13A865E0000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
remote allocation
|
page read and write
|
||
|
21E0000
|
heap
|
page read and write
|
||
|
E11000
|
unkown
|
page execute read
|
||
|
1020000
|
trusted library allocation
|
page read and write
|
||
|
2E0FEA75000
|
heap
|
page read and write
|
||
|
94257F000
|
stack
|
page read and write
|
||
|
1B80B390000
|
heap
|
page read and write
|
||
|
440000
|
unkown
|
page readonly
|
||
|
407000
|
unkown
|
page readonly
|
||
|
9429FF000
|
stack
|
page read and write
|
||
|
B300CFE000
|
stack
|
page read and write
|
||
|
13A8128D000
|
heap
|
page read and write
|
||
|
E35000
|
unkown
|
page readonly
|
||
|
17DECB13000
|
heap
|
page read and write
|
||
|
2E0FEA7F000
|
heap
|
page read and write
|
||
|
12CE000
|
stack
|
page read and write
|
||
|
1B80B446000
|
heap
|
page read and write
|
||
|
13A86A00000
|
trusted library allocation
|
page read and write
|
||
|
13A86A40000
|
remote allocation
|
page read and write
|
||
|
1600000
|
remote allocation
|
page read and write
|
||
|
1B80B42D000
|
heap
|
page read and write
|
||
|
22704FE000
|
stack
|
page read and write
|
||
|
13A819C1000
|
trusted library allocation
|
page read and write
|
||
|
E35000
|
unkown
|
page readonly
|
||
|
13A81C01000
|
trusted library allocation
|
page read and write
|
||
|
13A8663F000
|
heap
|
page read and write
|
||
|
1E430908000
|
heap
|
page read and write
|
||
|
17DECB02000
|
heap
|
page read and write
|
||
|
13A869B0000
|
trusted library allocation
|
page read and write
|
||
|
1185000
|
unkown
|
page readonly
|
||
|
212A6CA0000
|
heap
|
page read and write
|
||
|
17DECA75000
|
heap
|
page read and write
|
||
|
E10000
|
unkown
|
page readonly
|
||
|
1D38DC02000
|
trusted library allocation
|
page read and write
|
||
|
4AE000
|
stack
|
page read and write
|
||
|
13877620000
|
heap
|
page read and write
|
||
|
14F42B13000
|
heap
|
page read and write
|
||
|
2E0FEA00000
|
heap
|
page read and write
|
||
|
F3C000
|
stack
|
page read and write
|
||
|
212A6E87000
|
heap
|
page read and write
|
||
|
14F43300000
|
heap
|
page read and write
|
||
|
1387782C000
|
heap
|
page read and write
|
||
|
13877690000
|
heap
|
page read and write
|
||
|
13A866B1000
|
heap
|
page read and write
|
||
|
13A8127B000
|
heap
|
page read and write
|
||
|
13A81302000
|
heap
|
page read and write
|
||
|
BE0000
|
trusted library allocation
|
page read and write
|
||
|
E35000
|
unkown
|
page readonly
|
||
|
1E43086B000
|
heap
|
page read and write
|
||
|
14F495F0000
|
remote allocation
|
page read and write
|
||
|
9426FC000
|
stack
|
page read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
191337C000
|
stack
|
page read and write
|
||
|
1B80B330000
|
heap
|
page read and write
|
||
|
E11000
|
unkown
|
page execute read
|
||
|
70A83FF000
|
stack
|
page read and write
|
||
|
56E000
|
stack
|
page read and write
|
||
|
14F42A13000
|
heap
|
page read and write
|
||
|
8AE000
|
stack
|
page read and write
|
||
|
19134FA000
|
stack
|
page read and write
|
||
|
14F43202000
|
heap
|
page read and write
|
||
|
81C8EFB000
|
stack
|
page read and write
|
||
|
14F42970000
|
heap
|
page read and write
|
||
|
13A8662B000
|
heap
|
page read and write
|
||
|
19137FF000
|
stack
|
page read and write
|
||
|
212A6E53000
|
heap
|
page read and write
|
||
|
941AEB000
|
stack
|
page read and write
|
||
|
212A6E4A000
