Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
#U00d6DEME FORMU.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\erltu.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\fvcshciph
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ka5y543suvwo
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsz96AE.tmp
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\#U00d6DEME FORMU.exe
|
"C:\Users\user\Desktop\#U00d6DEME FORMU.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\erltu.exe
|
C:\Users\user\AppData\Local\Temp\erltu.exe C:\Users\user\AppData\Local\Temp\fvcshciph
|
|
|
|
C:\Users\user\AppData\Local\Temp\erltu.exe
|
C:\Users\user\AppData\Local\Temp\erltu.exe C:\Users\user\AppData\Local\Temp\fvcshciph
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.liuchenggang.com/b0y1/
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
B40000
|
direct allocation
|
page read and write
|
|
|
|
510000
|
trusted library allocation
|
page read and write
|
||
|
26733810000
|
trusted library allocation
|
page read and write
|
||
|
1010000
|
unkown
|
page readonly
|
||
|
234F6E81000
|
heap
|
page read and write
|
||
|
2672EBE0000
|
trusted library section
|
page readonly
|
||
|
1E0CF713000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
65F000
|
stack
|
page read and write
|
||
|
FC1357C000
|
stack
|
page read and write
|
||
|
21A6DA7C000
|
heap
|
page read and write
|
||
|
1AB8CB08000
|
heap
|
page read and write
|
||
|
1E0CFF91000
|
heap
|
page read and write
|
||
|
2672E46F000
|
heap
|
page read and write
|
||
|
2672ED13000
|
heap
|
page read and write
|
||
|
1DC2C63C000
|
heap
|
page read and write
|
||
|
1030000
|
unkown
|
page write copy
|
||
|
1AB8CA82000
|
heap
|
page read and write
|
||
|
72C000
|
stack
|
page read and write
|
||
|
1B6D2871000
|
heap
|
page read and write
|
||
|
23567200000
|
heap
|
page read and write
|
||
|
7F0000
|
direct allocation
|
page execute and read and write
|
||
|
1E0CFF2A000
|
heap
|
page read and write
|
||
|
1A32EB02000
|
heap
|
page read and write
|
||
|
1F128FC000
|
stack
|
page read and write
|
||
|
26733D02000
|
heap
|
page read and write
|
||
|
2672E49E000
|
heap
|
page read and write
|
||
|
5D3FB7E000
|
stack
|
page read and write
|
||
|
2672EC02000
|
heap
|
page read and write
|
||
|
1010000
|
unkown
|
page readonly
|
||
|
1034000
|
unkown
|
page readonly
|
||
|
FC13A7B000
|
stack
|
page read and write
|
||
|
1E0CFF85000
|
heap
|
page read and write
|
||
|
1E0CF6D3000
|
heap
|
page read and write
|
||
|
5D3F37F000
|
stack
|
page read and write
|
||
|
2672E43D000
|
heap
|
page read and write
|
||
|
1E0D0402000
|
heap
|
page read and write
|
||
|
5D3F97F000
|
stack
|
page read and write
|
||
|
23567950000
|
trusted library allocation
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
267339C4000
|
trusted library allocation
|
page read and write
|
||
|
1E0CFF7A000
|
heap
|
page read and write
|
||
|
26733B00000
|
trusted library allocation
|
page read and write
|
||
|
270C5FB0000
|
trusted library allocation
|
page read and write
|
||
|
1AB8C7E0000
|
heap
|
page read and write
|
||
|
23567202000
|
heap
|
page read and write
|
||
|
7DE000
|
stack
|
page read and write
|
||
|
7AC56FF000
|
stack
|
page read and write
|
||
|
1AB8CA00000
|
heap
|
page read and write
|
||
|
1034000
|
unkown
|
page readonly
|
||
|
1A32EB13000
|
heap
|
page read and write
|
||
|
1A32EAE2000
|
heap
|
page read and write
|
||
|
1E0CF629000
|
heap
|
page read and write
|
||
|
1E0CFF93000
|
heap
|
page read and write