|
heap
|
page read and write
|
||
|
13A865F0000
|
trusted library allocation
|
page read and write
|
||
|
19133FE000
|
stack
|
page read and write
|
||
|
14F49602000
|
heap
|
page read and write
|
||
|
1008000
|
heap
|
page read and write
|
||
|
1387788B000
|
heap
|
page read and write
|
||
|
2A86EFE000
|
stack
|
page read and write
|
||
|
E10000
|
unkown
|
page readonly
|
||
|
13A865F0000
|
trusted library allocation
|
page read and write
|
||
|
696000
|
heap
|
page read and write
|
||
|
212A6E4D000
|
heap
|
page read and write
|
||
|
FBB617F000
|
stack
|
page read and write
|
||
|
1B80B47E000
|
heap
|
page read and write
|
||
|
1161000
|
unkown
|
page execute read
|
||
|
66E000
|
stack
|
page read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
13A81276000
|
heap
|
page read and write
|
||
|
13A866EE000
|
heap
|
page read and write
|
||
|
13A82560000
|
trusted library allocation
|
page read and write
|
||
|
14BE000
|
stack
|
page read and write
|
||
|
13CF000
|
stack
|
page read and write
|
||
|
191327E000
|
stack
|
page read and write
|
||
|
1D38D44B000
|
heap
|
page read and write
|
||
|
212A6E80000
|
heap
|
page read and write
|
||
|
13A81B59000
|
heap
|
page read and write
|
||
|
115E000
|
stack
|
page read and write
|
||
|
13A821D0000
|
trusted library section
|
page readonly
|
||
|
1D38D479000
|
heap
|
page read and write
|
||
|
E10000
|
unkown
|
page readonly
|
||
|
2E0FEA5A000
|
heap
|
page read and write
|
||
|
15FD000
|
stack
|
page read and write
|
||
|
1B80B461000
|
heap
|
page read and write
|
||
|
226FFBB000
|
stack
|
page read and write
|
||
|
81C91FF000
|
stack
|
page read and write
|
||
|
94247F000
|
stack
|
page read and write
|
||
|
E35000
|
unkown
|
page readonly
|
||
|
F3C000
|
stack
|
page read and write
|
||
|
4EE000
|
stack
|
page read and write
|
||
|
13A81080000
|
heap
|
page read and write
|
||
|
FBB5E7B000
|
stack
|
page read and write
|
||
|
14F49600000
|
heap
|
page read and write
|
||
|
2A868FE000
|
stack
|
page read and write
|
||
|
1B80BC02000
|
trusted library allocation
|
page read and write
|
||
|
E2B000
|
unkown
|
page readonly
|
||
|
14F494C0000
|
heap
|
page read and write
|
||
|
F7E000
|
stack
|
page read and write
|
||
|
FBE000
|
stack
|
page read and write
|
||
|
FBB607B000
|
stack
|
page read and write
|
||
|
137E000
|
stack
|
page read and write
|
||
|
E11000
|
unkown
|
page execute read
|
||
|
1008000
|
heap
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
15FD000
|
stack
|
page read and write
|
||
|
14F495F0000
|
remote allocation
|
page read and write
|
||
|
1160000
|
unkown
|
page readonly
|
||
|
FBE000
|
stack
|
page read and write
|
||
|
22706FE000
|
stack
|
page read and write
|
||
|
2B8F3FD000
|
stack
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
13A81258000
|
heap
|
page read and write
|
||
|
13A81B59000
|
heap
|
page read and write
|
||
|
9EE000
|
stack
|
page read and write
|
||
|
70A7EFE000
|
stack
|
page read and write
|
||
|
410000
|
remote allocation
|
page read and write
|
||
|
1B80B47B000
|
heap
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
13A81291000
|
heap
|
page read and write
|
||
|
1181000
|
unkown
|
page read and write
|
||
|
2B8F1FD000
|
stack
|
page read and write
|
||
|
81C8FFB000
|
stack
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
81C90F7000
|
stack
|
page read and write
|
||
|
2B8EC7C000