|
||
|
1A32F202000
|
heap
|
page read and write
|
||
|
2672E2D0000
|
heap
|
page read and write
|
||
|
1B6D2813000
|
heap
|
page read and write
|
||
|
1DC2C613000
|
heap
|
page read and write
|
||
|
21A6DA42000
|
heap
|
page read and write
|
||
|
1DC2C700000
|
heap
|
page read and write
|
||
|
1A32EABF000
|
heap
|
page read and write
|
||
|
1A32E8D0000
|
heap
|
page read and write
|
||
|
102B000
|
unkown
|
page readonly
|
||
|
23567264000
|
heap
|
page read and write
|
||
|
1F1247C000
|
stack
|
page read and write
|
||
|
2672E4FB000
|
heap
|
page read and write
|
||
|
2672E491000
|
heap
|
page read and write
|
||
|
1B6D2802000
|
heap
|
page read and write
|
||
|
5D3F0FA000
|
stack
|
page read and write
|
||
|
FD0C18A000
|
stack
|
page read and write
|
||
|
270C5EB0000
|
heap
|
page read and write
|
||
|
C88B37E000
|
stack
|
page read and write
|
||
|
42C000
|
unkown
|
page readonly
|
||
|
1B6D2740000
|
heap
|
page read and write
|
||
|
7AC51F8000
|
stack
|
page read and write
|
||
|
1011000
|
unkown
|
page execute read
|
||
|
235671F0000
|
heap
|
page read and write
|
||
|
74B77C000
|
stack
|
page read and write
|
||
|
1B6D2913000
|
heap
|
page read and write
|
||
|
7AC537E000
|
stack
|
page read and write
|
||
|
1E0CF6AB000
|
heap
|
page read and write
|
||
|
1E0CFFB0000
|
heap
|
page read and write
|
||
|
3C0000
|
remote allocation
|
page read and write
|
||
|
1034000
|
unkown
|
page readonly
|
||
|
1A32EA29000
|
heap
|
page read and write
|
||
|
23567302000
|
heap
|
page read and write
|
||
|
1F125FB000
|
stack
|
page read and write
|
||
|
1E0CF6AA000
|
heap
|
page read and write
|
||
|
1AB8C850000
|
heap
|
page read and write
|
||
|
21A6DA13000
|
heap
|
page read and write
|
||
|
5D3ECBB000
|
stack
|
page read and write
|
||
|
74B9F7000
|
stack
|
page read and write
|
||
|
1DC2C600000
|
heap
|
page read and write
|
||
|
2672ED18000
|
heap
|
page read and write
|
||
|
C88B5FB000
|
stack
|
page read and write
|
||
|
1DC2C660000
|
heap
|
page read and write
|
||
|
6FA000
|
heap
|
page read and write
|
||
|
231CF4C0000
|
heap
|
page read and write
|
||
|
1E0CF480000
|
heap
|
page read and write
|
||
|
C88B779000
|
stack
|
page read and write
|
||
|
26733890000
|
trusted library allocation
|
page read and write
|
||
|
A6DF4FE000
|
stack
|
page read and write
|
||
|
270C5FE0000
|
remote allocation
|
page read and write
|
||
|
102B000
|
unkown
|
page readonly
|
||
|
2672EBD0000
|
trusted library section
|
page readonly
|
||
|
21A6DA3A000
|
heap
|
page read and write
|
||
|
23567213000
|
heap
|
page read and write
|
||
|
1011000
|
unkown
|
page execute read
|
||
|
1AB8C7F0000
|
heap
|
page read and write
|
||
|
234F6C60000
|
heap
|
page read and write
|
||
|
1F129FF000
|
stack
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
2672ED58000
|
heap
|
page read and write
|
||
|
21A6DA53000
|
heap
|
page read and write
|
||
|
1A32EA8B000
|
heap
|
page read and write
|
||
|
1A32E870000
|
heap
|
page read and write
|
||
|
1DC2C65B000
|
heap
|
page read and write
|
||
|
26733C48000
|
heap
|
page read and write
|
||
|
2672E526000
|
heap
|
page read and write
|
||
|
234F6F00000
|
heap
|
page read and write
|
||
|
1E0D0403000
|
heap
|
page read and write
|
||
|
30ED3DF000
|
stack
|
page read and write
|
||
|
26733CDE000
|
heap
|
page read and write
|
||
|
1030000
|
unkown
|
page write copy
|
||
|
2356723C000
|
heap
|
page read and write
|
||
|
270C6802000
|
trusted library allocation
|
page read and write
|
||
|
1E0D0402000
|
heap
|
page read and write
|
||
|
1AB8CB00000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
26733C2A000
|
heap
|
page read and write
|
||
|
1E0CF688000
|
heap
|
page read and write
|
||
|
26733C1D000
|
heap
|
page read and write
|
||
|
1F11D8F000
|
stack
|
page read and write
|
||
|
C88B97E000
|
stack
|
page read and write
|
||
|
1010000
|
unkown
|
page readonly
|
||
|
1E0CFF91000
|
heap
|
page read and write
|
||
|
1B6D2829000
|
heap
|
page read and write
|
||
|
231CF518000
|
heap
|
page read and write
|
||
|
21A6D7B0000
|
heap
|
page read and write
|
||
|
C88AC7C000
|
stack
|
page read and write
|
||
|
7AC4D2E000
|
stack
|
page read and write
|
||
|
D6A000
|
heap
|
page read and write
|
||
|
267339C1000
|
trusted library allocation
|
page read and write
|
||
|
267339C0000
|
trusted library allocation
|
page read and write
|
||
|
2672EBA0000
|
trusted library section
|
page readonly
|
||
|
7AC4DAE000
|
stack
|
page read and write
|
||
|
102B000
|
unkown
|
page readonly
|
||
|
1F11D0C000
|
stack
|
page read and write
|
||
|
1E0CF5E0000
|
trusted library allocation
|
page read and write
|
||
|
21A6DA43000
|
heap
|
page read and write
|
||
|
26733800000
|
trusted library allocation
|
page read and write
|
||
|
2672E457000
|
heap
|
page read and write
|
||
|
270C5E40000
|
heap
|
page read and write
|
||
|
7AC52F7000
|
stack
|
page read and write
|
||
|
30EDC7F000
|
stack
|
page read and write
|
||
|
1E0CFF9B000
|
heap
|
page read and write
|
||
|
1E0CF600000
|
heap
|
page read and write
|
||
|
7AC50FC000
|
stack
|
page read and write
|
||
|
FC13DFF000
|
stack
|
page read and write
|
||
|
2672EC00000
|
heap
|
page read and write
|
||
|
74BAFF000
|
stack
|
page read and write
|
||
|
E0D3BFE000
|
stack
|
page read and write
|
||
|
21A6DA4F000
|
heap
|
page read and write
|
||
|
231CF3E0000
|
heap
|
page read and write
|
||
|
6D6000
|
heap
|
page read and write
|
||
|
1A32E9D0000
|
trusted library allocation
|
page read and write
|
||
|
2672EBB0000
|
trusted library section
|
page readonly
|
||
|
1030000
|
unkown
|
page write copy
|
||
|
1B6D2875000
|
heap
|
page read and write
|
||
|
270C6013000
|
heap
|
page read and write
|
||
|
234F6F02000
|
heap
|
page read and write
|
||
|
74B8FF000
|
stack
|
page read and write
|
||
|
26733880000
|
trusted library allocation
|
page read and write
|
||
|
1E0CF6FD000
|
heap
|
page read and write
|
||
|
26733B00000
|
remote allocation
|
page read and write
|
||
|
21A6DA49000
|
heap
|
page read and write
|
||
|
270C6000000
|
heap
|
page read and write
|
||
|
1010000
|
unkown
|
page readonly
|
||
|
1E0CFF69000
|
heap
|
page read and write
|
||
|
5D3F27C000
|
stack
|
page read and write
|
||
|
FC135FE000
|
stack
|
page read and write
|
||
|
2672EB90000
|
trusted library section
|
page readonly
|
||
|
26733CAC000
|
heap
|
page read and write
|
||
|
21A6DA52000
|
heap
|
page read and write
|
||
|
C88AE77000
|
stack
|
page read and write
|
||
|
26733C5F000
|
heap
|
page read and write
|
||
|
A6DF9FE000
|
stack
|
page read and write
|
||
|
1E0CFF06000
|
heap
|
page read and write
|
||
|
8DF91FB000
|
stack
|
page read and write
|
||
|
234F6C70000
|
heap
|
page read and write
|
||
|
1A32EA43000
|
heap
|
page read and write
|
||
|
3C0000
|
remote allocation
|
page read and write
|
||
|
231CF4F2000
|
heap
|
page read and write
|
||
|
5D3F77F000
|
stack
|
page read and write
|
||
|
8DF8A9B000
|
stack
|
page read and write
|
||
|
3C0000
|
remote allocation
|
page read and write
|
||
|
270C5E50000
|
heap
|
page read and write
|
||
|
270C5FE0000
|