|
stack
|
page read and write
|
||
|
E31000
|
unkown
|
page read and write
|
||
|
F7E000
|
stack
|
page read and write
|
||
|
13A81200000
|
heap
|
page read and write
|
||
|
1B80B439000
|
heap
|
page read and write
|
||
|
13A865F0000
|
trusted library allocation
|
page read and write
|
||
|
2B8F07D000
|
stack
|
page read and write
|
||
|
14BE000
|
stack
|
page read and write
|
||
|
13BE000
|
stack
|
page read and write
|
||
|
1E43085C000
|
heap
|
page read and write
|
||
|
1B80B320000
|
heap
|
page read and write
|
||
|
14F49460000
|
heap
|
page read and write
|
||
|
212A6E72000
|
heap
|
page read and write
|
||
|
9425FF000
|
stack
|
page read and write
|
||
|
13A8661D000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
70A80FE000
|
stack
|
page read and write
|
||
|
13A82210000
|
trusted library section
|
page readonly
|
||
|
17DECA3D000
|
heap
|
page read and write
|
||
|
429000
|
unkown
|
page read and write
|
||
|
6B9000
|
heap
|
page read and write
|
||
|
17DECA6F000
|
heap
|
page read and write
|
||
|
E11000
|
unkown
|
page execute read
|
||
|
13A81180000
|
trusted library allocation
|
page read and write
|
||
|
1A19C9B000
|
stack
|
page read and write
|
||
|
14BE000
|
stack
|
page read and write
|
||
|
13878002000
|
trusted library allocation
|
page read and write
|
||
|
13A81A00000
|
heap
|
page read and write
|
||
|
14F42A8A000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
17DEC9D0000
|
trusted library allocation
|
page read and write
|
||
|
1181000
|
unkown
|
page write copy
|
||
|
2A869FD000
|
stack
|
page read and write
|
||
|
BE0000
|
trusted library allocation
|
page read and write
|
||
|
13A81190000
|
trusted library section
|
page read and write
|
||
|
2A86CFF000
|
stack
|
page read and write
|
||
|
13A86A40000
|
remote allocation
|
page read and write
|
||
|
2A86FFE000
|
stack
|
page read and write
|
||
|
1387786F000
|
heap
|
page read and write
|
||
|
1B80B44B000
|
heap
|
page read and write
|
||
|
9422FB000
|
stack
|
page read and write
|
||
|
94237E000
|
stack
|
page read and write
|
||
|
1D38D470000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
13A866DF000
|
heap
|
page read and write
|
||
|
81C92FF000
|
stack
|
page read and write
|
||
|
1B80B440000
|
heap
|
page read and write
|
||
|
70A7F7E000
|
stack
|
page read and write
|
||
|
13877902000
|
heap
|
page read and write
|
||
|
212A6E92000
|
heap
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
2A867FE000
|
stack
|
page read and write
|
||
|
9423FE000
|
stack
|
page read and write
|
||
|
13A866E6000
|
heap
|
page read and write
|
||
|
2E0FE920000
|
heap
|
page read and write
|
||
|
1B80B42E000
|
heap
|
page read and write
|
||
|
2E0FEA28000
|
heap
|
page read and write
|
||
|
1E4307D0000
|
heap
|
page read and write
|
||
|
13A86908000
|
trusted library allocation
|
page read and write
|
||
|
E31000
|
unkown
|
page read and write
|
||
|
9427FA000
|
stack
|
page read and write
|
||
|
13877630000
|
heap
|
page read and write
|
||
|
B7C000
|
stack
|
page read and write
|
||
|
E31000
|
unkown
|
page read and write
|
||
|
13A86920000
|
trusted library allocation
|
page read and write
|
||
|
14F4963D000
|
heap
|
page read and write
|
||
|
1161000
|
unkown
|
page execute read
|
||
|
1A1A0FB000
|
stack
|
page read and write
|
||
|
1E43088D000
|
heap
|
page read and write
|
||
|
E00000
|
unkown
|
page read and write