remote allocation
|
page read and write
|
||
|
1034000
|
unkown
|
page readonly
|
||
|
1B6D2840000
|
heap
|
page read and write
|
||
|
1E0CFF9D000
|
heap
|
page read and write
|
||
|
26733B00000
|
remote allocation
|
page read and write
|
||
|
234F6E3C000
|
heap
|
page read and write
|
||
|
1AB8CA66000
|
heap
|
page read and write
|
||
|
26733CFE000
|
heap
|
page read and write
|
||
|
C88B27B000
|
stack
|
page read and write
|
||
|
26733CEB000
|
heap
|
page read and write
|
||
|
FD0C47F000
|
stack
|
page read and write
|
||
|
1A32EA00000
|
heap
|
page read and write
|
||
|
21A6DA45000
|
heap
|
page read and write
|
||
|
1DC2C67F000
|
heap
|
page read and write
|
||
|
234F6DD0000
|
trusted library allocation
|
page read and write
|
||
|
2672E3E1000
|
trusted library allocation
|
page read and write
|
||
|
FC1387E000
|
stack
|
page read and write
|
||
|
1DC2C67F000
|
heap
|
page read and write
|
||
|
234F6E5F000
|
heap
|
page read and write
|
||
|
FC13BF7000
|
stack
|
page read and write
|
||
|
2672E400000
|
heap
|
page read and write
|
||
|
1E0CF6EE000
|
heap
|
page read and write
|
||
|
2672E340000
|
heap
|
page read and write
|
||
|
1DC2C702000
|
heap
|
page read and write
|
||
|
2672E370000
|
trusted library allocation
|
page read and write
|
||
|
1E0D0402000
|
heap
|
page read and write
|
||
|
1A32EA70000
|
heap
|
page read and write
|
||
|
1010000
|
unkown
|
page readonly
|
||
|
26733CE5000
|
heap
|
page read and write
|
||
|
2672E502000
|
heap
|
page read and write
|
||
|
1AB8CA8B000
|
heap
|
page read and write
|
||
|
234F6E13000
|
heap
|
page read and write
|
||
|
1E0CF66F000
|
heap
|
page read and write
|
||
|
1E0CFD00000
|
remote allocation
|
page read and write
|
||
|
102B000
|
unkown
|
page readonly
|
||
|
1E0CFF28000
|
heap
|
page read and write
|
||
|
1E0CFF91000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1E0CFF9D000
|
heap
|
page read and write
|
||
|
30ED77C000
|
stack
|
page read and write
|
||
|
1B6D27D0000
|
trusted library allocation
|
page read and write
|
||
|
21A6DA55000
|
heap
|
page read and write
|
||
|
21A6DA47000
|
heap
|
page read and write
|
||
|
1030000
|
unkown
|
page write copy
|
||
|
74B87B000
|
stack
|
page read and write
|
||
|
2672ED02000
|
heap
|
page read and write
|
||
|
1A32E860000
|
heap
|
page read and write
|
||
|
1DC2C682000
|
heap
|
page read and write
|
||
|
FC13CFE000
|
stack
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
21A6DA46000
|
heap
|
page read and write
|
||
|
C88B47F000
|
stack
|
page read and write
|
||
|
231CF514000
|
heap
|
page read and write
|
||
|
1AB8D202000
|
trusted library allocation
|
page read and write
|
||
|
1034000
|
unkown
|
page readonly
|
||
|
1E0D0400000
|
heap
|
page read and write
|
||
|
C88B17E000
|
stack
|
page read and write
|
||
|
23567279000
|
heap
|
page read and write
|
||
|
1034000
|
unkown
|
page readonly
|
||
|
1F123FF000
|
stack
|
page read and write
|
||
|
231CF4FF000
|
heap
|
page read and write
|
||
|
2672E474000
|
heap
|
page read and write
|
||
|
234F6E73000
|
heap
|
page read and write
|
||
|
231CF4F7000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
1DC2C652000
|
heap
|
page read and write
|
||
|
8DF8FFB000
|
stack
|
page read and write
|
||
|
21A6DA69000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
6EC000
|
heap
|
page read and write
|
||
|
C88B3FF000
|
stack
|
page read and write
|
||
|
222E000
|
stack
|
page read and write
|
||
|
21A6DA76000
|
heap
|
page read and write
|
||
|
267339D0000
|
trusted library allocation
|
page read and write
|
||
|
21A6DA00000
|
heap
|
page read and write
|
||
|
1E0CF6C2000
|
heap
|
page read and write
|
||
|
2672E2E0000
|
heap
|
page read and write
|
||
|
69E000
|
stack
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
5D3F87F000
|
stack
|
page read and write
|
||
|
1E0CFFAE000
|
heap
|
page read and write
|
||
|
267339A0000
|
trusted library allocation
|
page read and write
|
||
|
2672E48C000
|
heap
|
page read and write
|
||
|
23567313000
|
heap
|
page read and write
|
||
|
1AB8CA29000
|
heap
|
page read and write
|
||
|
1E0D0402000
|
heap
|
page read and write
|
||
|
30EDA7E000
|
stack
|
page read and write
|
||
|
FD0C4FE000
|
stack
|
page read and write
|
||
|
1E0CFF28000
|
heap
|
page read and write
|
||
|
1E0CF613000
|
heap
|
page read and write
|
||
|
A6DF6FE000
|
stack
|
page read and write
|
||
|
1B6D2902000
|
heap
|
page read and write
|
||
|
1E0CF6EC000
|
heap
|
page read and write
|
||
|
1E0CFF74000
|
heap
|
page read and write
|
||
|
1AB8CA5A000
|
heap
|
page read and write
|
||
|
21A6DA7B000
|
heap
|
page read and write
|
||
|
1010000
|
unkown
|
page readonly
|
||
|
E0D397E000
|
stack
|
page read and write
|
||
|
1011000
|
unkown
|
page execute read
|
||
|
26733A70000
|
trusted library allocation
|
page read and write
|
||
|
74B35C000
|
stack
|
page read and write
|
||
|
1E0CF702000
|
heap
|
page read and write
|
||
|
270C5FE0000
|
remote allocation
|
page read and write
|
||
|
1B6D2730000
|
heap
|
page read and write
|
||
|
1E0CFF9D000
|
heap
|
page read and write
|
||
|
1DC2C560000
|
heap
|
page read and write
|
||
|
6EC000
|
heap
|
page read and write
|
||
|
1E0D0402000
|
heap
|
page read and write
|
||
|
231CF517000
|
heap
|
page read and write
|
||
|
1E0CFFC2000
|
heap
|
page read and write
|
||
|
1E0CFFB2000
|
heap
|
page read and write
|
||
|
234F6E65000
|
heap
|
page read and write
|
||
|
231CF4D0000
|
heap
|
page read and write
|
||
|
5D3F47F000
|
stack
|
page read and write
|
||
|
26733CE9000
|
heap
|
page read and write
|
||
|
2672ED59000
|
heap
|
page read and write
|
||
|
234F6E29000
|
heap
|
page read and write
|
||
|
234F7602000
|
trusted library allocation
|
page read and write
|
||
|
74B67E000
|
stack
|
page read and write
|
||
|
E0D3E7D000
|
stack
|
page read and write
|
||
|
1E0CFF7B000
|
heap
|
page read and write
|
||
|
1E0CFF67000
|
heap
|
page read and write
|
||
|
AFB000
|
stack
|
page read and write
|
||
|
1B6D2800000
|
heap
|
page read and write
|
||
|
21A6DA38000
|
heap
|
page read and write
|
||
|
26733C3B000
|
heap
|
page read and write
|
||
|
1DC2C708000
|
heap
|
page read and write
|
||
|
C88B2FF000
|
stack
|
page read and write
|
||
|
FD0C5F9000
|
stack
|
page read and write
|
||
|
A6DF47B000
|
stack
|
page read and write
|
||
|
1E0CFFC0000
|
heap
|
page read and write
|
||
|
2A80000
|
heap
|
page read and write
|
||
|
FC1397B000
|
stack
|
page read and write
|
||
|
1E0CFF8D000
|
heap
|
page read and write
|
||
|
20D0000
|
heap
|
page read and write
|
||
|
2672E42A000
|
heap
|
page read and write
|
||
|
231CF4E6000
|
heap
|
page read and write
|
||
|
2672ED18000
|
heap
|
page read and write
|
||
|
1034000
|
unkown
|
page readonly
|
||
|
21A6DA68000
|
heap
|
page read and write
|
||
|
1E0CF63C000
|
heap
|
page read and write
|
||
|
1AB8CA02000
|
heap
|
page read and write
|
||
|
21A6DA41000
|
heap
|
page read and write
|
||
|
7AC5679000
|
stack
|
page read and write
|
||
|
1E0CFF2A000
|
heap
|
page read and write
|
||
|
21A6DA85000
|
heap
|
page read and write
|
||
|