|
||
|
13A86702000
|
heap
|
page read and write
|
||
|
13A86924000
|
trusted library allocation
|
page read and write
|
||
|
42C000
|
unkown
|
page readonly
|
||
|
1B80B449000
|
heap
|
page read and write
|
||
|
EBD000
|
stack
|
page read and write
|
||
|
1181000
|
unkown
|
page write copy
|
||
|
227087D000
|
stack
|
page read and write
|
||
|
2E0FEB00000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
2B8EA7B000
|
stack
|
page read and write
|
||
|
1E430866000
|
heap
|
page read and write
|
||
|
13A86921000
|
trusted library allocation
|
page read and write
|
||
|
E10000
|
unkown
|
page readonly
|
||
|
212A6E57000
|
heap
|
page read and write
|
||
|
13A8123E000
|
heap
|
page read and write
|
||
|
17DED002000
|
trusted library allocation
|
page read and write
|
||
|
14F42AD0000
|
heap
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
12CE000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
13A812B3000
|
heap
|
page read and write
|
||
|
13A86A20000
|
trusted library allocation
|
page read and write
|
||
|
212A6E29000
|
heap
|
page read and write
|
||
|
E35000
|
unkown
|
page readonly
|
||
|
E11000
|
unkown
|
page execute read
|
||
|
96F000
|
stack
|
page read and write
|
||
|
17DEC7A0000
|
heap
|
page read and write
|
||
|
FBB5F7F000
|
stack
|
page read and write
|
||
|
13A81229000
|
heap
|
page read and write
|
||
|
1B80B467000
|
heap
|
page read and write
|
||
|
1B80B445000
|
heap
|
page read and write
|
||
|
1B80B448000
|
heap
|
page read and write
|
||
|
460000
|
trusted library allocation
|
page read and write
|
||
|
19136FF000
|
stack
|
page read and write
|
||
|
15FD000
|
stack
|
page read and write
|
||
|
6AC000
|
heap
|
page read and write
|
||
|
EBD000
|
stack
|
page read and write
|
||
|
13A81A15000
|
heap
|
page read and write
|
||
|
14F429D0000
|
heap
|
page read and write
|
||
|
115E000
|
stack
|
page read and write
|
||
|
13A8125B000
|
heap
|
page read and write
|
||
|
6B5000
|
heap
|
page read and write
|
||
|
13A81010000
|
heap
|
page read and write
|
||
|
70A7E7B000
|
stack
|
page read and write
|
||
|
2B8EF7E000
|
stack
|
page read and write
|
||
|
2E0FF202000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
6AC000
|
heap
|
page read and write
|
||
|
E10000
|
unkown
|
page readonly
|
||
|
1160000
|
unkown
|
page readonly
|
||
|
81C8BEE000
|
stack
|
page read and write
|
||
|
117B000
|
unkown
|
page readonly
|
||
|
1B80B442000
|
heap
|
page read and write
|
||
|
1160000
|
unkown
|
page readonly
|
||
|
2A865FB000
|
stack
|
page read and write
|
||
|
2B8EBFF000
|
stack
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
14F42B02000
|
heap
|
page read and write
|
||
|
8EE000
|
stack
|
page read and write
|
||
|
13877829000
|
heap
|
page read and write
|
||
|
13A8670B000
|
heap
|
page read and write
|
||
|
1160000
|
unkown
|
page readonly
|
||
|
67A000
|
heap
|
page read and write
|
||
|
B10000
|
unkown
|
page read and write
|
||
|
1B80B44E000
|
heap
|
page read and write
|
||
|
13A821E0000
|
trusted library section
|
page readonly
|
||
|
1B80B475000
|
heap
|
page read and write
|
||
|
B3011FF000
|
stack
|
page read and write
|
||
|
13A86A40000
|
remote allocation
|
page read and write
|
||
|
E2B000
|
unkown
|
page readonly
|
||
|
407000
|
unkown
|
page readonly
|
||
|
E35000
|
unkown
|
page readonly
|
There are 605 hidden memdumps, click here to show them.