1E0CF681000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2672ED00000
|
heap
|
page read and write
|
||
|
1E0CFE02000
|
heap
|
page read and write
|
||
|
26733AD0000
|
trusted library allocation
|
page read and write
|
||
|
1E0CF6C9000
|
heap
|
page read and write
|
||
|
231CF4F6000
|
heap
|
page read and write
|
||
|
26733C9A000
|
heap
|
page read and write
|
||
|
21A6E002000
|
trusted library allocation
|
page read and write
|
||
|
231CF440000
|
heap
|
page read and write
|
||
|
21A6D7C0000
|
heap
|
page read and write
|
||
|
FD0C67E000
|
stack
|
page read and write
|
||
|
1E0CFF93000
|
heap
|
page read and write
|
||
|
E0D3D7E000
|
stack
|
page read and write
|
||
|
1F1257D000
|
stack
|
page read and write
|
||
|
74BBFF000
|
stack
|
page read and write
|
||
|
26733AC0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1E0CFF56000
|
heap
|
page read and write
|
||
|
1F122FF000
|
stack
|
page read and write
|
||
|
2672EBF3000
|
trusted library allocation
|
page read and write
|
||
|
2672E455000
|
heap
|
page read and write
|
||
|
1E0CFF67000
|
heap
|
page read and write
|
||
|
1B6D2867000
|
heap
|
page read and write
|
||
|
231CF4FF000
|
heap
|
page read and write
|
||
|
1F1217C000
|
stack
|
page read and write
|
||
|
6D2000
|
heap
|
page read and write
|
||
|
C88B67F000
|
stack
|
page read and write
|
||
|
2672E477000
|
heap
|
page read and write
|
||
|
1AB8C950000
|
trusted library allocation
|
page read and write
|
||
|
55E000
|
stack
|
page read and write
|
||
|
23567A02000
|
trusted library allocation
|
page read and write
|
||
|
1E0CFF9F000
|
heap
|
page read and write
|
||
|
1E0CFD00000
|
remote allocation
|
page read and write
|
||
|
23567229000
|
heap
|
page read and write
|
||
|
5D3F67D000
|
stack
|
page read and write
|
||
|
270C6002000
|
heap
|
page read and write
|
||
|
1A32EAD0000
|
heap
|
page read and write
|
||
|
113E000
|
stack
|
page read and write
|
||
|
267339E0000
|
trusted library allocation
|
page read and write
|
||
|
26733C00000
|
heap
|
page read and write
|
||
|
1011000
|
unkown
|
page execute read
|
||
|
2672E413000
|
heap
|
page read and write
|
||
|
26B3000
|
trusted library allocation
|
page read and write
|
||
|
1E0CFF32000
|
heap
|
page read and write
|
||
|
40B000
|
unkown
|
page read and write
|
||
|
1011000
|
unkown
|
page execute read
|
||
|
5D3FA7E000
|
stack
|
page read and write
|
||
|
267339E4000
|
trusted library allocation
|
page read and write
|
||
|
1E0CFF67000
|
heap
|
page read and write
|
||
|
1DC2C666000
|
heap
|
page read and write
|
||
|
1E0CFF7A000
|
heap
|
page read and write
|
||
|
1AB8CA13000
|
heap
|
page read and write
|
||
|
1030000
|
unkown
|
page write copy
|
||
|
21A6DA3E000
|
heap
|
page read and write
|
||
|
1B6D285A000
|
heap
|
page read and write
|
||
|
231CF4C5000
|
heap
|
page read and write
|
||
|
8AF000
|
stack
|
page read and write
|
||
|
2230000
|
heap
|
page read and write
|
||
|
267339A8000
|
trusted library allocation
|
page read and write
|
||
|
74B3DE000
|
stack
|
page read and write
|
||
|
1A32EAC8000
|
heap
|
page read and write
|
||
|
21A6D9F0000
|
trusted library allocation
|
page read and write
|
||
|
7AC547F000
|
stack
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
8DF90FB000
|
stack
|
page read and write
|
||
|
1DC2C629000
|
heap
|
page read and write
|
||
|
F5E000
|
stack
|
page read and write
|
||
|
1DC2C68D000
|
heap
|
page read and write
|
||
|
2672EBF0000
|
trusted library allocation
|
page read and write
|
||
|
1E0CFF9D000
|
heap
|
page read and write
|
||
|
2672E48A000
|
heap
|
page read and write
|
||
|
E0D3AFE000
|
stack
|
page read and write
|
||
|
2672F3E0000
|
trusted library allocation
|
page read and write
|
||
|
267339AE000
|
trusted library allocation
|
page read and write
|
||
|
1AB8CA60000
|
heap
|
page read and write
|
||
|
23567190000
|
heap
|
page read and write
|
||
|
1DC2C713000
|
heap
|
page read and write
|
||
|
7AC5578000
|
stack
|
page read and write
|
||
|
A6DF57E000
|
stack
|
page read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
21A6DA51000
|
heap
|
page read and write
|
||
|
1010000
|
unkown
|
page readonly
|
||
|
20E0000
|
heap
|
page read and write
|
||
|
1030000
|
unkown
|
page read and write
|
||
|
5D3F57D000
|
stack
|
page read and write
|
||
|
1011000
|
unkown
|
page execute read
|
||
|
1DC2C570000
|
heap
|
page read and write
|
||
|
23567277000
|
heap
|
page read and write
|
||
|
1E0CFF9B000
|
heap
|
page read and write
|
||
|
30ED67E000
|
stack
|
page read and write
|
||
|
234F6CD0000
|
heap
|
page read and write
|
||
|
2672E479000
|
heap
|
page read and write
|
||
|
21A6DA50000
|
heap
|
page read and write
|
||
|
270C6102000
|
heap
|
page read and write
|
||
|
C88AF7A000
|
stack
|
page read and write
|
||
|
26733D00000
|
heap
|
page read and write
|
||
|
1011000
|
unkown
|
page execute read
|
||
|
21A6DB02000
|
heap
|
page read and write
|
||
|
6F5000
|
heap
|
page read and write
|
||
|
E0D3A7E000
|
stack
|
page read and write
|
||
|
1F127FE000
|
stack
|
page read and write
|
||
|
26733AE0000
|
trusted library allocation
|
page read and write
|
||
|
26733AF0000
|
trusted library allocation
|
page read and write
|
||
|
234F6E00000
|
heap
|
page read and write
|
||
|
26733C65000
|
heap
|
page read and write
|
||
|
E0D35BB000
|
stack
|
page read and write
|
||
|
231CF460000
|
heap
|
page read and write
|
||
|
21A6DA29000
|
heap
|
page read and write
|
||
|
21A6D820000
|
heap
|
page read and write
|
||
|
21A6DA77000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
2672EC15000
|
heap
|
page read and write
|
||
|
A6DF8FF000
|
stack
|
page read and write
|
||
|
21A6DA66000
|
heap
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
C88B07B000
|
stack
|
page read and write
|
||
|
1DC2C5D0000
|
heap
|
page read and write
|
||
|
30ED977000
|
stack
|
page read and write
|
||
|
429000
|
unkown
|
page read and write
|
||
|
231CF512000
|
heap
|
page read and write
|
||
|
1E0CFF63000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page readonly
|
||
|
1DC2C627000
|
heap
|
page read and write
|
||
|
1E0CF6B5000
|
heap
|
page read and write
|
||
|
102B000
|
unkown
|
page readonly
|
||
|
267339D0000
|
trusted library allocation
|
page read and write
|
||
|
30ED35C000
|
stack
|
page read and write
|
||
|
1F126FD000
|
stack
|
page read and write
|
||
|
21A6DA48000
|
heap
|
page read and write
|
||
|
267339A0000
|
trusted library allocation
|
page read and write
|
||
|
234F6E51000
|
heap
|
page read and write
|
||
|
270C6029000
|
heap
|
page read and write
|
||
|
231CF4F4000
|
heap
|
page read and write
|
||
|
421000
|
unkown
|
page read and write
|
||
|
30EDB7D000
|
stack
|
page read and write
|
||
|
6F5000
|
heap
|
page read and write
|
||
|
209E000
|
stack
|
page read and write
|
||
|
1DC2CE02000
|
trusted library allocation
|
page read and write
|
||
|
26733C74000
|
heap
|
page read and write
|
||
|
270C605C000
|
heap
|
page read and write
|
||
|
C88B4FF000
|
stack
|
page read and write
|
||
|
234F6E9C000
|
heap
|
page read and write
|
||
|
231CF4E1000
|
heap
|
page read and write
|
||
|
790000
|
trusted library allocation
|
page read and write
|
||
|
2672E380000
|
trusted library section
|
page read and write
|
||
|
21A6DA79000
|
heap
|
page read and write
|
||
|
1E0CF6E9000
|
heap
|
page read and write
|
||
|
1A32EA13000
|
heap
|
page read and write
|
||
|
A6DF7FE000
|
stack
|
page read and write
|
||
|
1DC2C602000
|
heap
|
page read and write
|
||
|
1B6D27A0000
|
heap
|
page read and write
|
||
|
1A32F300000
|
heap
|
page read and write
|
||
|
1AB8CA3C000
|
heap
|
page read and write
|
||
|
21A6DA6B000
|
heap
|
page read and write
|
||
|
26733B00000
|
remote allocation
|
page read and write
|
||
|
1AB8CA52000
|
heap
|
page read and write
|
||
|
26733AB0000
|
trusted library allocation
|
page read and write
|
||
|
2672E49C000
|
heap
|
page read and write
|
||
|
102B000
|
unkown
|
page readonly
|
||
|
102B000
|
unkown
|
page readonly
|
||
|
1B6D2868000
|
heap
|
page read and write
|
||
|
1AB8CB13000
|
heap
|
page read and write
|
||
|
26733D02000
|
heap
|
page read and write
|
||
|
1B6D3002000
|
trusted library allocation
|
page read and write
|
||
|
1E0CF4E0000
|
heap
|
page read and write
|
||
|
1E0CF6A6000
|
heap
|
page read and write
|
||
|
21A6DA7D000
|
heap
|
page read and write
|
||
|
1E0CF470000
|
heap
|
page read and write
|
||
|
21A6DA80000
|
heap
|
page read and write
|
||
|
1E0CFF00000
|
heap
|
page read and write
|
||
|
21A6DA4C000
|
heap
|
page read and write
|
||
|
1E0CFF50000
|
heap
|
page read and write
|
||
|
2672F800000
|
trusted library allocation
|
page read and write
|
||
|
26733C11000
|
heap
|
page read and write
|
||
|
26733CF3000
|
heap
|
page read and write
|
||
|
6BA000
|
heap
|
page read and write
|
||
|
30ED87B000
|
stack
|
page read and write
|
||
|
23567300000
|
heap
|
page read and write
|
||
|
7AC4CAB000
|
stack
|
page read and write
|
||
|
26733CFC000
|
heap
|
page read and write
|
||
|
FD0C579000
|
stack
|
page read and write
|
||
|
1AB8CB02000
|
heap
|
page read and write
|
||
|
234F6E5D000
|
heap
|
page read and write
|
||
|
1030000
|
unkown
|
page write copy
|
||
|
1DC2CD30000
|
trusted library allocation
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
21A6DA30000
|
heap
|
page read and write
|
||
|
21A6DA4A000
|
heap
|
page read and write
|
||
|
1A32F312000
|
heap
|
page read and write
|
||
|
1E0CFF8D000
|
heap
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
26733C19000
|
heap
|
page read and write
|
||
|
E0D3F7D000
|
stack
|
page read and write
|
||
|
21EF000
|
stack
|
page read and write
|
||
|
267F000
|
stack
|
page read and write
|
||
|
23567180000
|
heap
|
page read and write
|
||
|
2672E513000
|
heap
|
page read and write
|
||
|
231CF4FF000
|
heap
|
page read and write
|
||
|
234F6F13000
|
heap
|
page read and write
|
||
|
26733CF3000
|
heap
|
page read and write
|
||
|
234F6F08000
|
heap
|
page read and write
|
||
|
1E0CFF70000
|
heap
|
page read and write
|
||
|
1E0CFD00000
|
remote allocation
|
page read and write
|
||
|
234F6E58000
|
heap
|
page read and write
|
||
|
1E0CF6E0000
|
heap
|
page read and write
|
||
|
2672EBC0000
|
trusted library section
|
page readonly
|
||
|
8DF92FE000
|
stack
|
page read and write
|
||
|
23567255000
|
heap
|
page read and write
|
||
|
E0D3CFD000
|
stack
|
page read and write
|
||
|
21A6DA54000
|
heap
|
page read and write
|
||
|
270C6040000
|
heap
|
page read and write
|
||
|
FD0C6FC000
|
stack
|
page read and write
|
||
|
FC13AFF000
|
stack
|
page read and write
|
There are 547 hidden memdumps, click here to show them.